search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
heimdal Add handling for PAC signatures over all encryption types
[heimdal.git] / lib / krb5 / pac.c
blob69d9879330e0678d2fa27700e06b20af7d45599f
1 /*
2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35 #include <wind.h>
36
37 struct PAC_INFO_BUFFER {
38 uint32_t type;
39 uint32_t buffersize;
40 uint32_t offset_hi;
41 uint32_t offset_lo;
42 };
43
44 struct PACTYPE {
45 uint32_t numbuffers;
46 uint32_t version;
47 struct PAC_INFO_BUFFER buffers[1];
48 };
49
50 struct krb5_pac_data {
51 struct PACTYPE *pac;
52 krb5_data data;
53 struct PAC_INFO_BUFFER *server_checksum;
54 struct PAC_INFO_BUFFER *privsvr_checksum;
55 struct PAC_INFO_BUFFER *logon_name;
56 };
57
58 #define PAC_ALIGNMENT 8
59
60 #define PACTYPE_SIZE 8
61 #define PAC_INFO_BUFFER_SIZE 16
62
63 #define PAC_SERVER_CHECKSUM 6
64 #define PAC_PRIVSVR_CHECKSUM 7
65 #define PAC_LOGON_NAME 10
66 #define PAC_CONSTRAINED_DELEGATION 11
67
68 #define CHECK(r,f,l) \
69 do { \
70 if (((r) = f ) != 0) { \
71 krb5_clear_error_message(context); \
72 goto l; \
73 } \
74 } while(0)
75
76 static const char zeros[PAC_ALIGNMENT] = { 0 };
77
78 /*
79 *
80 */
81
82 krb5_error_code
83 krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
84 krb5_pac *pac)
85 {
86 krb5_error_code ret;
87 krb5_pac p;
88 krb5_storage *sp = NULL;
89 uint32_t i, tmp, tmp2, header_end;
90
91 p = calloc(1, sizeof(*p));
92 if (p == NULL) {
93 ret = ENOMEM;
94 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
95 goto out;
96 }
97
98 sp = krb5_storage_from_readonly_mem(ptr, len);
99 if (sp == NULL) {
100 ret = ENOMEM;
101 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
102 goto out;
103 }
104 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
105
106 CHECK(ret, krb5_ret_uint32(sp, &tmp), out);
107 CHECK(ret, krb5_ret_uint32(sp, &tmp2), out);
108 if (tmp < 1) {
109 ret = EINVAL; /* Too few buffers */
110 krb5_set_error_message(context, ret, N_("PAC have too few buffer", ""));
111 goto out;
112 }
113 if (tmp2 != 0) {
114 ret = EINVAL; /* Wrong version */
115 krb5_set_error_message(context, ret,
116 N_("PAC have wrong version %d", ""),
117 (int)tmp2);
118 goto out;
119 }
120
121 p->pac = calloc(1,
122 sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (tmp - 1)));
123 if (p->pac == NULL) {
124 ret = ENOMEM;
125 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
126 goto out;
127 }
128
129 p->pac->numbuffers = tmp;
130 p->pac->version = tmp2;
131
132 header_end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers);
133 if (header_end > len) {
134 ret = EINVAL;
135 goto out;
136 }
137
138 for (i = 0; i < p->pac->numbuffers; i++) {
139 CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].type), out);
140 CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].buffersize), out);
141 CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].offset_lo), out);
142 CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].offset_hi), out);
143
144 /* consistency checks */
145 if (p->pac->buffers[i].offset_lo & (PAC_ALIGNMENT - 1)) {
146 ret = EINVAL;
147 krb5_set_error_message(context, ret,
148 N_("PAC out of allignment", ""));
149 goto out;
150 }
151 if (p->pac->buffers[i].offset_hi) {
152 ret = EINVAL;
153 krb5_set_error_message(context, ret,
154 N_("PAC high offset set", ""));
155 goto out;
156 }
157 if (p->pac->buffers[i].offset_lo > len) {
158 ret = EINVAL;
159 krb5_set_error_message(context, ret,
160 N_("PAC offset off end", ""));
161 goto out;
162 }
163 if (p->pac->buffers[i].offset_lo < header_end) {
164 ret = EINVAL;
165 krb5_set_error_message(context, ret,
166 N_("PAC offset inside header: %lu %lu", ""),
167 (unsigned long)p->pac->buffers[i].offset_lo,
168 (unsigned long)header_end);
169 goto out;
170 }
171 if (p->pac->buffers[i].buffersize > len - p->pac->buffers[i].offset_lo){
172 ret = EINVAL;
