Lines Matching full:token
291 gss_cfx_wrap_token token;
422 token = (gss_cfx_wrap_token)header->buffer.value;
424 token->TOK_ID[0] = 0x05;
425 token->TOK_ID[1] = 0x04;
426 token->Flags = 0;
427 token->Filler = 0xFF;
430 token->Flags |= CFXSentByAcceptor;
433 token->Flags |= CFXAcceptorSubkey;
445 token->Flags |= CFXSealed;
446 token->EC[0] = (ec >> 8) & 0xFF;
447 token->EC[1] = (ec >> 0) & 0xFF;
459 token->EC[0] = 0;
460 token->EC[1] = 0;
473 token->RRC[0] = 0;
474 token->RRC[1] = 0;
480 _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]);
481 _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]);
532 * encrypted token header is always at the end of the
543 data[i].data.data = ((uint8_t *)header->buffer.value) + sizeof(*token);
545 data[i].data.length = ec + sizeof(*token);
547 memcpy(((uint8_t *)data[i].data.data) + ec, token, sizeof(*token));
552 data[i].data.data = ((uint8_t *)data[i-1].data.data) + ec + sizeof(*token);
564 token->RRC[0] = (rrc >> 8) & 0xFF;
565 token->RRC[1] = (rrc >> 0) & 0xFF;
617 token->RRC[0] = (rrc >> 8) & 0xFF;
618 token->RRC[1] = (rrc >> 0) & 0xFF;
621 token->EC[0] = (k5tsize >> 8) & 0xFF;
622 token->EC[1] = (k5tsize >> 0) & 0xFF;
725 gss_cfx_wrap_token token, ttoken;
741 if (header->buffer.length < sizeof(*token)) /* we check exact below */
757 token = (gss_cfx_wrap_token)header->buffer.value;
759 if (token->TOK_ID[0] != 0x05 || token->TOK_ID[1] != 0x04)
763 token_flags = token->Flags &
779 if (token->Filler != 0xFF)
785 ec = (token->EC[0] << 8) | token->EC[1];
786 rrc = (token->RRC[0] << 8) | token->RRC[1];
791 _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[0], &seq_number_hi);
792 _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[4], &seq_number_lo);
835 size_t gsstsize = k5tsize + sizeof(*token);
836 size_t gsshsize = k5hsize + sizeof(*token);
852 } else if (trailer->buffer.length != sizeof(*token) + k5tsize) {
855 } else if (header->buffer.length != sizeof(*token) + k5hsize) {
895 header->buffer.length - k5hsize - k5tsize - ec- sizeof(*token);
898 data[i].data.length = ec + sizeof(*token);
904 data[i].data.data = ((uint8_t *)data[i-1].data.data) + ec + sizeof(*token);
915 ttoken->RRC[0] = token->RRC[0];
916 ttoken->RRC[1] = token->RRC[1];
919 if (ct_memcmp(ttoken, token, sizeof(*token)) != 0) {
925 size_t gsshsize = sizeof(*token);
970 data[i].data.length = sizeof(*token);
978 sizeof(*token);
983 token = (gss_cfx_wrap_token)header->buffer.value;
984 token->EC[0] = 0;
985 token->EC[1] = 0;
986 token->RRC[0] = 0;
987 token->RRC[1] = 0;
1168 gss_cfx_wrap_token token; in _gssapi_wrap_cfx() local
1187 /* Always rotate encrypted token (if any) and checksum to header */ in _gssapi_wrap_cfx()
1188 rrc = (conf_req_flag ? sizeof(*token) : 0) + (uint16_t)cksumsize; in _gssapi_wrap_cfx()
1198 token = (gss_cfx_wrap_token)p; in _gssapi_wrap_cfx()
1199 token->TOK_ID[0] = 0x05; in _gssapi_wrap_cfx()
1200 token->TOK_ID[1] = 0x04; in _gssapi_wrap_cfx()
1201 token->Flags = 0; in _gssapi_wrap_cfx()
