2 * Copyright (c) 2003 - 2016 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40 #include <heim_asn1.h>
41 #include <rfc2459_asn1.h>
43 #include <pkinit_asn1.h>
46 #include "crypto-headers.h"
48 struct pk_client_params
{
49 enum krb5_pk_type type
;
50 enum keyex_enum keyex
;
62 krb5_timestamp endtime
;
63 krb5_timestamp max_life
;
65 EncryptionKey reply_key
;
68 hx509_certs client_anchors
;
69 hx509_verify_ctx verify_ctx
;
72 struct pk_principal_mapping
{
74 struct pk_allowed_princ
{
75 krb5_principal principal
;
80 static struct krb5_pk_identity
*kdc_identity
;
81 static struct pk_principal_mapping principal_mappings
;
82 static struct krb5_dh_moduli
**moduli
;
94 static krb5_error_code
95 pk_check_pkauthenticator_win2k(krb5_context context
,
96 PKAuthenticator_Win2k
*a
,
101 krb5_timeofday (context
, &now
);
104 if (a
->ctime
== 0 || labs(a
->ctime
- now
) > context
->max_skew
) {
105 krb5_clear_error_message(context
);
106 return KRB5KRB_AP_ERR_SKEW
;
111 static krb5_error_code
112 pk_check_pkauthenticator(krb5_context context
,
113 const PKAuthenticator
*a
,
120 krb5_timeofday (context
, &now
);
123 if (a
->ctime
== 0 || labs(a
->ctime
- now
) > context
->max_skew
) {
124 krb5_clear_error_message(context
);
125 return KRB5KRB_AP_ERR_SKEW
;
128 ret
= krb5_create_checksum(context
,
132 req
->req_body
._save
.data
,
133 req
->req_body
._save
.length
,
136 krb5_clear_error_message(context
);
140 if (a
->paChecksum
== NULL
) {
141 krb5_clear_error_message(context
);
142 ret
= KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED
;
146 if (der_heim_octet_string_cmp(a
->paChecksum
, &checksum
.checksum
) != 0) {
147 krb5_clear_error_message(context
);
148 ret
= KRB5KRB_ERR_GENERIC
;
152 free_Checksum(&checksum
);
158 _kdc_pk_free_client_param(krb5_context context
, pk_client_params
*cp
)
163 hx509_cert_free(cp
->cert
);
165 hx509_verify_destroy_ctx(cp
->verify_ctx
);
166 if (cp
->keyex
== USE_DH
) {
168 DH_free(cp
->u
.dh
.key
);
169 if (cp
->u
.dh
.public_key
)
170 BN_free(cp
->u
.dh
.public_key
);
172 if (cp
->keyex
== USE_ECDH
)
173 _kdc_pk_free_client_ec_param(context
, cp
->u
.ecdh
.key
,
174 cp
->u
.ecdh
.public_key
);
175 krb5_free_keyblock_contents(context
, &cp
->reply_key
);
176 if (cp
->dh_group_name
)
177 free(cp
->dh_group_name
);
179 hx509_peer_info_free(cp
->peer
);
180 if (cp
->client_anchors
)
181 hx509_certs_free(&cp
->client_anchors
);
182 memset(cp
, 0, sizeof(*cp
));
186 static krb5_error_code
187 generate_dh_keyblock(krb5_context context
,
188 pk_client_params
*client_params
,
189 krb5_enctype enctype
)
191 unsigned char *dh_gen_key
= NULL
;
194 size_t dh_gen_keylen
, size
;
196 memset(&key
, 0, sizeof(key
));
198 if (client_params
->keyex
== USE_DH
) {
200 if (client_params
->u
.dh
.public_key
== NULL
) {
201 ret
= KRB5KRB_ERR_GENERIC
;
202 krb5_set_error_message(context
, ret
, "missing DH public_key");
206 if (!DH_generate_key(client_params
->u
.dh
.key
)) {
207 ret
= KRB5KRB_ERR_GENERIC
;
208 krb5_set_error_message(context
, ret
,
209 "Can't generate Diffie-Hellman keys");
213 size
= DH_size(client_params
->u
.dh
.key
);
215 dh_gen_key
= malloc(size
);
216 if (dh_gen_key
== NULL
) {
218 krb5_set_error_message(context
, ret
, "malloc: out of memory");
222 dh_gen_keylen
= DH_compute_key(dh_gen_key
,client_params
->u
.dh
.public_key
, client_params
->u
.dh
.key
);
223 if (dh_gen_keylen
== (size_t)-1) {
224 ret
= KRB5KRB_ERR_GENERIC
;
225 krb5_set_error_message(context
, ret
,
226 "Can't compute Diffie-Hellman key");
229 if (dh_gen_keylen
< size
) {
230 size
-= dh_gen_keylen
;
231 memmove(dh_gen_key
+ size
, dh_gen_key
, dh_gen_keylen
);
232 memset(dh_gen_key
, 0, size
);
234 } else if (client_params
->keyex
== USE_ECDH
) {
235 if (client_params
->u
.ecdh
.public_key
== NULL
) {
236 ret
= KRB5KRB_ERR_GENERIC
;
237 krb5_set_error_message(context
, ret
, "missing ECDH public_key");
240 ret
= _kdc_generate_ecdh_keyblock(context
,
241 client_params
->u
.ecdh
.public_key
,
242 &client_params
->u
.ecdh
.key
,
243 &dh_gen_key
, &dh_gen_keylen
);
247 ret
= KRB5KRB_ERR_GENERIC
;
248 krb5_set_error_message(context
, ret
,
249 "Diffie-Hellman not selected keys");
253 ret
= _krb5_pk_octetstring2key(context
,
255 dh_gen_key
, dh_gen_keylen
,
257 &client_params
->reply_key
);
262 if (key
.keyvalue
.data
)
263 krb5_free_keyblock_contents(context
, &key
);
269 integer_to_BN(krb5_context context
, const char *field
, heim_integer
*f
)
273 bn
= BN_bin2bn((const unsigned char *)f
->data
, f
->length
, NULL
);
275 krb5_set_error_message(context
, KRB5_BADMSGTYPE
,
276 "PKINIT: parsing BN failed %s", field
);
279 BN_set_negative(bn
, f
->negative
);
283 static krb5_error_code
284 get_dh_param(krb5_context context
,
285 krb5_kdc_configuration
*config
,
286 SubjectPublicKeyInfo
*dh_key_info
,
287 pk_client_params
*client_params
)
289 DomainParameters dhparam
;
293 memset(&dhparam
, 0, sizeof(dhparam
));
295 if ((dh_key_info
->subjectPublicKey
.length
% 8) != 0) {
296 ret
= KRB5_BADMSGTYPE
;
297 krb5_set_error_message(context
