+++ /dev/null
-/*
- * Copyright (c) 2003 - 2016 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kdc_locl.h"
-
-#ifdef PKINIT
-
-#include <heim_asn1.h>
-#include <rfc2459_asn1.h>
-#include <cms_asn1.h>
-#include <pkinit_asn1.h>
-
-#include <hx509.h>
-#include "crypto-headers.h"
-
-struct pk_client_params {
- enum krb5_pk_type type;
- enum keyex_enum keyex;
- union {
- struct {
- BIGNUM *public_key;
- DH *key;
- } dh;
- struct {
- void *public_key;
- void *key;
- } ecdh;
- } u;
- hx509_cert cert;
- krb5_timestamp endtime;
- krb5_timestamp max_life;
- unsigned nonce;
- EncryptionKey reply_key;
- char *dh_group_name;
- hx509_peer_info peer;
- hx509_certs client_anchors;
- hx509_verify_ctx verify_ctx;
-};
-
-struct pk_principal_mapping {
- unsigned int len;
- struct pk_allowed_princ {
- krb5_principal principal;
- char *subject;
- } *val;
-};
-
-static struct krb5_pk_identity *kdc_identity;
-static struct pk_principal_mapping principal_mappings;
-static struct krb5_dh_moduli **moduli;
-
-static struct {
- krb5_data data;
- time_t expire;
- time_t next_update;
-} ocsp;
-
-/*
- *
- */
-
-static krb5_error_code
-pk_check_pkauthenticator_win2k(krb5_context context,
- PKAuthenticator_Win2k *a,
- const KDC_REQ *req)
-{
- krb5_timestamp now;
-
- krb5_timeofday (context, &now);
-
- /* XXX cusec */
- if (a->ctime == 0 || labs(a->ctime - now) > context->max_skew) {
- krb5_clear_error_message(context);
- return KRB5KRB_AP_ERR_SKEW;
- }
- return 0;
-}
-
-static krb5_error_code
-pk_check_pkauthenticator(krb5_context context,
- PKAuthenticator *a,
- const KDC_REQ *req)
-{
- krb5_error_code ret;
- krb5_timestamp now;
- Checksum checksum;
-
- krb5_timeofday (context, &now);
-
- /* XXX cusec */
- if (a->ctime == 0 || labs(a->ctime - now) > context->max_skew) {
- krb5_clear_error_message(context);
- return KRB5KRB_AP_ERR_SKEW;
- }
-
- ret = krb5_create_checksum(context,
- NULL,
- 0,
- CKSUMTYPE_SHA1,
- req->req_body._save.data,
- req->req_body._save.length,
- &checksum);
- if (ret) {
- krb5_clear_error_message(context);
- return ret;
- }
-
- if (a->paChecksum == NULL) {
- krb5_clear_error_message(context);
- ret = KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED;
- goto out;
- }
-
- if (der_heim_octet_string_cmp(a->paChecksum, &checksum.checksum) != 0) {
- krb5_clear_error_message(context);
- ret = KRB5KRB_ERR_GENERIC;
- }
-
-out:
- free_Checksum(&checksum);
-
- return ret;
-}
-
-void
-_kdc_pk_free_client_param(krb5_context context, pk_client_params *cp)
-{
- if (cp == NULL)
- return;
- if (cp->cert)
- hx509_cert_free(cp->cert);
- if (cp->verify_ctx)
- hx509_verify_destroy_ctx(cp->verify_ctx);
- if (cp->keyex == USE_DH) {
- if (cp->u.dh.key)
- DH_free(cp->u.dh.key);
- if (cp->u.dh.public_key)
- BN_free(cp->u.dh.public_key);
- }
- if (cp->keyex == USE_ECDH)
- _kdc_pk_free_client_ec_param(context, cp->u.ecdh.key,
- cp->u.ecdh.public_key);
- krb5_free_keyblock_contents(context, &cp->reply_key);
- if (cp->dh_group_name)
- free(cp->dh_group_name);
- if (cp->peer)
- hx509_peer_info_free(cp->peer);
- if (cp->client_anchors)
- hx509_certs_free(&cp->client_anchors);
- memset(cp, 0, sizeof(*cp));
- free(cp);
-}
-
-static krb5_error_code
-generate_dh_keyblock(krb5_context context,
- pk_client_params *client_params,
- krb5_enctype enctype)
-{
- unsigned char *dh_gen_key = NULL;
- krb5_keyblock key;
- krb5_error_code ret;
- size_t dh_gen_keylen, size;
-
- memset(&key, 0, sizeof(key));
-
- if (client_params->keyex == USE_DH) {
-
- if (client_params->u.dh.public_key == NULL) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret, "missing DH public_key");
- goto out;
- }
-
- if (!DH_generate_key(client_params->u.dh.key)) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret,
- "Can't generate Diffie-Hellman keys");
- goto out;
- }
-
- size = DH_size(client_params->u.dh.key);
-
- dh_gen_key = malloc(size);
- if (dh_gen_key == NULL) {
- ret = ENOMEM;
- krb5_set_error_message(context, ret, "malloc: out of memory");
- goto out;
- }
-
- dh_gen_keylen = DH_compute_key(dh_gen_key,client_params->u.dh.public_key, client_params->u.dh.key);
- if (dh_gen_keylen == (size_t)-1) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret,
- "Can't compute Diffie-Hellman key");
- goto out;
- }
- if (dh_gen_keylen < size) {
- size -= dh_gen_keylen;
- memmove(dh_gen_key + size, dh_gen_key, dh_gen_keylen);
- memset(dh_gen_key, 0, size);
- }
-
- ret = 0;
- } else if (client_params->keyex == USE_ECDH) {
- if (client_params->u.ecdh.public_key == NULL) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret, "missing ECDH public_key");
- goto out;
- }
- ret = _kdc_generate_ecdh_keyblock(context,
- client_params->u.ecdh.public_key,
- &client_params->u.ecdh.key,
- &dh_gen_key, &dh_gen_keylen);
- if (ret)
- goto out;
- } else {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret,
- "Diffie-Hellman not selected keys");
- goto out;
- }
-
- ret = _krb5_pk_octetstring2key(context,
- enctype,
- dh_gen_key, dh_gen_keylen,
- NULL, NULL,
- &client_params->reply_key);
-
- out:
- if (dh_gen_key)
- free(dh_gen_key);
- if (key.keyvalue.data)
- krb5_free_keyblock_contents(context, &key);
-
- return ret;
-}
-
-static BIGNUM *
-integer_to_BN(krb5_context context, const char *field, heim_integer *f)
-{
- BIGNUM *bn;
-
- bn = BN_bin2bn((const unsigned char *)f->data, f->length, NULL);
- if (bn == NULL) {
- krb5_set_error_message(context, KRB5_BADMSGTYPE,
- "PKINIT: parsing BN failed %s", field);
- return NULL;
- }
- BN_set_negative(bn, f->negative);
- return bn;
-}
-
-static krb5_error_code
-get_dh_param(krb5_context context,
- krb5_kdc_configuration *config,
- SubjectPublicKeyInfo *dh_key_info,
- pk_client_params *client_params)
-{
- DomainParameters dhparam;
- DH *dh = NULL;
- krb5_error_code ret;
-
- memset(&dhparam, 0, sizeof(dhparam));
-
- if ((dh_key_info->subjectPublicKey.length % 8) != 0) {
