2N/A/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2N/A/*
2N/A * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
2N/A */
2N/A/*
2N/A * COPYRIGHT (C) 2006,2007
2N/A * THE REGENTS OF THE UNIVERSITY OF MICHIGAN
2N/A * ALL RIGHTS RESERVED
2N/A *
2N/A * Permission is granted to use, copy, create derivative works
2N/A * and redistribute this software and such derivative works
2N/A * for any purpose, so long as the name of The University of
2N/A * Michigan is not used in any advertising or publicity
2N/A * pertaining to the use of distribution of this software
2N/A * without specific, written prior authorization. If the
2N/A * above copyright notice or any other identification of the
2N/A * University of Michigan is included in any copy of any
2N/A * portion of this software, then the disclaimer below must
2N/A * also be included.
2N/A *
2N/A * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
2N/A * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
2N/A * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
2N/A * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
2N/A * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
2N/A * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
2N/A * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
2N/A * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
2N/A * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
2N/A * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
2N/A * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
2N/A * SUCH DAMAGES.
2N/A */
2N/A
2N/A#include <stdio.h>
2N/A#include <stdlib.h>
2N/A#include <errno.h>
2N/A#include <unistd.h>
2N/A#include <string.h>
2N/A#include <ctype.h>
2N/A#include <assert.h>
2N/A#include <dlfcn.h>
2N/A#include <sys/stat.h>
2N/A
2N/A#include "pkinit.h"
2N/A
2N/A/* Remove when FAST PKINIT is settled. */
2N/A#include "../fast_factor.h"
2N/A
2N/A/*
2N/A * It is anticipated that all the special checks currently
2N/A * required when talking to a Longhorn server will go away
2N/A * by the time it is officially released and all references
2N/A * to the longhorn global can be removed and any code
2N/A * #ifdef'd with LONGHORN_BETA_COMPAT can be removed.
2N/A *
2N/A * Current testing (20070620) is against a patched Beta 3
2N/A * version of Longhorn. Most, if not all, problems should
2N/A * be fixed in SP1 of Longhorn.
2N/A */
2N/Aint longhorn = 0; /* Talking to a Longhorn server? */
2N/A
2N/Astatic krb5_error_code
2N/Apkinit_as_req_create(krb5_context context, pkinit_context plgctx,
2N/A pkinit_req_context reqctx, krb5_timestamp ctsec,
2N/A krb5_int32 cusec, krb5_ui_4 nonce,
2N/A const krb5_checksum *cksum,
2N/A krb5_principal client, krb5_principal server,
2N/A krb5_data **as_req);
2N/A
2N/Astatic krb5_error_code
2N/Apkinit_as_rep_parse(krb5_context context, pkinit_context plgctx,
2N/A pkinit_req_context reqctx, krb5_preauthtype pa_type,
2N/A krb5_kdc_req *request, const krb5_data *as_rep,
2N/A krb5_keyblock *key_block, krb5_enctype etype, krb5_data *);
2N/A
2N/Astatic void pkinit_client_plugin_fini(krb5_context context, void *blob);
2N/A
2N/Astatic krb5_error_code
2N/Apa_pkinit_gen_req(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A krb5_kdc_req * request,
2N/A krb5_pa_data * in_padata,
2N/A krb5_pa_data *** out_padata,
2N/A krb5_prompter_fct prompter,
2N/A void *prompter_data,
2N/A krb5_get_init_creds_opt *gic_opt)
2N/A{
2N/A
2N/A krb5_error_code retval = KRB5KDC_ERR_PREAUTH_FAILED;
2N/A krb5_data *out_data = NULL;
2N/A krb5_timestamp ctsec = 0;
2N/A krb5_int32 cusec = 0;
2N/A krb5_ui_4 nonce = 0;
2N/A krb5_checksum cksum;
2N/A krb5_data *der_req = NULL;
2N/A krb5_pa_data **return_pa_data = NULL;
2N/A
2N/A cksum.contents = NULL;
2N/A reqctx->pa_type = in_padata->pa_type;
2N/A
2N/A pkiDebug("kdc_options = 0x%x till = %d\n",
2N/A request->kdc_options, request->till);
2N/A /* If we don't have a client, we're done */
2N/A if (request->client == NULL) {
2N/A pkiDebug("No request->client; aborting PKINIT\n");
2N/A return KRB5KDC_ERR_PREAUTH_FAILED;
2N/A }
2N/A
2N/A retval = pkinit_get_kdc_cert(context, plgctx->cryptoctx, reqctx->cryptoctx,
2N/A reqctx->idctx, request->server);
2N/A if (retval) {
2N/A pkiDebug("pkinit_get_kdc_cert returned %d\n", retval);
2N/A goto cleanup;
2N/A }
2N/A
2N/A /* checksum of the encoded KDC-REQ-BODY */
2N/A retval = k5int_encode_krb5_kdc_req_body(request, &der_req);
2N/A if (retval) {
2N/A pkiDebug("encode_krb5_kdc_req_body returned %d\n", (int) retval);
2N/A goto cleanup;
2N/A }
2N/A
2N/A retval = krb5_c_make_checksum(context, CKSUMTYPE_NIST_SHA, NULL, 0,
2N/A der_req, &cksum);
2N/A if (retval)
2N/A goto cleanup;
2N/A#ifdef DEBUG_CKSUM
2N/A pkiDebug("calculating checksum on buf size (%d)\n", der_req->length);
2N/A print_buffer(der_req->data, der_req->length);
2N/A#endif
2N/A
2N/A retval = krb5_us_timeofday(context, &ctsec, &cusec);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A /* XXX PKINIT RFC says that nonce in PKAuthenticator doesn't have be the
2N/A * same as in the AS_REQ. However, if we pick a different nonce, then we
2N/A * need to remember that info when AS_REP is returned. I'm choosing to
2N/A * reuse the AS_REQ nonce.
2N/A */
2N/A nonce = request->nonce;
2N/A
2N/A retval = pkinit_as_req_create(context, plgctx, reqctx, ctsec, cusec,
2N/A nonce, &cksum, request->client, request->server, &out_data);
2N/A if (retval || !out_data->length) {
2N/A pkiDebug("error %d on pkinit_as_req_create; aborting PKINIT\n",
2N/A (int) retval);
2N/A goto cleanup;
2N/A }
2N/A retval = ENOMEM;
2N/A /*
2N/A * The most we'll return is two pa_data, normally just one.
2N/A * We need to make room for the NULL terminator.
2N/A */
2N/A return_pa_data = malloc(3 * sizeof(krb5_pa_data *));
2N/A if (return_pa_data == NULL)
2N/A goto cleanup;
2N/A
2N/A return_pa_data[1] = NULL; /* in case of an early trip to cleanup */
2N/A return_pa_data[2] = NULL; /* Terminate the list */
2N/A
2N/A return_pa_data[0] = malloc(sizeof(krb5_pa_data));
2N/A if (return_pa_data[0] == NULL)
2N/A goto cleanup;
2N/A
2N/A return_pa_data[1] = malloc(sizeof(krb5_pa_data));
2N/A if (return_pa_data[1] == NULL)
2N/A goto cleanup;
2N/A
2N/A return_pa_data[0]->magic = KV5M_PA_DATA;
2N/A
2N/A if (in_padata->pa_type == KRB5_PADATA_PK_AS_REQ_OLD)
2N/A return_pa_data[0]->pa_type = KRB5_PADATA_PK_AS_REP_OLD;
2N/A else
2N/A return_pa_data[0]->pa_type = in_padata->pa_type;
2N/A return_pa_data[0]->length = out_data->length;
2N/A return_pa_data[0]->contents = (krb5_octet *) out_data->data;
2N/A
2N/A /*
2N/A * LH Beta 3 requires the extra pa-data, even for RFC requests,
2N/A * in order to get the Checksum rather than a Nonce in the reply.