173 krb5_set_error_message(context, ret, N_("PAC length off end", ""));
174 goto out;
175 }
176
177 /* let save pointer to data we need later */
178 if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) {
179 if (p->server_checksum) {
180 ret = EINVAL;
181 krb5_set_error_message(context, ret,
182 N_("PAC have two server checksums", ""));
183 goto out;
184 }
185 p->server_checksum = &p->pac->buffers[i];
186 } else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) {
187 if (p->privsvr_checksum) {
188 ret = EINVAL;
189 krb5_set_error_message(context, ret,
190 N_("PAC have two KDC checksums", ""));
191 goto out;
192 }
193 p->privsvr_checksum = &p->pac->buffers[i];
194 } else if (p->pac->buffers[i].type == PAC_LOGON_NAME) {
195 if (p->logon_name) {
196 ret = EINVAL;
197 krb5_set_error_message(context, ret,
198 N_("PAC have two logon names", ""));
199 goto out;
200 }
201 p->logon_name = &p->pac->buffers[i];
202 }
203 }
204
205 ret = krb5_data_copy(&p->data, ptr, len);
206 if (ret)
207 goto out;
208
209 krb5_storage_free(sp);
210
211 *pac = p;
212 return 0;
213
214 out:
215 if (sp)
216 krb5_storage_free(sp);
217 if (p) {
218 if (p->pac)
219 free(p->pac);
220 free(p);
221 }
222 *pac = NULL;
223
224 return ret;
225 }
226
227 krb5_error_code
228 krb5_pac_init(krb5_context context, krb5_pac *pac)
229 {
230 krb5_error_code ret;
231 krb5_pac p;
232
233 p = calloc(1, sizeof(*p));
234 if (p == NULL) {
235 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
236 return ENOMEM;
237 }
238
239 p->pac = calloc(1, sizeof(*p->pac));
240 if (p->pac == NULL) {
241 free(p);
242 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
243 return ENOMEM;
244 }
245
246 ret = krb5_data_alloc(&p->data, PACTYPE_SIZE);
247 if (ret) {
248 free (p->pac);
249 free(p);
250 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
251 return ret;
252 }
253
254
255 *pac = p;
256 return 0;
257 }
258
259 krb5_error_code
260 krb5_pac_add_buffer(krb5_context context, krb5_pac p,
261 uint32_t type, const krb5_data *data)
262 {
263 krb5_error_code ret;
264 void *ptr;
265 size_t len, offset, header_end, old_end;
266 uint32_t i;
267
268 len = p->pac->numbuffers;
269
270 ptr = realloc(p->pac,
271 sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * len));
272 if (ptr == NULL) {
273 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
274 return ENOMEM;
275 }
276 p->pac = ptr;
277
278 for (i = 0; i < len; i++)
279 p->pac->buffers[i].offset_lo += PAC_INFO_BUFFER_SIZE;
280
281 offset = p->data.length + PAC_INFO_BUFFER_SIZE;
282
283 p->pac->buffers[len].type = type;
284 p->pac->buffers[len].buffersize = data->length;
285 p->pac->buffers[len].offset_lo = offset;
286 p->pac->buffers[len].offset_hi = 0;
287
288 old_end = p->data.length;
289 len = p->data.length + data->length + PAC_INFO_BUFFER_SIZE;
290 if (len < p->data.length) {
291 krb5_set_error_message(context, EINVAL, "integer overrun");
292 return EINVAL;
293 }
294
295 /* align to PAC_ALIGNMENT */
296 len = ((len + PAC_ALIGNMENT - 1) / PAC_ALIGNMENT) * PAC_ALIGNMENT;
297
298 ret = krb5_data_realloc(&p->data, len);
299 if (ret) {
300 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
301 return ret;
302 }
303
304 /*
305 * make place for new PAC INFO BUFFER header
306 */
307 header_end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers);
308 memmove((unsigned char *)p->data.data + header_end + PAC_INFO_BUFFER_SIZE,
309 (unsigned char *)p->data.data + header_end ,
310 old_end - header_end);
311 memset((unsigned char *)p->data.data + header_end, 0, PAC_INFO_BUFFER_SIZE);
312
313 /*
314 * copy in new data part
315 */
316
317 memcpy((unsigned char *)p->data.data + offset,
318 data->data, data->length);
319 memset((unsigned char *)p->data.data + offset + data->length,
320 0, p->data.length - offset - data->length);
321
322 p->pac->numbuffers += 1;
323
324 return 0;
325 }
326
327 /**
328 * Get the PAC buffer of specific type from the pac.