- ret = KRB5_BADMSGTYPE;
- krb5_set_error_message(context, ret,
- "PKINIT: subjectPublicKey not aligned "
- "to 8 bit boundary");
- goto out;
- }
-
- if (dh_key_info->algorithm.parameters == NULL) {
- krb5_set_error_message(context, KRB5_BADMSGTYPE,
- "PKINIT missing algorithm parameter "
- "in clientPublicValue");
- return KRB5_BADMSGTYPE;
- }
-
- ret = decode_DomainParameters(dh_key_info->algorithm.parameters->data,
- dh_key_info->algorithm.parameters->length,
- &dhparam,
- NULL);
- if (ret) {
- krb5_set_error_message(context, ret, "Can't decode algorithm "
- "parameters in clientPublicValue");
- goto out;
- }
-
- ret = _krb5_dh_group_ok(context, config->pkinit_dh_min_bits,
- &dhparam.p, &dhparam.g, dhparam.q, moduli,
- &client_params->dh_group_name);
- if (ret) {
- /* XXX send back proposal of better group */
- goto out;
- }
-
- dh = DH_new();
- if (dh == NULL) {
- ret = ENOMEM;
- krb5_set_error_message(context, ret, "Cannot create DH structure");
- goto out;
- }
- ret = KRB5_BADMSGTYPE;
- dh->p = integer_to_BN(context, "DH prime", &dhparam.p);
- if (dh->p == NULL)
- goto out;
- dh->g = integer_to_BN(context, "DH base", &dhparam.g);
- if (dh->g == NULL)
- goto out;
-
- if (dhparam.q) {
- dh->q = integer_to_BN(context, "DH p-1 factor", dhparam.q);
- if (dh->q == NULL)
- goto out;
- }
-
- {
- heim_integer glue;
- size_t size;
-
- ret = decode_DHPublicKey(dh_key_info->subjectPublicKey.data,
- dh_key_info->subjectPublicKey.length / 8,
- &glue,
- &size);
- if (ret) {
- krb5_clear_error_message(context);
- return ret;
- }
-
- client_params->u.dh.public_key = integer_to_BN(context,
- "subjectPublicKey",
- &glue);
- der_free_heim_integer(&glue);
- if (client_params->u.dh.public_key == NULL) {
- ret = KRB5_BADMSGTYPE;
- goto out;
- }
- }
-
- client_params->u.dh.key = dh;
- dh = NULL;
- ret = 0;
-
- out:
- if (dh)
- DH_free(dh);
- free_DomainParameters(&dhparam);
- return ret;
-}
-
-krb5_error_code
-_kdc_pk_rd_padata(astgs_request_t priv,
- const PA_DATA *pa,
- pk_client_params **ret_params)
-{
- /* XXXrcd: we use priv vs r due to a conflict */
- krb5_context context = priv->context;
- krb5_kdc_configuration *config = priv->config;
- const KDC_REQ *req = &priv->req;
- hdb_entry_ex *client = priv->client;
- pk_client_params *cp;
- krb5_error_code ret;
- heim_oid eContentType = { 0, NULL }, contentInfoOid = { 0, NULL };
- krb5_data eContent = { 0, NULL };
- krb5_data signed_content = { 0, NULL };
- const char *type = "unknown type";
- hx509_certs trust_anchors;
- int have_data = 0;
- const HDB_Ext_PKINIT_cert *pc;
-
- *ret_params = NULL;
-
- if (!config->enable_pkinit) {
- kdc_log(context, config, 0, "PKINIT request but PKINIT not enabled");
- krb5_clear_error_message(context);
- return 0;
- }
-
- cp = calloc(1, sizeof(*cp));
- if (cp == NULL) {
- krb5_clear_error_message(context);
- ret = ENOMEM;
- goto out;
- }
-
- ret = hx509_certs_init(context->hx509ctx,
- "MEMORY:trust-anchors",
- 0, NULL, &trust_anchors);
- if (ret) {
- krb5_set_error_message(context, ret, "failed to create trust anchors");
- goto out;
- }
-
- ret = hx509_certs_merge(context->hx509ctx, trust_anchors,
- kdc_identity->anchors);
- if (ret) {
- hx509_certs_free(&trust_anchors);
- krb5_set_error_message(context, ret, "failed to create verify context");
- goto out;
- }
-
- /* Add any registered certificates for this client as trust anchors */
- ret = hdb_entry_get_pkinit_cert(&client->entry, &pc);
- if (ret == 0 && pc != NULL) {
- hx509_cert cert;
- unsigned int i;
-
- for (i = 0; i < pc->len; i++) {
- cert = hx509_cert_init_data(context->hx509ctx,
- pc->val[i].cert.data,
- pc->val[i].cert.length,
- NULL);
- if (cert == NULL)
- continue;
- hx509_certs_add(context->hx509ctx, trust_anchors, cert);
- hx509_cert_free(cert);
- }
- }
-
- ret = hx509_verify_init_ctx(context->hx509ctx, &cp->verify_ctx);
- if (ret) {
- hx509_certs_free(&trust_anchors);
- krb5_set_error_message(context, ret, "failed to create verify context");
- goto out;
- }
-
- hx509_verify_set_time(cp->verify_ctx, kdc_time);
- hx509_verify_attach_anchors(cp->verify_ctx, trust_anchors);
- hx509_certs_free(&trust_anchors);
-
- if (config->pkinit_allow_proxy_certs)
- hx509_verify_set_proxy_certificate(cp->verify_ctx, 1);
-
- if (pa->padata_type == KRB5_PADATA_PK_AS_REQ_WIN) {
- PA_PK_AS_REQ_Win2k r;
-
- type = "PK-INIT-Win2k";
-
- if (_kdc_is_anonymous(context, client->entry.principal)) {
- ret = KRB5_KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED;
- krb5_set_error_message(context, ret,
- "Anonymous client not supported in RSA mode");
- goto out;
- }
-
- ret = decode_PA_PK_AS_REQ_Win2k(pa->padata_value.data,
- pa->padata_value.length,
- &r,
- NULL);
- if (ret) {
- krb5_set_error_message(context, ret, "Can't decode "
- "PK-AS-REQ-Win2k: %d", ret);
- goto out;
- }
-
- ret = hx509_cms_unwrap_ContentInfo(&r.signed_auth_pack,
- &contentInfoOid,
- &signed_content,
- &have_data);
- free_PA_PK_AS_REQ_Win2k(&r);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Can't unwrap ContentInfo(win): %d", ret);
- goto out;
- }
-
- } else if (pa->padata_type == KRB5_PADATA_PK_AS_REQ) {
- PA_PK_AS_REQ r;
-
- type = "PK-INIT-IETF";
-
- ret = decode_PA_PK_AS_REQ(pa->padata_value.data,
- pa->padata_value.length,
- &r,
- NULL);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Can't decode PK-AS-REQ: %d", ret);
- goto out;
- }
-
- /* XXX look at r.kdcPkId */
- if (r.trustedCertifiers) {
- ExternalPrincipalIdentifiers *edi = r.trustedCertifiers;
- unsigned int i, maxedi;
-
- ret = hx509_certs_init(context->hx509ctx,
- "MEMORY:client-anchors",
- 0, NULL,
- &cp->client_anchors);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Can't allocate client anchors: %d",
- ret);
- goto out;
-
- }
- /*
- * If the client sent more then 10 EDI, don't bother
- * looking more then 10 of performance reasons.