2N/A * This can be removed when LH SP1 is released.
2N/A */
2N/A if ((return_pa_data[0]->pa_type == KRB5_PADATA_PK_AS_REP_OLD
2N/A && reqctx->opts->win2k_require_cksum) || (longhorn == 1)) {
2N/A return_pa_data[1]->pa_type = 132;
2N/A return_pa_data[1]->length = 0;
2N/A return_pa_data[1]->contents = NULL;
2N/A } else {
2N/A free(return_pa_data[1]);
2N/A return_pa_data[1] = NULL; /* Move the list terminator */
2N/A }
2N/A *out_padata = return_pa_data;
2N/A retval = 0;
2N/A
2N/Acleanup:
2N/A if (der_req != NULL)
2N/A krb5_free_data(context, der_req);
2N/A free(out_data);
2N/A
2N/A if (retval) {
2N/A if (return_pa_data) {
2N/A free(return_pa_data[0]);
2N/A free(return_pa_data[1]);
2N/A free(return_pa_data);
2N/A }
2N/A if (out_data) {
2N/A free(out_data->data);
2N/A free(out_data);
2N/A }
2N/A }
2N/A return retval;
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Apkinit_as_req_create(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A krb5_timestamp ctsec,
2N/A krb5_int32 cusec,
2N/A krb5_ui_4 nonce,
2N/A const krb5_checksum * cksum,
2N/A krb5_principal client,
2N/A krb5_principal server,
2N/A krb5_data ** as_req)
2N/A{
2N/A krb5_error_code retval = ENOMEM;
2N/A krb5_subject_pk_info *info = NULL;
2N/A krb5_data *coded_auth_pack = NULL;
2N/A krb5_auth_pack *auth_pack = NULL;
2N/A krb5_pa_pk_as_req *req = NULL;
2N/A krb5_auth_pack_draft9 *auth_pack9 = NULL;
2N/A krb5_pa_pk_as_req_draft9 *req9 = NULL;
2N/A int protocol = reqctx->opts->dh_or_rsa;
2N/A
2N/A pkiDebug("pkinit_as_req_create pa_type = %d\n", reqctx->pa_type);
2N/A
2N/A /* Create the authpack */
2N/A switch((int)reqctx->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A protocol = RSA_PROTOCOL;
2N/A init_krb5_auth_pack_draft9(&auth_pack9);
2N/A if (auth_pack9 == NULL)
2N/A goto cleanup;
2N/A auth_pack9->pkAuthenticator.ctime = ctsec;
2N/A auth_pack9->pkAuthenticator.cusec = cusec;
2N/A auth_pack9->pkAuthenticator.nonce = nonce;
2N/A auth_pack9->pkAuthenticator.kdcName = server;
2N/A auth_pack9->pkAuthenticator.kdcRealm.magic = 0;
2N/A auth_pack9->pkAuthenticator.kdcRealm.data =
2N/A (unsigned char *)server->realm.data;
2N/A auth_pack9->pkAuthenticator.kdcRealm.length = server->realm.length;
2N/A free(cksum->contents);
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A init_krb5_subject_pk_info(&info);
2N/A if (info == NULL)
2N/A goto cleanup;
2N/A init_krb5_auth_pack(&auth_pack);
2N/A if (auth_pack == NULL)
2N/A goto cleanup;
2N/A auth_pack->pkAuthenticator.ctime = ctsec;
2N/A auth_pack->pkAuthenticator.cusec = cusec;
2N/A auth_pack->pkAuthenticator.nonce = nonce;
2N/A auth_pack->pkAuthenticator.paChecksum = *cksum;
2N/A auth_pack->clientDHNonce.length = 0;
2N/A auth_pack->clientPublicValue = info;
2N/A
2N/A /* add List of CMS algorithms */
2N/A retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx,
2N/A &auth_pack->supportedCMSTypes);
2N/A if (retval)
2N/A goto cleanup;
2N/A break;
2N/A default:
2N/A pkiDebug("as_req: unrecognized pa_type = %d\n",
2N/A (int)reqctx->pa_type);
2N/A retval = -1;
2N/A goto cleanup;
2N/A }
2N/A
2N/A switch(protocol) {
2N/A case DH_PROTOCOL:
2N/A pkiDebug("as_req: DH key transport algorithm\n");
2N/A retval = pkinit_copy_krb5_octet_data(&info->algorithm.algorithm, &dh_oid);
2N/A if (retval) {
2N/A pkiDebug("failed to copy dh_oid\n");
2N/A goto cleanup;
2N/A }
2N/A
2N/A /* create client-side DH keys */
2N/A if ((retval = client_create_dh(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, reqctx->opts->dh_size,
2N/A &info->algorithm.parameters.data,
2N/A &info->algorithm.parameters.length,
2N/A &info->subjectPublicKey.data,
2N/A &info->subjectPublicKey.length)) != 0) {
2N/A pkiDebug("failed to create dh parameters\n");
2N/A goto cleanup;
2N/A }
2N/A break;
2N/A case RSA_PROTOCOL:
2N/A pkiDebug("as_req: RSA key transport algorithm\n");
2N/A switch((int)reqctx->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A auth_pack9->clientPublicValue = NULL;
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A free_krb5_subject_pk_info(&info);
2N/A auth_pack->clientPublicValue = NULL;
2N/A break;
2N/A }
2N/A break;
2N/A default:
2N/A pkiDebug("as_req: unknown key transport protocol %d\n",
2N/A protocol);
2N/A retval = -1;
2N/A goto cleanup;
2N/A }
2N/A
2N/A /* Encode the authpack */
2N/A switch((int)reqctx->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A retval = k5int_encode_krb5_auth_pack(auth_pack, &coded_auth_pack);
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A retval = k5int_encode_krb5_auth_pack_draft9(auth_pack9,
2N/A &coded_auth_pack);
2N/A break;
2N/A }
2N/A if (retval) {
2N/A pkiDebug("failed to encode the AuthPack %d\n", retval);
2N/A goto cleanup;
2N/A }
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin((unsigned char *)coded_auth_pack->data,
2N/A coded_auth_pack->length,
2N/A "/tmp/client_auth_pack");
2N/A#endif
2N/A
2N/A /* create PKCS7 object from authpack */
2N/A switch((int)reqctx->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A init_krb5_pa_pk_as_req(&req);
2N/A if (req == NULL) {
2N/A retval = ENOMEM;
2N/A goto cleanup;
2N/A }
2N/A /* For the new protocol, we support anonymous. */
2N/A if (krb5_principal_compare_any_realm(context, client,
2N/A krb5_anonymous_principal())) {
2N/A retval = cms_contentinfo_create(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx,
2N/A CMS_SIGN_CLIENT, (unsigned char *)
2N/A coded_auth_pack->data,
2N/A coded_auth_pack->length,
2N/A &req->signedAuthPack.data,
2N/A &req->signedAuthPack.length);
2N/A } else {
2N/A retval = cms_signeddata_create(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx,
2N/A CMS_SIGN_CLIENT, 1,
2N/A (unsigned char *)
2N/A coded_auth_pack->data,
2N/A coded_auth_pack->length,
2N/A &req->signedAuthPack.data,
2N/A &req->signedAuthPack.length);
2N/A }
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin((unsigned char *)req->signedAuthPack.data,
2N/A req->signedAuthPack.length,
2N/A "/tmp/client_signed_data");
2N/A#endif
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A init_krb5_pa_pk_as_req_draft9(&req9);
2N/A if (req9 == NULL) {
2N/A retval = ENOMEM;
2N/A goto cleanup;
2N/A }
2N/A retval = cms_signeddata_create(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, CMS_SIGN_DRAFT9, 1,
2N/A (unsigned char *)coded_auth_pack->data, coded_auth_pack->length,
2N/A &req9->signedAuthPack.data, &req9->signedAuthPack.length);
2N/A break;
