2 * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 RCSID("$Id: pkinit.c,v 1.74 2006/11/10 03:37:43 lha Exp $");
40 #include <heim_asn1.h>
41 #include <rfc2459_asn1.h>
43 #include <pkinit_asn1.h>
46 #include "crypto-headers.h"
48 /* XXX copied from lib/krb5/pkinit.c */
49 struct krb5_pk_identity
{
50 hx509_context hx509ctx
;
51 hx509_verify_ctx verify_ctx
;
55 hx509_revoke_ctx revoke
;
59 PKINIT_COMPAT_WIN2K
= 1,
63 struct pk_client_params
{
64 enum pkinit_type type
;
65 BIGNUM
*dh_public_key
;
69 EncryptionKey reply_key
;
73 struct pk_principal_mapping
{
75 struct pk_allowed_princ
{
76 krb5_principal principal
;
81 static struct krb5_pk_identity
*kdc_identity
;
82 static struct pk_principal_mapping principal_mappings
;
83 static struct krb5_dh_moduli
**moduli
;
95 static krb5_error_code
96 pk_check_pkauthenticator_win2k(krb5_context context
,
97 PKAuthenticator_Win2k
*a
,
102 krb5_timeofday (context
, &now
);
105 if (a
->ctime
== 0 || abs(a
->ctime
- now
) > context
->max_skew
) {
106 krb5_clear_error_string(context
);
107 return KRB5KRB_AP_ERR_SKEW
;
112 static krb5_error_code
113 pk_check_pkauthenticator(krb5_context context
,
124 krb5_timeofday (context
, &now
);
127 if (a
->ctime
== 0 || abs(a
->ctime
- now
) > context
->max_skew
) {
128 krb5_clear_error_string(context
);
129 return KRB5KRB_AP_ERR_SKEW
;
132 ASN1_MALLOC_ENCODE(KDC_REQ_BODY
, buf
, buf_size
, &req
->req_body
, &len
, ret
);
134 krb5_clear_error_string(context
);
138 krb5_abortx(context
, "Internal error in ASN.1 encoder");
140 ret
= krb5_create_checksum(context
,
149 krb5_clear_error_string(context
);
153 if (a
->paChecksum
== NULL
) {
154 krb5_clear_error_string(context
);
155 ret
= KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED
;
159 if (der_heim_octet_string_cmp(a
->paChecksum
, &checksum
.checksum
) != 0) {
160 krb5_clear_error_string(context
);
161 ret
= KRB5KRB_ERR_GENERIC
;
165 free_Checksum(&checksum
);
171 _kdc_pk_free_client_param(krb5_context context
,
172 pk_client_params
*client_params
)
174 if (client_params
->cert
)
175 hx509_cert_free(client_params
->cert
);
176 if (client_params
->dh
)
177 DH_free(client_params
->dh
);
178 if (client_params
->dh_public_key
)
179 BN_free(client_params
->dh_public_key
);
180 krb5_free_keyblock_contents(context
, &client_params
->reply_key
);
181 if (client_params
->dh_group_name
)
182 free(client_params
->dh_group_name
);
183 memset(client_params
, 0, sizeof(*client_params
));
187 static krb5_error_code
188 generate_dh_keyblock(krb5_context context
, pk_client_params
*client_params
,
189 krb5_enctype enctype
, krb5_keyblock
*reply_key
)
191 unsigned char *dh_gen_key
= NULL
;
194 size_t dh_gen_keylen
, size
;
196 memset(&key
, 0, sizeof(key
));
198 if (!DH_generate_key(client_params
->dh
)) {
199 krb5_set_error_string(context
, "Can't generate Diffie-Hellman keys");
200 ret
= KRB5KRB_ERR_GENERIC
;
203 if (client_params
->dh_public_key
== NULL
) {
204 krb5_set_error_string(context
, "dh_public_key");
205 ret
= KRB5KRB_ERR_GENERIC
;
209 dh_gen_keylen
= DH_size(client_params
->dh
);
210 size
= BN_num_bytes(client_params
->dh
->p
);
211 if (size
< dh_gen_keylen
)
212 size
= dh_gen_keylen
;
214 dh_gen_key
= malloc(size
);
215 if (dh_gen_key
== NULL
) {
216 krb5_set_error_string(context
, "malloc: out of memory");
220 memset(dh_gen_key
, 0, size