- */
- maxedi = edi->len;
- if (maxedi > 10)
- maxedi = 10;
- for (i = 0; i < maxedi; i++) {
- IssuerAndSerialNumber iasn;
- hx509_query *q;
- hx509_cert cert;
- size_t size;
-
- if (edi->val[i].issuerAndSerialNumber == NULL)
- continue;
-
- ret = hx509_query_alloc(context->hx509ctx, &q);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Failed to allocate hx509_query");
- goto out;
- }
-
- ret = decode_IssuerAndSerialNumber(edi->val[i].issuerAndSerialNumber->data,
- edi->val[i].issuerAndSerialNumber->length,
- &iasn,
- &size);
- if (ret) {
- hx509_query_free(context->hx509ctx, q);
- continue;
- }
- ret = hx509_query_match_issuer_serial(q, &iasn.issuer, &iasn.serialNumber);
- free_IssuerAndSerialNumber(&iasn);
- if (ret) {
- hx509_query_free(context->hx509ctx, q);
- continue;
- }
-
- ret = hx509_certs_find(context->hx509ctx,
- kdc_identity->certs,
- q,
- &cert);
- hx509_query_free(context->hx509ctx, q);
- if (ret)
- continue;
- hx509_certs_add(context->hx509ctx,
- cp->client_anchors, cert);
- hx509_cert_free(cert);
- }
- }
-
- ret = hx509_cms_unwrap_ContentInfo(&r.signedAuthPack,
- &contentInfoOid,
- &signed_content,
- &have_data);
- free_PA_PK_AS_REQ(&r);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Can't unwrap ContentInfo: %d", ret);
- goto out;
- }
-
- } else {
- krb5_clear_error_message(context);
- ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP;
- goto out;
- }
-
- ret = der_heim_oid_cmp(&contentInfoOid, &asn1_oid_id_pkcs7_signedData);
- if (ret != 0) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret,
- "PK-AS-REQ-Win2k invalid content type oid");
- goto out;
- }
-
- if (!have_data) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret,
- "PK-AS-REQ-Win2k no signed auth pack");
- goto out;
- }
-
- {
- hx509_certs signer_certs;
- int flags = HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH; /* BTMM */
-
- if (_kdc_is_anonymous(context, client->entry.principal)
- || (config->historical_anon_realm && _kdc_is_anon_request(req)))
- flags |= HX509_CMS_VS_ALLOW_ZERO_SIGNER;
-
- ret = hx509_cms_verify_signed(context->hx509ctx,
- cp->verify_ctx,
- flags,
- signed_content.data,
- signed_content.length,
- NULL,
- kdc_identity->certpool,
- &eContentType,
- &eContent,
- &signer_certs);
- if (ret) {
- char *s = hx509_get_error_string(context->hx509ctx, ret);
- krb5_warnx(context, "PKINIT: failed to verify signature: %s: %d",
- s, ret);
- free(s);
- goto out;
- }
-
- if (signer_certs) {
- ret = hx509_get_one_cert(context->hx509ctx, signer_certs,
- &cp->cert);
- hx509_certs_free(&signer_certs);
- }
- if (ret)
- goto out;
- }
-
- /* Signature is correct, now verify the signed message */
- if (der_heim_oid_cmp(&eContentType, &asn1_oid_id_pkcs7_data) != 0 &&
- der_heim_oid_cmp(&eContentType, &asn1_oid_id_pkauthdata) != 0)
- {
- ret = KRB5_BADMSGTYPE;
- krb5_set_error_message(context, ret, "got wrong oid for PK AuthData");
- goto out;
- }
-
- if (pa->padata_type == KRB5_PADATA_PK_AS_REQ_WIN) {
- AuthPack_Win2k ap;
-
- ret = decode_AuthPack_Win2k(eContent.data,
- eContent.length,
- &ap,
- NULL);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Can't decode AuthPack: %d", ret);
- goto out;
- }
-
- ret = pk_check_pkauthenticator_win2k(context,
- &ap.pkAuthenticator,
- req);
- if (ret) {
- free_AuthPack_Win2k(&ap);
- goto out;
- }
-
- cp->type = PKINIT_WIN2K;
- cp->nonce = ap.pkAuthenticator.nonce;
-
- if (ap.clientPublicValue) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(context, ret,
- "DH not supported for Win2k");
- goto out;
- }
- free_AuthPack_Win2k(&ap);
-
- } else if (pa->padata_type == KRB5_PADATA_PK_AS_REQ) {
- AuthPack ap;
-
- ret = decode_AuthPack(eContent.data,
- eContent.length,
- &ap,
- NULL);
- if (ret) {
- krb5_set_error_message(context, ret,
- "Can't decode AuthPack: %d", ret);
- free_AuthPack(&ap);
- goto out;
- }
-
- if (_kdc_is_anonymous(context, client->entry.principal) &&
- ap.clientPublicValue == NULL) {
- free_AuthPack(&ap);
- ret = KRB5_KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED;
- krb5_set_error_message(context, ret,
- "Anonymous client not supported in RSA mode");
- goto out;
- }
-
- ret = pk_check_pkauthenticator(context,
- &ap.pkAuthenticator,
- req);
- if (ret) {
- free_AuthPack(&ap);
- goto out;
- }
-
- cp->type = PKINIT_27;
- cp->nonce = ap.pkAuthenticator.nonce;
-
- if (ap.clientPublicValue) {
- if (der_heim_oid_cmp(&ap.clientPublicValue->algorithm.algorithm, &asn1_oid_id_dhpublicnumber) == 0) {
- cp->keyex = USE_DH;
- ret = get_dh_param(context, config,
- ap.clientPublicValue, cp);
- } else if (der_heim_oid_cmp(&ap.clientPublicValue->algorithm.algorithm, &asn1_oid_id_ecPublicKey) == 0) {
- cp->keyex = USE_ECDH;
- ret = _kdc_get_ecdh_param(context, config,
- ap.clientPublicValue,
- &cp->u.ecdh.public_key);
- } else {
- ret = KRB5_BADMSGTYPE;
- krb5_set_error_message(context, ret,
- "PKINIT unknown DH mechanism");
- }
- if (ret) {
- free_AuthPack(&ap);
- goto out;
- }
- } else
- cp->keyex = USE_RSA;
-
- ret = hx509_peer_info_alloc(context->hx509ctx,
- &cp->peer);
- if (ret) {
- free_AuthPack(&ap);
- goto out;
- }
-
- if (ap.supportedCMSTypes) {
- ret = hx509_peer_info_set_cms_algs(context->hx509ctx,
- cp->peer,
- ap.supportedCMSTypes->val,
- ap.supportedCMSTypes->len);
- if (ret) {
- free_AuthPack(&ap);
- goto out;
- }
- } else {
- /* assume old client */
- hx509_peer_info_add_cms_alg(context->hx509ctx, cp->peer,
- hx509_crypto_des_rsdi_ede3_cbc());
- hx509_peer_info_add_cms_alg(context->hx509ctx, cp->peer,
- hx509_signature_rsa_with_sha1());
- hx509_peer_info_add_cms_alg(context->hx509ctx, cp->peer,
- hx509_signature_sha1());
- }
- free_AuthPack(&ap);
- } else
- krb5_abortx(context, "internal pkinit error");
-
- kdc_log(context, config, 0, "PKINIT request of type %s", type);
-
-out:
- if (ret)
- krb5_warn(context, ret, "PKINIT");
-
- if (signed_content.data)
- free(signed_content.data);
- krb5_data_free(&eContent);
- der_free_oid(&eContentType);
- der_free_oid(&contentInfoOid);
- if (ret) {
- _kdc_pk_free_client_param(context, cp);
- } else
- *ret_params = cp;
- return ret;
-}
-
-krb5_timestamp
-_kdc_pk_endtime(pk_client_params *pkp)
-{
- return pkp->endtime;
-}
-
-krb5_timestamp
-_kdc_pk_max_life(pk_client_params *pkp)
-{
- return pkp->max_life;
-}
-
-/*
- *
- */
-
-static krb5_error_code
-BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer)
-{
- integer->length = BN_num_bytes(bn);
- integer->data = malloc(integer->length);
- if (integer->data == NULL) {
- krb5_clear_error_message(context);
- return ENOMEM;
- }
- BN_bn2bin(bn, integer->data);
- integer->negative = BN_is_negative(bn);
- return 0;
-}
-
-static krb5_error_code
-pk_mk_pa_reply_enckey(krb5_context context,
- krb5_kdc_configuration *config,
- pk_client_params *cp,
- const KDC_REQ *req,
- const krb5_data *req_buffer,
- krb5_keyblock *reply_key,
- ContentInfo *content_info,
- hx509_cert *kdc_cert)
-{
- const heim_oid *envelopedAlg = NULL, *sdAlg = NULL, *evAlg = NULL;
- krb5_error_code ret;
- krb5_data buf, signed_data;
- size_t size = 0;
- int do_win2k = 0;
-
- krb5_data_zero(&buf);
- krb5_data_zero(&signed_data);
-
- *kdc_cert = NULL;
-
- /*
- * If the message client is a win2k-type but it send pa data
- * 09-binding it expects a IETF (checksum) reply so there can be
- * no replay attacks.