, ret
,
298 "PKINIT: subjectPublicKey not aligned "
299 "to 8 bit boundary");
303 if (dh_key_info
->algorithm
.parameters
== NULL
) {
304 krb5_set_error_message(context
, KRB5_BADMSGTYPE
,
305 "PKINIT missing algorithm parameter "
306 "in clientPublicValue");
307 return KRB5_BADMSGTYPE
;
310 ret
= decode_DomainParameters(dh_key_info
->algorithm
.parameters
->data
,
311 dh_key_info
->algorithm
.parameters
->length
,
315 krb5_set_error_message(context
, ret
, "Can't decode algorithm "
316 "parameters in clientPublicValue");
320 ret
= _krb5_dh_group_ok(context
, config
->pkinit_dh_min_bits
,
321 &dhparam
.p
, &dhparam
.g
, dhparam
.q
, moduli
,
322 &client_params
->dh_group_name
);
324 /* XXX send back proposal of better group */
331 krb5_set_error_message(context
, ret
, "Cannot create DH structure");
334 ret
= KRB5_BADMSGTYPE
;
335 dh
->p
= integer_to_BN(context
, "DH prime", &dhparam
.p
);
338 dh
->g
= integer_to_BN(context
, "DH base", &dhparam
.g
);
343 dh
->q
= integer_to_BN(context
, "DH p-1 factor", dhparam
.q
);
352 ret
= decode_DHPublicKey(dh_key_info
->subjectPublicKey
.data
,
353 dh_key_info
->subjectPublicKey
.length
/ 8,
357 krb5_clear_error_message(context
);
361 client_params
->u
.dh
.public_key
= integer_to_BN(context
,
364 der_free_heim_integer(&glue
);
365 if (client_params
->u
.dh
.public_key
== NULL
) {
366 ret
= KRB5_BADMSGTYPE
;
371 client_params
->u
.dh
.key
= dh
;
378 free_DomainParameters(&dhparam
);
383 _kdc_pk_rd_padata(astgs_request_t priv
,
385 pk_client_params
**ret_params
)
387 /* XXXrcd: we use priv vs r due to a conflict */
388 krb5_context context
= priv
->context
;
389 krb5_kdc_configuration
*config
= priv
->config
;
390 const KDC_REQ
*req
= &priv
->req
;
391 hdb_entry
*client
= priv
->client
;
392 pk_client_params
*cp
;
394 heim_oid eContentType
= { 0, NULL
}, contentInfoOid
= { 0, NULL
};
395 krb5_data eContent
= { 0, NULL
};
396 krb5_data signed_content
= { 0, NULL
};
397 const char *type
= "unknown type";
398 hx509_certs trust_anchors
;
400 const HDB_Ext_PKINIT_cert
*pc
;
404 if (!config
->enable_pkinit
) {
405 kdc_log(context
, config
, 0, "PKINIT request but PKINIT not enabled");
406 krb5_clear_error_message(context
);
410 cp
= calloc(1, sizeof(*cp
));
412 krb5_clear_error_message(context
);
417 ret
= hx509_certs_init(context
->hx509ctx
,
418 "MEMORY:trust-anchors",
419 0, NULL
, &trust_anchors
);
421 krb5_set_error_message(context
, ret
, "failed to create trust anchors");
425 ret
= hx509_certs_merge(context
->hx509ctx
, trust_anchors
,
426 kdc_identity
->anchors
);
428 hx509_certs_free(&trust_anchors
);
429 krb5_set_error_message(context
, ret
, "failed to create verify context");
433 /* Add any registered certificates for this client as trust anchors */
434 ret
= hdb_entry_get_pkinit_cert(client
, &pc
);
435 if (ret
== 0 && pc
!= NULL
) {
439 for (i
= 0; i
< pc
->len
; i
++) {
440 cert
= hx509_cert_init_data(context
->hx509ctx
,
441 pc
->val
[i
].cert
.data
,
442 pc
->val
[i
].cert
.length
,
446 hx509_certs_add(context
->hx509ctx
, trust_anchors
, cert
);
447 hx509_cert_free(cert
);
451 ret
= hx509_verify_init_ctx(context
->hx509ctx
, &cp
->verify_ctx
);
453 hx509_certs_free(&trust_anchors
);
454 krb5_set_error_message(context
, ret
, "failed to create verify context");
458 hx509_verify_set_time(cp
->verify_ctx
, kdc_time
);
459 hx509_verify_attach_anchors(cp
->verify_ctx
, trust_anchors
);
460 hx509_certs_free(&trust_anchors
);
462 if (config
->pkinit_allow_proxy_certs
)
463 hx509_verify_set_proxy_certificate(cp
->verify_ctx
, 1);
465 if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ_WIN
) {
466 PA_PK_AS_REQ_Win2k r
;
468 type
= "PK-INIT-Win2k";
470 if (_kdc_is_anonymous(context
, client
->principal
)) {
471 ret
= KRB5_KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED
;
472 krb5_set_error_message(context
, ret
,
473 "Anonymous client not supported in RSA mode");
477 ret
= decode_PA_PK_AS_REQ_Win2k(pa
->padata_value
.data
,
478 pa
->padata_value
.length
,
482 krb5_set_error_message(context
, ret
, "Can't decode "
483 "PK-AS-REQ-Win2k: %d", ret
);
487 ret
= hx509_cms_unwrap_ContentInfo(&r
.signed_auth_pack
,
491 free_PA_PK_AS_REQ_Win2k(&r
);
493 krb5_set_error_message(context
, ret
,
494 "Can't unwrap ContentInfo(win): %d", ret
);
498 } else if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ
) {
501 type
= "PK-INIT-IETF";
503 ret
= decode_PA_PK_AS_REQ(pa
->padata_value
.data
,
504 pa
->padata_value
.length
,
508 krb5_set_error_message(context
, ret
,
509 "Can't decode PK-AS-REQ: %d", ret
);
513 /* XXX look at r.kdcPkId */
514 if (r
.trustedCertifiers
) {
515 ExternalPrincipalIdentifiers
*edi
= r
.trustedCertifiers
;
516 unsigned int i
, maxedi
;
518 ret
= hx509_certs_init(context
->hx509ctx
,
519 "MEMORY:client-anchors",
521 &cp
->client_anchors
);
523 krb5_set_error_message(context
, ret
,
524 "Can't allocate client anchors: %d",
530 * If the client sent more than 10 EDIs, don't bother
531 * looking at more than 10 for performance reasons.
