|
Packit |
fd8b60 |
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
Packit |
fd8b60 |
/* kdc/kdc_preauth_ec.c - Encrypted challenge kdcpreauth module */
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
|
|
Packit |
fd8b60 |
* All rights reserved.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* Export of this software from the United States of America may
|
|
Packit |
fd8b60 |
* require a specific license from the United States Government.
|
|
Packit |
fd8b60 |
* It is the responsibility of any person or organization contemplating
|
|
Packit |
fd8b60 |
* export to obtain such a license before exporting.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
Packit |
fd8b60 |
* distribute this software and its documentation for any purpose and
|
|
Packit |
fd8b60 |
* without fee is hereby granted, provided that the above copyright
|
|
Packit |
fd8b60 |
* notice appear in all copies and that both that copyright notice and
|
|
Packit |
fd8b60 |
* this permission notice appear in supporting documentation, and that
|
|
Packit |
fd8b60 |
* the name of M.I.T. not be used in advertising or publicity pertaining
|
|
Packit |
fd8b60 |
* to distribution of the software without specific, written prior
|
|
Packit |
fd8b60 |
* permission. Furthermore if you modify this software you must label
|
|
Packit |
fd8b60 |
* your software as modified software and not distribute it in such a
|
|
Packit |
fd8b60 |
* fashion that it might be confused with the original M.I.T. software.
|
|
Packit |
fd8b60 |
* M.I.T. makes no representations about the suitability of
|
|
Packit |
fd8b60 |
* this software for any purpose. It is provided "as is" without express
|
|
Packit |
fd8b60 |
* or implied warranty.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* Implement Encrypted Challenge fast factor from
|
|
Packit |
fd8b60 |
* draft-ietf-krb-wg-preauth-framework
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#include <k5-int.h>
|
|
Packit |
fd8b60 |
#include <krb5/kdcpreauth_plugin.h>
|
|
Packit |
fd8b60 |
#include "kdc_util.h"
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
static void
|
|
Packit |
fd8b60 |
ec_edata(krb5_context context, krb5_kdc_req *request,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_moddata moddata, krb5_preauthtype pa_type,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_edata_respond_fn respond, void *arg)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_keyblock *armor_key = cb->fast_armor(context, rock);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Encrypted challenge only works with FAST, and requires a client key. */
|
|
Packit |
fd8b60 |
if (armor_key == NULL || !cb->have_client_keys(context, rock))
|
|
Packit |
fd8b60 |
(*respond)(arg, ENOENT, NULL);
|
|
Packit |
fd8b60 |
else
|
|
Packit |
fd8b60 |
(*respond)(arg, 0, NULL);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
static void
|
|
Packit |
fd8b60 |
ec_verify(krb5_context context, krb5_data *req_pkt, krb5_kdc_req *request,
|
|
Packit |
fd8b60 |
krb5_enc_tkt_part *enc_tkt_reply, krb5_pa_data *data,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_moddata moddata,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_verify_respond_fn respond, void *arg)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_error_code retval = 0;
|
|
Packit |
fd8b60 |
krb5_enc_data *enc = NULL;
|
|
Packit |
fd8b60 |
krb5_data scratch, plain;
|
|
Packit |
fd8b60 |
krb5_keyblock *armor_key = cb->fast_armor(context, rock);
|
|
Packit |
fd8b60 |
krb5_pa_enc_ts *ts = NULL;
|
|
Packit |
fd8b60 |
krb5_keyblock *client_keys = NULL;
|
|
Packit |
fd8b60 |
krb5_keyblock *challenge_key = NULL;
|
|
Packit |
fd8b60 |
krb5_keyblock *kdc_challenge_key;
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_modreq modreq = NULL;
|
|
Packit |
fd8b60 |
int i = 0;
|