1202 token->Filler = 0xFF; in _gssapi_wrap_cfx()
1204 token->Flags |= CFXSentByAcceptor; in _gssapi_wrap_cfx()
1206 token->Flags |= CFXAcceptorSubkey; in _gssapi_wrap_cfx()
1212 token->Flags |= CFXSealed; in _gssapi_wrap_cfx()
1213 token->EC[0] = (padlength >> 8) & 0xFF; in _gssapi_wrap_cfx()
1214 token->EC[1] = (padlength >> 0) & 0xFF; in _gssapi_wrap_cfx()
1225 token->EC[0] = 0; in _gssapi_wrap_cfx()
1226 token->EC[1] = 0; in _gssapi_wrap_cfx()
1239 token->RRC[0] = 0; in _gssapi_wrap_cfx()
1240 token->RRC[1] = 0; in _gssapi_wrap_cfx()
1246 _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); in _gssapi_wrap_cfx()
1247 _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); in _gssapi_wrap_cfx()
1254 * If confidentiality is requested, the token header is in _gssapi_wrap_cfx()
1256 * token is {"header" | encrypt(plaintext | pad | "header")}. in _gssapi_wrap_cfx()
1260 * token header. in _gssapi_wrap_cfx()
1271 * encrypted token header is always at the end of the in _gssapi_wrap_cfx()
1277 p += sizeof(*token); in _gssapi_wrap_cfx()
1281 token, sizeof(*token)); in _gssapi_wrap_cfx()
1286 sizeof(*token), in _gssapi_wrap_cfx()
1293 assert(sizeof(*token) + cipher.length == wrapped_len); in _gssapi_wrap_cfx()
1294 token->RRC[0] = (rrc >> 8) & 0xFF; in _gssapi_wrap_cfx()
1295 token->RRC[1] = (rrc >> 0) & 0xFF; in _gssapi_wrap_cfx()
1317 buf = malloc(input_message_buffer->length + sizeof(*token)); in _gssapi_wrap_cfx()
1324 memcpy(buf + input_message_buffer->length, token, sizeof(*token)); in _gssapi_wrap_cfx()
1329 sizeof(*token), in _gssapi_wrap_cfx()
1341 token->EC[0] = (cksum.checksum.length >> 8) & 0xFF; in _gssapi_wrap_cfx()
1342 token->EC[1] = (cksum.checksum.length >> 0) & 0xFF; in _gssapi_wrap_cfx()
1343 token->RRC[0] = (rrc >> 8) & 0xFF; in _gssapi_wrap_cfx()
1344 token->RRC[1] = (rrc >> 0) & 0xFF; in _gssapi_wrap_cfx()
1346 p += sizeof(*token); in _gssapi_wrap_cfx()
1378 gss_cfx_wrap_token token; in _gssapi_unwrap_cfx() local
1390 if (input_message_buffer->length < sizeof(*token)) { in _gssapi_unwrap_cfx()
1396 token = (gss_cfx_wrap_token)p; in _gssapi_unwrap_cfx()
1398 if (token->TOK_ID[0] != 0x05 || token->TOK_ID[1] != 0x04) { in _gssapi_unwrap_cfx()
1403 token_flags = token->Flags & in _gssapi_unwrap_cfx()
1419 if (token->Filler != 0xFF) { in _gssapi_unwrap_cfx()
1427 ec = (token->EC[0] << 8) | token->EC[1]; in _gssapi_unwrap_cfx()
1428 rrc = (token->RRC[0] << 8) | token->RRC[1]; in _gssapi_unwrap_cfx()
1433 _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[0], &seq_number_hi); in _gssapi_unwrap_cfx()
1434 _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[4], &seq_number_lo); in _gssapi_unwrap_cfx()
1461 p += sizeof(*token); in _gssapi_unwrap_cfx()
1486 /* Check that there is room for the pad and token header */ in _gssapi_unwrap_cfx()
1487 if (data.length < ec + sizeof(*token)) { in _gssapi_unwrap_cfx()
1492 p += data.length - sizeof(*token); in _gssapi_unwrap_cfx()