- */
-
- switch (cp->type) {
- case PKINIT_WIN2K: {
- int i = 0;
- if (_kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_09_BINDING) == NULL
- && config->pkinit_require_binding == 0)
- {
- do_win2k = 1;
- }
- sdAlg = &asn1_oid_id_pkcs7_data;
- evAlg = &asn1_oid_id_pkcs7_data;
- envelopedAlg = &asn1_oid_id_rsadsi_des_ede3_cbc;
- break;
- }
- case PKINIT_27:
- sdAlg = &asn1_oid_id_pkrkeydata;
- evAlg = &asn1_oid_id_pkcs7_signedData;
- break;
- default:
- krb5_abortx(context, "internal pkinit error");
- }
-
- if (do_win2k) {
- ReplyKeyPack_Win2k kp;
- memset(&kp, 0, sizeof(kp));
-
- ret = copy_EncryptionKey(reply_key, &kp.replyKey);
- if (ret) {
- krb5_clear_error_message(context);
- goto out;
- }
- kp.nonce = cp->nonce;
-
- ASN1_MALLOC_ENCODE(ReplyKeyPack_Win2k,
- buf.data, buf.length,
- &kp, &size,ret);
- free_ReplyKeyPack_Win2k(&kp);
- } else {
- krb5_crypto ascrypto;
- ReplyKeyPack kp;
- memset(&kp, 0, sizeof(kp));
-
- ret = copy_EncryptionKey(reply_key, &kp.replyKey);
- if (ret) {
- krb5_clear_error_message(context);
- goto out;
- }
-
- ret = krb5_crypto_init(context, reply_key, 0, &ascrypto);
- if (ret) {
- krb5_clear_error_message(context);
- goto out;
- }
-
- ret = krb5_create_checksum(context, ascrypto, 6, 0,
- req_buffer->data, req_buffer->length,
- &kp.asChecksum);
- if (ret) {
- krb5_clear_error_message(context);
- goto out;
- }
-
- ret = krb5_crypto_destroy(context, ascrypto);
- if (ret) {
- krb5_clear_error_message(context);
- goto out;
- }
- ASN1_MALLOC_ENCODE(ReplyKeyPack, buf.data, buf.length, &kp, &size,ret);
- free_ReplyKeyPack(&kp);
- }
- if (ret) {
- krb5_set_error_message(context, ret, "ASN.1 encoding of ReplyKeyPack "
- "failed (%d)", ret);
- goto out;
- }
- if (buf.length != size)
- krb5_abortx(context, "Internal ASN.1 encoder error");
-
- {
- hx509_query *q;
- hx509_cert cert;
-
- ret = hx509_query_alloc(context->hx509ctx, &q);
- if (ret)
- goto out;
-
- hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY);
- if (config->pkinit_kdc_friendly_name)
- hx509_query_match_friendly_name(q, config->pkinit_kdc_friendly_name);
-
- ret = hx509_certs_find(context->hx509ctx,
- kdc_identity->certs,
- q,
- &cert);
- hx509_query_free(context->hx509ctx, q);
- if (ret)
- goto out;
-
- ret = hx509_cms_create_signed_1(context->hx509ctx,
- 0,
- sdAlg,
- buf.data,
- buf.length,
- NULL,
- cert,
- cp->peer,
- cp->client_anchors,
- kdc_identity->certpool,
- &signed_data);
- *kdc_cert = cert;
- }
-
- krb5_data_free(&buf);
- if (ret)
- goto out;
-
- if (cp->type == PKINIT_WIN2K) {
- ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_signedData,
- &signed_data,
- &buf);
- if (ret)
- goto out;
- krb5_data_free(&signed_data);
- signed_data = buf;
- }
-
- ret = hx509_cms_envelope_1(context->hx509ctx,
- HX509_CMS_EV_NO_KU_CHECK,
- cp->cert,
- signed_data.data, signed_data.length,
- envelopedAlg,
- evAlg, &buf);
- if (ret)
- goto out;
-
- ret = _krb5_pk_mk_ContentInfo(context,
- &buf,
- &asn1_oid_id_pkcs7_envelopedData,
- content_info);
-out:
- if (ret && *kdc_cert) {
- hx509_cert_free(*kdc_cert);
- *kdc_cert = NULL;
- }
-
- krb5_data_free(&buf);
- krb5_data_free(&signed_data);
- return ret;
-}
-
-/*
- *
- */
-
-static krb5_error_code
-pk_mk_pa_reply_dh(krb5_context context,
- krb5_kdc_configuration *config,
- pk_client_params *cp,
- ContentInfo *content_info,
- hx509_cert *kdc_cert)
-{
- KDCDHKeyInfo dh_info;
- krb5_data signed_data, buf;
- ContentInfo contentinfo;
- krb5_error_code ret;
- hx509_cert cert;
- hx509_query *q;
- size_t size = 0;
-
- memset(&contentinfo, 0, sizeof(contentinfo));
- memset(&dh_info, 0, sizeof(dh_info));
- krb5_data_zero(&signed_data);
- krb5_data_zero(&buf);
-
- *kdc_cert = NULL;
-
- if (cp->keyex == USE_DH) {
- DH *kdc_dh = cp->u.dh.key;
- heim_integer i;
-
- ret = BN_to_integer(context, kdc_dh->pub_key, &i);
- if (ret)
- return ret;
-
- ASN1_MALLOC_ENCODE(DHPublicKey, buf.data, buf.length, &i, &size, ret);
- der_free_heim_integer(&i);
- if (ret) {
- krb5_set_error_message(context, ret, "ASN.1 encoding of "
- "DHPublicKey failed (%d)", ret);
- return ret;
- }
- if (buf.length != size)
- krb5_abortx(context, "Internal ASN.1 encoder error");
-
- dh_info.subjectPublicKey.length = buf.length * 8;
- dh_info.subjectPublicKey.data = buf.data;
- krb5_data_zero(&buf);
- } else if (cp->keyex == USE_ECDH) {
- unsigned char *p;
- ret = _kdc_serialize_ecdh_key(context, cp->u.ecdh.key, &p,
- &dh_info.subjectPublicKey.length);
- dh_info.subjectPublicKey.data = p;
- if (ret)
- goto out;
- } else
- krb5_abortx(context, "no keyex selected ?");
-
-
- dh_info.nonce = cp->nonce;
-
- ASN1_MALLOC_ENCODE(KDCDHKeyInfo, buf.data, buf.length, &dh_info, &size,
- ret);
- if (ret) {
- krb5_set_error_message(context, ret, "ASN.1 encoding of "
- "KdcDHKeyInfo failed (%d)", ret);
- goto out;
- }
- if (buf.length != size)
- krb5_abortx(context, "Internal ASN.1 encoder error");
-
- /*
- * Create the SignedData structure and sign the KdcDHKeyInfo
- * filled in above
- */
-
- ret = hx509_query_alloc(context->hx509ctx, &q);
- if (ret)
- goto out;
-
- hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY);
- if (config->pkinit_kdc_friendly_name)
- hx509_query_match_friendly_name(q, config->pkinit_kdc_friendly_name);
-
- ret = hx509_certs_find(context->hx509ctx,
- kdc_identity->certs,
- q,
- &cert);
- hx509_query_free(context->hx509ctx, q);
- if (ret)
- goto out;
-
- ret = hx509_cms_create_signed_1(context->hx509ctx,
- 0,
- &asn1_oid_id_pkdhkeydata,
- buf.data,
