geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

More changes to resolve issues brought up during the security

Browse Source 
review of the code.
This commit is contained in:
Juan Carlos Luciani 2007-02-06 22:09:00 +00:00
parent 8719ce2410
commit 51ffdf0702
16 changed files with 550 additions and 427 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CASA-auth-token/client/library/authmech.c
View File

@ -279,8 +279,8 @@ GetAuthMechToken(
&pAuthTokenIf);
if (CASA_SUCCESS(retStatus))
{
char *pAuthToken = NULL;
int authTokenBufLen = 0;
char *pAuthToken = NULL;
uint32_t authTokenBufLen = 0;
// We found a provider for the service, query it for the buffer size
// needed to obtain the authentication token.

24
CASA-auth-token/client/library/authmsg.c
View File

@ -60,11 +60,11 @@ typedef struct _AuthRespParse
{
XML_Parser p;
int state;
int elementDataProcessed;
size_t elementDataProcessed;
char *pStatusData;
int statusDataLen;
size_t statusDataLen;
char *pLifetimeData;
int lifetimeDataLen;
size_t lifetimeDataLen;
AuthenticateResp *pAuthenticateResp;
CasaStatus status;
@ -305,7 +305,7 @@ ConsumeElementData(
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
INOUT size_t *pElementDataLen)
//
// Arguments:
//
@ -352,7 +352,7 @@ ConsumeElementData(
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthRespParse->elementDataProcessed + len + 1);
pNewBuf = (char*) malloc((size_t)(pAuthRespParse->elementDataProcessed + len + 1));
if (pNewBuf)
{
memset(pNewBuf,
@ -714,6 +714,16 @@ CreateAuthenticateResp(
*
*/
// Verify that the response is not too large for the parser
if (respLen > INT_MAX)
{
DbgTrace(0, "-CreateAuthenticateResp- Response too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
goto exit;
}
// Allocate AuthenticateResp object
pAuthenticateResp = malloc(sizeof(*pAuthenticateResp));
if (pAuthenticateResp)
@ -748,7 +758,7 @@ CreateAuthenticateResp(
XML_SetUserData(p, &authRespParse);
// Parse the document
if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK)
if (XML_Parse(p, pRespMsg, (int) respLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (authRespParse.state == DONE_PARSING)
@ -818,6 +828,8 @@ CreateAuthenticateResp(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
exit:
DbgTrace(1, "-CreateAuthenticateResp- End, retStatus = %08X\n", retStatus);
return retStatus;

24
CASA-auth-token/client/library/authpolicy.c
View File

@ -57,7 +57,7 @@ typedef struct _AuthPolicyParse
{
XML_Parser p;
int state;
int elementDataProcessed;
size_t elementDataProcessed;
AuthPolicy *pAuthPolicy;
CasaStatus status;
@ -206,7 +206,7 @@ ConsumeElementData(
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
INOUT size_t *pElementDataLen)
//
// Arguments:
//
@ -253,7 +253,7 @@ ConsumeElementData(
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthPolicyParse->elementDataProcessed + len + 1);
pNewBuf = (char*) malloc((size_t)(pAuthPolicyParse->elementDataProcessed + len + 1));
if (pNewBuf)
{
memset(pNewBuf,
@ -558,7 +558,7 @@ AuthPolicyEndElementHandler(
CasaStatus
CreateAuthPolicy(
IN char *pEncodedData,
IN int encodedDataLen,
IN size_t encodedDataLen,
INOUT AuthPolicy **ppAuthPolicy)
//
// Arguments:
@ -576,7 +576,7 @@ CreateAuthPolicy(
AuthPolicy *pAuthPolicy = NULL;
AuthPolicyParse authPolicyParse = {0};
char *pData = NULL;
int dataLen = 0;
uint32_t dataLen = 0;
DbgTrace(1, "-CreateAuthPolicy- Start\n", 0);
@ -623,6 +623,16 @@ CreateAuthPolicy(
*
*/
// Verify that the encoded data length is not too large
if (encodedDataLen > UINT32_MAX)
{
DbgTrace(0, "-CreateAuthPolicy- Encoded data length too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
goto exit;
}
// Initialize output parameter
*ppAuthPolicy = NULL;
@ -668,7 +678,7 @@ CreateAuthPolicy(
XML_SetUserData(p, &authPolicyParse);
// Parse the document
if (XML_Parse(p, pData, dataLen, 1) == XML_STATUS_OK)
if (XML_Parse(p, pData, (int) dataLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (authPolicyParse.state == DONE_PARSING)
@ -736,6 +746,8 @@ CreateAuthPolicy(
if (pData)
free(pData);
exit:
DbgTrace(1, "-CreateAuthPolicy- End, retStatus = %08X\n", retStatus);
return retStatus;