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin((unsigned char *)req9->signedAuthPack.data,
2N/A req9->signedAuthPack.length,
2N/A "/tmp/client_signed_data_draft9");
2N/A#endif
2N/A }
2N/A krb5_free_data(context, coded_auth_pack);
2N/A if (retval) {
2N/A pkiDebug("failed to create pkcs7 signed data\n");
2N/A goto cleanup;
2N/A }
2N/A
2N/A /* create a list of trusted CAs */
2N/A switch((int)reqctx->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A retval = create_krb5_trustedCertifiers(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, &req->trustedCertifiers);
2N/A if (retval)
2N/A goto cleanup;
2N/A retval = create_issuerAndSerial(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, &req->kdcPkId.data,
2N/A &req->kdcPkId.length);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A /* Encode the as-req */
2N/A retval = k5int_encode_krb5_pa_pk_as_req(req, as_req);
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A#if 0
2N/A /* W2K3 KDC doesn't like this */
2N/A retval = create_krb5_trustedCas(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, 1, &req9->trustedCertifiers);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A#endif
2N/A retval = create_issuerAndSerial(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, &req9->kdcCert.data,
2N/A &req9->kdcCert.length);
2N/A if (retval)
2N/A goto cleanup;
2N/A /* Encode the as-req */
2N/A retval = k5int_encode_krb5_pa_pk_as_req_draft9(req9, as_req);
2N/A break;
2N/A }
2N/A#ifdef DEBUG_ASN1
2N/A if (!retval)
2N/A print_buffer_bin((unsigned char *)(*as_req)->data, (*as_req)->length,
2N/A "/tmp/client_as_req");
2N/A#endif
2N/A
2N/Acleanup:
2N/A switch((int)reqctx->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A free_krb5_auth_pack(&auth_pack);
2N/A free_krb5_pa_pk_as_req(&req);
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A free_krb5_pa_pk_as_req_draft9(&req9);
2N/A free(auth_pack9);
2N/A break;
2N/A }
2N/A
2N/A
2N/A pkiDebug("pkinit_as_req_create retval=%d\n", (int) retval);
2N/A
2N/A return retval;
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Apa_pkinit_parse_rep(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A krb5_kdc_req * request,
2N/A krb5_pa_data * in_padata,
2N/A krb5_enctype etype,
2N/A krb5_keyblock * as_key,
2N/A krb5_data *encoded_request)
2N/A{
2N/A krb5_error_code retval = KRB5KDC_ERR_PREAUTH_FAILED;
2N/A krb5_data asRep = { 0, 0, NULL};
2N/A
2N/A /*
2N/A * One way or the other - success or failure - no other PA systems can
2N/A * work if the server sent us a PKINIT reply, since only we know how to
2N/A * decrypt the key.
2N/A */
2N/A if ((in_padata == NULL) || (in_padata->length == 0)) {
2N/A pkiDebug("pa_pkinit_parse_rep: no in_padata\n");
2N/A return KRB5KDC_ERR_PREAUTH_FAILED;
2N/A }
2N/A
2N/A asRep.data = (char *) in_padata->contents;
2N/A asRep.length = in_padata->length;
2N/A
2N/A retval =
2N/A pkinit_as_rep_parse(context, plgctx, reqctx, in_padata->pa_type,
2N/A request, &asRep, as_key, etype, encoded_request);
2N/A if (retval) {
2N/A pkiDebug("pkinit_as_rep_parse returned %d (%s)\n",
2N/A retval, error_message(retval));
2N/A goto cleanup;
2N/A }
2N/A
2N/A retval = 0;
2N/A
2N/Acleanup:
2N/A
2N/A return retval;
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Averify_kdc_san(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A krb5_principal kdcprinc,
2N/A int *valid_san,
2N/A int *need_eku_checking)
2N/A{
2N/A krb5_error_code retval;
2N/A char **certhosts = NULL, **cfghosts = NULL;
2N/A krb5_principal *princs = NULL;
2N/A unsigned char ***get_dns;
2N/A int i, j;
2N/A
2N/A *valid_san = 0;
2N/A *need_eku_checking = 1;
2N/A
2N/A retval = pkinit_libdefault_strings(context,
2N/A krb5_princ_realm(context, kdcprinc),
2N/A KRB5_CONF_PKINIT_KDC_HOSTNAME,
2N/A &cfghosts);
2N/A if (retval || cfghosts == NULL) {
2N/A pkiDebug("%s: No pkinit_kdc_hostname values found in config file\n",
2N/A __FUNCTION__);
2N/A get_dns = NULL;
2N/A } else {
2N/A pkiDebug("%s: pkinit_kdc_hostname values found in config file\n",
2N/A __FUNCTION__);
2N/A get_dns = (unsigned char ***)&certhosts;
2N/A }
2N/A
2N/A retval = crypto_retrieve_cert_sans(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx,
2N/A &princs, NULL, get_dns);
2N/A if (retval) {
2N/A pkiDebug("%s: error from retrieve_certificate_sans()\n", __FUNCTION__);
2N/A retval = KRB5KDC_ERR_KDC_NAME_MISMATCH;
2N/A goto out;
2N/A }
2N/A#if 0
2N/A retval = call_san_checking_plugins(context, plgctx, reqctx, idctx,
2N/A princs, hosts, &plugin_decision,
2N/A need_eku_checking);
2N/A pkiDebug("%s: call_san_checking_plugins() returned retval %d\n",
2N/A __FUNCTION__);
2N/A if (retval) {
2N/A retval = KRB5KDC_ERR_KDC_NAME_MISMATCH;
2N/A goto out;
2N/A }
2N/A pkiDebug("%s: call_san_checking_plugins() returned decision %d and "
2N/A "need_eku_checking %d\n",
2N/A __FUNCTION__, plugin_decision, *need_eku_checking);
2N/A if (plugin_decision != NO_DECISION) {
2N/A retval = plugin_decision;
2N/A goto out;
2N/A }
2N/A#endif
2N/A
2N/A pkiDebug("%s: Checking pkinit sans\n", __FUNCTION__);
2N/A for (i = 0; princs != NULL && princs[i] != NULL; i++) {
2N/A if (krb5_principal_compare(context, princs[i], kdcprinc)) {
2N/A pkiDebug("%s: pkinit san match found\n", __FUNCTION__);
2N/A *valid_san = 1;
2N/A *need_eku_checking = 0;
2N/A retval = 0;
2N/A goto out;
2N/A }
2N/A }
2N/A pkiDebug("%s: no pkinit san match found\n", __FUNCTION__);
2N/A
2N/A if (certhosts == NULL) {
2N/A pkiDebug("%s: no certhosts (or we wouldn't accept them anyway)\n",
2N/A __FUNCTION__);
2N/A retval = KRB5KDC_ERR_KDC_NAME_MISMATCH;
2N/A goto out;
2N/A }
2N/A
2N/A for (i = 0; certhosts[i] != NULL; i++) {
2N/A for (j = 0; cfghosts != NULL && cfghosts[j] != NULL; j++) {
2N/A pkiDebug("%s: comparing cert name '%s' with config name '%s'\n",
2N/A __FUNCTION__, certhosts[i], cfghosts[j]);
2N/A /* Solaris Kerberos */
2N/A if (strcasecmp(certhosts[i], cfghosts[j]) == 0) {
2N/A pkiDebug("%s: we have a dnsName match\n", __FUNCTION__);
2N/A *valid_san = 1;
2N/A retval = 0;
2N/A goto out;
2N/A }
2N/A }
2N/A }
2N/A pkiDebug("%s: no dnsName san match found\n", __FUNCTION__);
2N/A
2N/A /* We found no match */
2N/A retval = 0;
2N/A
2N/Aout:
2N/A if (princs != NULL) {
2N/A for (i = 0; princs[i] != NULL; i++)
2N/A krb5_free_principal(context, princs[i]);
2N/A free(princs);
2N/A }
2N/A if (certhosts != NULL) {
2N/A for (i = 0; certhosts[i] != NULL; i++)