- dh_gen_keylen
);
222 dh_gen_keylen
= DH_compute_key(dh_gen_key
+ (size
- dh_gen_keylen
),
223 client_params
->dh_public_key
,
225 if (dh_gen_keylen
== -1) {
226 krb5_set_error_string(context
, "Can't compute Diffie-Hellman key");
227 ret
= KRB5KRB_ERR_GENERIC
;
231 ret
= _krb5_pk_octetstring2key(context
,
233 dh_gen_key
, dh_gen_keylen
,
240 if (key
.keyvalue
.data
)
241 krb5_free_keyblock_contents(context
, &key
);
247 integer_to_BN(krb5_context context
, const char *field
, heim_integer
*f
)
251 bn
= BN_bin2bn((const unsigned char *)f
->data
, f
->length
, NULL
);
253 krb5_set_error_string(context
, "PKINIT: parsing BN failed %s", field
);
256 BN_set_negative(bn
, f
->negative
);
260 static krb5_error_code
261 get_dh_param(krb5_context context
,
262 krb5_kdc_configuration
*config
,
263 SubjectPublicKeyInfo
*dh_key_info
,
264 pk_client_params
*client_params
)
266 DomainParameters dhparam
;
270 memset(&dhparam
, 0, sizeof(dhparam
));
272 if (der_heim_oid_cmp(&dh_key_info
->algorithm
.algorithm
, oid_id_dhpublicnumber())) {
273 krb5_set_error_string(context
,
274 "PKINIT invalid oid in clientPublicValue");
275 return KRB5_BADMSGTYPE
;
278 if (dh_key_info
->algorithm
.parameters
== NULL
) {
279 krb5_set_error_string(context
, "PKINIT missing algorithm parameter "
280 "in clientPublicValue");
281 return KRB5_BADMSGTYPE
;
284 ret
= decode_DomainParameters(dh_key_info
->algorithm
.parameters
->data
,
285 dh_key_info
->algorithm
.parameters
->length
,
289 krb5_set_error_string(context
, "Can't decode algorithm "
290 "parameters in clientPublicValue");
294 if ((dh_key_info
->subjectPublicKey
.length
% 8) != 0) {
295 ret
= KRB5_BADMSGTYPE
;
296 krb5_set_error_string(context
, "PKINIT: subjectPublicKey not aligned "
297 "to 8 bit boundary");
302 ret
= _krb5_dh_group_ok(context
, config
->pkinit_dh_min_bits
,
303 &dhparam
.p
, &dhparam
.g
, &dhparam
.q
, moduli
,
304 &client_params
->dh_group_name
);
310 krb5_set_error_string(context
, "Cannot create DH structure");
314 ret
= KRB5_BADMSGTYPE
;
315 dh
->p
= integer_to_BN(context
, "DH prime", &dhparam
.p
);
318 dh
->g
= integer_to_BN(context
, "DH base", &dhparam
.g
);
321 dh
->q
= integer_to_BN(context
, "DH p-1 factor", &dhparam
.q
);
329 ret
= decode_DHPublicKey(dh_key_info
->subjectPublicKey
.data
,
330 dh_key_info
->subjectPublicKey
.length
/ 8,
334 krb5_clear_error_string(context
);
338 client_params
->dh_public_key
= integer_to_BN(context
,
341 der_free_heim_integer(&glue
);
342 if (client_params
->dh_public_key
== NULL
)
346 client_params
->dh
= dh
;
353 free_DomainParameters(&dhparam
);
359 * XXX We only need this function if there are several certs for the
360 * KDC to choose from, and right now, we can't handle that so punt for
363 * If client has sent a list of CA's trusted by him, make sure our
369 verify_trusted_ca(PA_PK_AS_REQ_19
*r
)
372 if (r
.trustedCertifiers
!= NULL
) {
373 X509_NAME
*kdc_issuer
;
376 kdc_cert
= sk_X509_value(kdc_identity
->cert
, 0);
377 kdc_issuer
= X509_get_issuer_name(kdc_cert
);
379 /* XXX will work for heirarchical CA's ? */
380 /* XXX also serial_number should be compared */
382 ret
= KRB5_KDC_ERR_KDC_NOT_TRUSTED
;
383 for (i
= 0; i
< r
.trustedCertifiers
->len
; i
++) {
384 TrustedCA_19
*ca
= &r
.trustedCertifiers
->val
[i
];
386 switch (ca
->element
) {
387 case choice_TrustedCA_19_caName