329 *
330 * @param context Kerberos 5 context.
331 * @param p the pac structure returned by krb5_pac_parse().
332 * @param type type of buffer to get
333 * @param data return data, free with krb5_data_free().
334 *
335 * @return Returns 0 to indicate success. Otherwise an kerberos et
336 * error code is returned, see krb5_get_error_message().
337 *
338 * @ingroup krb5_pac
339 */
340
341 krb5_error_code
342 krb5_pac_get_buffer(krb5_context context, krb5_pac p,
343 uint32_t type, krb5_data *data)
344 {
345 krb5_error_code ret;
346 uint32_t i;
347
348 for (i = 0; i < p->pac->numbuffers; i++) {
349 const size_t len = p->pac->buffers[i].buffersize;
350 const size_t offset = p->pac->buffers[i].offset_lo;
351
352 if (p->pac->buffers[i].type != type)
353 continue;
354
355 ret = krb5_data_copy(data, (unsigned char *)p->data.data + offset, len);
356 if (ret) {
357 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
358 return ret;
359 }
360 return 0;
361 }
362 krb5_set_error_message(context, ENOENT, "No PAC buffer of type %lu was found",
363 (unsigned long)type);
364 return ENOENT;
365 }
366
367 /*
368 *
369 */
370
371 krb5_error_code
372 krb5_pac_get_types(krb5_context context,
373 krb5_pac p,
374 size_t *len,
375 uint32_t **types)
376 {
377 size_t i;
378
379 *types = calloc(p->pac->numbuffers, sizeof(*types));
380 if (*types == NULL) {
381 *len = 0;
382 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
383 return ENOMEM;
384 }
385 for (i = 0; i < p->pac->numbuffers; i++)
386 (*types)[i] = p->pac->buffers[i].type;
387 *len = p->pac->numbuffers;
388
389 return 0;
390 }
391
392 /*
393 *
394 */
395
396 void
397 krb5_pac_free(krb5_context context, krb5_pac pac)
398 {
399 krb5_data_free(&pac->data);
400 free(pac->pac);
401 free(pac);
402 }
403
404 /*
405 *
406 */
407
408 static krb5_error_code
409 verify_checksum(krb5_context context,
410 const struct PAC_INFO_BUFFER *sig,
411 const krb5_data *data,
412 void *ptr, size_t len,
413 const krb5_keyblock *key)
414 {
415 krb5_storage *sp = NULL;
416 uint32_t type;
417 krb5_error_code ret;
418 Checksum cksum;
419
420 memset(&cksum, 0, sizeof(cksum));
421
422 sp = krb5_storage_from_mem((char *)data->data + sig->offset_lo,
423 sig->buffersize);
424 if (sp == NULL) {
425 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
426 return ENOMEM;
427 }
428 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
429
430 CHECK(ret, krb5_ret_uint32(sp, &type), out);
431 cksum.cksumtype = type;
432 cksum.checksum.length =
433 sig->buffersize - krb5_storage_seek(sp, 0, SEEK_CUR);
434 cksum.checksum.data = malloc(cksum.checksum.length);
435 if (cksum.checksum.data == NULL) {
436 ret = ENOMEM;
437 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
438 goto out;
439 }
440 ret = krb5_storage_read(sp, cksum.checksum.data, cksum.checksum.length);
441 if (ret != cksum.checksum.length) {
442 ret = EINVAL;
443 krb5_set_error_message(context, ret, "PAC checksum missing checksum");
444 goto out;
445 }
446
447 if (!krb5_checksum_is_keyed(context, cksum.cksumtype)) {
448 ret = EINVAL;
449 krb5_set_error_message(context, ret, "Checksum type %d not keyed",
450 cksum.cksumtype);
451 goto out;
452 }
453
454 /* If the checksum is HMAC-MD5, the checksum type is not tied to
455 * the key type, instead the HMAC-MD5 checksum is applied blindly
456 * on whatever key is used for this connection, avoiding issues
