2 * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 struct hdb_master_key_data {
42 krb5_keytab_entry keytab;
44 struct hdb_master_key_data *next;
48 hdb_free_master_key(krb5_context context, hdb_master_key mkey)
50 struct hdb_master_key_data *ptr;
52 krb5_kt_free_entry(context, &mkey->keytab);
54 krb5_crypto_destroy(context, mkey->crypto);
62 hdb_process_master_key(krb5_context context,
63 int kvno, krb5_keyblock *key, krb5_enctype etype,
68 *mkey = calloc(1, sizeof(**mkey));
70 krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
73 (*mkey)->keytab.vno = kvno;
74 ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal);
77 ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock);
81 (*mkey)->keytab.keyblock.keytype = etype;
82 (*mkey)->keytab.timestamp = time(NULL);
83 ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto);
88 hdb_free_master_key(context, *mkey);
94 hdb_add_master_key(krb5_context context, krb5_keyblock *key,
95 hdb_master_key *inout)
101 for(p = *inout; p; p = p->next)
102 vno = max(vno, p->keytab.vno);
104 ret = hdb_process_master_key(context, vno, key, 0, &p);
112 static krb5_error_code
113 read_master_keytab(krb5_context context, const char *filename,
114 hdb_master_key *mkey)
118 krb5_kt_cursor cursor;
119 krb5_keytab_entry entry;
122 ret = krb5_kt_resolve(context, filename, &id);
126 ret = krb5_kt_start_seq_get(context, id, &cursor);
130 while(krb5_kt_next_entry(context, id, &entry, &cursor) == 0) {
131 p = calloc(1, sizeof(*p));
133 krb5_kt_end_seq_get(context, id, &cursor);
138 ret = krb5_crypto_init(context, &p->keytab.keyblock, 0, &p->crypto);
142 krb5_kt_end_seq_get(context, id, &cursor);
144 krb5_kt_close(context, id);
148 /* read a MIT master keyfile */
149 static krb5_error_code
150 read_master_mit(krb5_context context, const char *filename,
151 hdb_master_key *mkey)
159 fd = open(filename, O_RDONLY | O_BINARY);
161 int save_errno = errno;
162 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
163 filename, strerror(save_errno));
166 sp = krb5_storage_from_fd(fd);
171 krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER);
172 /* could possibly use ret_keyblock here, but do it with more
175 ret = krb5_ret_int16(sp, &enctype);
178 if((htons(enctype) & 0xff00) == 0x3000) {
179 ret = HEIM_ERR_BAD_MKEY;
180 krb5_set_error_message(context, ret, "unknown keytype in %s: "
182 filename, htons(enctype), 0x3000);
185 key.keytype = enctype;
186 ret = krb5_ret_data(sp, &key.keyvalue);
190 ret = hdb_process_master_key(context, 0, &key, 0, mkey);
191 krb5_free_keyblock_contents(context, &key);
193 krb5_storage_free(sp);
198 /* read an old master key file */
199 static krb5_error_code
200 read_master_encryptionkey(krb5_context context, const char *filename,
201 hdb_master_key *mkey)
206 unsigned char buf[256];
210 fd = open(filename, O_RDONLY | O_BINARY);
212 int save_errno = errno;
213 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
214 filename, strerror(save_errno));
218 len = read(fd, buf, sizeof(buf));
221 int save_errno = errno;
222 krb5_set_error_message(context, save_errno, "error reading %s: %s",
223 filename, strerror(save_errno));
227 ret = decode_EncryptionKey(buf, len, &key, &ret_len);
228 memset(buf, 0, sizeof(buf));
232 /* Originally, the keytype was just that, and later it got changed
233 to des-cbc-md5, but we always used des in cfb64 mode. This
234 should cover all cases, but will break if someone has hacked
235 this code to really use des-cbc-md5 -- but then that's not my
237 if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5)
238 key.keytype = ETYPE_DES_CFB64_NONE;
240 ret = hdb_process_master_key(context, 0, &key, 0, mkey);
241 krb5_free_keyblock_contents(context, &key);
245 /* read a krb4 /.k style file */
246 static krb5_error_code
247 read_master_krb4(krb5_context context, const char *filename,
248 hdb_master_key *mkey)
253 unsigned char buf[256];
256 fd = open(filename, O_RDONLY | O_BINARY);
258 int save_errno = errno;
259 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
260 filename, strerror(save_errno));
264 len = read(fd, buf, sizeof(buf));
267 int save_errno = errno;
268 krb5_set_error_message(context, save_errno, "error reading %s: %s",
269 filename, strerror(save_errno));
273 krb5_set_error_message(context, HEIM_ERR_EOF,
274 "bad contents of %s", filename);
275 return HEIM_ERR_EOF; /* XXX file might be too large */
278 memset(&key, 0, sizeof(key));
279 key.keytype = ETYPE_DES_PCBC_NONE;
280 ret = krb5_data_copy(&key.keyvalue, buf, len);
281 memset(buf, 0, sizeof(buf));
285 ret = hdb_process_master_key(context, 0, &key, 0, mkey);
286 krb5_free_keyblock_contents(context, &key);
291 hdb_read_master_key(krb5_context context, const char *filename,