: {
391 p
= ca
->u
.caName
.data
;
392 name
= d2i_X509_NAME(NULL
, &p
, ca
->u
.caName
.length
);
393 if (name
== NULL
) /* XXX should this be a failure instead ? */
395 if (X509_NAME_cmp(name
, kdc_issuer
) == 0)
397 X509_NAME_free(name
);
400 case choice_TrustedCA_19_issuerAndSerial
:
401 /* IssuerAndSerialNumber issuerAndSerial */
416 _kdc_pk_rd_padata(krb5_context context
,
417 krb5_kdc_configuration
*config
,
420 pk_client_params
**ret_params
)
422 pk_client_params
*client_params
;
424 heim_oid eContentType
= { 0, NULL
}, contentInfoOid
= { 0, NULL
};
425 krb5_data eContent
= { 0, NULL
};
426 krb5_data signed_content
= { 0, NULL
};
427 const char *type
= "unknown type";
428 const heim_oid
*pa_contentType
;
433 if (!config
->enable_pkinit
) {
434 krb5_clear_error_string(context
);
438 client_params
= calloc(1, sizeof(*client_params
));
439 if (client_params
== NULL
) {
440 krb5_clear_error_string(context
);
445 if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ_WIN
) {
446 PA_PK_AS_REQ_Win2k r
;
448 type
= "PK-INIT-Win2k";
449 pa_contentType
= oid_id_pkcs7_data();
451 ret
= decode_PA_PK_AS_REQ_Win2k(pa
->padata_value
.data
,
452 pa
->padata_value
.length
,
456 krb5_set_error_string(context
, "Can't decode "
457 "PK-AS-REQ-Win2k: %d", ret
);
461 ret
= hx509_cms_unwrap_ContentInfo(&r
.signed_auth_pack
,
465 free_PA_PK_AS_REQ_Win2k(&r
);
467 krb5_set_error_string(context
, "Can't decode PK-AS-REQ: %d", ret
);
471 } else if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ
) {
474 type
= "PK-INIT-IETF";
475 pa_contentType
= oid_id_pkauthdata();
477 ret
= decode_PA_PK_AS_REQ(pa
->padata_value
.data
,
478 pa
->padata_value
.length
,
482 krb5_set_error_string(context
, "Can't decode PK-AS-REQ: %d", ret
);
486 /* XXX look at r.trustedCertifiers and r.kdcPkId */
488 ret
= hx509_cms_unwrap_ContentInfo(&r
.signedAuthPack
,
492 free_PA_PK_AS_REQ(&r
);
494 krb5_set_error_string(context
, "Can't unwrap ContentInfo: %d", ret
);
499 krb5_clear_error_string(context
);
500 ret
= KRB5KDC_ERR_PADATA_TYPE_NOSUPP
;
504 ret
= der_heim_oid_cmp(&contentInfoOid
, oid_id_pkcs7_signedData());
506 krb5_set_error_string(context
, "PK-AS-REQ-Win2k invalid content "
508 ret
= KRB5KRB_ERR_GENERIC
;
513 krb5_set_error_string(context
,
514 "PK-AS-REQ-Win2k no signed auth pack");
515 ret
= KRB5KRB_ERR_GENERIC
;
520 hx509_certs signer_certs
;
522 ret
= hx509_cms_verify_signed(kdc_identity
->hx509ctx
,
523 kdc_identity
->verify_ctx
,
525 signed_content
.length
,
526 kdc_identity
->certpool
,
531 char *s
= hx509_get_error_string(kdc_identity
->hx509ctx
, ret
);
532 krb5_warnx(context
, "PKINIT: failed to verify signature: %s: %d",
538 ret
= hx509_get_one_cert(kdc_identity
->hx509ctx
, signer_certs
,
539 &client_params
->cert
);
540 hx509_certs_free(&signer_certs
);
545 /* Signature is correct, now verify the signed message */
546 if (der_heim_oid_cmp(&eContentType
, pa_contentType
)) {
547 krb5_set_error_string(context
, "got wrong oid for pkauthdata");
548 ret
= KRB5_BADMSGTYPE
;
552 if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ_WIN
) {
555 ret
= decode_AuthPack_Win2k(eContent
.data
,
560 krb5_set_error_string(context
, "can't decode AuthPack: %d", ret
);
564 ret
= pk_check_pkauthenticator_win2k(context
,
568 free_AuthPack_Win2k(&ap
);
572 client_params
->type
= PKINIT_COMPAT_WIN2K