536 for (i
= 0; i
< maxedi
; i
++) {
537 IssuerAndSerialNumber iasn
;
542 if (edi
->val
[i
].issuerAndSerialNumber
== NULL
)
545 ret
= hx509_query_alloc(context
->hx509ctx
, &q
);
547 krb5_set_error_message(context
, ret
,
548 "Failed to allocate hx509_query");
552 ret
= decode_IssuerAndSerialNumber(edi
->val
[i
].issuerAndSerialNumber
->data
,
553 edi
->val
[i
].issuerAndSerialNumber
->length
,
557 hx509_query_free(context
->hx509ctx
, q
);
560 ret
= hx509_query_match_issuer_serial(q
, &iasn
.issuer
, &iasn
.serialNumber
);
561 free_IssuerAndSerialNumber(&iasn
);
563 hx509_query_free(context
->hx509ctx
, q
);
567 ret
= hx509_certs_find(context
->hx509ctx
,
571 hx509_query_free(context
->hx509ctx
, q
);
574 hx509_certs_add(context
->hx509ctx
,
575 cp
->client_anchors
, cert
);
576 hx509_cert_free(cert
);
580 ret
= hx509_cms_unwrap_ContentInfo(&r
.signedAuthPack
,
584 free_PA_PK_AS_REQ(&r
);
586 krb5_set_error_message(context
, ret
,
587 "Can't unwrap ContentInfo: %d", ret
);
592 krb5_clear_error_message(context
);
593 ret
= KRB5KDC_ERR_PADATA_TYPE_NOSUPP
;
597 ret
= der_heim_oid_cmp(&contentInfoOid
, &asn1_oid_id_pkcs7_signedData
);
599 ret
= KRB5KRB_ERR_GENERIC
;
600 krb5_set_error_message(context
, ret
,
601 "PK-AS-REQ-Win2k invalid content type oid");
606 ret
= KRB5KRB_ERR_GENERIC
;
607 krb5_set_error_message(context
, ret
,
608 "PK-AS-REQ-Win2k no signed auth pack");
613 hx509_certs signer_certs
;
614 int flags
= HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH
; /* BTMM */
616 if (_kdc_is_anonymous(context
, client
->principal
)
617 || (config
->historical_anon_realm
&& _kdc_is_anon_request(req
)))
618 flags
|= HX509_CMS_VS_ALLOW_ZERO_SIGNER
;
620 ret
= hx509_cms_verify_signed(context
->hx509ctx
,
624 signed_content
.length
,
626 kdc_identity
->certpool
,
631 char *s
= hx509_get_error_string(context
->hx509ctx
, ret
);
632 krb5_warnx(context
, "PKINIT: failed to verify signature: %s: %d",
639 ret
= hx509_get_one_cert(context
->hx509ctx
, signer_certs
,
641 hx509_certs_free(&signer_certs
);
647 /* Signature is correct, now verify the signed message */
648 if (der_heim_oid_cmp(&eContentType
, &asn1_oid_id_pkcs7_data
) != 0 &&
649 der_heim_oid_cmp(&eContentType
, &asn1_oid_id_pkauthdata
) != 0)
651 ret
= KRB5_BADMSGTYPE
;
652 krb5_set_error_message(context
, ret
, "got wrong oid for PK AuthData");
656 if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ_WIN
) {
659 ret
= decode_AuthPack_Win2k(eContent
.data
,
664 krb5_set_error_message(context
, ret
,
665 "Can't decode AuthPack: %d", ret
);
669 ret
= pk_check_pkauthenticator_win2k(context
,
673 free_AuthPack_Win2k(&ap
);
677 cp
->type
= PKINIT_WIN2K
;
678 cp
->nonce
= ap
.pkAuthenticator
.nonce
;
680 if (ap
.clientPublicValue
) {
681 ret
= KRB5KRB_ERR_GENERIC
;
682 krb5_set_error_message(context
, ret
,
683 "DH not supported for Win2k");
684 free_AuthPack_Win2k(&ap
);
687 free_AuthPack_Win2k(&ap
);
689 } else if (pa
->padata_type
== KRB5_PADATA_PK_AS_REQ
) {
692 ret
= decode_AuthPack(eContent
.data
,
697 krb5_set_error_message(context
, ret
,
698 "Can't decode AuthPack: %d", ret
);
703 if (_kdc_is_anonymous(context
, client
->principal
) &&
704 ap
.clientPublicValue
== NULL
) {
706 ret
= KRB5_KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED
;
707 krb5_set_error_message(context
, ret
,
708 "Anonymous client not supported in RSA mode");
712 ret
= pk_check_pkauthenticator(context
,
720 cp
->type
= PKINIT_27
;
721 cp
->nonce
= ap
.pkAuthenticator
.nonce
;
723 if (ap
.clientPublicValue
) {
724 if (der_heim_oid_cmp(&ap
.clientPublicValue
->algorithm
.algorithm
, &asn1_oid_id_dhpublicnumber
) == 0) {
726 ret
= get_dh_param(context
, config
,
727 ap
.clientPublicValue
, cp
);
728 } else if (der_heim_oid_cmp(&ap
.clientPublicValue
->algorithm
.algorithm
, &asn1_oid_id_ecPublicKey
) == 0) {
729 cp
->keyex
= USE_ECDH
;
730 ret
= _kdc_get_ecdh_param(context
, config
,
731 ap
.clientPublicValue
,
732 &cp
->u
.ecdh
.public_key
);
734 ret
= KRB5_BADMSGTYPE
;
735 krb5_set_error_message(context
, ret
,
736 "PKINIT unknown DH mechanism");
745 ret
= hx509_peer_info_alloc(context
->hx509ctx
,
752 if (ap
.supportedCMSTypes
) {
753 ret
= hx509_peer_info_set_cms_algs(context
->hx509ctx
,
755 ap
.supportedCMSTypes
->val
,
756 ap
.supportedCMSTypes
->len
);
762 /* assume old client */
763 hx509_peer_info_add_cms_alg(context
->hx509ctx
, cp
->peer
,
764 hx509_crypto_des_rsdi_ede3_cbc());
765 hx509_peer_info_add_cms_alg(context
->hx509ctx
, cp
->peer
,
766 hx509_signature_rsa_with_sha1());
767 hx509_peer_info_add_cms_alg(context
->hx509ctx
, cp
->peer
,
768 hx509_signature_sha1());
772 krb5_abortx(context
, "internal pkinit error");
774 kdc_log(context
, config
, 0, "PKINIT request of type %s", type
);
778 krb5_warn(context
, ret
, "PKINIT");
780 if (signed_content
.data
)
781 free(signed_content
.data
);
782 krb5_data_free(&eContent
);
783 der_free_oid(&eContentType
);
784 der_free_oid(&contentInfoOid
);
786 _kdc_pk_free_client_param(context
, cp
);
793 _kdc_pk_endtime(pk_client_params