2N/A free(certhosts[i]);
2N/A free(certhosts);
2N/A }
2N/A if (cfghosts != NULL)
2N/A profile_free_list(cfghosts);
2N/A
2N/A pkiDebug("%s: returning retval %d, valid_san %d, need_eku_checking %d\n",
2N/A __FUNCTION__, retval, *valid_san, *need_eku_checking);
2N/A return retval;
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Averify_kdc_eku(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A int *eku_accepted)
2N/A{
2N/A krb5_error_code retval;
2N/A
2N/A *eku_accepted = 0;
2N/A
2N/A if (reqctx->opts->require_eku == 0) {
2N/A pkiDebug("%s: configuration requests no EKU checking\n", __FUNCTION__);
2N/A *eku_accepted = 1;
2N/A retval = 0;
2N/A goto out;
2N/A }
2N/A retval = crypto_check_cert_eku(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx,
2N/A 1, /* kdc cert */
2N/A reqctx->opts->accept_secondary_eku,
2N/A eku_accepted);
2N/A if (retval) {
2N/A pkiDebug("%s: Error from crypto_check_cert_eku %d (%s)\n",
2N/A __FUNCTION__, retval, error_message(retval));
2N/A goto out;
2N/A }
2N/A
2N/Aout:
2N/A pkiDebug("%s: returning retval %d, eku_accepted %d\n",
2N/A __FUNCTION__, retval, *eku_accepted);
2N/A return retval;
2N/A}
2N/A
2N/A/*
2N/A * Parse PA-PK-AS-REP message. Optionally evaluates the message's
2N/A * certificate chain.
2N/A * Optionally returns various components.
2N/A */
2N/Astatic krb5_error_code
2N/Apkinit_as_rep_parse(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A krb5_preauthtype pa_type,
2N/A krb5_kdc_req *request,
2N/A const krb5_data *as_rep,
2N/A krb5_keyblock *key_block,
2N/A krb5_enctype etype,
2N/A krb5_data *encoded_request)
2N/A{
2N/A krb5_error_code retval = KRB5KDC_ERR_PREAUTH_FAILED;
2N/A krb5_principal kdc_princ = NULL;
2N/A krb5_pa_pk_as_rep *kdc_reply = NULL;
2N/A krb5_kdc_dh_key_info *kdc_dh = NULL;
2N/A krb5_reply_key_pack *key_pack = NULL;
2N/A krb5_reply_key_pack_draft9 *key_pack9 = NULL;
2N/A krb5_octet_data dh_data = { 0, 0, NULL };
2N/A unsigned char *client_key = NULL, *kdc_hostname = NULL;
2N/A unsigned int client_key_len = 0;
2N/A krb5_checksum cksum = {0, 0, 0, NULL};
2N/A krb5_data k5data;
2N/A int valid_san = 0;
2N/A int valid_eku = 0;
2N/A int need_eku_checking = 1;
2N/A
2N/A assert((as_rep != NULL) && (key_block != NULL));
2N/A
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin((unsigned char *)as_rep->data, as_rep->length,
2N/A "/tmp/client_as_rep");
2N/A#endif
2N/A
2N/A if ((retval = k5int_decode_krb5_pa_pk_as_rep(as_rep, &kdc_reply))) {
2N/A pkiDebug("decode_krb5_as_rep failed %d\n", retval);
2N/A return retval;
2N/A }
2N/A
2N/A switch(kdc_reply->choice) {
2N/A case choice_pa_pk_as_rep_dhInfo:
2N/A pkiDebug("as_rep: DH key transport algorithm\n");
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin(kdc_reply->u.dh_Info.dhSignedData.data,
2N/A kdc_reply->u.dh_Info.dhSignedData.length, "/tmp/client_kdc_signeddata");
2N/A#endif
2N/A if ((retval = cms_signeddata_verify(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, CMS_SIGN_SERVER,
2N/A reqctx->opts->require_crl_checking,
2N/A kdc_reply->u.dh_Info.dhSignedData.data,
2N/A kdc_reply->u.dh_Info.dhSignedData.length,
2N/A &dh_data.data, &dh_data.length,
2N/A NULL, NULL, NULL)) != 0) {
2N/A pkiDebug("failed to verify pkcs7 signed data\n");
2N/A goto cleanup;
2N/A }
2N/A
2N/A break;
2N/A case choice_pa_pk_as_rep_encKeyPack:
2N/A pkiDebug("as_rep: RSA key transport algorithm\n");
2N/A if ((retval = cms_envelopeddata_verify(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, pa_type,
2N/A reqctx->opts->require_crl_checking,
2N/A kdc_reply->u.encKeyPack.data,
2N/A kdc_reply->u.encKeyPack.length,
2N/A &dh_data.data, &dh_data.length)) != 0) {
2N/A pkiDebug("failed to verify pkcs7 enveloped data\n");
2N/A goto cleanup;
2N/A }
2N/A break;
2N/A default:
2N/A pkiDebug("unknown as_rep type %d\n", kdc_reply->choice);
2N/A retval = -1;
2N/A goto cleanup;
2N/A }
2N/A retval = krb5_build_principal_ext(context, &kdc_princ,
2N/A request->server->realm.length,
2N/A request->server->realm.data,
2N/A strlen(KRB5_TGS_NAME), KRB5_TGS_NAME,
2N/A request->server->realm.length,
2N/A request->server->realm.data,
2N/A 0);
2N/A if (retval)
2N/A goto cleanup;
2N/A retval = verify_kdc_san(context, plgctx, reqctx, kdc_princ,
2N/A &valid_san, &need_eku_checking);
2N/A if (retval)
2N/A goto cleanup;
2N/A if (!valid_san) {
2N/A pkiDebug("%s: did not find an acceptable SAN in KDC certificate\n",
2N/A __FUNCTION__);
2N/A retval = KRB5KDC_ERR_KDC_NAME_MISMATCH;
2N/A goto cleanup;
2N/A }
2N/A
2N/A if (need_eku_checking) {
2N/A retval = verify_kdc_eku(context, plgctx, reqctx,
2N/A &valid_eku);
2N/A if (retval)
2N/A goto cleanup;
2N/A if (!valid_eku) {
2N/A pkiDebug("%s: did not find an acceptable EKU in KDC certificate\n",
2N/A __FUNCTION__);
2N/A retval = KRB5KDC_ERR_INCONSISTENT_KEY_PURPOSE;
2N/A goto cleanup;
2N/A }
2N/A } else
2N/A pkiDebug("%s: skipping EKU check\n", __FUNCTION__);
2N/A
2N/A OCTETDATA_TO_KRB5DATA(&dh_data, &k5data);
2N/A
2N/A switch(kdc_reply->choice) {
2N/A case choice_pa_pk_as_rep_dhInfo:
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin(dh_data.data, dh_data.length,
2N/A "/tmp/client_dh_key");
2N/A#endif
2N/A if ((retval = k5int_decode_krb5_kdc_dh_key_info(&k5data,
2N/A &kdc_dh)) != 0) {
2N/A pkiDebug("failed to decode kdc_dh_key_info\n");
2N/A goto cleanup;
2N/A }
2N/A
2N/A /* client after KDC reply */
2N/A if ((retval = client_process_dh(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx,
2N/A kdc_dh->subjectPublicKey.data,
2N/A kdc_dh->subjectPublicKey.length,
2N/A &client_key, &client_key_len)) != 0) {
2N/A pkiDebug("failed to process dh params\n");
2N/A goto cleanup;
2N/A }
2N/A
2N/A retval = pkinit_octetstring2key(context, etype, client_key,
2N/A client_key_len, key_block);
2N/A if (retval) {
2N/A pkiDebug("failed to create key pkinit_octetstring2key %s\n",
2N/A error_message(retval));
2N/A goto cleanup;
2N/A }
2N/A
2N/A break;
2N/A case choice_pa_pk_as_rep_encKeyPack:
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin(dh_data.data, dh_data.length,
2N/A "/tmp/client_key_pack");
2N/A#endif
2N/A if ((retval = k5int_decode_krb5_reply_key_pack(&k5data,
2N/A &key_pack)) != 0) {
2N/A pkiDebug("failed to decode reply_key_pack\n");
2N/A#ifdef LONGHORN_BETA_COMPAT
2N/A /*
2N/A * LH Beta 3 requires the extra pa-data, even for RFC requests,
2N/A * in order to get the Checksum rather than a Nonce in the reply.