- buf.length,
- NULL,
- cert,
- cp->peer,
- cp->client_anchors,
- kdc_identity->certpool,
- &signed_data);
- if (ret) {
- kdc_log(context, config, 0, "Failed signing the DH* reply: %d", ret);
- goto out;
- }
- *kdc_cert = cert;
-
- ret = _krb5_pk_mk_ContentInfo(context,
- &signed_data,
- &asn1_oid_id_pkcs7_signedData,
- content_info);
- if (ret)
- goto out;
-
- out:
- if (ret && *kdc_cert) {
- hx509_cert_free(*kdc_cert);
- *kdc_cert = NULL;
- }
-
- krb5_data_free(&buf);
- krb5_data_free(&signed_data);
- free_KDCDHKeyInfo(&dh_info);
-
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code
-_kdc_pk_mk_pa_reply(astgs_request_t r, pk_client_params *cp)
-{
- krb5_kdc_configuration *config = r->config;
- krb5_enctype sessionetype = r->sessionetype;
- const KDC_REQ *req = &r->req;
- const krb5_data *req_buffer = &r->request;
- krb5_keyblock *reply_key = &r->reply_key;
- krb5_keyblock *sessionkey = &r->session_key;
- METHOD_DATA *md = r->rep.padata;
- krb5_error_code ret;
- void *buf = NULL;
- size_t len = 0, size = 0;
- krb5_enctype enctype;
- int pa_type;
- hx509_cert kdc_cert = NULL;
- size_t i;
-
- if (!config->enable_pkinit) {
- krb5_clear_error_message(r->context);
- return 0;
- }
-
- if (req->req_body.etype.len > 0) {
- for (i = 0; i < req->req_body.etype.len; i++)
- if (krb5_enctype_valid(r->context, req->req_body.etype.val[i]) == 0)
- break;
- if (req->req_body.etype.len <= i) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(r->context, ret,
- "No valid enctype available from client");
- goto out;
- }
- enctype = req->req_body.etype.val[i];
- } else
- enctype = ETYPE_DES3_CBC_SHA1;
-
- if (cp->type == PKINIT_27) {
- PA_PK_AS_REP rep;
- const char *type, *other = "";
-
- memset(&rep, 0, sizeof(rep));
-
- pa_type = KRB5_PADATA_PK_AS_REP;
-
- if (cp->keyex == USE_RSA) {
- ContentInfo info;
-
- type = "enckey";
-
- rep.element = choice_PA_PK_AS_REP_encKeyPack;
-
- ret = krb5_generate_random_keyblock(r->context, enctype,
- &cp->reply_key);
- if (ret) {
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- ret = pk_mk_pa_reply_enckey(r->context,
- config,
- cp,
- req,
- req_buffer,
- &cp->reply_key,
- &info,
- &kdc_cert);
- if (ret) {
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data,
- rep.u.encKeyPack.length, &info, &size,
- ret);
- free_ContentInfo(&info);
- if (ret) {
- krb5_set_error_message(r->context, ret, "encoding of Key ContentInfo "
- "failed %d", ret);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- if (rep.u.encKeyPack.length != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
-
- ret = krb5_generate_random_keyblock(r->context, sessionetype,
- sessionkey);
- if (ret) {
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
-
- } else {
- ContentInfo info;
-
- switch (cp->keyex) {
- case USE_DH: type = "dh"; break;
- case USE_ECDH: type = "ecdh"; break;
- default: krb5_abortx(r->context, "unknown keyex"); break;
- }
-
- if (cp->dh_group_name)
- other = cp->dh_group_name;
-
- rep.element = choice_PA_PK_AS_REP_dhInfo;
-
- ret = generate_dh_keyblock(r->context, cp, enctype);
- if (ret)
- return ret;
-
- ret = pk_mk_pa_reply_dh(r->context, config,
- cp,
- &info,
- &kdc_cert);
- if (ret) {
- free_PA_PK_AS_REP(&rep);
- krb5_set_error_message(r->context, ret,
- "create pa-reply-dh "
- "failed %d", ret);
- goto out;
- }
-
- ASN1_MALLOC_ENCODE(ContentInfo, rep.u.dhInfo.dhSignedData.data,
- rep.u.dhInfo.dhSignedData.length, &info, &size,
- ret);
- free_ContentInfo(&info);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "encoding of Key ContentInfo "
- "failed %d", ret);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- if (rep.u.encKeyPack.length != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
-
- /* generate the session key using the method from RFC6112 */
- {
- krb5_keyblock kdc_contribution_key;
- krb5_crypto reply_crypto;
- krb5_crypto kdccont_crypto;
- krb5_data p1 = { strlen("PKINIT"), "PKINIT"};
- krb5_data p2 = { strlen("KEYEXCHANGE"), "KEYEXCHANGE"};
- void *kckdata;
- size_t kcklen;
- EncryptedData kx;
- void *kxdata;
- size_t kxlen;
-
- ret = krb5_generate_random_keyblock(r->context, sessionetype,
- &kdc_contribution_key);
- if (ret) {
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- ret = krb5_crypto_init(r->context, &cp->reply_key, enctype, &reply_crypto);
- if (ret) {
- krb5_free_keyblock_contents(r->context, &kdc_contribution_key);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- ret = krb5_crypto_init(r->context, &kdc_contribution_key, sessionetype, &kdccont_crypto);
- if (ret) {
- krb5_crypto_destroy(r->context, reply_crypto);
- krb5_free_keyblock_contents(r->context, &kdc_contribution_key);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- /* KRB-FX-CF2 */
- ret = krb5_crypto_fx_cf2(r->context, kdccont_crypto, reply_crypto,
- &p1, &p2, sessionetype, sessionkey);
- krb5_crypto_destroy(r->context, kdccont_crypto);
- if (ret) {
- krb5_crypto_destroy(r->context, reply_crypto);
- krb5_free_keyblock_contents(r->context, &kdc_contribution_key);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- ASN1_MALLOC_ENCODE(EncryptionKey, kckdata, kcklen,
- &kdc_contribution_key, &size, ret);
- krb5_free_keyblock_contents(r->context, &kdc_contribution_key);
- if (ret) {
- krb5_set_error_message(r->context, ret, "encoding of PKINIT-KX Key failed %d", ret);
- krb5_crypto_destroy(r->context, reply_crypto);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- if (kcklen != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