457 * with unkeyed checksums on des-cbc-md5 and des-cbc-crc. See
458 * http://comments.gmane.org/gmane.comp.encryption.kerberos.devel/8743
459 * for the same issue in MIT, and
460 * http://blogs.msdn.com/b/openspecification/archive/2010/01/01/verifying-the-server-signature-in-kerberos-privilege-account-certificate.aspx
461 * for Microsoft's explaination */
462 if (cksum.cksumtype == CKSUMTYPE_HMAC_MD5) {
463 Checksum local_checksum;
464
465 ret = HMAC_MD5_any_checksum(context, key, ptr, len, KRB5_KU_OTHER_CKSUM, &local_checksum);
466
467 if(local_checksum.checksum.length != cksum.checksum.length ||
468 ct_memcmp(local_checksum.checksum.data, cksum.checksum.data, local_checksum.checksum.length)) {
469 ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
470 krb5_set_error_message(context, ret,
471 N_("PAC integrity check failed for hmac-md5 checksum", ""));
472 } else {
473 ret = 0;
474 }
475 krb5_data_free(&local_checksum.checksum);
476 } else {
477 krb5_crypto crypto = NULL;
478
479 ret = krb5_crypto_init(context, key, 0, &crypto);
480 if (ret)
481 goto out;
482
483 ret = krb5_verify_checksum(context, crypto, KRB5_KU_OTHER_CKSUM,
484 ptr, len, &cksum);
485 krb5_crypto_destroy(context, crypto);
486 }
487 free(cksum.checksum.data);
488 krb5_storage_free(sp);
489
490 return ret;
491
492 out:
493 if (cksum.checksum.data)
494 free(cksum.checksum.data);
495 if (sp)
496 krb5_storage_free(sp);
497 return ret;
498 }
499
500 static krb5_error_code
501 create_checksum(krb5_context context,
502 const krb5_keyblock *key,
503 uint32_t cksumtype,
504 void *data, size_t datalen,
505 void *sig, size_t siglen)
506 {
507 krb5_crypto crypto = NULL;
508 krb5_error_code ret;
509 Checksum cksum;
510
511 /* If the checksum is HMAC-MD5, the checksum type is not tied to
512 * the key type, instead the HMAC-MD5 checksum is applied blindly
513 * on whatever key is used for this connection, avoiding issues
514 * with unkeyed checksums on des-cbc-md5 and des-cbc-crc. See
515 * http://comments.gmane.org/gmane.comp.encryption.kerberos.devel/8743
516 * for the same issue in MIT, and
517 * http://blogs.msdn.com/b/openspecification/archive/2010/01/01/verifying-the-server-signature-in-kerberos-privilege-account-certificate.aspx
518 * for Microsoft's explaination */
519 if (cksumtype == CKSUMTYPE_HMAC_MD5) {
520 ret = HMAC_MD5_any_checksum(context, key, data, datalen, KRB5_KU_OTHER_CKSUM, &cksum);
521 } else {
522 ret = krb5_crypto_init(context, key, 0, &crypto);
523 if (ret)
524 return ret;
525
526 ret = krb5_create_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, 0,
527 data, datalen, &cksum);
528 krb5_crypto_destroy(context, crypto);
529 if (ret)
530 return ret;
531 }
532 if (cksum.checksum.length != siglen) {
533 krb5_set_error_message(context, EINVAL, "pac checksum wrong length");
534 free_Checksum(&cksum);
535 return EINVAL;
536 }
537
538 memcpy(sig, cksum.checksum.data, siglen);
539 free_Checksum(&cksum);
540
541 return 0;
542 }
543
544
545 /*
546 *
547 */
548
549 #define NTTIME_EPOCH 0x019DB1DED53E8000LL
550
551 static uint64_t
552 unix2nttime(time_t unix_time)
553 {
554 long long wt;
555 wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH;
556 return wt;
557 }
558
559 static krb5_error_code
560 verify_logonname(krb5_context context,
561 const struct PAC_INFO_BUFFER *logon_name,
562 const krb5_data *data,
563 time_t authtime,
564 krb5_const_principal principal)
565 {
566 krb5_error_code ret;
