geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added code to clear memory used to hold tokens since they contain data

Browse Source 
which is security sensitive.
This commit is contained in:
Juan Carlos Luciani 2007-01-04 10:18:40 +00:00
parent fbfa990210
commit 834c6e0add
5 changed files with 152 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CASA-auth-token/client/library/authmsg.c
View File

@ -364,7 +364,9 @@ ConsumeElementData(
memcpy(pNewBuf + pAuthRespParse->elementDataProcessed, s, len);
pAuthRespParse->elementDataProcessed += len;
// Swap the buffers
// Swap the buffers after clearing and freeing the original
// buffer since it may contain sensitive information.
memset(*ppElementData, 0, pAuthRespParse->elementDataProcessed - len);
free(*ppElementData);
*ppElementData = pNewBuf;
@ -842,7 +844,12 @@ RelAuthenticateResp(
// Free the resources associated with the object
if (pAuthenticateResp->pToken)
{
// Clear the memory associated with the token since it is
// sensitive data.
memset(pAuthenticateResp->pToken, 0, pAuthenticateResp->tokenLen);
free(pAuthenticateResp->pToken);
}
free(pAuthenticateResp);

203
CASA-auth-token/client/library/cache.c
View File

@ -60,7 +60,7 @@ CreateAuthTokenCacheEntry(
// L2
//=======================================================================--
{
CasaStatus retStatus;
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"};
int32_t tokenSize, entrySize, keySize;
@ -85,6 +85,9 @@ CreateAuthTokenCacheEntry(
pEntry = (AuthCacheEntry*) malloc(entrySize);
if (pEntry)
{
// Save the entry size
pEntry->size = entrySize;
// Set the status
pEntry->status = status;
@ -120,32 +123,31 @@ CreateAuthTokenCacheEntry(
strncat(pKey, "@", keySize);
strncat(pKey, pGroupOrHostName, keySize);
retStatus = miCASAWriteBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pKey,
keySize,
(uint8_t *) pEntry,
(uint32_t*) &entrySize,
NULL,
(SSCS_EXT_T*) pCredStoreScope);
miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pKey,
keySize,
(uint8_t *) pEntry,
(uint32_t*) &entrySize,
NULL,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS)
{
DbgTrace(0, "-CreateAuthTokenCacheEntry- miCASAWriteBinaryKey failure, status = %0X\n", miCasaStatus);
}
free(pKey);
}
else
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
DbgTrace(0, "-CreateAuthTokenCacheEntry- Memory allocation failure\n", 0);
}
}
else
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
DbgTrace(0, "-CreateAuthTokenCacheEntry- Memory allocation failure\n", 0);
}
DbgTrace(1, "-CreateAuthTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry);
@ -175,7 +177,7 @@ CreateSessionTokenCacheEntry(
// L2
//=======================================================================--
{
CasaStatus retStatus;
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"};
int32_t tokenSize, entrySize;
@ -199,6 +201,9 @@ CreateSessionTokenCacheEntry(
pEntry = (AuthCacheEntry*) malloc(entrySize);
if (pEntry)
{
// Save the entry size
pEntry->size = entrySize;
// Set the status
pEntry->status = status;
@ -225,22 +230,24 @@ CreateSessionTokenCacheEntry(
pEntry->doesNotExpire = true;
}
retStatus = miCASAWriteBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
(uint8_t *) pEntry,
(uint32_t*) &entrySize,
NULL,
(SSCS_EXT_T*) pCredStoreScope);
miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
(uint8_t *) pEntry,
(uint32_t*) &entrySize,
NULL,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS)
{
DbgTrace(0, "-CreateSessionTokenCacheEntry- miCASAWriteBinaryKey failure, status = %0X\n", miCasaStatus);
}
}
else
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
DbgTrace(0, "-CreateSessionTokenCacheEntry- Memory allocation failure\n", 0);
}
DbgTrace(1, "-CreateSessionTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry);
@ -268,7 +275,9 @@ FreeAuthCacheEntry(
{
DbgTrace(1, "-FreeAuthCacheEntry- Start, pEntry = %0lX\n", (long) pEntry);
// Free the entry
// Free the entry after clearing the memory holding it since it
// may contain security sensitive data.
memset(pEntry, 0, pEntry->size);
free(pEntry);
DbgTrace(1, "-FreeAuthCacheEntry- End\n", 0);
@ -362,52 +371,51 @@ FindSessionTokenEntryInCache(
// L2
//=======================================================================--
{
CasaStatus retStatus;
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"};
int32_t valueLength, bytesRequired;
AuthCacheEntry *pEntry = NULL;
DbgTrace(1, "-FindSessionTokenEntryInCache- Start\n", 0);
valueLength = 0;
bytesRequired = 0;
retStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
NULL,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
NULL,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (retStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
&& bytesRequired != 0)
{
pEntry = (AuthCacheEntry*) malloc(bytesRequired);
if (pEntry)
{
pEntry->size = bytesRequired;
valueLength = bytesRequired;
bytesRequired = 0;
retStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
(uint8_t *) pEntry,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (CASA_SUCCESS(retStatus))
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
(uint8_t *) pEntry,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_SUCCESS)
{
if (pEntry->doesNotExpire == false
&& CacheEntryLifetimeExpired(pEntry->creationTime, pEntry->expirationTime))
@ -415,14 +423,13 @@ FindSessionTokenEntryInCache(
// Remove the entry ???
//miCASARemoveBinaryKey();
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
FreeAuthCacheEntry(pEntry);
pEntry = NULL;
}
}
if (!CASA_SUCCESS(retStatus))
else
{
DbgTrace(0, "-FindSessionTokenEntryInCache- miCASAReadBinaryKey error = %0X\n", miCasaStatus);
FreeAuthCacheEntry(pEntry);
pEntry = NULL;
}
@ -453,7 +460,7 @@ FindAuthTokenEntryInCache(
// L2
//=======================================================================--
{
CasaStatus retStatus;
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"};
int32_t valueLength, bytesRequired, keySize;
@ -475,55 +482,53 @@ FindAuthTokenEntryInCache(
valueLength = 0;
bytesRequired = 0;
retStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pKey,
keySize,
NULL,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (retStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pKey,
keySize,
NULL,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
&& bytesRequired != 0)
{
pEntry = (AuthCacheEntry*) malloc(bytesRequired);
if (pEntry)
{
pEntry->size = bytesRequired;
valueLength = bytesRequired;
bytesRequired = 0;
retStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pKey,
keySize,
(uint8_t *) pEntry,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (CASA_SUCCESS(retStatus))
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pKey,
keySize,
(uint8_t *) pEntry,
(uint32_t*) &valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_SUCCESS)
{
if (pEntry->doesNotExpire == false
&& CacheEntryLifetimeExpired(pEntry->creationTime, pEntry->expirationTime))
{
// Remove the entry ???
//miCASARemoveBinaryKey();
// Remove the entry ???
//miCASARemoveBinaryKey();
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
FreeAuthCacheEntry(pEntry);
pEntry = NULL;
}
}
if (!CASA_SUCCESS(retStatus))
else
{
DbgTrace(0, "-FindAuthTokenEntryInCache- miCASAReadBinaryKey error = %0X\n", miCasaStatus);
FreeAuthCacheEntry(pEntry);
pEntry = NULL;
}