12
CASA-auth-token/client/library/cache.c
View File

@ -96,7 +96,7 @@ CreateAuthTokenCacheEntry(
wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry);
// Verify that entrySize will not overflow
if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX)
if ((tokenSize + sizeof(AuthCacheEntry)) <= UINT32_MAX)
{
entrySize = tokenSize + sizeof(AuthCacheEntry);
@ -142,7 +142,7 @@ CreateAuthTokenCacheEntry(
groupOrHostNameStrLen = strlen(pGroupOrHostName);
// Verify that keySize will not overflow
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX)
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= UINT32_MAX)
{
keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2);
@ -239,7 +239,7 @@ CreateSessionTokenCacheEntry(
wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry);
// Verify that entrySize will not overflow
if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX)
if ((tokenSize + sizeof(AuthCacheEntry)) <= UINT32_MAX)
{
entrySize = tokenSize + sizeof(AuthCacheEntry);
@ -284,7 +284,7 @@ CreateSessionTokenCacheEntry(
cacheKeyStrLen = strlen(pCacheKey) + 1;
// Verify that the cacheKeyStrLen can be casted to a uint32_t
if (cacheKeyStrLen <= U32_MAX)
if (cacheKeyStrLen <= UINT32_MAX)
{
miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext,
0,
@ -455,7 +455,7 @@ FindSessionTokenEntryInCache(
cacheKeyStrLen = strlen(pCacheKey) + 1;
// Verify that the cacheKeyStrLen can be casted to a uint32_t
if (cacheKeyStrLen <= U32_MAX)
if (cacheKeyStrLen <= UINT32_MAX)
{
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
@ -569,7 +569,7 @@ FindAuthTokenEntryInCache(
groupOrHostNameStrLen = strlen(pGroupOrHostName);
// Verify that keySize will not overflow
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX)
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= UINT32_MAX)
{
keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2);

22
CASA-auth-token/client/library/getpolicymsg.c
View File

@ -55,9 +55,9 @@ typedef struct _GetAuthPolicyRespParse
{
XML_Parser p;
int state;
int elementDataProcessed;
size_t elementDataProcessed;
char *pStatusData;
int statusDataLen;
size_t statusDataLen;
GetAuthPolicyResp *pGetAuthPolicyResp;
CasaStatus status;
@ -269,7 +269,7 @@ ConsumeElementData(
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
INOUT size_t *pElementDataLen)
//
// Arguments:
//
@ -316,7 +316,7 @@ ConsumeElementData(
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pGetAuthPolicyRespParse->elementDataProcessed + len + 1);
pNewBuf = (char*) malloc((size_t)(pGetAuthPolicyRespParse->elementDataProcessed + len + 1));
if (pNewBuf)
{
memset(pNewBuf,
@ -590,7 +590,7 @@ GetAuthPolicyRespEndElementHandler(
CasaStatus
CreateGetAuthPolicyResp(
IN char *pRespMsg,
IN int respLen,
IN size_t respLen,
INOUT GetAuthPolicyResp **ppGetAuthPolicyResp)
//
// Arguments:
@ -634,6 +634,16 @@ CreateGetAuthPolicyResp(
*
*/
// Verify that the response is not too large for the parser
if (respLen > INT_MAX)
{
DbgTrace(0, "-CreateGetAuthPolicyResp- Response too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
goto exit;
}
// Allocate GetAuthPolicyResp object
pGetAuthPolicyResp = malloc(sizeof(*pGetAuthPolicyResp));
if (pGetAuthPolicyResp)
@ -734,6 +744,8 @@ CreateGetAuthPolicyResp(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
exit:
DbgTrace(1, "-CreateGetAuthPolicyResp- End, retStatus = %08X\n", retStatus);
return retStatus;