567 krb5_principal p2;
568 uint32_t time1, time2;
569 krb5_storage *sp;
570 uint16_t len;
571 char *s;
572
573 sp = krb5_storage_from_readonly_mem((const char *)data->data + logon_name->offset_lo,
574 logon_name->buffersize);
575 if (sp == NULL) {
576 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
577 return ENOMEM;
578 }
579
580 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
581
582 CHECK(ret, krb5_ret_uint32(sp, &time1), out);
583 CHECK(ret, krb5_ret_uint32(sp, &time2), out);
584
585 {
586 uint64_t t1, t2;
587 t1 = unix2nttime(authtime);
588 t2 = ((uint64_t)time2 << 32) | time1;
589 if (t1 != t2) {
590 krb5_storage_free(sp);
591 krb5_set_error_message(context, EINVAL, "PAC timestamp mismatch");
592 return EINVAL;
593 }
594 }
595 CHECK(ret, krb5_ret_uint16(sp, &len), out);
596 if (len == 0) {
597 krb5_storage_free(sp);
598 krb5_set_error_message(context, EINVAL, "PAC logon name length missing");
599 return EINVAL;
600 }
601
602 s = malloc(len);
603 if (s == NULL) {
604 krb5_storage_free(sp);
605 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
606 return ENOMEM;
607 }
608 ret = krb5_storage_read(sp, s, len);
609 if (ret != len) {
610 krb5_storage_free(sp);
611 krb5_set_error_message(context, EINVAL, "Failed to read PAC logon name");
612 return EINVAL;
613 }
614 krb5_storage_free(sp);
615 {
616 size_t ucs2len = len / 2;
617 uint16_t *ucs2;
618 size_t u8len;
619 unsigned int flags = WIND_RW_LE;
620
621 ucs2 = malloc(sizeof(ucs2[0]) * ucs2len);
622 if (ucs2 == NULL) {
623 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
624 return ENOMEM;
625 }
626 ret = wind_ucs2read(s, len, &flags, ucs2, &ucs2len);
627 free(s);
628 if (ret) {
629 free(ucs2);
630 krb5_set_error_message(context, ret, "Failed to convert string to UCS-2");
631 return ret;
632 }
633 ret = wind_ucs2utf8_length(ucs2, ucs2len, &u8len);
634 if (ret) {
635 free(ucs2);
636 krb5_set_error_message(context, ret, "Failed to count length of UCS-2 string");
637 return ret;
638 }
639 u8len += 1; /* Add space for NUL */
640 s = malloc(u8len);
641 if (s == NULL) {
642 free(ucs2);
643 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
644 return ENOMEM;
645 }
646 ret = wind_ucs2utf8(ucs2, ucs2len, s, &u8len);
647 free(ucs2);
648 if (ret) {
649 free(s);
650 krb5_set_error_message(context, ret, "Failed to convert to UTF-8");
651 return ret;
652 }
653 }
654 ret = krb5_parse_name_flags(context, s, KRB5_PRINCIPAL_PARSE_NO_REALM, &p2);
655 free(s);
656 if (ret)
657 return ret;
658
659 if (krb5_principal_compare_any_realm(context, principal, p2) != TRUE) {
660 ret = EINVAL;
661 krb5_set_error_message(context, ret, "PAC logon name mismatch");
662 }
663 krb5_free_principal(context, p2);
664 return ret;
665 out:
666 return ret;
667 }
668
669 /*
670 *
671 */
672
673 static krb5_error_code
674 build_logon_name(krb5_context context,
675 time_t authtime,
676 krb5_const_principal principal,
677 krb5_data *logon)
678 {
679 krb5_error_code ret;
680 krb5_storage *sp;
681 uint64_t t;
682 char *s, *s2;
683 size_t i, len;
684
685 t = unix2nttime(authtime);
686
687 krb5_data_zero(logon);
688
689 sp = krb5_storage_emem();
690 if (sp == NULL) {
691 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
692 return ENOMEM;
693 }
694 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
695
696 CHECK(ret, krb5_store_uint32(sp, t & 0xffffffff), out);
697 CHECK(ret, krb5_store_uint32(sp, t >> 32), out);