*pkp
)
799 _kdc_pk_max_life(pk_client_params
*pkp
)
801 return pkp
->max_life
;
808 static krb5_error_code
809 BN_to_integer(krb5_context context
, BIGNUM
*bn
, heim_integer
*integer
)
811 integer
->length
= BN_num_bytes(bn
);
812 integer
->data
= malloc(integer
->length
);
813 if (integer
->data
== NULL
) {
814 krb5_clear_error_message(context
);
817 BN_bn2bin(bn
, integer
->data
);
818 integer
->negative
= BN_is_negative(bn
);
822 static krb5_error_code
823 pk_mk_pa_reply_enckey(krb5_context context
,
824 krb5_kdc_configuration
*config
,
825 pk_client_params
*cp
,
827 const krb5_data
*req_buffer
,
828 krb5_keyblock
*reply_key
,
829 ContentInfo
*content_info
,
830 hx509_cert
*kdc_cert
)
832 const heim_oid
*envelopedAlg
= NULL
, *sdAlg
= NULL
, *evAlg
= NULL
;
834 krb5_data buf
, signed_data
;
838 krb5_data_zero(&buf
);
839 krb5_data_zero(&signed_data
);
844 * If the message client is a win2k-type but it sends pa data
845 * 09-binding it expects a IETF (checksum) reply so there can be
852 if (_kdc_find_padata(req
, &i
, KRB5_PADATA_PK_AS_09_BINDING
) == NULL
853 && config
->pkinit_require_binding
== 0)
857 sdAlg
= &asn1_oid_id_pkcs7_data
;
858 evAlg
= &asn1_oid_id_pkcs7_data
;
859 envelopedAlg
= &asn1_oid_id_rsadsi_des_ede3_cbc
;
863 sdAlg
= &asn1_oid_id_pkrkeydata
;
864 evAlg
= &asn1_oid_id_pkcs7_signedData
;
867 krb5_abortx(context
, "internal pkinit error");
871 ReplyKeyPack_Win2k kp
;
872 memset(&kp
, 0, sizeof(kp
));
874 ret
= copy_EncryptionKey(reply_key
, &kp
.replyKey
);
876 krb5_clear_error_message(context
);
879 kp
.nonce
= cp
->nonce
;
881 ASN1_MALLOC_ENCODE(ReplyKeyPack_Win2k
,
882 buf
.data
, buf
.length
,
884 free_ReplyKeyPack_Win2k(&kp
);
886 krb5_crypto ascrypto
;
888 memset(&kp
, 0, sizeof(kp
));
890 ret
= copy_EncryptionKey(reply_key
, &kp
.replyKey
);
892 krb5_clear_error_message(context
);
896 ret
= krb5_crypto_init(context
, reply_key
, 0, &ascrypto
);
898 krb5_clear_error_message(context
);
902 ret
= krb5_create_checksum(context
, ascrypto
, 6, 0,
903 req_buffer
->data
, req_buffer
->length
,
906 krb5_clear_error_message(context
);
910 ret
= krb5_crypto_destroy(context
, ascrypto
);
912 krb5_clear_error_message(context
);
915 ASN1_MALLOC_ENCODE(ReplyKeyPack
, buf
.data
, buf
.length
, &kp
, &size
,ret
);
916 free_ReplyKeyPack(&kp
);
919 krb5_set_error_message(context
, ret
, "ASN.1 encoding of ReplyKeyPack "
923 if (buf
.length
!= size
)
924 krb5_abortx(context
, "Internal ASN.1 encoder error");
930 ret
= hx509_query_alloc(context
->hx509ctx
, &q
);
934 hx509_query_match_option(q
, HX509_QUERY_OPTION_PRIVATE_KEY
);
935 if (config
->pkinit_kdc_friendly_name
)
936 hx509_query_match_friendly_name(q
, config
->pkinit_kdc_friendly_name
);
938 ret
= hx509_certs_find(context
->hx509ctx
,
942 hx509_query_free(context
->hx509ctx
, q
);
946 ret
= hx509_cms_create_signed_1(context
->hx509ctx
,
955 kdc_identity
->certpool
,
960 krb5_data_free(&buf
);
964 if (cp
->type
== PKINIT_WIN2K
) {
965 ret
= hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_signedData
,
970 krb5_data_free(&signed_data
);
974 ret
= hx509_cms_envelope_1(context
->hx509ctx
,
975 HX509_CMS_EV_NO_KU_CHECK
,
977 signed_data
.data
, signed_data
.length
,
983 ret
= _krb5_pk_mk_ContentInfo(context
,
985 &asn1_oid_id_pkcs7_envelopedData
,
988 if (ret
&& *kdc_cert
) {
989 hx509_cert_free(*kdc_cert
);
993 krb5_data_free(&buf
);
994 krb5_data_free(&signed_data
);
1002 static krb5_error_code
1003 pk_mk_pa_reply_dh(krb5_context context
,
1004 krb5_kdc_configuration
*config
,
1005 pk_client_params
*cp
,
1006 ContentInfo
*content_info
,
1007 hx509_cert
*kdc_cert
)
1009 KDCDHKeyInfo dh_info
;
1010 krb5_data signed_data
, buf
;
1011 ContentInfo contentinfo
;
1012 krb5_error_code ret
;
1017 memset(&contentinfo
, 0, sizeof(contentinfo
));
1018 memset(&dh_info
, 0, sizeof(dh_info
));
1019 krb5_data_zero(&signed_data
);
1020 krb5_data_zero(&buf
);
1024 if (cp
->keyex
== USE_DH
) {
1025 DH
*kdc_dh
= cp
->u
.dh
.key
;
1028 ret
= BN_to_integer(context
, kdc_dh
->pub_key
, &i
);
1032 ASN1_MALLOC_ENCODE(DHPublicKey
, buf
.data
, buf
.length
, &i
, &size
, ret
);
1033 der_free_heim_integer(&i
);
1035 krb5_set_error_message(context
, ret
, "ASN.1 encoding of "
1036 "DHPublicKey failed (%d)", ret
);
1039 if (buf
.length
!= size
)
1040 krb5_abortx(context
, "Internal ASN.1 encoder error");
1042 dh_info
.subjectPublicKey
.length
= buf
.length
* 8;
1043 dh_info
.subjectPublicKey
.data
= buf
.data
;
1044 krb5_data_zero(&buf
);
1045 } else if (cp
->keyex
== USE_ECDH
) {
1047 ret
= _kdc_serialize_ecdh_key(context
, cp
->u
.ecdh
.key
, &p
,
1048 &dh_info
.subjectPublicKey
.length
);
1051 dh_info
.subjectPublicKey
.data
= p
;
1053 krb5_abortx(context
, "no keyex selected ?");
1056 dh_info
.nonce
= cp
->nonce
;
1058 ASN1_MALLOC_ENCODE(KDCDHKeyInfo
, buf
.data
, buf
.length
, &dh_info
, &size
,
1061 krb5_set_error_message(context
, ret
, "ASN.1 encoding of "
1062 "KdcDHKeyInfo failed (%d)", ret
);
1065 if (buf
.length
!= size
)
1066 krb5_abortx(context
, "Internal ASN.1 encoder error");
