search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #203 from sdigit/patch-1
[heimdal.git] / lib / krb5 / crypto-pk.c
blobc5d87a1b566e00f3ec88a861bf5b88a3044e4629
1 /*
2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35
36 #include <pkinit_asn1.h>
37
38 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
39 _krb5_pk_octetstring2key(krb5_context context,
40 krb5_enctype type,
41 const void *dhdata,
42 size_t dhsize,
43 const heim_octet_string *c_n,
44 const heim_octet_string *k_n,
45 krb5_keyblock *key)
46 {
47 struct _krb5_encryption_type *et = _krb5_find_enctype(type);
48 krb5_error_code ret;
49 size_t keylen, offset;
50 void *keydata;
51 unsigned char counter;
52 unsigned char shaoutput[SHA_DIGEST_LENGTH];
53 EVP_MD_CTX *m;
54
55 if(et == NULL) {
56 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
57 N_("encryption type %d not supported", ""),
58 type);
59 return KRB5_PROG_ETYPE_NOSUPP;
60 }
61 keylen = (et->keytype->bits + 7) / 8;
62
63 keydata = malloc(keylen);
64 if (keydata == NULL)
65 return krb5_enomem(context);
66
67 m = EVP_MD_CTX_create();
68 if (m == NULL) {
69 free(keydata);
70 return krb5_enomem(context);
71 }
72
73 counter = 0;
74 offset = 0;
75 do {
76
77 EVP_DigestInit_ex(m, EVP_sha1(), NULL);
78 EVP_DigestUpdate(m, &counter, 1);
79 EVP_DigestUpdate(m, dhdata, dhsize);
80
81 if (c_n)
82 EVP_DigestUpdate(m, c_n->data, c_n->length);
83 if (k_n)
84 EVP_DigestUpdate(m, k_n->data, k_n->length);
85
86 EVP_DigestFinal_ex(m, shaoutput, NULL);
87
88 memcpy((unsigned char *)keydata + offset,
89 shaoutput,
90 min(keylen - offset, sizeof(shaoutput)));
91
92 offset += sizeof(shaoutput);
93 counter++;
94 } while(offset < keylen);
95 memset(shaoutput, 0, sizeof(shaoutput));
96
97 EVP_MD_CTX_destroy(m);
98
99 ret = krb5_random_to_key(context, type, keydata, keylen, key);
100 memset(keydata, 0, sizeof(keylen));
101 free(keydata);
102 return ret;
103 }
104
105 static krb5_error_code
106 encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data)
107 {
108 KRB5PrincipalName pn;
109 krb5_error_code ret;
110 size_t size = 0;
111
112 pn.principalName = p->name;
113 pn.realm = p->realm;
114
115 ASN1_MALLOC_ENCODE(KRB5PrincipalName, data->data, data->length,
116 &pn, &size, ret);
117 if (ret) {
118 krb5_data_zero(data);
119 krb5_set_error_message(context, ret,
120 N_("Failed to encode KRB5PrincipalName", ""));
121 return ret;
122 }
123 if (data->length != size)
124 krb5_abortx(context, "asn1 compiler internal error");
125 return 0;
126 }
127
128 static krb5_error_code
129 encode_otherinfo(krb5_context context,
130 const AlgorithmIdentifier *ai,
131 krb5_const_principal client,
132 krb5_const_principal server,
133 krb5_enctype enctype,
134 const krb5_data *as_req,
135 const krb5_data *pk_as_rep,
136 const Ticket *ticket,
137 krb5_data *other)
138 {
139 PkinitSP80056AOtherInfo otherinfo;
140 PkinitSuppPubInfo pubinfo;
141 krb5_error_code ret;
142 krb5_data pub;
143 size_t size = 0;
144
145 krb5_data_zero(other);
146 memset(&otherinfo, 0, sizeof(otherinfo));
147 memset(&pubinfo, 0, sizeof(pubinfo));
148
149 pubinfo.enctype = enctype;
150 pubinfo.as_REQ = *as_req;
151 pubinfo.pk_as_rep = *pk_as_rep;
152 pubinfo.ticket = *ticket;
153 ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length,
154 &pubinfo, &size, ret);
155 if (ret) {
156 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
157 return ret;
158 }
159 if (pub.length != size)
160 krb5_abortx(context, "asn1 compiler internal error");
161
162 ret = encode_uvinfo(context, client, &otherinfo.partyUInfo);
163 if (ret) {