292 hdb_master_key *mkey)
295 unsigned char buf[16];
303 filename = HDB_DB_DIR "/m-key";
305 f = fopen(filename, "r");
307 int save_errno = errno;
308 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
309 filename, strerror(save_errno));
313 if(fread(buf, 1, 2, f) != 2) {
315 krb5_set_error_message(context, HEIM_ERR_EOF, "end of file reading %s", filename);
319 fseek(f, 0, SEEK_END);
329 ret = read_master_krb4(context, filename, mkey);
330 } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) {
331 ret = read_master_encryptionkey(context, filename, mkey);
332 } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) {
333 ret = read_master_keytab(context, filename, mkey);
335 ret = read_master_mit(context, filename, mkey);
341 hdb_write_master_key(krb5_context context, const char *filename,
349 filename = HDB_DB_DIR "/m-key";
351 ret = krb5_kt_resolve(context, filename, &kt);
355 for(p = mkey; p; p = p->next) {
356 ret = krb5_kt_add_entry(context, kt, &p->keytab);
359 krb5_kt_close(context, kt);
365 _hdb_find_master_key(uint32_t *mkvno, hdb_master_key mkey)
367 hdb_master_key ret = NULL;
369 if(ret == NULL && mkey->keytab.vno == 0)
372 if(ret == NULL || mkey->keytab.vno > ret->keytab.vno)
374 } else if(mkey->keytab.vno == *mkvno)
382 _hdb_mkey_version(hdb_master_key mkey)
384 return mkey->keytab.vno;
388 _hdb_mkey_decrypt(krb5_context context, hdb_master_key key,
389 krb5_key_usage usage,
390 void *ptr, size_t size, krb5_data *res)
392 return krb5_decrypt(context, key->crypto, usage,
397 _hdb_mkey_encrypt(krb5_context context, hdb_master_key key,
398 krb5_key_usage usage,
399 const void *ptr, size_t size, krb5_data *res)
401 return krb5_encrypt(context, key->crypto, usage,
406 hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
418 key = _hdb_find_master_key(k->mkvno, mkey);
421 return HDB_ERR_NO_MKEY;
423 ret = _hdb_mkey_decrypt(context, key, HDB_KU_MKEY,
424 k->key.keyvalue.data,
425 k->key.keyvalue.length,
427 if(ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) {
428 /* try to decrypt with MIT key usage */
429 ret = _hdb_mkey_decrypt(context, key, 0,
430 k->key.keyvalue.data,
431 k->key.keyvalue.length,
437 /* fixup keylength if the key got padded when encrypting it */
438 ret = krb5_enctype_keysize(context, k->key.keytype, &keysize);
440 krb5_data_free(&res);
443 if (keysize > res.length) {
444 krb5_data_free(&res);
445 return KRB5_BAD_KEYSIZE;
448 memset(k->key.keyvalue.data, 0, k->key.keyvalue.length);
449 free(k->key.keyvalue.data);
450 k->key.keyvalue = res;
451 k->key.keyvalue.length = keysize;
459 hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
463 for(i = 0; i < ent->keys.len; i++){
466 ret = hdb_unseal_key_mkey(context, &ent->keys.val[i], mkey);
474 hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent)
476 if (db->hdb_master_key_set == 0)
478 return hdb_unseal_keys_mkey(context, ent, db->hdb_master_key);
482 hdb_unseal_key(krb5_context context, HDB *db, Key *k)
484 if (db->hdb_master_key_set == 0)
486 return hdb_unseal_key_mkey(context, k, db->hdb_master_key);
490 hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
499 key = _hdb_find_master_key(k->mkvno, mkey);
502 return HDB_ERR_NO_MKEY;
504 ret = _hdb_mkey_encrypt(context, key, HDB_KU_MKEY,
505 k->key.keyvalue.data,
506 k->key.keyvalue.length,
511 memset(k->key.keyvalue.data, 0, k->key.keyvalue.length);
512 free(k->key.keyvalue.data);
513 k->key.keyvalue = res;
515 if (k->mkvno == NULL) {
516 k->mkvno = malloc(sizeof(*k->mkvno));
517 if (k->mkvno == NULL)
520 *k->mkvno = key->keytab.vno;
526 hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
529 for(i = 0; i < ent->keys.len; i++){
532 ret = hdb_seal_key_mkey(context, &ent->keys.val[i], mkey);
540 hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent)
542 if (db->hdb_master_key_set == 0)
545 return hdb_seal_keys_mkey(context, ent, db->hdb_master_key);
549 hdb_seal_key(krb5_context context, HDB *db, Key *k)
551 if (db->hdb_master_key_set == 0)
554 return hdb_seal_key_mkey(context, k, db->hdb_master_key);
558 hdb_set_master_key (krb5_context context,
565 ret = hdb_process_master_key(context, 0, key, 0, &mkey);
568 db->hdb_master_key = mkey;
569 #if 0 /* XXX - why? */
570 des_set_random_generator_seed(key.keyvalue.data);
572 db->hdb_master_key_set = 1;
577 hdb_set_master_keyfile (krb5_context context,
584 ret = hdb_read_master_key(context, keyfile, &key);
588 krb5_clear_error_message(context);
591 db->hdb_master_key = key;
592 db->hdb_master_key_set = 1;
597 hdb_clear_master_key (krb5_context context,
600 if (db->hdb_master_key_set) {
601 hdb_free_master_key(context, db->hdb_master_key);
602 db->hdb_master_key_set = 0;