1069 * Create the SignedData structure and sign the KdcDHKeyInfo
1073 ret
= hx509_query_alloc(context
->hx509ctx
, &q
);
1077 hx509_query_match_option(q
, HX509_QUERY_OPTION_PRIVATE_KEY
);
1078 if (config
->pkinit_kdc_friendly_name
)
1079 hx509_query_match_friendly_name(q
, config
->pkinit_kdc_friendly_name
);
1081 ret
= hx509_certs_find(context
->hx509ctx
,
1082 kdc_identity
->certs
,
1085 hx509_query_free(context
->hx509ctx
, q
);
1089 ret
= hx509_cms_create_signed_1(context
->hx509ctx
,
1091 &asn1_oid_id_pkdhkeydata
,
1098 kdc_identity
->certpool
,
1101 kdc_log(context
, config
, 0, "Failed signing the DH* reply: %d", ret
);
1106 ret
= _krb5_pk_mk_ContentInfo(context
,
1108 &asn1_oid_id_pkcs7_signedData
,
1114 if (ret
&& *kdc_cert
) {
1115 hx509_cert_free(*kdc_cert
);
1119 krb5_data_free(&buf
);
1120 krb5_data_free(&signed_data
);
1121 free_KDCDHKeyInfo(&dh_info
);
1131 _kdc_pk_mk_pa_reply(astgs_request_t r
, pk_client_params
*cp
)
1133 krb5_kdc_configuration
*config
= r
->config
;
1134 krb5_enctype sessionetype
= r
->sessionetype
;
1135 const KDC_REQ
*req
= &r
->req
;
1136 const krb5_data
*req_buffer
= &r
->request
;
1137 krb5_keyblock
*reply_key
= &r
->reply_key
;
1138 krb5_keyblock
*sessionkey
= &r
->session_key
;
1139 METHOD_DATA
*md
= r
->rep
.padata
;
1140 krb5_error_code ret
;
1142 size_t len
= 0, size
= 0;
1143 krb5_enctype enctype
;
1145 hx509_cert kdc_cert
= NULL
;
1148 if (!config
->enable_pkinit
) {
1149 krb5_clear_error_message(r
->context
);
1153 if (req
->req_body
.etype
.len
> 0) {
1154 for (i
= 0; i
< req
->req_body
.etype
.len
; i
++)
1155 if (krb5_enctype_valid(r
->context
, req
->req_body
.etype
.val
[i
]) == 0)
1157 if (req
->req_body
.etype
.len
<= i
) {
1158 ret
= KRB5KRB_ERR_GENERIC
;
1159 krb5_set_error_message(r
->context
, ret
,
1160 "No valid enctype available from client");
1163 enctype
= req
->req_body
.etype
.val
[i
];
1165 enctype
= ETYPE_DES3_CBC_SHA1
;
1167 if (cp
->type
== PKINIT_27
) {
1169 const char *type
, *other
= "";
1171 memset(&rep
, 0, sizeof(rep
));
1173 pa_type
= KRB5_PADATA_PK_AS_REP
;
1175 if (cp
->keyex
== USE_RSA
) {
1180 rep
.element
= choice_PA_PK_AS_REP_encKeyPack
;
1182 ret
= krb5_generate_random_keyblock(r
->context
, enctype
,
1185 free_PA_PK_AS_REP(&rep
);
1188 ret
= pk_mk_pa_reply_enckey(r
->context
,
1197 free_PA_PK_AS_REP(&rep
);
1200 ASN1_MALLOC_ENCODE(ContentInfo
, rep
.u
.encKeyPack
.data
,
1201 rep
.u
.encKeyPack
.length
, &info
, &size
,
1203 free_ContentInfo(&info
);
1205 krb5_set_error_message(r
->context
, ret
, "encoding of Key ContentInfo "
1207 free_PA_PK_AS_REP(&rep
);
1210 if (rep
.u
.encKeyPack
.length
!= size
)
1211 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1213 ret
= krb5_generate_random_keyblock(r
->context
, sessionetype
,
1216 free_PA_PK_AS_REP(&rep
);
1223 switch (cp
->keyex
) {
1224 case USE_DH
: type
= "dh"; break;
1225 case USE_ECDH
: type
= "ecdh"; break;
1226 default: krb5_abortx(r
->context
, "unknown keyex"); break;
1229 if (cp
->dh_group_name
)
1230 other
= cp
->dh_group_name
;
1232 rep
.element
= choice_PA_PK_AS_REP_dhInfo
;
1234 ret
= generate_dh_keyblock(r
->context
, cp
, enctype
);
1238 ret
= pk_mk_pa_reply_dh(r
->context
, config
,
1243 free_PA_PK_AS_REP(&rep
);
1244 krb5_set_error_message(r
->context
, ret
,
1245 "create pa-reply-dh "
1250 ASN1_MALLOC_ENCODE(ContentInfo
, rep
.u
.dhInfo
.dhSignedData
.data
,
1251 rep
.u
.dhInfo
.dhSignedData
.length
, &info
, &size
,
1253 free_ContentInfo(&info
);
1255 krb5_set_error_message(r
->context
, ret
,
1256 "encoding of Key ContentInfo "
1258 free_PA_PK_AS_REP(&rep
);
1261 if (rep
.u
.encKeyPack
.length
!= size
)
1262 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1264 /* generate the session key using the method from RFC6112 */
1266 krb5_keyblock kdc_contribution_key
;
1267 krb5_crypto reply_crypto
;
1268 krb5_crypto kdccont_crypto
;
1269 krb5_data p1
= { strlen("PKINIT"), "PKINIT"};
1270 krb5_data p2
= { strlen("KEYEXCHANGE"), "KEYEXCHANGE"};
1277 ret
= krb5_generate_random_keyblock(r
->context
, sessionetype
,
1278 &kdc_contribution_key
);
1280 free_PA_PK_AS_REP(&rep
);
1283 ret
= krb5_crypto_init(r
->context
, &cp
->reply_key
, enctype
, &reply_crypto
);
1285 krb5_free_keyblock_contents(r
->context
, &kdc_contribution_key
);
1286 free_PA_PK_AS_REP(&rep
);
1289 ret
= krb5_crypto_init(r
->context
, &kdc_contribution_key
, sessionetype
, &kdccont_crypto
);
1291 krb5_crypto_destroy(r
->context
, reply_crypto
);
1292 krb5_free_keyblock_contents(r
->context
, &kdc_contribution_key
);
1293 free_PA_PK_AS_REP(&rep
);
1297 ret
= krb5_crypto_fx_cf2(r
->context
, kdccont_crypto
, reply_crypto
,
1298 &p1
, &p2
, sessionetype
, sessionkey
);
1299 krb5_crypto_destroy(r
->context
, kdccont_crypto
);
1301 krb5_crypto_destroy(r
->context
, reply_crypto
);
1302 krb5_free_keyblock_contents(r
->context
, &kdc_contribution_key
);
1303 free_PA_PK_AS_REP(&rep
);
1306 ASN1_MALLOC_ENCODE(EncryptionKey
, kckdata
, kcklen
,
1307 &kdc_contribution_key
, &size
, ret
);
1308 krb5_free_keyblock_contents(r