2N/A * This can be removed when LH SP1 is released.
2N/A */
2N/A if (pa_type == KRB5_PADATA_PK_AS_REP && longhorn == 0)
2N/A#else
2N/A if (pa_type == KRB5_PADATA_PK_AS_REP)
2N/A#endif
2N/A goto cleanup;
2N/A else {
2N/A if ((retval =
2N/A k5int_decode_krb5_reply_key_pack_draft9(&k5data,
2N/A &key_pack9)) != 0) {
2N/A pkiDebug("failed to decode reply_key_pack_draft9\n");
2N/A goto cleanup;
2N/A }
2N/A pkiDebug("decode reply_key_pack_draft9\n");
2N/A if (key_pack9->nonce != request->nonce) {
2N/A pkiDebug("nonce in AS_REP=%d doesn't match AS_REQ=%d\n", key_pack9->nonce, request->nonce);
2N/A retval = -1;
2N/A goto cleanup;
2N/A }
2N/A krb5_copy_keyblock_contents(context, &key_pack9->replyKey,
2N/A key_block);
2N/A break;
2N/A }
2N/A }
2N/A /*
2N/A * This is hack but Windows sends back SHA1 checksum
2N/A * with checksum type of 14. There is currently no
2N/A * checksum type of 14 defined.
2N/A */
2N/A if (key_pack->asChecksum.checksum_type == 14)
2N/A key_pack->asChecksum.checksum_type = CKSUMTYPE_NIST_SHA;
2N/A retval = krb5_c_make_checksum(context,
2N/A key_pack->asChecksum.checksum_type,
2N/A &key_pack->replyKey,
2N/A KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM,
2N/A encoded_request, &cksum);
2N/A if (retval) {
2N/A pkiDebug("failed to make a checksum\n");
2N/A goto cleanup;
2N/A }
2N/A
2N/A if ((cksum.length != key_pack->asChecksum.length) ||
2N/A memcmp(cksum.contents, key_pack->asChecksum.contents,
2N/A cksum.length)) {
2N/A pkiDebug("failed to match the checksums\n");
2N/A#ifdef DEBUG_CKSUM
2N/A pkiDebug("calculating checksum on buf size (%d)\n",
2N/A encoded_request->length);
2N/A print_buffer(encoded_request->data, encoded_request->length);
2N/A pkiDebug("encrypting key (%d)\n", key_pack->replyKey.length);
2N/A print_buffer(key_pack->replyKey.contents,
2N/A key_pack->replyKey.length);
2N/A pkiDebug("received checksum type=%d size=%d ",
2N/A key_pack->asChecksum.checksum_type,
2N/A key_pack->asChecksum.length);
2N/A print_buffer(key_pack->asChecksum.contents,
2N/A key_pack->asChecksum.length);
2N/A pkiDebug("expected checksum type=%d size=%d ",
2N/A cksum.checksum_type, cksum.length);
2N/A print_buffer(cksum.contents, cksum.length);
2N/A#endif
2N/A goto cleanup;
2N/A } else
2N/A pkiDebug("checksums match\n");
2N/A
2N/A krb5_copy_keyblock_contents(context, &key_pack->replyKey,
2N/A key_block);
2N/A
2N/A break;
2N/A default:
2N/A pkiDebug("unknow as_rep type %d\n", kdc_reply->choice);
2N/A goto cleanup;
2N/A }
2N/A
2N/A retval = 0;
2N/A
2N/Acleanup:
2N/A free(dh_data.data);
2N/A krb5_free_principal(context, kdc_princ);
2N/A free(client_key);
2N/A free_krb5_kdc_dh_key_info(&kdc_dh);
2N/A free_krb5_pa_pk_as_rep(&kdc_reply);
2N/A
2N/A if (key_pack != NULL) {
2N/A free_krb5_reply_key_pack(&key_pack);
2N/A free(cksum.contents);
2N/A }
2N/A if (key_pack9 != NULL)
2N/A free_krb5_reply_key_pack_draft9(&key_pack9);
2N/A
2N/A free(kdc_hostname);
2N/A
2N/A pkiDebug("pkinit_as_rep_parse returning %d (%s)\n",
2N/A retval, error_message(retval));
2N/A return retval;
2N/A}
2N/A
2N/Astatic void
2N/Apkinit_client_profile(krb5_context context,
2N/A pkinit_context plgctx,
2N/A pkinit_req_context reqctx,
2N/A const krb5_data *realm)
2N/A{
2N/A char *eku_string = NULL;
2N/A
2N/A pkiDebug("pkinit_client_profile %p %p %p %p\n",
2N/A context, plgctx, reqctx, realm);
2N/A
2N/A pkinit_libdefault_boolean(context, realm,
2N/A KRB5_CONF_PKINIT_WIN2K,
2N/A reqctx->opts->win2k_target,
2N/A &reqctx->opts->win2k_target);
2N/A pkinit_libdefault_boolean(context, realm,
2N/A KRB5_CONF_PKINIT_WIN2K_REQUIRE_BINDING,
2N/A reqctx->opts->win2k_require_cksum,
2N/A &reqctx->opts->win2k_require_cksum);
2N/A pkinit_libdefault_boolean(context, realm,
2N/A KRB5_CONF_PKINIT_REQUIRE_CRL_CHECKING,
2N/A reqctx->opts->require_crl_checking,
2N/A &reqctx->opts->require_crl_checking);
2N/A pkinit_libdefault_integer(context, realm,
2N/A KRB5_CONF_PKINIT_DH_MIN_BITS,
2N/A reqctx->opts->dh_size,
2N/A &reqctx->opts->dh_size);
2N/A if (reqctx->opts->dh_size != 1024 && reqctx->opts->dh_size != 2048
2N/A && reqctx->opts->dh_size != 4096) {
2N/A pkiDebug("%s: invalid value (%d) for pkinit_dh_min_bits, "
2N/A "using default value (%d) instead\n", __FUNCTION__,
2N/A reqctx->opts->dh_size, PKINIT_DEFAULT_DH_MIN_BITS);
2N/A reqctx->opts->dh_size = PKINIT_DEFAULT_DH_MIN_BITS;
2N/A }
2N/A pkinit_libdefault_string(context, realm,
2N/A KRB5_CONF_PKINIT_EKU_CHECKING,
2N/A &eku_string);
2N/A if (eku_string != NULL) {