- ret = krb5_encrypt_EncryptedData(r->context, reply_crypto, KRB5_KU_PA_PKINIT_KX,
- kckdata, kcklen, 0, &kx);
- krb5_crypto_destroy(r->context, reply_crypto);
- free(kckdata);
- if (ret) {
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- ASN1_MALLOC_ENCODE(EncryptedData, kxdata, kxlen,
- &kx, &size, ret);
- free_EncryptedData(&kx);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "encoding of PKINIT-KX failed %d", ret);
- free_PA_PK_AS_REP(&rep);
- goto out;
- }
- if (kxlen != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
- /* Add PA-PKINIT-KX */
- ret = krb5_padata_add(r->context, md, KRB5_PADATA_PKINIT_KX, kxdata, kxlen);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "Failed adding PKINIT-KX %d", ret);
- free(buf);
- goto out;
- }
- }
- }
-
-#define use_btmm_with_enckey 0
- if (use_btmm_with_enckey && rep.element == choice_PA_PK_AS_REP_encKeyPack) {
- PA_PK_AS_REP_BTMM btmm;
- heim_any any;
-
- any.data = rep.u.encKeyPack.data;
- any.length = rep.u.encKeyPack.length;
-
- btmm.dhSignedData = NULL;
- btmm.encKeyPack = &any;
-
- ASN1_MALLOC_ENCODE(PA_PK_AS_REP_BTMM, buf, len, &btmm, &size, ret);
- } else {
- ASN1_MALLOC_ENCODE(PA_PK_AS_REP, buf, len, &rep, &size, ret);
- }
-
- free_PA_PK_AS_REP(&rep);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "encode PA-PK-AS-REP failed %d", ret);
- goto out;
- }
- if (len != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
-
- kdc_log(r->context, config, 0, "PKINIT using %s %s", type, other);
-
- } else if (cp->type == PKINIT_WIN2K) {
- PA_PK_AS_REP_Win2k rep;
- ContentInfo info;
-
- if (cp->keyex != USE_RSA) {
- ret = KRB5KRB_ERR_GENERIC;
- krb5_set_error_message(r->context, ret,
- "Win2k PKINIT doesn't support DH");
- goto out;
- }
-
- memset(&rep, 0, sizeof(rep));
-
- pa_type = KRB5_PADATA_PK_AS_REP_19;
- rep.element = choice_PA_PK_AS_REP_Win2k_encKeyPack;
-
- ret = krb5_generate_random_keyblock(r->context, enctype,
- &cp->reply_key);
- if (ret) {
- free_PA_PK_AS_REP_Win2k(&rep);
- goto out;
- }
- ret = pk_mk_pa_reply_enckey(r->context,
- config,
- cp,
- req,
- req_buffer,
- &cp->reply_key,
- &info,
- &kdc_cert);
- if (ret) {
- free_PA_PK_AS_REP_Win2k(&rep);
- goto out;
- }
- ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data,
- rep.u.encKeyPack.length, &info, &size,
- ret);
- free_ContentInfo(&info);
- if (ret) {
- krb5_set_error_message(r->context, ret, "encoding of Key ContentInfo "
- "failed %d", ret);
- free_PA_PK_AS_REP_Win2k(&rep);
- goto out;
- }
- if (rep.u.encKeyPack.length != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
-
- ASN1_MALLOC_ENCODE(PA_PK_AS_REP_Win2k, buf, len, &rep, &size, ret);
- free_PA_PK_AS_REP_Win2k(&rep);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "encode PA-PK-AS-REP-Win2k failed %d", ret);
- goto out;
- }
- if (len != size)
- krb5_abortx(r->context, "Internal ASN.1 encoder error");
-
- ret = krb5_generate_random_keyblock(r->context, sessionetype,
- sessionkey);
- if (ret) {
- free(buf);
- goto out;
- }
-
- } else
- krb5_abortx(r->context, "PKINIT internal error");
-
-
- ret = krb5_padata_add(r->context, md, pa_type, buf, len);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "Failed adding PA-PK-AS-REP %d", ret);
- free(buf);
- goto out;
- }
-
- if (config->pkinit_kdc_ocsp_file) {
-
- if (ocsp.expire == 0 && ocsp.next_update > kdc_time) {
- struct stat sb;
- int fd;
-
- krb5_data_free(&ocsp.data);
-
- ocsp.expire = 0;
- ocsp.next_update = kdc_time + 60 * 5;
-
- fd = open(config->pkinit_kdc_ocsp_file, O_RDONLY);
- if (fd < 0) {
- kdc_log(r->context, config, 0,
- "PKINIT failed to open ocsp data file %d", errno);
- goto out_ocsp;
- }
- ret = fstat(fd, &sb);
- if (ret) {
- ret = errno;
- close(fd);
- kdc_log(r->context, config, 0,
- "PKINIT failed to stat ocsp data %d", ret);
- goto out_ocsp;
- }
-
- ret = krb5_data_alloc(&ocsp.data, sb.st_size);
- if (ret) {
- close(fd);
- kdc_log(r->context, config, 0,
- "PKINIT failed to stat ocsp data %d", ret);
- goto out_ocsp;
- }
- ocsp.data.length = sb.st_size;
- ret = read(fd, ocsp.data.data, sb.st_size);
- close(fd);
- if (ret != sb.st_size) {
- kdc_log(r->context, config, 0,
- "PKINIT failed to read ocsp data %d", errno);
- goto out_ocsp;
- }
-
- ret = hx509_ocsp_verify(r->context->hx509ctx,
- kdc_time,
- kdc_cert,
- 0,
- ocsp.data.data, ocsp.data.length,
- &ocsp.expire);
- if (ret) {
- kdc_log(r->context, config, 0,
- "PKINIT failed to verify ocsp data %d", ret);
- krb5_data_free(&ocsp.data);
- ocsp.expire = 0;
- } else if (ocsp.expire > 180) {
- ocsp.expire -= 180; /* refetch the ocsp before it expire */
- ocsp.next_update = ocsp.expire;
- } else {
- ocsp.next_update = kdc_time;
- }
- out_ocsp:
- ret = 0;
- }
-
- if (ocsp.expire != 0 && ocsp.expire > kdc_time) {
-
- ret = krb5_padata_add(r->context, md,
- KRB5_PADATA_PA_PK_OCSP_RESPONSE,
- ocsp.data.data, ocsp.data.length);
- if (ret) {
- krb5_set_error_message(r->context, ret,
- "Failed adding OCSP response %d", ret);
- goto out;
- }
- }
- }
-
-out:
- if (kdc_cert)
- hx509_cert_free(kdc_cert);
-
- if (ret == 0)
- ret = krb5_copy_keyblock_contents(r->context, &cp->reply_key, reply_key);
- return ret;
-}
-
-static int
-match_rfc_san(krb5_context context,
- krb5_kdc_configuration *config,
- hx509_context hx509ctx,
- hx509_cert client_cert,
- krb5_const_principal match)
-{
- hx509_octet_string_list list;
- int ret, found = 0;
- size_t i;
-
- memset(&list, 0 , sizeof(list));
-