698
699 ret = krb5_unparse_name_flags(context, principal,
700 KRB5_PRINCIPAL_UNPARSE_NO_REALM, &s);
701 if (ret)
702 goto out;
703
704 len = strlen(s);
705
706 CHECK(ret, krb5_store_uint16(sp, len * 2), out);
707
708 #if 1 /* cheat for now */
709 s2 = malloc(len * 2);
710 if (s2 == NULL) {
711 ret = ENOMEM;
712 free(s);
713 goto out;
714 }
715 for (i = 0; i < len; i++) {
716 s2[i * 2] = s[i];
717 s2[i * 2 + 1] = 0;
718 }
719 free(s);
720 #else
721 /* write libwind code here */
722 #endif
723
724 ret = krb5_storage_write(sp, s2, len * 2);
725 free(s2);
726 if (ret != len * 2) {
727 ret = ENOMEM;
728 goto out;
729 }
730 ret = krb5_storage_to_data(sp, logon);
731 if (ret)
732 goto out;
733 krb5_storage_free(sp);
734
735 return 0;
736 out:
737 krb5_storage_free(sp);
738 return ret;
739 }
740
741
742 /**
743 * Verify the PAC.
744 *
745 * @param context Kerberos 5 context.
746 * @param pac the pac structure returned by krb5_pac_parse().
747 * @param authtime The time of the ticket the PAC belongs to.
748 * @param principal the principal to verify.
749 * @param server The service key, most always be given.
750 * @param privsvr The KDC key, may be given.
751
752 * @return Returns 0 to indicate success. Otherwise an kerberos et
753 * error code is returned, see krb5_get_error_message().
754 *
755 * @ingroup krb5_pac
756 */
757
758 krb5_error_code
759 krb5_pac_verify(krb5_context context,
760 const krb5_pac pac,
761 time_t authtime,
762 krb5_const_principal principal,
763 const krb5_keyblock *server,
764 const krb5_keyblock *privsvr)
765 {
766 krb5_error_code ret;
767
768 if (pac->server_checksum == NULL) {
769 krb5_set_error_message(context, EINVAL, "PAC missing server checksum");
770 return EINVAL;
771 }
772 if (pac->privsvr_checksum == NULL) {
773 krb5_set_error_message(context, EINVAL, "PAC missing kdc checksum");
774 return EINVAL;
775 }
776 if (pac->logon_name == NULL) {
777 krb5_set_error_message(context, EINVAL, "PAC missing logon name");
778 return EINVAL;
779 }
780
781 ret = verify_logonname(context,
782 pac->logon_name,
783 &pac->data,
784 authtime,
785 principal);
786 if (ret)
787 return ret;
788
789 /*
790 * in the service case, clean out data option of the privsvr and
791 * server checksum before checking the checksum.
792 */
793 {
794 krb5_data *copy;
795
796 ret = krb5_copy_data(context, &pac->data, &copy);
797 if (ret)
798 return ret;
799
800 if (pac->server_checksum->buffersize < 4)
801 return EINVAL;
802 if (pac->privsvr_checksum->buffersize < 4)
803 return EINVAL;
804
805 memset((char *)copy->data + pac->server_checksum->offset_lo + 4,
806 0,
807 pac->server_checksum->buffersize - 4);
808
809 memset((char *)copy->data + pac->privsvr_checksum->offset_lo + 4,
810 0,
811 pac->privsvr_checksum->buffersize - 4);
812
813 ret = verify_checksum(context,
814 pac->server_checksum,
815 &pac->data,
816 copy->data,
817 copy->length,
818 server);
819 krb5_free_data(context, copy);
820 if (ret)
821 return ret;
822 }
823 if (privsvr) {
824 /* The priv checksum covers the server checksum */
825 ret = verify_checksum(context,
826 pac->privsvr_checksum,
827 &pac->data,
828 (char *)pac->data.data
829 + pac->server_checksum->offset_lo + 4,
830 pac->server_checksum->buffersize - 4,
831 privsvr);
832 if (ret)
833 return ret;
834 }
835
836 return 0;
837 }
838
839 /*
840 *
841 */
842
843 static krb5_error_code
844 fill_zeros(krb5_context context, krb5_storage *sp, size_t len)