;
573 client_params
->nonce
= ap
.pkAuthenticator
.nonce
;
575 if (ap
.clientPublicValue
) {
576 krb5_set_error_string(context
, "DH not supported for windows");
577 ret
= KRB5KRB_ERR_GENERIC
;
580 free_AuthPack_Win2k(&ap
);
582 } else if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ
) {
585 ret
= decode_AuthPack(eContent
.data
,
590 krb5_set_error_string(context
, "can't decode AuthPack: %d", ret
);
595 ret
= pk_check_pkauthenticator(context
,
603 client_params
->type
= PKINIT_COMPAT_27
;
604 client_params
->nonce
= ap
.pkAuthenticator
.nonce
;
606 if (ap
.clientPublicValue
) {
607 ret
= get_dh_param(context
, config
,
608 ap
.clientPublicValue
, client_params
);
616 krb5_abortx(context
, "internal pkinit error");
618 kdc_log(context
, config
, 0, "PK-INIT request of type %s", type
);
622 if (signed_content
.data
)
623 free(signed_content
.data
);
624 krb5_data_free(&eContent
);
625 der_free_oid(&eContentType
);
626 der_free_oid(&contentInfoOid
);
628 _kdc_pk_free_client_param(context
, client_params
);
630 *ret_params
= client_params
;
638 static krb5_error_code
639 BN_to_integer(krb5_context context
, BIGNUM
*bn
, heim_integer
*integer
)
641 integer
->length
= BN_num_bytes(bn
);
642 integer
->data
= malloc(integer
->length
);
643 if (integer
->data
== NULL
) {
644 krb5_clear_error_string(context
);
647 BN_bn2bin(bn
, integer
->data
);
648 integer
->negative
= BN_is_negative(bn
);
652 static krb5_error_code
653 pk_mk_pa_reply_enckey(krb5_context context
,
654 pk_client_params
*client_params
,
656 const krb5_data
*req_buffer
,
657 krb5_keyblock
*reply_key
,
658 ContentInfo
*content_info
)
661 krb5_data buf
, signed_data
;
664 krb5_data_zero(&buf
);
665 krb5_data_zero(&signed_data
);
667 switch (client_params
->type
) {
668 case PKINIT_COMPAT_WIN2K
: {
669 ReplyKeyPack_Win2k kp
;
670 memset(&kp
, 0, sizeof(kp
));
672 ret
= copy_EncryptionKey(reply_key
, &kp
.replyKey
);
674 krb5_clear_error_string(context
);
677 kp
.nonce
= client_params
->nonce
;
679 ASN1_MALLOC_ENCODE(ReplyKeyPack_Win2k
,
680 buf
.data
, buf
.length
,
682 free_ReplyKeyPack_Win2k(&kp
);
685 case PKINIT_COMPAT_27
: {
686 krb5_crypto ascrypto
;
688 memset(&kp
, 0, sizeof(kp
));
690 ret
= copy_EncryptionKey(reply_key
, &kp
.replyKey
);
692 krb5_clear_error_string(context
);
696 ret
= krb5_crypto_init(context
, reply_key
, 0, &ascrypto
);
698 krb5_clear_error_string(context
);
702 ret
= krb5_create_checksum(context
, ascrypto
, 6, 0,
703 req_buffer
->data
, req_buffer
->length
,
706 krb5_clear_error_string(context
);
710 ret
= krb5_crypto_destroy(context
, ascrypto
);
712 krb5_clear_error_string(context
);
715 ASN1_MALLOC_ENCODE(ReplyKeyPack
, buf
.data
, buf
.length
, &kp
, &size
,ret
);
716 free_ReplyKeyPack(&kp
);
720 krb5_abortx(context
, "internal pkinit error");
723 krb5_set_error_string(context
, "ASN.1 encoding of ReplyKeyPack "
727 if (buf
.length
!= size
)
728 krb5_abortx(context
, "Internal ASN.1 encoder error");
734 ret
= hx509_query_alloc(kdc_identity
->hx509ctx
, &q
);
738 hx509_query_match_option(q
, HX509_QUERY_OPTION_PRIVATE_KEY
);
739 hx509_query_match_option(q
, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE
);
741 ret
= hx509_certs_find(kdc_identity
->hx509ctx
,
745 hx509_query_free(kdc_identity
->hx509ctx
, q
);
749 ret
= hx509_cms_create_signed_1(kdc_identity