- ret = hx509_cert_find_subjectAltName_otherName(hx509ctx,
- client_cert,
- &asn1_oid_id_pkinit_san,
- &list);
- if (ret)
- goto out;
-
- for (i = 0; !found && i < list.len; i++) {
- krb5_principal_data principal;
- KRB5PrincipalName kn;
- size_t size;
-
- ret = decode_KRB5PrincipalName(list.val[i].data,
- list.val[i].length,
- &kn, &size);
- if (ret) {
- const char *msg = krb5_get_error_message(context, ret);
- kdc_log(context, config, 0,
- "Decoding Kerberos principal name in certificate failed: %s", msg);
- krb5_free_error_message(context, msg);
- break;
- }
- if (size != list.val[i].length) {
- kdc_log(context, config, 0,
- "Decoded Kerberos principal name did not have expected length");
- return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
- }
-
- memset(&principal, 0, sizeof (principal));
- principal.name = kn.principalName;
- principal.realm = kn.realm;
-
- if (krb5_principal_compare(context, &principal, match) == TRUE)
- found = 1;
- free_KRB5PrincipalName(&kn);
- }
-
-out:
- hx509_free_octet_string_list(&list);
- if (ret)
- return ret;
-
- if (!found)
- return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
-
- return 0;
-}
-
-static int
-match_ms_upn_san(krb5_context context,
- krb5_kdc_configuration *config,
- hx509_context hx509ctx,
- hx509_cert client_cert,
- HDB *clientdb,
- hdb_entry_ex *client)
-{
- hx509_octet_string_list list;
- krb5_principal principal = NULL;
- int ret;
- MS_UPN_SAN upn;
- size_t size;
-
- memset(&list, 0 , sizeof(list));
-
- ret = hx509_cert_find_subjectAltName_otherName(hx509ctx,
- client_cert,
- &asn1_oid_id_pkinit_ms_san,
- &list);
- if (ret)
- goto out;
-
- if (list.len != 1) {
- kdc_log(context, config, 0,
- "More than one PKINIT MS UPN SAN");
- ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
- goto out;
- }
-
- ret = decode_MS_UPN_SAN(list.val[0].data, list.val[0].length, &upn, &size);
- if (ret) {
- kdc_log(context, config, 0, "Decode of MS-UPN-SAN failed");
- goto out;
- }
- if (size != list.val[0].length) {
- free_MS_UPN_SAN(&upn);
- kdc_log(context, config, 0, "Trailing data in ");
- ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
- goto out;
- }
-
- kdc_log(context, config, 0, "found MS UPN SAN: %s", upn);
-
- ret = krb5_parse_name(context, upn, &principal);
- free_MS_UPN_SAN(&upn);
- if (ret) {
- kdc_log(context, config, 0, "Failed to parse principal in MS UPN SAN");
- goto out;
- }
-
- if (clientdb->hdb_check_pkinit_ms_upn_match) {
- ret = clientdb->hdb_check_pkinit_ms_upn_match(context, clientdb, client, principal);
- } else {
-
- /*
- * This is very wrong, but will do for a fallback
- */
- strupr(principal->realm);
-
- if (krb5_principal_compare(context, principal, client->entry.principal) == FALSE)
- ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
- }
-
-out:
- if (principal)
- krb5_free_principal(context, principal);
- hx509_free_octet_string_list(&list);
-
- return ret;
-}
-
-krb5_error_code
-_kdc_pk_check_client(astgs_request_t r,
- pk_client_params *cp,
- char **subject_name)
-{
- krb5_kdc_configuration *config = r->config;
- HDB *clientdb = r->clientdb;
- hdb_entry_ex *client = r->client;
- const HDB_Ext_PKINIT_acl *acl;
- const HDB_Ext_PKINIT_cert *pc;
- krb5_error_code ret;
- hx509_name name;
- size_t i;
-
- if (cp->cert == NULL) {
- if (!_kdc_is_anonymous(r->context, client->entry.principal)
- && !config->historical_anon_realm)
- return KRB5KDC_ERR_BADOPTION;
-
- *subject_name = strdup("<unauthenticated anonymous client>");
- if (*subject_name == NULL)
- return ENOMEM;
- return 0;
- }
-
- cp->endtime = hx509_cert_get_notAfter(cp->cert);
- cp->max_life = 0;
- if (config->pkinit_max_life_from_cert_extension)
- cp->max_life =
- hx509_cert_get_pkinit_max_life(r->context->hx509ctx, cp->cert,
- config->pkinit_max_life_bound);
- if (cp->max_life == 0 && config->pkinit_max_life_from_cert > 0) {
- cp->max_life = cp->endtime - hx509_cert_get_notBefore(cp->cert);
- if (cp->max_life > config->pkinit_max_life_from_cert)
- cp->max_life = config->pkinit_max_life_from_cert;
- }
-
- ret = hx509_cert_get_base_subject(r->context->hx509ctx,
- cp->cert,
- &name);
- if (ret)
- return ret;
-
- ret = hx509_name_to_string(name, subject_name);
- hx509_name_free(&name);
- if (ret)
- return ret;
-
- kdc_log(r->context, config, 0,
- "Trying to authorize PKINIT subject DN %s",
- *subject_name);
-
- ret = hdb_entry_get_pkinit_cert(&client->entry, &pc);
- if (ret == 0 && pc) {
- hx509_cert cert;
- size_t j;
-
- for (j = 0; j < pc->len; j++) {
- cert = hx509_cert_init_data(r->context->hx509ctx,
- pc->val[j].cert.data,
- pc->val[j].cert.length,
- NULL);
- if (cert == NULL)
- continue;
- ret = hx509_cert_cmp(cert, cp->cert);
- hx509_cert_free(cert);
- if (ret == 0) {
- kdc_log(r->context, config, 5,
- "Found matching PKINIT cert in hdb");
- return 0;
- }
- }
- }
-
-
- if (config->pkinit_princ_in_cert) {
- ret = match_rfc_san(r->context, config,
- r->context->hx509ctx,
- cp->cert,
- client->entry.principal);
- if (ret == 0) {
- kdc_log(r->context, config, 5,
- "Found matching PKINIT SAN in certificate");
- return 0;
- }
- ret = match_ms_upn_san(r->context, config,
- r->context->hx509ctx,
- cp->cert,
- clientdb,
- client);
- if (ret == 0) {
- kdc_log(r->context, config, 5,
- "Found matching MS UPN SAN in certificate");
- return 0;
- }
- }
-
- ret = hdb_entry_get_pkinit_acl(&client->entry, &acl);
- if (ret == 0 && acl != NULL) {
- /*
- * Cheat here and compare the generated name with the string
- * and not the reverse.