845 {
846 ssize_t sret;
847 size_t l;
848
849 while (len) {
850 l = len;
851 if (l > sizeof(zeros))
852 l = sizeof(zeros);
853 sret = krb5_storage_write(sp, zeros, l);
854 if (sret <= 0) {
855 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
856 return ENOMEM;
857 }
858 len -= sret;
859 }
860 return 0;
861 }
862
863 static krb5_error_code
864 pac_checksum(krb5_context context,
865 const krb5_keyblock *key,
866 uint32_t *cksumtype,
867 size_t *cksumsize)
868 {
869 krb5_cksumtype cktype;
870 krb5_error_code ret;
871 krb5_crypto crypto = NULL;
872
873 ret = krb5_crypto_init(context, key, 0, &crypto);
874 if (ret)
875 return ret;
876
877 ret = krb5_crypto_get_checksum_type(context, crypto, &cktype);
878 krb5_crypto_destroy(context, crypto);
879 if (ret)
880 return ret;
881
882 if (krb5_checksum_is_keyed(context, cktype) == FALSE) {
883 *cksumtype = CKSUMTYPE_HMAC_MD5;
884 *cksumsize = 16;
885 }
886
887 ret = krb5_checksumsize(context, cktype, cksumsize);
888 if (ret)
889 return ret;
890
891 *cksumtype = (uint32_t)cktype;
892
893 return 0;
894 }
895
896 krb5_error_code
897 _krb5_pac_sign(krb5_context context,
898 krb5_pac p,
899 time_t authtime,
900 krb5_principal principal,
901 const krb5_keyblock *server_key,
902 const krb5_keyblock *priv_key,
903 krb5_data *data)
904 {
905 krb5_error_code ret;
906 krb5_storage *sp = NULL, *spdata = NULL;
907 uint32_t end;
908 size_t server_size, priv_size;
909 uint32_t server_offset = 0, priv_offset = 0;
910 uint32_t server_cksumtype = 0, priv_cksumtype = 0;
911 int i, num = 0;
912 krb5_data logon, d;
913
914 krb5_data_zero(&logon);
915
916 if (p->logon_name == NULL)
917 num++;
918 if (p->server_checksum == NULL)
919 num++;
920 if (p->privsvr_checksum == NULL)
921 num++;
922
923 if (num) {
924 void *ptr;
925
926 ptr = realloc(p->pac, sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (p->pac->numbuffers + num - 1)));
927 if (ptr == NULL) {
928 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
929 return ENOMEM;
930 }
931 p->pac = ptr;
932
933 if (p->logon_name == NULL) {
934 p->logon_name = &p->pac->buffers[p->pac->numbuffers++];
935 memset(p->logon_name, 0, sizeof(*p->logon_name));
936 p->logon_name->type = PAC_LOGON_NAME;
937 }
938 if (p->server_checksum == NULL) {
939 p->server_checksum = &p->pac->buffers[p->pac->numbuffers++];
940 memset(p->server_checksum, 0, sizeof(*p->server_checksum));
941 p->server_checksum->type = PAC_SERVER_CHECKSUM;
942 }
943 if (p->privsvr_checksum == NULL) {
944 p->privsvr_checksum = &p->pac->buffers[p->pac->numbuffers++];
945 memset(p->privsvr_checksum, 0, sizeof(*p->privsvr_checksum));
946 p->privsvr_checksum->type = PAC_PRIVSVR_CHECKSUM;
947 }
948 }
949
950 /* Calculate LOGON NAME */
951 ret = build_logon_name(context, authtime, principal, &logon);
952 if (ret)
953 goto out;
954
955 /* Set lengths for checksum */
956 ret = pac_checksum(context, server_key, &server_cksumtype, &server_size);
957 if (ret)
958 goto out;
959 ret = pac_checksum(context, priv_key, &priv_cksumtype, &priv_size);
960 if (ret)
961 goto out;
962
963 /* Encode PAC */
964 sp = krb5_storage_emem();
965 if (sp == NULL) {
966 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
967 return ENOMEM;
968 }
969 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
970
971 spdata = krb5_storage_emem();
972 if (spdata == NULL) {
973 krb5_storage_free(sp);