2N/A if (strcasecmp(eku_string, "kpKDC") == 0) {
2N/A reqctx->opts->require_eku = 1;
2N/A reqctx->opts->accept_secondary_eku = 0;
2N/A } else if (strcasecmp(eku_string, "kpServerAuth") == 0) {
2N/A reqctx->opts->require_eku = 1;
2N/A reqctx->opts->accept_secondary_eku = 1;
2N/A } else if (strcasecmp(eku_string, "none") == 0) {
2N/A reqctx->opts->require_eku = 0;
2N/A reqctx->opts->accept_secondary_eku = 0;
2N/A } else {
2N/A pkiDebug("%s: Invalid value for pkinit_eku_checking: '%s'\n",
2N/A __FUNCTION__, eku_string);
2N/A }
2N/A free(eku_string);
2N/A }
2N/A#ifdef LONGHORN_BETA_COMPAT
2N/A /* Temporarily just set global flag from config file */
2N/A pkinit_libdefault_boolean(context, realm,
2N/A KRB5_CONF_PKINIT_LONGHORN,
2N/A 0,
2N/A &longhorn);
2N/A#endif
2N/A
2N/A /* Only process anchors here if they were not specified on command line */
2N/A if (reqctx->idopts->anchors == NULL)
2N/A pkinit_libdefault_strings(context, realm,
2N/A KRB5_CONF_PKINIT_ANCHORS,
2N/A &reqctx->idopts->anchors);
2N/A pkinit_libdefault_strings(context, realm,
2N/A KRB5_CONF_PKINIT_POOL,
2N/A &reqctx->idopts->intermediates);
2N/A pkinit_libdefault_strings(context, realm,
2N/A KRB5_CONF_PKINIT_REVOKE,
2N/A &reqctx->idopts->crls);
2N/A pkinit_libdefault_strings(context, realm,
2N/A KRB5_CONF_PKINIT_IDENTITIES,
2N/A &reqctx->idopts->identity_alt);
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Apkinit_client_process(krb5_context context,
2N/A void *plugin_context,
2N/A void *request_context,
2N/A krb5_get_init_creds_opt *gic_opt,
2N/A preauth_get_client_data_proc get_data_proc,
2N/A struct _krb5_preauth_client_rock *rock,
2N/A krb5_kdc_req *request,
2N/A krb5_data *encoded_request_body,
2N/A krb5_data *encoded_previous_request,
2N/A krb5_pa_data *in_padata,
2N/A krb5_prompter_fct prompter,
2N/A void *prompter_data,
2N/A preauth_get_as_key_proc gak_fct,
2N/A void *gak_data,
2N/A krb5_data *salt,
2N/A krb5_data *s2kparams,
2N/A krb5_keyblock *as_key,
2N/A krb5_pa_data ***out_padata)
2N/A{
2N/A krb5_error_code retval = KRB5KDC_ERR_PREAUTH_FAILED;
2N/A krb5_enctype enctype = -1;
2N/A krb5_data *cdata = NULL;
2N/A int processing_request = 0;
2N/A pkinit_context plgctx = (pkinit_context)plugin_context;
2N/A pkinit_req_context reqctx = (pkinit_req_context)request_context;
2N/A krb5_keyblock *armor_key = NULL;
2N/A
2N/A pkiDebug("pkinit_client_process %p %p %p %p\n",
2N/A context, plgctx, reqctx, request);
2N/A
2N/A /* Remove (along with armor_key) when FAST PKINIT is settled. */
2N/A retval = fast_get_armor_key(context, get_data_proc, rock, &armor_key);
2N/A if (retval == 0 && armor_key != NULL) {
2N/A /* Don't use PKINIT if also using FAST. */
2N/A krb5_free_keyblock(context, armor_key);
2N/A return EINVAL;
2N/A }
2N/A
2N/A if (plgctx == NULL || reqctx == NULL)
2N/A return EINVAL;
2N/A
2N/A switch ((int) in_padata->pa_type) {
2N/A case KRB5_PADATA_PK_AS_REQ:
2N/A pkiDebug("processing KRB5_PADATA_PK_AS_REQ\n");
2N/A processing_request = 1;
2N/A break;
2N/A
2N/A case KRB5_PADATA_PK_AS_REP:
2N/A pkiDebug("processing KRB5_PADATA_PK_AS_REP\n");
2N/A break;
2N/A case KRB5_PADATA_PK_AS_REP_OLD:
2N/A case KRB5_PADATA_PK_AS_REQ_OLD:
2N/A if (in_padata->length == 0) {
2N/A pkiDebug("processing KRB5_PADATA_PK_AS_REQ_OLD\n");
2N/A in_padata->pa_type = KRB5_PADATA_PK_AS_REQ_OLD;
2N/A processing_request = 1;
2N/A } else {
2N/A pkiDebug("processing KRB5_PADATA_PK_AS_REP_OLD\n");
2N/A in_padata->pa_type = KRB5_PADATA_PK_AS_REP_OLD;
2N/A }
2N/A break;
2N/A default:
2N/A pkiDebug("unrecognized patype = %d for PKINIT\n",
2N/A in_padata->pa_type);
2N/A return EINVAL;
2N/A }
2N/A
2N/A if (processing_request) {
2N/A pkinit_client_profile(context, plgctx, reqctx,
2N/A &request->server->realm);
2N/A /* Solaris Kerberos - check return value */
2N/A retval = pkinit_identity_set_prompter(reqctx->idctx, prompter,
2N/A prompter_data);
2N/A if (retval) {
2N/A pkiDebug("pkinit_identity_set_prompter returned %d (%s)\n",
2N/A retval, error_message(retval));
2N/A return retval;
2N/A }
2N/A
2N/A retval = pkinit_identity_initialize(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idopts,
2N/A reqctx->idctx, 1, request->client);
2N/A if (retval) {
2N/A pkiDebug("pkinit_identity_initialize returned %d (%s)\n",
2N/A retval, error_message(retval));
2N/A return retval;
2N/A }
2N/A retval = pa_pkinit_gen_req(context, plgctx, reqctx, request,
2N/A in_padata, out_padata, prompter,
2N/A prompter_data, gic_opt);
2N/A } else {
2N/A /*
2N/A * Get the enctype of the reply.