- */
- for (i = 0; i < acl->len; i++) {
- if (strcmp(*subject_name, acl->val[0].subject) != 0)
- continue;
-
- /* Don't support isser and anchor checking right now */
- if (acl->val[0].issuer)
- continue;
- if (acl->val[0].anchor)
- continue;
-
- kdc_log(r->context, config, 5,
- "Found matching PKINIT database ACL");
- return 0;
- }
- }
-
- for (i = 0; i < principal_mappings.len; i++) {
- krb5_boolean b;
-
- b = krb5_principal_compare(r->context,
- client->entry.principal,
- principal_mappings.val[i].principal);
- if (b == FALSE)
- continue;
- if (strcmp(principal_mappings.val[i].subject, *subject_name) != 0)
- continue;
- kdc_log(r->context, config, 5,
- "Found matching PKINIT FILE ACL");
- return 0;
- }
-
- ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
- krb5_set_error_message(r->context, ret,
- "PKINIT no matching principals for %s",
- *subject_name);
-
- kdc_log(r->context, config, 5,
- "PKINIT no matching principals for %s",
- *subject_name);
-
- free(*subject_name);
- *subject_name = NULL;
-
- return ret;
-}
-
-static krb5_error_code
-add_principal_mapping(krb5_context context,
- const char *principal_name,
- const char * subject)
-{
- struct pk_allowed_princ *tmp;
- krb5_principal principal;
- krb5_error_code ret;
-
- tmp = realloc(principal_mappings.val,
- (principal_mappings.len + 1) * sizeof(*tmp));
- if (tmp == NULL)
- return ENOMEM;
- principal_mappings.val = tmp;
-
- ret = krb5_parse_name(context, principal_name, &principal);
- if (ret)
- return ret;
-
- principal_mappings.val[principal_mappings.len].principal = principal;
-
- principal_mappings.val[principal_mappings.len].subject = strdup(subject);
- if (principal_mappings.val[principal_mappings.len].subject == NULL) {
- krb5_free_principal(context, principal);
- return ENOMEM;
- }
- principal_mappings.len++;
-
- return 0;
-}
-
-krb5_error_code
-_kdc_add_initial_verified_cas(krb5_context context,
- krb5_kdc_configuration *config,
- pk_client_params *cp,
- EncTicketPart *tkt)
-{
- AD_INITIAL_VERIFIED_CAS cas;
- krb5_error_code ret;
- krb5_data data;
- size_t size = 0;
-
- memset(&cas, 0, sizeof(cas));
-
- /* XXX add CAs to cas here */
-
- ASN1_MALLOC_ENCODE(AD_INITIAL_VERIFIED_CAS, data.data, data.length,
- &cas, &size, ret);
- if (ret)
- return ret;
- if (data.length != size)
- krb5_abortx(context, "internal asn.1 encoder error");
-
- ret = _kdc_tkt_add_if_relevant_ad(context, tkt,
- KRB5_AUTHDATA_INITIAL_VERIFIED_CAS,
- &data);
- krb5_data_free(&data);
- return ret;
-}
-
-/*
- *
- */
-
-static void
-load_mappings(krb5_context context, const char *fn)
-{
- krb5_error_code ret;
- char buf[1024];
- unsigned long lineno = 0;
- FILE *f;
-
- f = fopen(fn, "r");
- if (f == NULL)
- return;
-
- while (fgets(buf, sizeof(buf), f) != NULL) {
- char *subject_name, *p;
-
- buf[strcspn(buf, "\n")] = '\0';
- lineno++;
-
- p = buf + strspn(buf, " \t");
-
- if (*p == '#' || *p == '\0')
- continue;
-
- subject_name = strchr(p, ':');
- if (subject_name == NULL) {
- krb5_warnx(context, "pkinit mapping file line %lu "
- "missing \":\" :%s",
- lineno, buf);
- continue;
- }
- *subject_name++ = '\0';
-
- ret = add_principal_mapping(context, p, subject_name);
- if (ret) {
- krb5_warn(context, ret, "failed to add line %lu \":\" :%s\n",
- lineno, buf);
- continue;
- }
- }
-
- fclose(f);
-}
-
-/*
- *
- */
-
-krb5_error_code
-krb5_kdc_pk_initialize(krb5_context context,
- krb5_kdc_configuration *config,
- const char *user_id,
- const char *anchors,
- char **pool,
- char **revoke_list)
-{
- const char *file;
- char *fn = NULL;
- krb5_error_code ret;
-
- file = krb5_config_get_string(context, NULL,
- "libdefaults", "moduli", NULL);
-
- ret = _krb5_parse_moduli(context, file, &moduli);
- if (ret)
- krb5_err(context, 1, ret, "PKINIT: failed to load moduli file");
-
- principal_mappings.len = 0;
- principal_mappings.val = NULL;
-
- ret = _krb5_pk_load_id(context,
- &kdc_identity,
- user_id,
- anchors,
- pool,
- revoke_list,
- NULL,
- NULL,
- NULL);
- if (ret) {
- krb5_warn(context, ret, "PKINIT: ");
- config->enable_pkinit = 0;
- return ret;
- }
-
- {
- hx509_query *q;
- hx509_cert cert;
-
- ret = hx509_query_alloc(context->hx509ctx, &q);
- if (ret) {
- krb5_warnx(context, "PKINIT: out of memory");
- return ENOMEM;
- }
-
- hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY);
- if (config->pkinit_kdc_friendly_name)
- hx509_query_match_friendly_name(q, config->pkinit_kdc_friendly_name);
-
- ret = hx509_certs_find(context->hx509ctx,
- kdc_identity->certs,
- q,
- &cert);
- hx509_query_free(context->hx509ctx, q);
- if (ret == 0) {
- if (hx509_cert_check_eku(context->hx509ctx, cert,
- &asn1_oid_id_pkkdcekuoid, 0)) {
- hx509_name name;
- char *str;
- ret = hx509_cert_get_subject(cert, &name);
- if (ret == 0) {
- hx509_name_to_string(name, &str);
- krb5_warnx(context, "WARNING Found KDC certificate (%s)"
- "is missing the PKINIT KDC EKU, this is bad for "
- "interoperability.", str);
- hx509_name_free(&name);
- free(str);
- }
- }
- hx509_cert_free(cert);
- } else
- krb5_warnx(context, "PKINIT: failed to find a signing "
- "certificate with a public key");
- }
-
- if (krb5_config_get_bool_default(context,
- NULL,
- FALSE,
- "kdc",
- "pkinit_allow_proxy_certificate",
- NULL))
- config->pkinit_allow_proxy_certs = 1;
-
- file = krb5_config_get_string(context,
- NULL,
- "kdc",
- "pkinit_mappings_file",
- NULL);
- if (file == NULL) {
- int aret;
-
- aret = asprintf(&fn, "%s/pki-mapping", hdb_db_dir(context));
- if (aret == -1) {
- krb5_warnx(context, "PKINIT: out of memory");
- return ENOMEM;
- }
-
- file = fn;
- }
-
- load_mappings(context, file);
- if (fn)
- free(fn);
-
- return 0;
-}
-
-#endif /* PKINIT */