1495 ((gss_cfx_wrap_token)p)->RRC[0] = token->RRC[0]; in _gssapi_unwrap_cfx()
1496 ((gss_cfx_wrap_token)p)->RRC[1] = token->RRC[1]; in _gssapi_unwrap_cfx()
1499 if (ct_memcmp(p, token, sizeof(*token)) != 0) { in _gssapi_unwrap_cfx()
1505 output_message_buffer->length = data.length - ec - sizeof(*token); in _gssapi_unwrap_cfx()
1537 output_message_buffer->value = malloc(len + sizeof(*token)); in _gssapi_unwrap_cfx()
1546 token, sizeof(*token)); in _gssapi_unwrap_cfx()
1549 token = (gss_cfx_wrap_token)((u_char *)output_message_buffer->value + in _gssapi_unwrap_cfx()
1551 token->EC[0] = 0; in _gssapi_unwrap_cfx()
1552 token->EC[1] = 0; in _gssapi_unwrap_cfx()
1553 token->RRC[0] = 0; in _gssapi_unwrap_cfx()
1554 token->RRC[1] = 0; in _gssapi_unwrap_cfx()
1559 len + sizeof(*token), in _gssapi_unwrap_cfx()
1583 gss_cfx_mic_token token; in _gssapi_mic_cfx() local
1591 len = message_buffer->length + sizeof(*token); in _gssapi_mic_cfx()
1600 token = (gss_cfx_mic_token)(buf + message_buffer->length); in _gssapi_mic_cfx()
1601 token->TOK_ID[0] = 0x04; in _gssapi_mic_cfx()
1602 token->TOK_ID[1] = 0x04; in _gssapi_mic_cfx()
1603 token->Flags = 0; in _gssapi_mic_cfx()
1605 token->Flags |= CFXSentByAcceptor; in _gssapi_mic_cfx()
1607 token->Flags |= CFXAcceptorSubkey; in _gssapi_mic_cfx()
1608 memset(token->Filler, 0xFF, 5); in _gssapi_mic_cfx()
1614 _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); in _gssapi_mic_cfx()
1615 _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); in _gssapi_mic_cfx()
1636 message_token->length = sizeof(*token) + cksum.checksum.length; in _gssapi_mic_cfx()
1645 /* Token is { "header" | get_mic("header" | plaintext-data) } */ in _gssapi_mic_cfx()
1646 memcpy(message_token->value, token, sizeof(*token)); in _gssapi_mic_cfx()
1647 memcpy((u_char *)message_token->value + sizeof(*token), in _gssapi_mic_cfx()
1664 gss_cfx_mic_token token; in _gssapi_verify_mic_cfx() local
1674 if (token_buffer->length < sizeof(*token)) { in _gssapi_verify_mic_cfx()
1680 token = (gss_cfx_mic_token)p; in _gssapi_verify_mic_cfx()
1682 if (token->TOK_ID[0] != 0x04 || token->TOK_ID[1] != 0x04) { in _gssapi_verify_mic_cfx()
1687 token_flags = token->Flags & (CFXSentByAcceptor | CFXAcceptorSubkey); in _gssapi_verify_mic_cfx()
1701 if (ct_memcmp(token->Filler, "\xff\xff\xff\xff\xff", 5) != 0) { in _gssapi_verify_mic_cfx()
1708 _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[0], &seq_number_hi); in _gssapi_verify_mic_cfx()
1709 _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[4], &seq_number_lo); in _gssapi_verify_mic_cfx()
1734 cksum.checksum.data = p + sizeof(*token); in _gssapi_verify_mic_cfx()
1735 cksum.checksum.length = token_buffer->length - sizeof(*token); in _gssapi_verify_mic_cfx()
1743 buf = malloc(message_buffer->length + sizeof(*token)); in _gssapi_verify_mic_cfx()
1749 memcpy(buf + message_buffer->length, token, sizeof(*token)); in _gssapi_verify_mic_cfx()
1754 sizeof(*token) + message_buffer->length, in _gssapi_verify_mic_cfx()