2N/A */
2N/A retval = (*get_data_proc)(context, rock,
2N/A krb5plugin_preauth_client_get_etype, &cdata);
2N/A if (retval) {
2N/A pkiDebug("get_data_proc returned %d (%s)\n",
2N/A retval, error_message(retval));
2N/A return retval;
2N/A }
2N/A enctype = *((krb5_enctype *)cdata->data);
2N/A (*get_data_proc)(context, rock,
2N/A krb5plugin_preauth_client_free_etype, &cdata);
2N/A retval = pa_pkinit_parse_rep(context, plgctx, reqctx, request,
2N/A in_padata, enctype, as_key,
2N/A encoded_previous_request);
2N/A }
2N/A
2N/A pkiDebug("pkinit_client_process: returning %d (%s)\n",
2N/A retval, error_message(retval));
2N/A return retval;
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Apkinit_client_tryagain(krb5_context context,
2N/A void *plugin_context,
2N/A void *request_context,
2N/A krb5_get_init_creds_opt *gic_opt,
2N/A preauth_get_client_data_proc get_data_proc,
2N/A struct _krb5_preauth_client_rock *rock,
2N/A krb5_kdc_req *request,
2N/A krb5_data *encoded_request_body,
2N/A krb5_data *encoded_previous_request,
2N/A krb5_pa_data *in_padata,
2N/A krb5_error *err_reply,
2N/A krb5_prompter_fct prompter,
2N/A void *prompter_data,
2N/A preauth_get_as_key_proc gak_fct,
2N/A void *gak_data,
2N/A krb5_data *salt,
2N/A krb5_data *s2kparams,
2N/A krb5_keyblock *as_key,
2N/A krb5_pa_data ***out_padata)
2N/A{
2N/A krb5_error_code retval = KRB5KDC_ERR_PREAUTH_FAILED;
2N/A pkinit_context plgctx = (pkinit_context)plugin_context;
2N/A pkinit_req_context reqctx = (pkinit_req_context)request_context;
2N/A krb5_typed_data **typed_data = NULL;
2N/A krb5_data scratch;
2N/A krb5_external_principal_identifier **krb5_trusted_certifiers = NULL;
2N/A krb5_algorithm_identifier **algId = NULL;
2N/A int do_again = 0;
2N/A
2N/A pkiDebug("pkinit_client_tryagain %p %p %p %p\n",
2N/A context, plgctx, reqctx, request);
2N/A
2N/A if (reqctx->pa_type != in_padata->pa_type)
2N/A return retval;
2N/A
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin((unsigned char *)err_reply->e_data.data,
2N/A err_reply->e_data.length, "/tmp/client_edata");
2N/A#endif
2N/A retval = k5int_decode_krb5_typed_data(&err_reply->e_data, &typed_data);
2N/A if (retval) {
2N/A pkiDebug("decode_krb5_typed_data failed\n");
2N/A goto cleanup;
2N/A }
2N/A#ifdef DEBUG_ASN1
2N/A print_buffer_bin(typed_data[0]->data, typed_data[0]->length,
2N/A "/tmp/client_typed_data");
2N/A#endif
2N/A OCTETDATA_TO_KRB5DATA(typed_data[0], &scratch);
2N/A
2N/A switch(typed_data[0]->type) {
2N/A case TD_TRUSTED_CERTIFIERS:
2N/A case TD_INVALID_CERTIFICATES:
2N/A retval = k5int_decode_krb5_td_trusted_certifiers(&scratch,
2N/A &krb5_trusted_certifiers);
2N/A if (retval) {
2N/A pkiDebug("failed to decode sequence of trusted certifiers\n");
2N/A goto cleanup;
2N/A }
2N/A retval = pkinit_process_td_trusted_certifiers(context,
2N/A plgctx->cryptoctx, reqctx->cryptoctx, reqctx->idctx,
2N/A krb5_trusted_certifiers, typed_data[0]->type);
2N/A if (!retval)
2N/A do_again = 1;
2N/A break;
2N/A case TD_DH_PARAMETERS:
2N/A retval = k5int_decode_krb5_td_dh_parameters(&scratch, &algId);
2N/A if (retval) {
2N/A pkiDebug("failed to decode td_dh_parameters\n");
2N/A goto cleanup;
2N/A }
2N/A retval = pkinit_process_td_dh_params(context, plgctx->cryptoctx,
2N/A reqctx->cryptoctx, reqctx->idctx, algId,
2N/A &reqctx->opts->dh_size);
2N/A if (!retval)
2N/A do_again = 1;
2N/A break;
2N/A default:
2N/A break;
2N/A }
2N/A
2N/A if (do_again) {
2N/A retval = pa_pkinit_gen_req(context, plgctx, reqctx, request, in_padata,
2N/A out_padata, prompter, prompter_data, gic_opt);
2N/A if (retval)
2N/A goto cleanup;
2N/A }
2N/A
2N/A retval = 0;
2N/Acleanup:
2N/A if (krb5_trusted_certifiers != NULL)
2N/A free_krb5_external_principal_identifier(&krb5_trusted_certifiers);
2N/A
2N/A if (typed_data != NULL)
2N/A free_krb5_typed_data(&typed_data);
2N/A
2N/A if (algId != NULL)
2N/A free_krb5_algorithm_identifiers(&algId);
2N/A
2N/A pkiDebug("pkinit_client_tryagain: returning %d (%s)\n",
2N/A retval, error_message(retval));
2N/A return retval;
2N/A}
2N/A
2N/Astatic int
2N/Apkinit_client_get_flags(krb5_context kcontext, krb5_preauthtype patype)
2N/A{
2N/A return PA_REAL;
2N/A}
2N/A
2N/Astatic krb5_preauthtype supported_client_pa_types[] = {
2N/A KRB5_PADATA_PK_AS_REP,
2N/A KRB5_PADATA_PK_AS_REQ,
2N/A KRB5_PADATA_PK_AS_REP_OLD,
2N/A KRB5_PADATA_PK_AS_REQ_OLD,
2N/A 0
2N/A};
2N/A
2N/Astatic void
2N/Apkinit_client_req_init(krb5_context context,
2N/A void *plugin_context,
2N/A void **request_context)
2N/A{
2N/A krb5_error_code retval = ENOMEM;
2N/A pkinit_req_context reqctx = NULL;
2N/A pkinit_context plgctx = plugin_context;
2N/A
2N/A *request_context = NULL;
2N/A
2N/A reqctx = malloc(sizeof(*reqctx));
2N/A if (reqctx == NULL)
2N/A return;
2N/A memset(reqctx, 0, sizeof(*reqctx));
2N/A
2N/A reqctx->magic = PKINIT_REQ_CTX_MAGIC;
2N/A reqctx->cryptoctx = NULL;
2N/A reqctx->opts = NULL;
2N/A reqctx->idctx = NULL;
2N/A reqctx->idopts = NULL;
2N/A
2N/A retval = pkinit_init_req_opts(&reqctx->opts);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A reqctx->opts->require_eku = plgctx->opts->require_eku;
2N/A reqctx->opts->accept_secondary_eku = plgctx->opts->accept_secondary_eku;
2N/A reqctx->opts->dh_or_rsa = plgctx->opts->dh_or_rsa;
2N/A reqctx->opts->allow_upn = plgctx->opts->allow_upn;
2N/A reqctx->opts->require_crl_checking = plgctx->opts->require_crl_checking;
2N/A
2N/A retval = pkinit_init_req_crypto(&reqctx->cryptoctx);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A retval = pkinit_init_identity_crypto(&reqctx->idctx);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A retval = pkinit_dup_identity_opts(plgctx->idopts, &reqctx->idopts);
2N/A if (retval)
2N/A goto cleanup;
2N/A
2N/A *request_context = (void *) reqctx;
2N/A pkiDebug("%s: returning reqctx at %p\n", __FUNCTION__, reqctx);
2N/A
2N/Acleanup:
2N/A if (retval) {
2N/A if (reqctx->idctx != NULL)