27
CASA-auth-token/client/library/gettokenmsg.c
View File

@ -55,11 +55,11 @@ typedef struct _GetAuthTokenRespParse
{
XML_Parser p;
int state;
int elementDataProcessed;
size_t elementDataProcessed;
char *pStatusData;
int statusDataLen;
size_t statusDataLen;
char *pLifetimeData;
int lifetimeDataLen;
size_t lifetimeDataLen;
GetAuthTokenResp *pGetAuthTokenResp;
CasaStatus status;
@ -302,7 +302,7 @@ ConsumeElementData(
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
INOUT size_t *pElementDataLen)
//
// Arguments:
//
@ -349,7 +349,7 @@ ConsumeElementData(
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pGetAuthTokenRespParse->elementDataProcessed + len + 1);
pNewBuf = (char*) malloc((size_t)(pGetAuthTokenRespParse->elementDataProcessed + len + 1));
if (pNewBuf)
{
memset(pNewBuf,
@ -657,7 +657,7 @@ GetAuthTokenRespEndElementHandler(
CasaStatus
CreateGetAuthTokenResp(
IN char *pRespMsg,
IN int respLen,
IN size_t respLen,
INOUT GetAuthTokenResp **ppGetAuthTokenResp)
//
// Arguments:
@ -701,6 +701,16 @@ CreateGetAuthTokenResp(
*
*/
// Verify that the response is not too large for the parser
if (respLen > INT_MAX)
{
DbgTrace(0, "-CreateGetAuthTokenResp- Response too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
goto exit;
}
// Allocate GetAuthTokenResp object
pGetAuthTokenResp = malloc(sizeof(*pGetAuthTokenResp));
if (pGetAuthTokenResp)
@ -734,7 +744,7 @@ CreateGetAuthTokenResp(
XML_SetUserData(p, &getAuthTokenRespParse);
// Parse the document
if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK)
if (XML_Parse(p, pRespMsg, (int) respLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (getAuthTokenRespParse.state == DONE_PARSING)
@ -803,6 +813,9 @@ CreateGetAuthTokenResp(
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
exit:
DbgTrace(1, "-CreateGetAuthTokenResp- End, retStatus = %08X\n", retStatus);
return retStatus;

40
CASA-auth-token/client/library/internal.h
View File

@ -41,10 +41,6 @@
#define MAX_RPC_REPLY_SZ (256 * 1024)
#ifndef U32_MAX
#define U32_MAX (~(uint32_t)0)
#endif
//
// Authentication Context structure
//
@ -52,11 +48,11 @@ typedef struct _AuthContext
{
LIST_ENTRY listEntry;
char *pContext;
int contextLen;
size_t contextLen;
char *pMechanism;
int mechanismLen;
size_t mechanismLen;
char *pMechInfo;
int mechInfoLen;
size_t mechInfoLen;
} AuthContext, *PAuthContext;
@ -74,8 +70,8 @@ typedef struct _AuthPolicy
//
typedef struct _GetAuthPolicyResp
{
char *pPolicy;
int policyLen;
char *pPolicy;
size_t policyLen;
} GetAuthPolicyResp, *PGetAuthPolicyResp;
@ -84,9 +80,9 @@ typedef struct _GetAuthPolicyResp
//
typedef struct _GetAuthTokenResp
{
char *pToken;
int tokenLen;
int tokenLifetime;
char *pToken;
size_t tokenLen;
int tokenLifetime;
} GetAuthTokenResp, *PGetAuthTokenResp;
@ -95,9 +91,9 @@ typedef struct _GetAuthTokenResp
//
typedef struct _AuthenticateResp
{
char *pToken;
int tokenLen;
int tokenLifetime;
char *pToken;
size_t tokenLen;
int tokenLifetime;
} AuthenticateResp, *PAuthenticateResp;
@ -177,7 +173,7 @@ extern
CasaStatus
CreateGetAuthPolicyResp(
IN char *pRespMsg,
IN int respLen,
IN size_t respLen,
INOUT GetAuthPolicyResp **ppGetAuthPolicyResp);
extern
@ -202,7 +198,7 @@ extern
CasaStatus
CreateAuthPolicy(
IN char *pEncodedData,
IN int encodedDataLen,
IN size_t encodedDataLen,
INOUT AuthPolicy **ppAuthPolicy);
extern
@ -247,7 +243,7 @@ extern
CasaStatus
CreateGetAuthTokenResp(
IN char *pRespMsg,
IN int respLen,
IN size_t respLen,
INOUT GetAuthTokenResp **ppGetAuthTokenResp);
extern
@ -425,17 +421,17 @@ extern
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
IN const uint32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen);
INOUT uint32_t *pEncodedDataLen);
extern
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen);
INOUT uint32_t *pDataLen);
extern
int

