unseal.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/* EXPORT DELETE START */
/*
* Copyright 2001-2003 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* Copyright 1993 by OpenVision Technologies, Inc.
*
* Permission to use, copy, modify, distribute, and sell this software
* and its documentation for any purpose is hereby granted without fee,
* provided that the above copyright notice appears in all copies and
* that both that copyright notice and this permission notice appear in
* supporting documentation, and that the name of OpenVision not be used
* in advertising or publicity pertaining to distribution of the software
* without specific, written prior permission. OpenVision makes no
* representations about the suitability of this software for any
* purpose. It is provided "as is" without express or implied warranty.
*
* OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
* EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
* CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
* USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
* OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
#include <gssapiP_krb5.h>
/*
* $Id: unseal.c,v 1.10 1996/07/22 20:34:37 marc Exp $
*/
/*ARGSUSED*/
OM_uint32
krb5_gss_unseal(ctx, minor_status, context_handle,
input_message_buffer, output_message_buffer,
conf_state, qop_state
#ifdef _KERNEL
, gssd_ctx_verifier
#endif
)
void *ctx;
OM_uint32 *minor_status;
gss_ctx_id_t context_handle;
gss_buffer_t input_message_buffer;
gss_buffer_t output_message_buffer;
int *conf_state;
int *qop_state;
#ifdef _KERNEL
OM_uint32 gssd_ctx_verifier;
#endif
{
krb5_context context;
OM_uint32 status;
/* Solaris Kerberos: for MT safety, we avoid the use of a default
* context via kg_get_context() */
#if 0
if (GSS_ERROR(kg_get_context(minor_status, &context)))
return(GSS_S_FAILURE);
#endif
mutex_lock(&krb5_mutex);
context = ctx;
status = kg_unseal(context, minor_status, context_handle,
input_message_buffer, output_message_buffer,
conf_state, qop_state, KG_TOK_SEAL_MSG);
mutex_unlock(&krb5_mutex);
#ifdef KRB5_NO_PRIVACY
/*
* Can't be paranoid enough;
* if someone plugs in their version of kg_unseal
* that does decryption we want to
* disallow that too.
*/
if (conf_state && *conf_state)
return (GSS_S_FAILURE);
#endif
return(status);
}
/* V2 interface */
/*ARGSUSED*/
OM_uint32
krb5_gss_unwrap(ctx, minor_status, context_handle,
input_message_buffer, output_message_buffer,
conf_state, qop_state)
void *ctx;
OM_uint32 *minor_status;
gss_ctx_id_t context_handle;
gss_buffer_t input_message_buffer;
gss_buffer_t output_message_buffer;
int *conf_state;
gss_qop_t *qop_state;
{
#ifdef KRB5_NO_PRIVACY
return (GSS_S_FAILURE);
#else
OM_uint32 rstat;
int qstate;
krb5_context context;
/* Solaris Kerberos: for MT safety, we avoid the use of a default
* context via kg_get_context() */
#if 0
if (GSS_ERROR(kg_get_context(minor_status, &context)))
return(GSS_S_FAILURE);
#endif
mutex_lock(&krb5_mutex);
context = ctx;
rstat = kg_unseal(context, minor_status, context_handle,
input_message_buffer, output_message_buffer,
conf_state, &qstate, KG_TOK_WRAP_MSG);
if (!rstat && qop_state)
*qop_state = (gss_qop_t) qstate;
mutex_unlock(&krb5_mutex);
return(rstat);
#endif
}
/* EXPORT DELETE END */