32
CASA-auth-token/client/library/engine.c
View File

@ -192,10 +192,15 @@ ObtainSessionToken(
// Free resources that may be hanging around
if (pRespMsg)
{
// Clear and free the memory associated with the response since it may contain
// security sensitive data.
memset(pRespMsg, 0, respLen);
free(pRespMsg);
}
// Clear and free the memory associated with the request message since
// it may contain sensitive information.
// it may contain security sensitive information.
memset(pReqMsg, 0, strlen(pReqMsg));
free(pReqMsg);
}
@ -407,13 +412,28 @@ ObtainAuthTokenFromServer(
// Free resources that may be hanging around
if (pReqMsg)
{
// Clear the memory before freeing up the request message since it
// may contain security sensitive data.
memset(pReqMsg, 0, strlen(pReqMsg));
free(pReqMsg);
}
if (pRespMsg)
{
// Clear the memory before freeing up the response message since it
// may contain security sensitive data.
memset(pRespMsg, 0, strlen(pRespMsg));
free(pRespMsg);
}
if (pSessionToken)
{
// Clear the memory before freeing up the token since it is
// security sensitive data.
memset(pSessionToken, 0, strlen(pSessionToken));
free(pSessionToken);
}
if (pGetAuthTokenResp)
RelGetAuthTokenResp(pGetAuthTokenResp);
@ -572,6 +592,7 @@ ObtainAuthTokenInt(
int cacheEntryLifetime = DEFAULT_RETRY_LIFETIME;
// Cache entry created, now try to obtain auth token from the CASA Server
pToken = NULL;
retStatus = ObtainAuthTokenFromServer(pServiceName,
pNormalizedHostName,
&pToken,
@ -598,6 +619,15 @@ ObtainAuthTokenInt(
}
}
}
// Release authentication token if present
if (pToken)
{
// Clear the memory before releasing the buffer since it contains
// security sensitive data.
memset(pToken, 0, strlen(pToken));
free(pToken);
}
}
else
{

10
CASA-auth-token/client/library/gettokenmsg.c
View File

@ -361,8 +361,9 @@ ConsumeElementData(
memcpy(pNewBuf + pGetAuthTokenRespParse->elementDataProcessed, s, len);
pGetAuthTokenRespParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
// Swap the buffers after clearing and freeing the original
// buffer since it may contain sensitive information.
memset(*ppElementData, 0, pGetAuthTokenRespParse->elementDataProcessed - len);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
@ -828,7 +829,12 @@ RelGetAuthTokenResp(
// Free the resources associated with the object
if (pGetAuthTokenResp->pToken)
{
// Clear the memory associated with the token since it is
// sensitive data.
memset(pGetAuthTokenResp->pToken, 0, pGetAuthTokenResp->tokenLen);
free(pGetAuthTokenResp->pToken);
}
free(pGetAuthTokenResp);

1
CASA-auth-token/client/library/internal.h
View File

@ -101,6 +101,7 @@ typedef struct _AuthenticateResp
typedef struct _AuthCacheEntry
{
int status;
int size;
DWORD creationTime;
DWORD expirationTime;
bool doesNotExpire;