2
CASA-auth-token/client/library/mech_if.h
View File

@ -91,7 +91,7 @@ CasaStatus
IN const char *pHostName,
IN void *pCredStoreScope,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen);
INOUT uint32_t *pTokenBufLen);
//
// Arguments:
// pIfInstance -

10
CASA-auth-token/client/library/mechanisms/krb5/internal.h
View File

@ -60,7 +60,7 @@ AuthTokenIf_GetAuthToken(
IN const char *pHostName,
IN void *pCredStoreScope,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen);
INOUT size_t *pTokenBufLen);
extern
int
@ -74,17 +74,17 @@ extern
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
IN const uint32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen);
INOUT uint32_t *pEncodedDataLen);
extern
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen);
INOUT uint32_t *pDataLen);
extern
int

75
CASA-auth-token/client/library/mechanisms/krb5/linux/get.c
View File

@ -129,7 +129,7 @@ AuthTokenIf_GetAuthToken(
IN const char *pHostName,
IN void *pCredStoreScope,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen)
INOUT uint32_t *pTokenBufLen)
//
// Arguments:
// pIfInstance -
@ -186,7 +186,7 @@ AuthTokenIf_GetAuthToken(
//=======================================================================--
{
CasaStatus retStatus;
char const *pKrbServiceName = pMechInfo;
char *pKrbServiceName = (char*) pMechInfo;
OM_uint32 gssMajStat;
OM_uint32 gssMinStat;
gss_buffer_desc gssBuffer;
@ -272,45 +272,56 @@ AuthTokenIf_GetAuthToken(
if (gssMajStat == GSS_S_COMPLETE
&& gssSendToken.length != 0)
{
char *pEncodedToken;
int encodedTokenLen;
// The security context was initialized, now return the token to the
// caller after base64 encoding it.
retStatus = EncodeData(gssSendToken.value,
gssSendToken.length,
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
// Make sure that the token is not too large
if (gssSendToken.length <= UINT32_MAX)
{
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
{
// At least one of the supplied buffers is not big enough
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Insufficient buffer space provided\n", 0);
char *pEncodedToken;
uint32_t encodedTokenLen;
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
// The security context was initialized, now return the token to the
// caller after base64 encoding it.
retStatus = EncodeData(gssSendToken.value,
gssSendToken.length,
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
{
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
{
// At least one of the supplied buffers is not big enough
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Insufficient buffer space provided\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
else
{
// The buffer provided is large enough, copy the data and return the actual size.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token
free(pEncodedToken);
}
else
{
// The buffer provided is large enough, copy the data and return the actual size.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0);
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token
free(pEncodedToken);
}
else
{
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0);
DbgTrace(0, "-AuthTokenIf_GetAuthToken- GSS Token too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
}
else