974 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
975 return ENOMEM;
976 }
977 krb5_storage_set_flags(spdata, KRB5_STORAGE_BYTEORDER_LE);
978
979 CHECK(ret, krb5_store_uint32(sp, p->pac->numbuffers), out);
980 CHECK(ret, krb5_store_uint32(sp, p->pac->version), out);
981
982 end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers);
983
984 for (i = 0; i < p->pac->numbuffers; i++) {
985 uint32_t len;
986 size_t sret;
987 void *ptr = NULL;
988
989 /* store data */
990
991 if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) {
992 len = server_size + 4;
993 server_offset = end + 4;
994 CHECK(ret, krb5_store_uint32(spdata, server_cksumtype), out);
995 CHECK(ret, fill_zeros(context, spdata, server_size), out);
996 } else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) {
997 len = priv_size + 4;
998 priv_offset = end + 4;
999 CHECK(ret, krb5_store_uint32(spdata, priv_cksumtype), out);
1000 CHECK(ret, fill_zeros(context, spdata, priv_size), out);
1001 } else if (p->pac->buffers[i].type == PAC_LOGON_NAME) {
1002 len = krb5_storage_write(spdata, logon.data, logon.length);
1003 if (logon.length != len) {
1004 ret = EINVAL;
1005 goto out;
1006 }
1007 } else {
1008 len = p->pac->buffers[i].buffersize;
1009 ptr = (char *)p->data.data + p->pac->buffers[i].offset_lo;
1010
1011 sret = krb5_storage_write(spdata, ptr, len);
1012 if (sret != len) {
1013 ret = ENOMEM;
1014 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
1015 goto out;
1016 }
1017 /* XXX if not aligned, fill_zeros */
1018 }
1019
1020 /* write header */
1021 CHECK(ret, krb5_store_uint32(sp, p->pac->buffers[i].type), out);
1022 CHECK(ret, krb5_store_uint32(sp, len), out);
1023 CHECK(ret, krb5_store_uint32(sp, end), out);
1024 CHECK(ret, krb5_store_uint32(sp, 0), out);
1025
1026 /* advance data endpointer and align */
1027 {
1028 int32_t e;
1029
1030 end += len;
1031 e = ((end + PAC_ALIGNMENT - 1) / PAC_ALIGNMENT) * PAC_ALIGNMENT;
1032 if (end != e) {
1033 CHECK(ret, fill_zeros(context, spdata, e - end), out);
1034 }
1035 end = e;
1036 }
1037
1038 }
1039
1040 /* assert (server_offset != 0 && priv_offset != 0); */
1041
1042 /* export PAC */
1043 ret = krb5_storage_to_data(spdata, &d);
1044 if (ret) {
1045 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
1046 goto out;
1047 }
1048 ret = krb5_storage_write(sp, d.data, d.length);
1049 if (ret != d.length) {
1050 krb5_data_free(&d);
1051 ret = ENOMEM;
1052 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
1053 goto out;
1054 }
1055 krb5_data_free(&d);
1056
1057 ret = krb5_storage_to_data(sp, &d);
1058 if (ret) {
1059 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
1060 goto out;
1061 }
1062
1063 /* sign */
1064 ret = create_checksum(context, server_key, server_cksumtype,
1065 d.data, d.length,
1066 (char *)d.data + server_offset, server_size);
1067 if (ret) {
1068 krb5_data_free(&d);
1069 goto out;
1070 }
1071 ret = create_checksum(context, priv_key, priv_cksumtype,
1072 (char *)d.data + server_offset, server_size,
1073 (char *)d.data + priv_offset, priv_size);
1074 if (ret) {
1075 krb5_data_free(&d);
1076 goto out;
1077 }
1078
1079 /* done */
1080 *data = d;
1081
1082 krb5_data_free(&logon);
1083 krb5_storage_free(sp);
1084 krb5_storage_free(spdata);
1085
1086 return 0;
1087 out:
1088 krb5_data_free(&logon);
1089 if (sp)
1090 krb5_storage_free(sp);
1091 if (spdata)
1092 krb5_storage_free(spdata);
1093 return ret;
1094 }
Heimdal