164 free(pub.data);
165 return ret;
166 }
167 ret = encode_uvinfo(context, server, &otherinfo.partyVInfo);
168 if (ret) {
169 free(otherinfo.partyUInfo.data);
170 free(pub.data);
171 return ret;
172 }
173
174 otherinfo.algorithmID = *ai;
175 otherinfo.suppPubInfo = &pub;
176
177 ASN1_MALLOC_ENCODE(PkinitSP80056AOtherInfo, other->data, other->length,
178 &otherinfo, &size, ret);
179 free(otherinfo.partyUInfo.data);
180 free(otherinfo.partyVInfo.data);
181 free(pub.data);
182 if (ret) {
183 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
184 return ret;
185 }
186 if (other->length != size)
187 krb5_abortx(context, "asn1 compiler internal error");
188
189 return 0;
190 }
191
192
193
194 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
195 _krb5_pk_kdf(krb5_context context,
196 const struct AlgorithmIdentifier *ai,
197 const void *dhdata,
198 size_t dhsize,
199 krb5_const_principal client,
200 krb5_const_principal server,
201 krb5_enctype enctype,
202 const krb5_data *as_req,
203 const krb5_data *pk_as_rep,
204 const Ticket *ticket,
205 krb5_keyblock *key)
206 {
207 struct _krb5_encryption_type *et;
208 krb5_error_code ret;
209 krb5_data other;
210 size_t keylen, offset;
211 uint32_t counter;
212 unsigned char *keydata;
213 unsigned char shaoutput[SHA512_DIGEST_LENGTH];
214 const EVP_MD *md;
215 EVP_MD_CTX *m;
216
217 if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha1, &ai->algorithm) == 0) {
218 md = EVP_sha1();
219 } else if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha256, &ai->algorithm) == 0) {
220 md = EVP_sha256();
221 } else if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha512, &ai->algorithm) == 0) {
222 md = EVP_sha512();
223 } else {
224 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
225 N_("KDF not supported", ""));
226 return KRB5_PROG_ETYPE_NOSUPP;
227 }
228 if (ai->parameters != NULL &&
229 (ai->parameters->length != 2 ||
230 memcmp(ai->parameters->data, "\x05\x00", 2) != 0))
231 {
232 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
233 N_("kdf params not NULL or the NULL-type",
234 ""));
235 return KRB5_PROG_ETYPE_NOSUPP;
236 }
237
238 et = _krb5_find_enctype(enctype);
239 if(et == NULL) {
240 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
241 N_("encryption type %d not supported", ""),
242 enctype);
243 return KRB5_PROG_ETYPE_NOSUPP;
244 }
245 keylen = (et->keytype->bits + 7) / 8;
246
247 keydata = malloc(keylen);
248 if (keydata == NULL)
249 return krb5_enomem(context);
250
251 ret = encode_otherinfo(context, ai, client, server,
252 enctype, as_req, pk_as_rep, ticket, &other);
253 if (ret) {
254 free(keydata);
255 return ret;
256 }
257
258 m = EVP_MD_CTX_create();
259 if (m == NULL) {
260 free(keydata);
261 free(other.data);
262 return krb5_enomem(context);
263 }
264
265 offset = 0;
266 counter = 1;
267 do {
268 unsigned char cdata[4];
269
270 EVP_DigestInit_ex(m, md, NULL);
271 _krb5_put_int(cdata, counter, 4);
272 EVP_DigestUpdate(m, cdata, 4);
273 EVP_DigestUpdate(m, dhdata, dhsize);
274 EVP_DigestUpdate(m, other.data, other.length);
275
276 EVP_DigestFinal_ex(m, shaoutput, NULL);
277
278 memcpy((unsigned char *)keydata + offset,
279 shaoutput,
280 min(keylen - offset, EVP_MD_CTX_size(m)));
281
282 offset += EVP_MD_CTX_size(m);
283 counter++;
284 } while(offset < keylen);
285 memset(shaoutput, 0, sizeof(shaoutput));
286
287 EVP_MD_CTX_destroy(m);
288 free(other.data);
289
290 ret = krb5_random_to_key(context, enctype, keydata, keylen, key);
291 memset(keydata, 0, sizeof(keylen));
292 free(keydata);
293
294 return ret;
295 }
Heimdal