180
CASA-auth-token/client/library/mechanisms/krb5/util.c
View File

@ -65,9 +65,9 @@ static const uint8_t g_Expand64[256] =
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
IN const uint32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen)
INOUT uint32_t *pEncodedDataLen)
//
// Arguments:
//
@ -150,9 +150,9 @@ EncodeData(
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen)
INOUT uint32_t *pDataLen)
//
// Arguments:
//
@ -164,8 +164,8 @@ DecodeData(
//=======================================================================--
{
CasaStatus retStatus;
int i, j;
int decodedSize;
uint32_t i, j;
size_t decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0);
@ -175,98 +175,110 @@ DecodeData(
j++;
decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
// Verify that we are not going to overflow the uint32
if (decodedSize <= UINT32_MAX)
{
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
if (!endReached)
else
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);

76
CASA-auth-token/client/library/mechanisms/krb5/windows/get.c
View File

@ -43,7 +43,7 @@ AuthTokenIf_GetAuthToken(
IN const char *pHostName,
IN void *pCredStoreScope,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen)
INOUT uint32_t *pTokenBufLen)
//
// Arguments:
// pIfInstance -
@ -131,6 +131,9 @@ AuthTokenIf_GetAuthToken(
else
{
DbgTrace(0, "-AuthTokenIf_GetAuthToken- Memory allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
goto exit;
}
}
@ -180,40 +183,55 @@ AuthTokenIf_GetAuthToken(
&expiry);
if (secStatus == SEC_E_OK)
{
char *pEncodedToken;
int encodedTokenLen;
// The security context was initialized, now return it to the caller after base64 encoding it.
retStatus = EncodeData(sendTok.pvBuffer,
(const int) sendTok.cbBuffer,
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
// Make sure that the token is not too large
if (sendTok.cbBuffer <= UINT32_MAX)
{
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
uint32_t encodedTokenLen;
char *pEncodedToken;
// The security context was initialized, now return it to the caller after base64 encoding it.
retStatus = EncodeData(sendTok.pvBuffer,
(const uint32_t) sendTok.cbBuffer,
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
{
// The buffer is not big enough
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
{
// The buffer is not big enough
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
else
{
// The buffer provided is large enough, copy the data.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token after clearing
// its memory to avoid leaking sensitive information.
memset(pEncodedToken, 0, strlen(pEncodedToken));
free(pEncodedToken);
}
else
{
// The buffer provided is large enough, copy the data.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0);
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token after clearing
// its memory to avoid leaking sensitive information.
memset(pEncodedToken, 0, strlen(pEncodedToken));
free(pEncodedToken);
}
else
{
DbgTrace(0, "-AuthTokenIf_GetAuthToken- GSS Token too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Delete the security context