->context
, &kdc_contribution_key
);
1310 krb5_set_error_message(r
->context
, ret
, "encoding of PKINIT-KX Key failed %d", ret
);
1311 krb5_crypto_destroy(r
->context
, reply_crypto
);
1312 free_PA_PK_AS_REP(&rep
);
1316 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1317 ret
= krb5_encrypt_EncryptedData(r
->context
, reply_crypto
, KRB5_KU_PA_PKINIT_KX
,
1318 kckdata
, kcklen
, 0, &kx
);
1319 krb5_crypto_destroy(r
->context
, reply_crypto
);
1322 free_PA_PK_AS_REP(&rep
);
1325 ASN1_MALLOC_ENCODE(EncryptedData
, kxdata
, kxlen
,
1327 free_EncryptedData(&kx
);
1329 krb5_set_error_message(r
->context
, ret
,
1330 "encoding of PKINIT-KX failed %d", ret
);
1331 free_PA_PK_AS_REP(&rep
);
1335 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1336 /* Add PA-PKINIT-KX */
1337 ret
= krb5_padata_add(r
->context
, md
, KRB5_PADATA_PKINIT_KX
, kxdata
, kxlen
);
1339 krb5_set_error_message(r
->context
, ret
,
1340 "Failed adding PKINIT-KX %d", ret
);
1347 #define use_btmm_with_enckey 0
1348 if (use_btmm_with_enckey
&& rep
.element
== choice_PA_PK_AS_REP_encKeyPack
) {
1349 PA_PK_AS_REP_BTMM btmm
;
1352 any
.data
= rep
.u
.encKeyPack
.data
;
1353 any
.length
= rep
.u
.encKeyPack
.length
;
1355 btmm
.dhSignedData
= NULL
;
1356 btmm
.encKeyPack
= &any
;
1358 ASN1_MALLOC_ENCODE(PA_PK_AS_REP_BTMM
, buf
, len
, &btmm
, &size
, ret
);
1360 ASN1_MALLOC_ENCODE(PA_PK_AS_REP
, buf
, len
, &rep
, &size
, ret
);
1363 free_PA_PK_AS_REP(&rep
);
1365 krb5_set_error_message(r
->context
, ret
,
1366 "encode PA-PK-AS-REP failed %d", ret
);
1370 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1372 kdc_log(r
->context
, config
, 0, "PKINIT using %s %s", type
, other
);
1374 } else if (cp
->type
== PKINIT_WIN2K
) {
1375 PA_PK_AS_REP_Win2k rep
;
1378 if (cp
->keyex
!= USE_RSA
) {
1379 ret
= KRB5KRB_ERR_GENERIC
;
1380 krb5_set_error_message(r
->context
, ret
,
1381 "Win2k PKINIT doesn't support DH");
1385 memset(&rep
, 0, sizeof(rep
));
1387 pa_type
= KRB5_PADATA_PK_AS_REP_19
;
1388 rep
.element
= choice_PA_PK_AS_REP_Win2k_encKeyPack
;
1390 ret
= krb5_generate_random_keyblock(r
->context
, enctype
,
1393 free_PA_PK_AS_REP_Win2k(&rep
);
1396 ret
= pk_mk_pa_reply_enckey(r
->context
,
1405 free_PA_PK_AS_REP_Win2k(&rep
);
1408 ASN1_MALLOC_ENCODE(ContentInfo
, rep
.u
.encKeyPack
.data
,
1409 rep
.u
.encKeyPack
.length
, &info
, &size
,
1411 free_ContentInfo(&info
);
1413 krb5_set_error_message(r
->context
, ret
, "encoding of Key ContentInfo "
1415 free_PA_PK_AS_REP_Win2k(&rep
);
1418 if (rep
.u
.encKeyPack
.length
!= size
)
1419 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1421 ASN1_MALLOC_ENCODE(PA_PK_AS_REP_Win2k
, buf
, len
, &rep
, &size
, ret
);
1422 free_PA_PK_AS_REP_Win2k(&rep
);
1424 krb5_set_error_message(r
->context
, ret
,
1425 "encode PA-PK-AS-REP-Win2k failed %d", ret
);
1429 krb5_abortx(r
->context
, "Internal ASN.1 encoder error");
1431 ret
= krb5_generate_random_keyblock(r
->context
, sessionetype
,
1439 krb5_abortx(r
->context
, "PKINIT internal error");
1442 ret
= krb5_padata_add(r
->context
, md
, pa_type
, buf
, len
);
1444 krb5_set_error_message(r
->context
, ret
,
1445 "Failed adding PA-PK-AS-REP %d", ret
);
1450 if (config
->pkinit_kdc_ocsp_file
) {
1452 if (ocsp
.expire
== 0 && ocsp
.next_update
> kdc_time
) {
1456 krb5_data_free(&ocsp
.data
);
1459 ocsp
.next_update
= kdc_time
+ 60 * 5;
1461 fd
= open(config
->pkinit_kdc_ocsp_file
, O_RDONLY
);
1463 kdc_log(r
->context
, config
, 0,
1464 "PKINIT failed to open ocsp data file %d", errno
);
1467 ret
= fstat(fd
, &sb
);
1471 kdc_log(r
->context
, config
, 0,
1472 "PKINIT failed to stat ocsp data %d", ret
);
1476 ret
= krb5_data_alloc(&ocsp
.data
, sb
.st_size
);
1479 kdc_log(r
->context
, config
, 0,
1480 "PKINIT failed to allocate ocsp data %d", ret
);
1483 ocsp
.data
.length
= sb
.st_size
;
1484 ret
= read(fd
, ocsp
.data
.data
, sb
.st_size
);
1486 if (ret
!= sb
.st_size
) {
1487 kdc_log(r
->context
, config
, 0,
1488 "PKINIT failed to read ocsp data %d", errno
);
1492 ret
= hx509_ocsp_verify(r
->context
->hx509ctx
,
1496 ocsp
.data
.data
, ocsp
.data
.length
,
1499 kdc_log(r
->context
, config
, 0,
1500 "PKINIT failed to verify ocsp data %d", ret
);
1501 krb5_data_free(&ocsp
.data
);
1503 } else if (ocsp
.expire
> 180) {
1504 ocsp
.expire
-= 180; /* refetch the ocsp before it expires */
1505 ocsp
.next_update
= ocsp
.expire
;
1507 ocsp
.next_update
= kdc_time
;
1513 if (ocsp
.expire
!= 0 && ocsp
.expire
> kdc_time
) {
1515 ret
= krb5_padata_add(r
->context
, md
,
1516 KRB5_PADATA_PA_PK_OCSP_RESPONSE
,
1517 ocsp
.data
.data
, ocsp
.data
.length
);
1519 krb5_set_error_message(r
->context
, ret
,
1520 "Failed adding OCSP response %d", ret
);
1528 hx509_cert_free(kdc_cert
);
1531 ret
= krb5_copy_keyblock_contents(r
->context
, &cp
->reply_key
, reply_key
);
1536 match_rfc_san(krb5_context context
,
1537 krb5_kdc_configuration
*config
,
1538 hx509_context hx509ctx
,
1539 hx509_cert client_cert
,
1540 krb5_const_principal match
)
1542 hx509_octet_string_list list
;