|
Packit |
fd8b60 |
char *ai = NULL, *realmstr = NULL;
|
|
Packit |
fd8b60 |
krb5_data realm = request->server->realm;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
plain.data = NULL;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (armor_key == NULL) {
|
|
Packit |
fd8b60 |
retval = ENOENT;
|
|
Packit |
fd8b60 |
k5_setmsg(context, ENOENT,
|
|
Packit |
fd8b60 |
_("Encrypted Challenge used outside of FAST tunnel"));
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
scratch.data = (char *) data->contents;
|
|
Packit |
fd8b60 |
scratch.length = data->length;
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = decode_krb5_enc_data(&scratch, &enc;;
|
|
Packit |
fd8b60 |
if (retval == 0) {
|
|
Packit |
fd8b60 |
plain.data = malloc(enc->ciphertext.length);
|
|
Packit |
fd8b60 |
plain.length = enc->ciphertext.length;
|
|
Packit |
fd8b60 |
if (plain.data == NULL)
|
|
Packit |
fd8b60 |
retval = ENOMEM;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Check for a configured FAST ec auth indicator. */
|
|
Packit |
fd8b60 |
realmstr = k5memdup0(realm.data, realm.length, &retval);
|
|
Packit |
fd8b60 |
if (realmstr != NULL)
|
|
Packit |
fd8b60 |
retval = profile_get_string(context->profile, KRB5_CONF_REALMS,
|
|
Packit |
fd8b60 |
realmstr,
|
|
Packit |
fd8b60 |
KRB5_CONF_ENCRYPTED_CHALLENGE_INDICATOR,
|
|
Packit |
fd8b60 |
NULL, &ai;;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = cb->client_keys(context, rock, &client_keys);
|
|
Packit |
fd8b60 |
if (retval == 0) {
|
|
Packit |
fd8b60 |
for (i = 0; client_keys[i].enctype&& (retval == 0); i++ ) {
|
|
Packit |
fd8b60 |
retval = krb5_c_fx_cf2_simple(context,
|
|
Packit |
fd8b60 |
armor_key, "clientchallengearmor",
|
|
Packit |
fd8b60 |
&client_keys[i], "challengelongterm",
|
|
Packit |
fd8b60 |
&challenge_key);
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = krb5_c_decrypt(context, challenge_key,
|
|
Packit |
fd8b60 |
KRB5_KEYUSAGE_ENC_CHALLENGE_CLIENT,
|
|
Packit |
fd8b60 |
NULL, enc, &plain);
|
|
Packit |
fd8b60 |
if (challenge_key)
|
|
Packit |
fd8b60 |
krb5_free_keyblock(context, challenge_key);
|
|
Packit |
fd8b60 |
challenge_key = NULL;
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
break;
|
|
Packit |
fd8b60 |
/*We failed to decrypt. Try next key*/
|
|
Packit |
fd8b60 |
retval = 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
if (client_keys[i].enctype == 0) {
|
|
Packit |
fd8b60 |
retval = KRB5KDC_ERR_PREAUTH_FAILED;
|
|
Packit |
fd8b60 |
k5_setmsg(context, retval,
|
|
Packit |
fd8b60 |
_("Incorrect password in encrypted challenge"));
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = decode_krb5_pa_enc_ts(&plain, &ts);
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = krb5_check_clockskew(context, ts->patimestamp);
|
|
Packit |
fd8b60 |
if (retval == 0) {
|
|
Packit |
fd8b60 |
enc_tkt_reply->flags |= TKT_FLG_PRE_AUTH;
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* If this fails, we won't generate a reply to the client. That may
|
|
Packit |
fd8b60 |
* cause the client to fail, but at this point the KDC has considered
|
|
Packit |
fd8b60 |
* this a success, so the return value is ignored.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
if (krb5_c_fx_cf2_simple(context, armor_key, "kdcchallengearmor",
|
|
Packit |
fd8b60 |
&client_keys[i], "challengelongterm",
|
|
Packit |
fd8b60 |
&kdc_challenge_key) == 0) {
|
|
Packit |
fd8b60 |
modreq = (krb5_kdcpreauth_modreq)kdc_challenge_key;
|
|
Packit |
fd8b60 |
if (ai != NULL)
|
|
Packit |
fd8b60 |
cb->add_auth_indicator(context, rock, ai);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
cb->free_keys(context, rock, client_keys);
|
|
Packit |
fd8b60 |
if (plain.data)
|
|
Packit |
fd8b60 |
free(plain.data);
|
|
Packit |
fd8b60 |
if (enc)
|
|
Packit |
fd8b60 |
krb5_free_enc_data(context, enc);