->hx509ctx
,
755 kdc_identity
->anchors
,
756 kdc_identity
->certpool
,
758 hx509_cert_free(cert
);
761 krb5_data_free(&buf
);
765 ret
= hx509_cms_envelope_1(kdc_identity
->hx509ctx
,
767 signed_data
.data
, signed_data
.length
, NULL
,
768 oid_id_pkcs7_signedData(), &buf
);
772 ret
= _krb5_pk_mk_ContentInfo(context
,
774 oid_id_pkcs7_envelopedData(),
777 krb5_data_free(&buf
);
778 krb5_data_free(&signed_data
);
786 static krb5_error_code
787 pk_mk_pa_reply_dh(krb5_context context
,
789 pk_client_params
*client_params
,
790 krb5_keyblock
*reply_key
,
791 ContentInfo
*content_info
,
792 hx509_cert
*kdc_cert
)
794 KDCDHKeyInfo dh_info
;
795 krb5_data signed_data
, buf
;
796 ContentInfo contentinfo
;
801 memset(&contentinfo
, 0, sizeof(contentinfo
));
802 memset(&dh_info
, 0, sizeof(dh_info
));
803 krb5_data_zero(&buf
);
804 krb5_data_zero(&signed_data
);
808 ret
= BN_to_integer(context
, kdc_dh
->pub_key
, &i
);
812 ASN1_MALLOC_ENCODE(DHPublicKey
, buf
.data
, buf
.length
, &i
, &size
, ret
);
814 krb5_set_error_string(context
, "ASN.1 encoding of "
815 "DHPublicKey failed (%d)", ret
);
816 krb5_clear_error_string(context
);
819 if (buf
.length
!= size
)
820 krb5_abortx(context
, "Internal ASN.1 encoder error");
822 dh_info
.subjectPublicKey
.length
= buf
.length
* 8;
823 dh_info
.subjectPublicKey
.data
= buf
.data
;
825 dh_info
.nonce
= client_params
->nonce
;
827 ASN1_MALLOC_ENCODE(KDCDHKeyInfo
, buf
.data
, buf
.length
, &dh_info
, &size
,
830 krb5_set_error_string(context
, "ASN.1 encoding of "
831 "KdcDHKeyInfo failed (%d)", ret
);
834 if (buf
.length
!= size
)
835 krb5_abortx(context
, "Internal ASN.1 encoder error");
838 * Create the SignedData structure and sign the KdcDHKeyInfo
846 ret
= hx509_query_alloc(kdc_identity
->hx509ctx
, &q
);
850 hx509_query_match_option(q
, HX509_QUERY_OPTION_PRIVATE_KEY
);
851 hx509_query_match_option(q
, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE
);
853 ret
= hx509_certs_find(kdc_identity
->hx509ctx
,
857 hx509_query_free(kdc_identity
->hx509ctx
, q
);
861 ret
= hx509_cms_create_signed_1(kdc_identity
->hx509ctx
,
862 oid_id_pkdhkeydata(),
867 kdc_identity
->anchors
,
868 kdc_identity
->certpool
,
875 ret
= _krb5_pk_mk_ContentInfo(context
,
877 oid_id_pkcs7_signedData(),
883 if (ret
&& *kdc_cert
) {
884 hx509_cert_free(*kdc_cert
);
888 krb5_data_free(&buf
);
889 krb5_data_free(&signed_data
);
890 free_KDCDHKeyInfo(&dh_info
);
900 _kdc_pk_mk_pa_reply(krb5_context context
,
901 krb5_kdc_configuration
*config
,
902 pk_client_params
*client_params
,
903 const hdb_entry_ex
*client
,
905 const krb5_data
*req_buffer
,
906 krb5_keyblock
**reply_key
,
912 krb5_enctype enctype
;
914 hx509_cert kdc_cert
= NULL
;
917 if (!config
->enable_pkinit
) {
918 krb5_clear_error_string(context
);
922 if (req
->req_body
.etype
.len
> 0) {
923 for (i
= 0; i
< req
->req_body
.etype
.len
; i
++)
924 if (krb5_enctype_valid(context
, req
->req_body
.etype
.val
[i
]) == 0)
926 if (req
->req_body
.etype
.len
<= i
) {
927 ret
= KRB5KRB_ERR_GENERIC
;
928 krb5_set_error_string(context
,
929 "No valid enctype available from client");
932 enctype
= req
->req_body
.etype
.val
[i
];
934 enctype
= ETYPE_DES3_CBC_SHA1
;
936 if (client_params
->type
== PKINIT_COMPAT_27
) {
938 const char *type
, *other
= "";
940 memset(&rep
, 0, sizeof(rep
));
942 pa_type