1546 memset(&list
, 0 , sizeof(list
));
1548 ret
= hx509_cert_find_subjectAltName_otherName(hx509ctx
,
1550 &asn1_oid_id_pkinit_san
,
1555 for (i
= 0; !found
&& i
< list
.len
; i
++) {
1556 krb5_principal_data principal
;
1557 KRB5PrincipalName kn
;
1560 ret
= decode_KRB5PrincipalName(list
.val
[i
].data
,
1564 const char *msg
= krb5_get_error_message(context
, ret
);
1565 kdc_log(context
, config
, 0,
1566 "Decoding Kerberos principal name in certificate failed: %s", msg
);
1567 krb5_free_error_message(context
, msg
);
1570 if (size
!= list
.val
[i
].length
) {
1571 kdc_log(context
, config
, 0,
1572 "Decoded Kerberos principal name did not have expected length");
1573 return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1576 memset(&principal
, 0, sizeof (principal
));
1577 principal
.name
= kn
.principalName
;
1578 principal
.realm
= kn
.realm
;
1580 if (krb5_principal_compare(context
, &principal
, match
) == TRUE
)
1582 free_KRB5PrincipalName(&kn
);
1586 hx509_free_octet_string_list(&list
);
1591 return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1597 match_ms_upn_san(krb5_context context
,
1598 krb5_kdc_configuration
*config
,
1599 hx509_context hx509ctx
,
1600 hx509_cert client_cert
,
1604 hx509_octet_string_list list
;
1605 krb5_principal principal
= NULL
;
1610 memset(&list
, 0 , sizeof(list
));
1612 ret
= hx509_cert_find_subjectAltName_otherName(hx509ctx
,
1614 &asn1_oid_id_pkinit_ms_san
,
1619 if (list
.len
!= 1) {
1621 kdc_log(context
, config
, 0,
1622 "More than one PKINIT MS UPN SAN");
1624 kdc_log(context
, config
, 0,
1625 "No PKINIT MS UPN SAN");
1626 ret
= KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1630 ret
= decode_MS_UPN_SAN(list
.val
[0].data
, list
.val
[0].length
, &upn
, &size
);
1632 kdc_log(context
, config
, 0, "Decode of MS-UPN-SAN failed");
1635 if (size
!= list
.val
[0].length
) {
1636 free_MS_UPN_SAN(&upn
);
1637 kdc_log(context
, config
, 0, "Trailing data in MS UPN SAN");
1638 ret
= KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1642 kdc_log(context
, config
, 0, "found MS UPN SAN: %s", upn
);
1644 ret
= krb5_parse_name(context
, upn
, &principal
);
1645 free_MS_UPN_SAN(&upn
);
1647 kdc_log(context
, config
, 0, "Failed to parse principal in MS UPN SAN");
1651 if (clientdb
->hdb_check_pkinit_ms_upn_match
) {
1652 ret
= clientdb
->hdb_check_pkinit_ms_upn_match(context
, clientdb
, client
, principal
);
1656 * This is very wrong, but will do for a fallback
1658 strupr(principal
->realm
);
1660 if (krb5_principal_compare(context
, principal
, client
->principal
) == FALSE
)
1661 ret
= KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1666 krb5_free_principal(context
, principal
);
1667 hx509_free_octet_string_list(&list
);
1673 _kdc_pk_check_client(astgs_request_t r
,
1674 pk_client_params
*cp
,
1675 char **subject_name
)
1677 krb5_kdc_configuration
*config
= r
->config
;
1678 HDB
*clientdb
= r
->clientdb
;
1679 hdb_entry
*client
= r
->client
;
1680 const HDB_Ext_PKINIT_acl
*acl
;
1681 const HDB_Ext_PKINIT_cert
*pc
;
1682 krb5_error_code ret
;
1686 if (cp
->cert
== NULL
) {
1687 if (!_kdc_is_anonymous(r
->context
, client
->principal
)
1688 && !config
->historical_anon_realm
)
1689 return KRB5KDC_ERR_BADOPTION
;
1691 *subject_name
= strdup("<unauthenticated anonymous client>");
1692 if (*subject_name
== NULL
)
1697 cp
->endtime
= hx509_cert_get_notAfter(cp
->cert
);
1699 if (config
->pkinit_max_life_from_cert_extension
)
1701 hx509_cert_get_pkinit_max_life(r
->context
->hx509ctx
, cp
->cert
,
1702 config
->pkinit_max_life_bound
);
1703 if (cp
->max_life
== 0 && config
->pkinit_max_life_from_cert
> 0) {
1704 cp
->max_life
= cp
->endtime
- hx509_cert_get_notBefore(cp
->cert
);
1705 if (cp
->max_life
> config
->pkinit_max_life_from_cert
)
1706 cp
->max_life
= config
->pkinit_max_life_from_cert
;
1709 ret
= hx509_cert_get_base_subject(r
->context
->hx509ctx
,
1715 ret
= hx509_name_to_string(name
, subject_name
);
1716 hx509_name_free(&name
);
1720 kdc_log(r
->context
, config
, 0,
1721 "Trying to authorize PKINIT subject DN %s",
1724 ret
= hdb_entry_get_pkinit_cert(client
, &pc
);
1725 if (ret
== 0 && pc
) {
1729 for (j
= 0; j
< pc
->len
; j
++) {
1730 cert
= hx509_cert_init_data(r
->context
->hx509ctx
,
1731 pc
->val
[j
].cert
.data
,
1732 pc
->val
[j
].cert
.length
,
1736 ret
= hx509_cert_cmp(cert
, cp
->cert
);
1737 hx509_cert_free(cert
);
1739 kdc_log(r
->context
, config
, 5,
1740 "Found matching PKINIT cert in hdb");
1747 if (config
->pkinit_princ_in_cert
) {
1748 ret
= match_rfc_san(r
->context
, config
,
1749 r
->context
->hx509ctx
,
1753 kdc_log(r
->context
, config
, 5,
1754 "Found matching PKINIT SAN in certificate");
1757 ret
= match_ms_upn_san(r
->context
, config
,
1758 r
->context
->hx509ctx
,
1763 kdc_log(r
->context
, config
, 5,
1764 "Found matching MS UPN SAN in certificate");
1769 ret
= hdb_entry_get_pkinit_acl(client
, &acl
);
1770 if (ret
== 0 && acl
!= NULL
) {
1772 * Cheat here and compare the generated name with the string
1773 * and not the reverse.