109
CASA-auth-token/client/library/mechanisms/pwd/get.c
View File

@ -87,7 +87,7 @@ GetUserCredentials(
// Get the length of the realm string into the secret id structure
// and verify thatr it is not too long.
secretIdLen = sscs_Utf8Strlen(pRealm) + 1;
if (secretIdLen <= U32_MAX)
if (secretIdLen <= UINT32_MAX)
{
secretId.len = secretIdLen;
if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN)
@ -219,7 +219,7 @@ AuthTokenIf_GetAuthToken(
IN const char *pHostName,
IN void *pCredStoreScope,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen)
INOUT size_t *pTokenBufLen)
//
// Arguments:
// pIfInstance -
@ -300,63 +300,80 @@ AuthTokenIf_GetAuthToken(
&pPassword);
if (CASA_SUCCESS(retStatus))
{
// Now construct the PW token with the following format:
// "username\r\n" + "password\r\n"
//
// First allocate a buffer large enough to hold the token
pToken = (char*) malloc(strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1);
if (pToken)
size_t tokenLen = strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1;
// Make sure that the token is not too large
if (tokenLen <= UINT32_MAX)
{
char *pEncodedToken;
int encodedTokenLen;
// Now assemble the token
sprintf(pToken, "%s\r\n%s\r\n", pUsername, pPassword);
// The token has been assembled, now encode it.
retStatus = EncodeData(pToken,
(const int) strlen(pToken),
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
// Now construct the PW token with the following format:
// "username\r\n" + "password\r\n"
//
// First allocate a buffer large enough to hold the token
pToken = (char*) malloc(strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1);
if (pToken)
{
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
char *pEncodedToken;
uint32_t encodedTokenLen;
// Now assemble the token
sprintf(pToken, "%s\r\n%s\r\n", pUsername, pPassword);
// The token has been assembled, now encode it.
retStatus = EncodeData(pToken,
(const uint32_t) tokenLen,
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
{
// The buffer is not big enough
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
{
// The buffer is not big enough
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
else
{
// The buffer provided is large enough, copy the data.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token after clearing
// it to avoid leaking sensitive information.
memset(pEncodedToken, 0, strlen(pEncodedToken));
free(pEncodedToken);
}
else
{
// The buffer provided is large enough, copy the data.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Encoding failed\n", 0);
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token after clearing
// it to avoid leaking sensitive information.
memset(pEncodedToken, 0, strlen(pEncodedToken));
free(pEncodedToken);
// Free the buffer allocated for the token after clearing it
// to avoid leaving sensitive information behind.
memset(pToken, 0, strlen(pToken));
free(pToken);
}
else
{
DbgTrace(0, "-AuthTokenIf_GetAuthToken- Buffer allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Free the buffer allocated for the token after clearing it
// to avoid leaving sensitive information behind.
memset(pToken, 0, strlen(pToken));
free(pToken);
}
else
{
DbgTrace(0, "-AuthTokenIf_GetAuthToken- Buffer allocation error\n", 0);
DbgTrace(0, "-AuthTokenIf_GetAuthToken- Token too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Free allocated buffers after clearing memory holding the password

14
CASA-auth-token/client/library/mechanisms/pwd/internal.h
View File

@ -37,10 +37,6 @@
//===[ Type definitions ]==================================================
#ifndef U32_MAX
#define U32_MAX (~(uint32_t)0)
#endif
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
@ -66,7 +62,7 @@ AuthTokenIf_GetAuthToken(
IN const char *pHostName,
IN void *pCredStoreScope,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen);
INOUT size_t *pTokenBufLen);
//
// Defined in utils.c
@ -76,17 +72,17 @@ extern
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
IN const uint32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen);
INOUT uint32_t *pEncodedDataLen);
extern
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen);
INOUT uint32_t *pDataLen);
extern
int

180
CASA-auth-token/client/library/mechanisms/pwd/util.c
View File

@ -65,9 +65,9 @@ static const uint8_t g_Expand64[256] =
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
IN const uint32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen)
INOUT uint32_t *pEncodedDataLen)
//
// Arguments:
//
@ -150,9 +150,9 @@ EncodeData(
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen)
INOUT uint32_t *pDataLen)
//
// Arguments:
//
@ -164,8 +164,8 @@ DecodeData(
//=======================================================================--
{
CasaStatus retStatus;
int i, j;
int decodedSize;
uint32_t i, j;
size_t decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0);
@ -175,98 +175,110 @@ DecodeData(
j++;
decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
// Verify that we are not going to overflow the uint32
if (decodedSize <= UINT32_MAX)
{
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
if (!endReached)
else
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);

178
CASA-auth-token/client/library/util.c
View File

@ -62,9 +62,9 @@ static const uint8_t g_Expand64[256] =
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
IN const uint32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen)
INOUT uint32_t *pEncodedDataLen)
//
// Arguments:
//
@ -147,9 +147,9 @@ EncodeData(
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen)
INOUT uint32_t *pDataLen)
//
// Arguments:
//
@ -161,8 +161,8 @@ DecodeData(
//=======================================================================--
{
CasaStatus retStatus;
int i, j;
int decodedSize;
uint32_t i, j;
size_t decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0);
@ -172,98 +172,110 @@ DecodeData(
j++;
decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
// Verify that we are not going to overflow the uint32
if (decodedSize <= UINT32_MAX)
{
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
if (!endReached)
else
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
CASA_STATUS_UNSUCCESSFUL);
}
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);