= KRB5_PADATA_PK_AS_REP
;
944 if (client_params
->dh
== NULL
) {
949 rep
.element
= choice_PA_PK_AS_REP_encKeyPack
;
951 krb5_generate_random_keyblock(context
, enctype
,
952 &client_params
->reply_key
);
953 ret
= pk_mk_pa_reply_enckey(context
,
957 &client_params
->reply_key
,
960 free_PA_PK_AS_REP(&rep
);
963 ASN1_MALLOC_ENCODE(ContentInfo
, rep
.u
.encKeyPack
.data
,
964 rep
.u
.encKeyPack
.length
, &info
, &size
,
966 free_ContentInfo(&info
);
968 krb5_set_error_string(context
, "encoding of Key ContentInfo "
970 free_PA_PK_AS_REP(&rep
);
973 if (rep
.u
.encKeyPack
.length
!= size
)
974 krb5_abortx(context
, "Internal ASN.1 encoder error");
980 if (client_params
->dh_group_name
)
981 other
= client_params
->dh_group_name
;
983 rep
.element
= choice_PA_PK_AS_REP_dhInfo
;
985 ret
= generate_dh_keyblock(context
, client_params
, enctype
,
986 &client_params
->reply_key
);
990 ret
= pk_mk_pa_reply_dh(context
, client_params
->dh
,
992 &client_params
->reply_key
,
996 ASN1_MALLOC_ENCODE(ContentInfo
, rep
.u
.dhInfo
.dhSignedData
.data
,
997 rep
.u
.dhInfo
.dhSignedData
.length
, &info
, &size
,
999 free_ContentInfo(&info
);
1001 krb5_set_error_string(context
, "encoding of Key ContentInfo "
1003 free_PA_PK_AS_REP(&rep
);
1006 if (rep
.u
.encKeyPack
.length
!= size
)
1007 krb5_abortx(context
, "Internal ASN.1 encoder error");
1011 free_PA_PK_AS_REP(&rep
);
1015 ASN1_MALLOC_ENCODE(PA_PK_AS_REP
, buf
, len
, &rep
, &size
, ret
);
1016 free_PA_PK_AS_REP(&rep
);
1018 krb5_set_error_string(context
, "encode PA-PK-AS-REP failed %d",
1023 krb5_abortx(context
, "Internal ASN.1 encoder error");
1025 kdc_log(context
, config
, 0, "PK-INIT using %s %s", type
, other
);
1027 } else if (client_params
->type
== PKINIT_COMPAT_WIN2K
) {
1028 PA_PK_AS_REP_Win2k rep
;
1031 if (client_params
->dh
) {
1032 krb5_set_error_string(context
, "Windows PK-INIT doesn't support DH");
1033 ret
= KRB5KRB_ERR_GENERIC
;
1037 memset(&rep
, 0, sizeof(rep
));
1039 pa_type
= KRB5_PADATA_PK_AS_REP_19
;
1040 rep
.element
= choice_PA_PK_AS_REP_encKeyPack
;
1042 krb5_generate_random_keyblock(context
, enctype
,
1043 &client_params
->reply_key
);
1044 ret
= pk_mk_pa_reply_enckey(context
,
1048 &client_params
->reply_key
,
1051 free_PA_PK_AS_REP_Win2k(&rep
);
1054 ASN1_MALLOC_ENCODE(ContentInfo
, rep
.u
.encKeyPack
.data
,
1055 rep
.u
.encKeyPack
.length
, &info
, &size
,
1057 free_ContentInfo(&info
);
1059 krb5_set_error_string(context
, "encoding of Key ContentInfo "
1061 free_PA_PK_AS_REP_Win2k(&rep
);
1064 if (rep
.u
.encKeyPack
.length
!= size
)
1065 krb5_abortx(context
, "Internal ASN.1 encoder error");
1067 ASN1_MALLOC_ENCODE(PA_PK_AS_REP_Win2k
, buf
, len
, &rep
, &size
, ret
);
1068 free_PA_PK_AS_REP_Win2k(&rep
);
1070 krb5_set_error_string(context
,
1071 "encode PA-PK-AS-REP-Win2k failed %d", ret
);
1075 krb5_abortx(context
, "Internal ASN.1 encoder error");
1078 krb5_abortx(context
, "PK-INIT internal error");
1081 ret
= krb5_padata_add(context
, md
, pa_type
, buf
, len
);
1083 krb5_set_error_string(context
, "failed adding PA-PK-AS-REP %d", ret
);
1088 if (config
->pkinit_kdc_ocsp_file
) {
1090 if (ocsp
.expire
== 0 && ocsp
.next_update
> kdc_time
) {
1094 krb5_data_free(&ocsp
.data
);
1098 fd
= open(config
->pkinit_kdc_ocsp_file
, O_RDONLY
);
1100 kdc_log(context
, config
, 0,