1775 for (i
= 0; i
< acl
->len
; i
++) {
1776 if (strcmp(*subject_name
, acl
->val
[0].subject
) != 0)
1779 /* Don't support issuer and anchor checking right now */
1780 if (acl
->val
[0].issuer
)
1782 if (acl
->val
[0].anchor
)
1785 kdc_log(r
->context
, config
, 5,
1786 "Found matching PKINIT database ACL");
1791 for (i
= 0; i
< principal_mappings
.len
; i
++) {
1794 b
= krb5_principal_compare(r
->context
,
1796 principal_mappings
.val
[i
].principal
);
1799 if (strcmp(principal_mappings
.val
[i
].subject
, *subject_name
) != 0)
1801 kdc_log(r
->context
, config
, 5,
1802 "Found matching PKINIT FILE ACL");
1806 ret
= KRB5_KDC_ERR_CLIENT_NAME_MISMATCH
;
1807 krb5_set_error_message(r
->context
, ret
,
1808 "PKINIT no matching principals for %s",
1811 kdc_log(r
->context
, config
, 5,
1812 "PKINIT no matching principals for %s",
1815 free(*subject_name
);
1816 *subject_name
= NULL
;
1821 static krb5_error_code
1822 add_principal_mapping(krb5_context context
,
1823 const char *principal_name
,
1824 const char * subject
)
1826 struct pk_allowed_princ
*tmp
;
1827 krb5_principal principal
;
1828 krb5_error_code ret
;
1830 tmp
= realloc(principal_mappings
.val
,
1831 (principal_mappings
.len
+ 1) * sizeof(*tmp
));
1834 principal_mappings
.val
= tmp
;
1836 ret
= krb5_parse_name(context
, principal_name
, &principal
);
1840 principal_mappings
.val
[principal_mappings
.len
].principal
= principal
;
1842 principal_mappings
.val
[principal_mappings
.len
].subject
= strdup(subject
);
1843 if (principal_mappings
.val
[principal_mappings
.len
].subject
== NULL
) {
1844 krb5_free_principal(context
, principal
);
1847 principal_mappings
.len
++;
1853 _kdc_add_initial_verified_cas(krb5_context context
,
1854 krb5_kdc_configuration
*config
,
1855 pk_client_params
*cp
,
1858 AD_INITIAL_VERIFIED_CAS cas
;
1859 krb5_error_code ret
;
1863 memset(&cas
, 0, sizeof(cas
));
1865 /* XXX add CAs to cas here */
1867 ASN1_MALLOC_ENCODE(AD_INITIAL_VERIFIED_CAS
, data
.data
, data
.length
,
1871 if (data
.length
!= size
)
1872 krb5_abortx(context
, "internal asn.1 encoder error");
1874 ret
= _kdc_tkt_add_if_relevant_ad(context
, tkt
,
1875 KRB5_AUTHDATA_INITIAL_VERIFIED_CAS
,
1877 krb5_data_free(&data
);
1886 load_mappings(krb5_context context
, const char *fn
)
1888 krb5_error_code ret
;
1890 unsigned long lineno
= 0;
1897 while (fgets(buf
, sizeof(buf
), f
) != NULL
) {
1898 char *subject_name
, *p
;
1900 buf
[strcspn(buf
, "\n")] = '\0';
1903 p
= buf
+ strspn(buf
, " \t");
1905 if (*p
== '#' || *p
== '\0')
1908 subject_name
= strchr(p
, ':');
1909 if (subject_name
== NULL
) {
1910 krb5_warnx(context
, "pkinit mapping file line %lu "
1911 "missing \":\" :%s",
1915 *subject_name
++ = '\0';
1917 ret
= add_principal_mapping(context
, p
, subject_name
);
1919 krb5_warn(context
, ret
, "failed to add line %lu \":\" :%s\n",
1932 KDC_LIB_FUNCTION krb5_error_code KDC_LIB_CALL
1933 krb5_kdc_pk_initialize(krb5_context context
,
1934 krb5_kdc_configuration
*config
,
1935 const char *user_id
,
1936 const char *anchors
,
1942 krb5_error_code ret
;
1944 file
= krb5_config_get_string(context
, NULL
,
1945 "libdefaults", "moduli", NULL
);
1947 ret
= _krb5_parse_moduli(context
, file
, &moduli
);
1949 krb5_err(context
, 1, ret
, "PKINIT: failed to load moduli file");
1951 principal_mappings
.len
= 0;
1952 principal_mappings
.val
= NULL
;
1954 ret
= _krb5_pk_load_id(context
,
1964 krb5_warn(context
, ret
, "PKINIT: failed to load ID");
1965 config
->enable_pkinit
= 0;
1973 ret
= hx509_query_alloc(context
->hx509ctx
, &q
);
1975 krb5_warnx(context
, "PKINIT: out of memory");
1979 hx509_query_match_option(q
, HX509_QUERY_OPTION_PRIVATE_KEY
);
1980 if (config
->pkinit_kdc_friendly_name
)
1981 hx509_query_match_friendly_name(q
, config
->pkinit_kdc_friendly_name
);
1983 ret
= hx509_certs_find(context
->hx509ctx
,
1984 kdc_identity
->certs
,
1987 hx509_query_free(context
->hx509ctx
, q
);
1989 if (hx509_cert_check_eku(context
->hx509ctx
, cert
,
1990 &asn1_oid_id_pkkdcekuoid
, 0)) {
1993 ret
= hx509_cert_get_subject(cert
, &name
);
1995 hx509_name_to_string(name
, &str
);
1996 krb5_warnx(context
, "WARNING Found KDC certificate (%s) "
1997 "is missing the PKINIT KDC EKU, this is bad for "
1998 "interoperability.", str
);
1999 hx509_name_free(&name
);
2003 hx509_cert_free(cert
);
2005 krb5_warnx(context
, "PKINIT: failed to find a signing "
2006 "certificate with a public key");
2009 if (krb5_config_get_bool_default(context
,
2013 "pkinit_allow_proxy_certificate",
2015 config
->pkinit_allow_proxy_certs
= 1;
2017 file
= krb5_config_get_string(context
,
2020 "pkinit_mappings_file",
2025 aret
= asprintf(&fn
, "%s/pki-mapping", hdb_db_dir(context
));
2027 krb5_warnx(context
, "PKINIT: out of memory");
2034 load_mappings(context
, file
);