2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "krb5_locl.h"
36 #include <pkinit_asn1.h>
39 _krb5_pk_octetstring2key(krb5_context context,
43 const heim_octet_string *c_n,
44 const heim_octet_string *k_n,
47 struct _krb5_encryption_type *et = _krb5_find_enctype(type);
49 size_t keylen, offset;
51 unsigned char counter;
52 unsigned char shaoutput[SHA_DIGEST_LENGTH];
56 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
57 N_("encryption type %d not supported", ""),
59 return KRB5_PROG_ETYPE_NOSUPP;
61 keylen = (et->keytype->bits + 7) / 8;
63 keydata = malloc(keylen);
64 if (keydata == NULL) {
65 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
69 m = EVP_MD_CTX_create();
72 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
80 EVP_DigestInit_ex(m, EVP_sha1(), NULL);
81 EVP_DigestUpdate(m, &counter, 1);
82 EVP_DigestUpdate(m, dhdata, dhsize);
85 EVP_DigestUpdate(m, c_n->data, c_n->length);
87 EVP_DigestUpdate(m, k_n->data, k_n->length);
89 EVP_DigestFinal_ex(m, shaoutput, NULL);
91 memcpy((unsigned char *)keydata + offset,
93 min(keylen - offset, sizeof(shaoutput)));
95 offset += sizeof(shaoutput);
97 } while(offset < keylen);
98 memset(shaoutput, 0, sizeof(shaoutput));
100 EVP_MD_CTX_destroy(m);
102 ret = krb5_random_to_key(context, type, keydata, keylen, key);
103 memset(keydata, 0, sizeof(keylen));
108 static krb5_error_code
109 encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data)
111 KRB5PrincipalName pn;
115 pn.principalName = p->name;
118 ASN1_MALLOC_ENCODE(KRB5PrincipalName, data->data, data->length,
121 krb5_data_zero(data);
122 krb5_set_error_message(context, ret,
123 N_("Failed to encode KRB5PrincipalName", ""));
126 if (data->length != size)
127 krb5_abortx(context, "asn1 compiler internal error");
131 static krb5_error_code
132 encode_otherinfo(krb5_context context,
133 const AlgorithmIdentifier *ai,
134 krb5_const_principal client,
135 krb5_const_principal server,
136 krb5_enctype enctype,
137 const krb5_data *as_req,
138 const krb5_data *pk_as_rep,
139 const Ticket *ticket,
142 PkinitSP80056AOtherInfo otherinfo;
143 PkinitSuppPubInfo pubinfo;
148 krb5_data_zero(other);
149 memset(&otherinfo, 0, sizeof(otherinfo));
150 memset(&pubinfo, 0, sizeof(pubinfo));
152 pubinfo.enctype = enctype;
153 pubinfo.as_REQ = *as_req;
154 pubinfo.pk_as_rep = *pk_as_rep;
155 pubinfo.ticket = *ticket;
156 ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length,
157 &pubinfo, &size, ret);
159 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
162 if (pub.length != size)
163 krb5_abortx(context, "asn1 compiler internal error");
165 ret = encode_uvinfo(context, client, &otherinfo.partyUInfo);
170 ret = encode_uvinfo(context, server, &otherinfo.partyVInfo);
172 free(otherinfo.partyUInfo.data);
177 otherinfo.algorithmID = *ai;
178 otherinfo.suppPubInfo = &pub;
180 ASN1_MALLOC_ENCODE(PkinitSP80056AOtherInfo, other->data, other->length,
181 &otherinfo, &size, ret);
182 free(otherinfo.partyUInfo.data);
183 free(otherinfo.partyVInfo.data);
186 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
189 if (other->length != size)
190 krb5_abortx(context, "asn1 compiler internal error");
198 _krb5_pk_kdf(krb5_context context,
199 const struct AlgorithmIdentifier *ai,
202 krb5_const_principal client,
203 krb5_const_principal server,
204 krb5_enctype enctype,
205 const krb5_data *as_req,
206 const krb5_data *pk_as_rep,
207 const Ticket *ticket,
210 struct _krb5_encryption_type *et;
213 size_t keylen, offset;
215 unsigned char *keydata;
216 unsigned char shaoutput[SHA512_DIGEST_LENGTH];
220 if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha1, &ai->algorithm) == 0) {
222 } else if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha256, &ai->algorithm) == 0) {
224 } else if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha512, &ai->algorithm) == 0) {
227 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
228 N_("KDF not supported", ""));
229 return KRB5_PROG_ETYPE_NOSUPP;
231 if (ai->parameters != NULL &&
232 (ai->parameters->length != 2 ||
233 memcmp(ai->parameters->data, "\x05\x00", 2) != 0))
235 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
236 N_("kdf params not NULL or the NULL-type",
238 return KRB5_PROG_ETYPE_NOSUPP;
241 et = _krb5_find_enctype(enctype);
243 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
244 N_("encryption type %d not supported", ""),
246 return KRB5_PROG_ETYPE_NOSUPP;
248 keylen = (et->keytype->bits + 7) / 8;
250 keydata = malloc(keylen);
251 if (keydata == NULL) {
252 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
256 ret = encode_otherinfo(context, ai, client, server,
257 enctype, as_req, pk_as_rep, ticket, &other);
263 m = EVP_MD_CTX_create();
267 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
274 unsigned char cdata[4];
276 EVP_DigestInit_ex(m, md, NULL);
277 _krb5_put_int(cdata, counter, 4);
278 EVP_DigestUpdate(m, cdata, 4);
279 EVP_DigestUpdate(m, dhdata, dhsize);
280 EVP_DigestUpdate(m, other.data, other.length);
282 EVP_DigestFinal_ex(m, shaoutput, NULL);
284 memcpy((unsigned char *)keydata + offset,
286 min(keylen - offset, EVP_MD_CTX_size(m)));
288 offset += EVP_MD_CTX_size(m);
290 } while(offset < keylen);
291 memset(shaoutput, 0, sizeof(shaoutput));
293 EVP_MD_CTX_destroy(m);
296 ret = krb5_random_to_key(context, enctype, keydata, keylen, key);
297 memset(keydata, 0, sizeof(keylen));