1101 "PK-INIT failed to open ocsp data file %d", errno
);
1104 ret
= fstat(fd
, &sb
);
1108 kdc_log(context
, config
, 0,
1109 "PK-INIT failed to stat ocsp data %d", ret
);
1113 ret
= krb5_data_alloc(&ocsp
.data
, sb
.st_size
);
1116 kdc_log(context
, config
, 0,
1117 "PK-INIT failed to stat ocsp data %d", ret
);
1120 ocsp
.data
.length
= sb
.st_size
;
1121 ret
= read(fd
, ocsp
.data
.data
, sb
.st_size
);
1123 if (ret
!= sb
.st_size
) {
1124 kdc_log(context
, config
, 0,
1125 "PK-INIT failed to read ocsp data %d", errno
);
1129 ret
= hx509_ocsp_verify(kdc_identity
->hx509ctx
,
1133 ocsp
.data
.data
, ocsp
.data
.length
,
1136 kdc_log(context
, config
, 0,
1137 "PK-INIT failed to verify ocsp data %d", ret
);
1138 krb5_data_free(&ocsp
.data
);
1140 } else if (ocsp
.expire
> 180)
1141 ocsp
.expire
-= 180; /* refetch the ocsp before it expire */
1144 ocsp
.next_update
= kdc_time
+ 3600;
1148 if (ocsp
.expire
!= 0 && ocsp
.expire
> kdc_time
) {
1150 ret
= krb5_padata_add(context
, md
,
1151 KRB5_PADATA_PA_PK_OCSP_RESPONSE
,
1152 ocsp
.data
.data
, ocsp
.data
.length
);
1154 krb5_set_error_string(context
,
1155 "Failed adding OCSP response %d", ret
);
1163 hx509_cert_free(kdc_cert
);
1166 *reply_key
= &client_params
->reply_key
;
1171 pk_principal_from_X509(krb5_context context
,
1172 krb5_kdc_configuration
*config
,
1173 hx509_cert client_cert
,
1174 krb5_const_principal match
)
1176 hx509_octet_string_list list
;
1177 int ret
, i
, found
= 0;
1179 memset(&list
, 0 , sizeof(list
));
1181 ret
= hx509_cert_find_subjectAltName_otherName(client_cert
,
1182 oid_id_pkinit_san(),
1187 for (i
= 0; !found
&& i
< list
.len
; i
++) {
1188 krb5_principal_data principal
;
1189 KRB5PrincipalName kn
;
1192 ret
= decode_KRB5PrincipalName(list
.val
[i
].data
,
1196 kdc_log(context
, config
, 0,
1197 "Decoding kerberos name in certificate failed: %s",
1198 krb5_get_err_text(context
, ret
));
1201 if (size
!= list
.val
[i
].length
) {
1202 kdc_log(context
, config
, 0,
1203 "Decoding kerberos name have extra bits on the end");
1204 return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1207 principal
.name
= kn
.principalName
;
1208 principal
.realm
= kn
.realm
;
1210 if (krb5_principal_compare(context
, &principal
, match
) == TRUE
)
1212 free_KRB5PrincipalName(&kn
);
1216 hx509_free_octet_string_list(&list
);
1221 return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1228 _kdc_pk_check_client(krb5_context context
,
1229 krb5_kdc_configuration
*config
,
1230 const hdb_entry_ex
*client
,
1231 pk_client_params
*client_params
,
1232 char **subject_name
)
1234 const HDB_Ext_PKINIT_acl
*acl
;
1235 krb5_error_code ret
;
1239 ret
= hx509_cert_get_base_subject(kdc_identity
->hx509ctx
,
1240 client_params
->cert
,
1245 ret
= hx509_name_to_string(name
, subject_name
);
1246 hx509_name_free(&name
);
1250 kdc_log(context
, config
, 0,
1251 "Trying to authorize PK-INIT subject DN %s",
1254 if (config
->enable_pkinit_princ_in_cert
) {
1255 ret
= pk_principal_from_X509(context
, config
,
1256 client_params
->cert
,
1257 client
->entry
.principal
);
1259 kdc_log(context
, config
, 5,
1260 "Found matching PK-INIT SAN in certificate");
1265 ret
= hdb_entry_get_pkinit_acl(&client
->entry
, &acl
);
1266 if (ret
== 0 && acl
!= NULL
) {
1268 * Cheat here and compare the generated name with the string
1269 * and not the reverse.