2N/A pkinit_fini_identity_crypto(reqctx->idctx);
2N/A if (reqctx->cryptoctx != NULL)
2N/A pkinit_fini_req_crypto(reqctx->cryptoctx);
2N/A if (reqctx->opts != NULL)
2N/A pkinit_fini_req_opts(reqctx->opts);
2N/A if (reqctx->idopts != NULL)
2N/A pkinit_fini_identity_opts(reqctx->idopts);
2N/A free(reqctx);
2N/A }
2N/A
2N/A return;
2N/A}
2N/A
2N/Astatic void
2N/Apkinit_client_req_fini(krb5_context context,
2N/A void *plugin_context,
2N/A void *request_context)
2N/A{
2N/A pkinit_req_context reqctx = request_context;
2N/A
2N/A pkiDebug("%s: received reqctx at %p\n", __FUNCTION__, reqctx);
2N/A if (reqctx == NULL)
2N/A return;
2N/A if (reqctx->magic != PKINIT_REQ_CTX_MAGIC) {
2N/A pkiDebug("%s: Bad magic value (%x) in req ctx\n",
2N/A __FUNCTION__, reqctx->magic);
2N/A return;
2N/A }
2N/A if (reqctx->opts != NULL)
2N/A pkinit_fini_req_opts(reqctx->opts);
2N/A
2N/A if (reqctx->cryptoctx != NULL)
2N/A pkinit_fini_req_crypto(reqctx->cryptoctx);
2N/A
2N/A if (reqctx->idctx != NULL)
2N/A pkinit_fini_identity_crypto(reqctx->idctx);
2N/A
2N/A if (reqctx->idopts != NULL)
2N/A pkinit_fini_identity_opts(reqctx->idopts);
2N/A
2N/A free(reqctx);
2N/A return;
2N/A}
2N/A
2N/Astatic int
2N/Apkinit_client_plugin_init(krb5_context context, void **blob)
2N/A{
2N/A krb5_error_code retval = ENOMEM;
2N/A pkinit_context ctx = NULL;
2N/A
2N/A ctx = calloc(1, sizeof(*ctx));
2N/A if (ctx == NULL)
2N/A return ENOMEM;
2N/A memset(ctx, 0, sizeof(*ctx));
2N/A ctx->magic = PKINIT_CTX_MAGIC;
2N/A ctx->opts = NULL;
2N/A ctx->cryptoctx = NULL;
2N/A ctx->idopts = NULL;
2N/A
2N/A retval = pkinit_accessor_init();
2N/A if (retval)
2N/A goto errout;
2N/A
2N/A retval = pkinit_init_plg_opts(&ctx->opts);
2N/A if (retval)
2N/A goto errout;
2N/A
2N/A retval = pkinit_init_plg_crypto(&ctx->cryptoctx);
2N/A if (retval)
2N/A goto errout;
2N/A
2N/A retval = pkinit_init_identity_opts(&ctx->idopts);
2N/A if (retval)
2N/A goto errout;
2N/A
2N/A *blob = ctx;
2N/A
2N/A pkiDebug("%s: returning plgctx at %p\n", __FUNCTION__, ctx);
2N/A
2N/Aerrout:
2N/A if (retval)
2N/A pkinit_client_plugin_fini(context, ctx);
2N/A
2N/A return retval;
2N/A}
2N/A
2N/Astatic void
2N/Apkinit_client_plugin_fini(krb5_context context, void *blob)
2N/A{
2N/A pkinit_context ctx = blob;
2N/A
2N/A if (ctx == NULL || ctx->magic != PKINIT_CTX_MAGIC) {
2N/A pkiDebug("pkinit_lib_fini: got bad plgctx (%p)!\n", ctx);
2N/A return;
2N/A }
2N/A pkiDebug("%s: got plgctx at %p\n", __FUNCTION__, ctx);
2N/A
2N/A pkinit_fini_identity_opts(ctx->idopts);
2N/A pkinit_fini_plg_crypto(ctx->cryptoctx);
2N/A pkinit_fini_plg_opts(ctx->opts);
2N/A free(ctx);
2N/A
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Aadd_string_to_array(krb5_context context, char ***array, const char *addition)
2N/A{
2N/A char **out = NULL;
2N/A
2N/A if (*array == NULL) {
2N/A out = malloc(2 * sizeof(char *));
2N/A if (out == NULL)
2N/A return ENOMEM;
2N/A out[1] = NULL;
2N/A out[0] = strdup(addition);
2N/A if (out[0] == NULL) {
2N/A free(out);
2N/A return ENOMEM;
2N/A }
2N/A } else {
2N/A int i;
2N/A char **a = *array;
2N/A for (i = 0; a[i] != NULL; i++);
2N/A out = malloc( (i + 2) * sizeof(char *));
2N/A if (out == NULL)
2N/A return ENOMEM;
2N/A for (i = 0; a[i] != NULL; i++) {
2N/A out[i] = a[i];
2N/A }
2N/A out[i++] = strdup(addition);
2N/A if (out == NULL) {
2N/A free(out);
2N/A return ENOMEM;
2N/A }
2N/A out[i] = NULL;
2N/A free(*array);
2N/A }
2N/A *array = out;
2N/A
2N/A return 0;
2N/A}
2N/Astatic krb5_error_code
2N/Ahandle_gic_opt(krb5_context context,
2N/A pkinit_context plgctx,
2N/A const char *attr,
2N/A const char *value)
2N/A{
2N/A krb5_error_code retval;
2N/A
2N/A if (strcmp(attr, "X509_user_identity") == 0) {
2N/A if (plgctx->idopts->identity != NULL) {
2N/A krb5_set_error_message(context, KRB5_PREAUTH_FAILED,
2N/A "X509_user_identity can not be given twice\n");
2N/A return KRB5_PREAUTH_FAILED;
2N/A }
2N/A plgctx->idopts->identity = strdup(value);
2N/A if (plgctx->idopts->identity == NULL) {
2N/A krb5_set_error_message(context, ENOMEM,
2N/A "Could not duplicate X509_user_identity value\n");
2N/A return ENOMEM;
2N/A }
2N/A } else if (strcmp(attr, "X509_anchors") == 0) {
2N/A retval = add_string_to_array(context, &plgctx->idopts->anchors, value);
2N/A if (retval)
2N/A return retval;
2N/A } else if (strcmp(attr, "flag_RSA_PROTOCOL") == 0) {
2N/A if (strcmp(value, "yes") == 0) {
2N/A pkiDebug("Setting flag to use RSA_PROTOCOL\n");
2N/A plgctx->opts->dh_or_rsa = RSA_PROTOCOL;
2N/A }
2N/A } else if (strcmp(attr, "PIN") == 0) {
2N/A /* Solaris Kerberos: handle our PIN attr */
2N/A plgctx->idopts->PIN = strdup(value);
2N/A if (plgctx->idopts->PIN == NULL)
2N/A return ENOMEM;
2N/A }
2N/A return 0;
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Apkinit_client_gic_opt(krb5_context context,
2N/A void *plugin_context,
2N/A krb5_get_init_creds_opt *gic_opt,
2N/A const char *attr,
2N/A const char *value)
2N/A{
2N/A krb5_error_code retval;
2N/A pkinit_context plgctx = plugin_context;
2N/A
2N/A pkiDebug("(pkinit) received '%s' = '%s'\n", attr, value);
2N/A retval = handle_gic_opt(context, plgctx, attr, value);
2N/A if (retval)
2N/A return retval;
2N/A
2N/A return 0;
2N/A}
2N/A
2N/A/* Only necessary for static plugin linking support. */
2N/A#include "k5-plugin.h"
2N/A
2N/Astruct krb5plugin_preauth_client_ftable_v1
2N/APLUGIN_SYMBOL_NAME(krb5_preauth, preauthentication_client_1) = {
2N/A "pkinit", /* name */
2N/A supported_client_pa_types, /* pa_type_list */
2N/A NULL, /* enctype_list */
2N/A pkinit_client_plugin_init, /* (*init) */
2N/A pkinit_client_plugin_fini, /* (*fini) */
2N/A pkinit_client_get_flags, /* (*flags) */
2N/A pkinit_client_req_init, /* (*client_req_init) */
2N/A pkinit_client_req_fini, /* (*client_req_fini) */
2N/A pkinit_client_process, /* (*process) */
2N/A pkinit_client_tryagain, /* (*tryagain) */
2N/A pkinit_client_gic_opt /* (*gic_opt) */
2N/A};