|
|
Packit |
fd8b60 |
if (ts)
|
|
Packit |
fd8b60 |
krb5_free_pa_enc_ts(context, ts);
|
|
Packit |
fd8b60 |
free(realmstr);
|
|
Packit |
fd8b60 |
free(ai);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
(*respond)(arg, retval, modreq, NULL, NULL);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
static krb5_error_code
|
|
Packit |
fd8b60 |
ec_return(krb5_context context, krb5_pa_data *padata, krb5_data *req_pkt,
|
|
Packit |
fd8b60 |
krb5_kdc_req *request, krb5_kdc_rep *reply,
|
|
Packit |
fd8b60 |
krb5_keyblock *encrypting_key, krb5_pa_data **send_pa,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_callbacks cb, krb5_kdcpreauth_rock rock,
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_moddata moddata, krb5_kdcpreauth_modreq modreq)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_error_code retval = 0;
|
|
Packit |
fd8b60 |
krb5_keyblock *challenge_key = (krb5_keyblock *)modreq;
|
|
Packit |
fd8b60 |
krb5_pa_enc_ts ts;
|
|
Packit |
fd8b60 |
krb5_data *plain = NULL;
|
|
Packit |
fd8b60 |
krb5_enc_data enc;
|
|
Packit |
fd8b60 |
krb5_data *encoded = NULL;
|
|
Packit |
fd8b60 |
krb5_pa_data *pa = NULL;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (challenge_key == NULL)
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
enc.ciphertext.data = NULL; /* In case of error pass through */
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
retval = krb5_us_timeofday(context, &ts.patimestamp, &ts.pausec);
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = encode_krb5_pa_enc_ts(&ts, &plain);
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = krb5_encrypt_helper(context, challenge_key,
|
|
Packit |
fd8b60 |
KRB5_KEYUSAGE_ENC_CHALLENGE_KDC,
|
|
Packit |
fd8b60 |
plain, &enc;;
|
|
Packit |
fd8b60 |
if (retval == 0)
|
|
Packit |
fd8b60 |
retval = encode_krb5_enc_data(&enc, &encoded);
|
|
Packit |
fd8b60 |
if (retval == 0) {
|
|
Packit |
fd8b60 |
pa = calloc(1, sizeof(krb5_pa_data));
|
|
Packit |
fd8b60 |
if (pa == NULL)
|
|
Packit |
fd8b60 |
retval = ENOMEM;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
if (retval == 0) {
|
|
Packit |
fd8b60 |
pa->pa_type = KRB5_PADATA_ENCRYPTED_CHALLENGE;
|
|
Packit |
fd8b60 |
pa->contents = (unsigned char *) encoded->data;
|
|
Packit |
fd8b60 |
pa->length = encoded->length;
|
|
Packit |
fd8b60 |
encoded->data = NULL;
|
|
Packit |
fd8b60 |
*send_pa = pa;
|
|
Packit |
fd8b60 |
pa = NULL;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
if (challenge_key)
|
|
Packit |
fd8b60 |
krb5_free_keyblock(context, challenge_key);
|
|
Packit |
fd8b60 |
if (encoded)
|
|
Packit |
fd8b60 |
krb5_free_data(context, encoded);
|
|
Packit |
fd8b60 |
if (plain)
|
|
Packit |
fd8b60 |
krb5_free_data(context, plain);
|
|
Packit |
fd8b60 |
if (enc.ciphertext.data)
|
|
Packit |
fd8b60 |
krb5_free_data_contents(context, &enc.ciphertext);
|
|
Packit |
fd8b60 |
return retval;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
static krb5_preauthtype ec_types[] = {
|
|
Packit |
fd8b60 |
KRB5_PADATA_ENCRYPTED_CHALLENGE, 0};
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code
|
|
Packit |
fd8b60 |
kdcpreauth_encrypted_challenge_initvt(krb5_context context, int maj_ver,
|
|
Packit |
fd8b60 |
int min_ver, krb5_plugin_vtable vtable)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_kdcpreauth_vtable vt;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (maj_ver != 1)
|
|
Packit |
fd8b60 |
return KRB5_PLUGIN_VER_NOTSUPP;
|
|
Packit |
fd8b60 |
vt = (krb5_kdcpreauth_vtable)vtable;
|
|
Packit |
fd8b60 |
vt->name = "encrypted_challenge";
|
|
Packit |
fd8b60 |
vt->pa_type_list = ec_types;
|
|
Packit |
fd8b60 |
vt->edata = ec_edata;
|
|
Packit |
fd8b60 |
vt->verify = ec_verify;
|
|
Packit |
fd8b60 |
vt->return_padata = ec_return;
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|