1271 for (i
= 0; i
< acl
->len
; i
++) {
1272 if (strcmp(*subject_name
, acl
->val
[0].subject
) != 0)
1275 /* Don't support isser and anchor checking right now */
1276 if (acl
->val
[0].issuer
)
1278 if (acl
->val
[0].anchor
)
1281 kdc_log(context
, config
, 5,
1282 "Found matching PK-INIT database ACL");
1287 for (i
= 0; i
< principal_mappings
.len
; i
++) {
1290 b
= krb5_principal_compare(context
,
1291 client
->entry
.principal
,
1292 principal_mappings
.val
[i
].principal
);
1295 if (strcmp(principal_mappings
.val
[i
].subject
, *subject_name
) != 0)
1297 kdc_log(context
, config
, 5,
1298 "Found matching PK-INIT FILE ACL");
1302 free(*subject_name
);
1303 *subject_name
= NULL
;
1305 krb5_set_error_string(context
, "PKINIT no matching principals");
1306 return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1309 static krb5_error_code
1310 add_principal_mapping(krb5_context context
,
1311 const char *principal_name
,
1312 const char * subject
)
1314 struct pk_allowed_princ
*tmp
;
1315 krb5_principal principal
;
1316 krb5_error_code ret
;
1318 tmp
= realloc(principal_mappings
.val
,
1319 (principal_mappings
.len
+ 1) * sizeof(*tmp
));
1322 principal_mappings
.val
= tmp
;
1324 ret
= krb5_parse_name(context
, principal_name
, &principal
);
1328 principal_mappings
.val
[principal_mappings
.len
].principal
= principal
;
1330 principal_mappings
.val
[principal_mappings
.len
].subject
= strdup(subject
);
1331 if (principal_mappings
.val
[principal_mappings
.len
].subject
== NULL
) {
1332 krb5_free_principal(context
, principal
);
1335 principal_mappings
.len
++;
1342 _kdc_pk_initialize(krb5_context context
,
1343 krb5_kdc_configuration
*config
,
1344 const char *user_id
,
1345 const char *anchors
,
1350 krb5_error_code ret
;
1352 unsigned long lineno
= 0;
1355 file
= krb5_config_get_string(context
, NULL
,
1356 "libdefaults", "moduli", NULL
);
1358 ret
= _krb5_parse_moduli(context
, file
, &moduli
);
1360 krb5_err(context
, 1, ret
, "PKINIT: failed to load modidi file");
1362 principal_mappings
.len
= 0;
1363 principal_mappings
.val
= NULL
;
1365 ret
= _krb5_pk_load_id(context
,
1375 krb5_warn(context
, ret
, "PKINIT: failed to load");
1376 config
->enable_pkinit
= 0;
1384 ret
= hx509_query_alloc(kdc_identity
->hx509ctx
, &q
);
1386 krb5_warnx(context
, "PKINIT: out of memory");
1390 hx509_query_match_option(q
, HX509_QUERY_OPTION_PRIVATE_KEY
);
1391 hx509_query_match_option(q
, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE
);
1393 ret
= hx509_certs_find(kdc_identity
->hx509ctx
,
1394 kdc_identity
->certs
,
1397 hx509_query_free(kdc_identity
->hx509ctx
, q
);
1399 if (hx509_cert_check_eku(kdc_identity
->hx509ctx
, cert
,
1400 oid_id_pkkdcekuoid(), 0))
1401 krb5_warnx(context
, "WARNING Found KDC certificate "
1402 "is missing the PK-INIT KDC EKU, this is bad for "
1403 "interoperability.");
1404 hx509_cert_free(cert
);
1406 krb5_warnx(context
, "PKINIT: failed to find a signing "
1407 "certifiate with a public key");
1410 ret
= krb5_config_get_bool_default(context
,
1414 "pki-allow-proxy-certificate",
1416 _krb5_pk_allow_proxy_certificate(kdc_identity
, ret
);
1418 file
= krb5_config_get_string_default(context
,
1420 HDB_DB_DIR
"/pki-mapping",
1422 "pki-mappings-file",
1424 f
= fopen(file
, "r");
1426 krb5_warnx(context
, "PKINIT: failed to load mappings file %s", file
);
1430 while (fgets(buf
, sizeof(buf
), f
) != NULL
) {
1431 char *subject_name
, *p
;
1433 buf
[strcspn(buf
, "\n")] = '\0';
1436 p
= buf
+ strspn(buf
, " \t");
1438 if (*p
== '#' || *p
== '\0')
1441 subject_name
= strchr(p
, ':');
1442 if (subject_name
== NULL
) {
1443 krb5_warnx(context
, "pkinit mapping file line %lu "
1444 "missing \":\" :%s",
1448 *subject_name
++ = '\0';
1450 ret
= add_principal_mapping(context
, p
, subject_name
);
1452 krb5_warn(context
, ret
, "failed to add line %lu \":\" :%s\n",