14 * portion of this software, then the disclaimer below must
15 * also be included.
16 *
17 * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
18 * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
19 * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
20 * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
21 * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
22 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
23 * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
24 * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
25 * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
26 * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
27 * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGES.
29 */
30
31 /*
32 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
33 * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
34 */
35
36 #include <errno.h>
37 #include <string.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <dlfcn.h>
41 #include <unistd.h>
42 #include <dirent.h>
43
44
45 /* Solaris Kerberos */
46 #include <libintl.h>
47 #include <assert.h>
48 #include <security/pam_appl.h>
49 #include <ctype.h>
50 #include "k5-int.h"
51 #include <ctype.h>
52
53 /*
352 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
353 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
354 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
355 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
356 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
357 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
358 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
359 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
360 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
361 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
362 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
363 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
364 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
365 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
366 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
367 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
368 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
369 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
370 };
371
372 /* Solaris Kerberos */
373 static k5_mutex_t oids_mutex = K5_MUTEX_PARTIAL_INITIALIZER;
374 static int pkinit_oids_refs = 0;
375
376 krb5_error_code
377 pkinit_init_plg_crypto(pkinit_plg_crypto_context *cryptoctx) {
378
379 krb5_error_code retval = ENOMEM;
380 pkinit_plg_crypto_context ctx = NULL;
381
382 /* initialize openssl routines */
383 /* Solaris Kerberos */
384 retval = openssl_init();
385 if (retval != 0)
386 goto out;
387
388 ctx = (pkinit_plg_crypto_context)malloc(sizeof(*ctx));
389 if (ctx == NULL)
390 goto out;
391 (void) memset(ctx, 0, sizeof(*ctx));
392
393 pkiDebug("%s: initializing openssl crypto context at %p\n",
394 __FUNCTION__, ctx);
395 retval = pkinit_init_pkinit_oids(ctx);
490 }
491
492 void
493 pkinit_fini_req_crypto(pkinit_req_crypto_context req_cryptoctx)
494 {
495 if (req_cryptoctx == NULL)
496 return;
497
498 pkiDebug("%s: freeing ctx at %p\n", __FUNCTION__, req_cryptoctx);
499 if (req_cryptoctx->dh != NULL)
500 DH_free(req_cryptoctx->dh);
501 if (req_cryptoctx->received_cert != NULL)
502 X509_free(req_cryptoctx->received_cert);
503
504 free(req_cryptoctx);
505 }
506
507 static krb5_error_code
508 pkinit_init_pkinit_oids(pkinit_plg_crypto_context ctx)
509 {
510 krb5_error_code retval = ENOMEM;
511 int nid = 0;
512
513 /*
514 * If OpenSSL already knows about the OID, use the
515 * existing definition. Otherwise, create an OID object.
516 */
517 #define CREATE_OBJ_IF_NEEDED(oid, vn, sn, ln) \
518 nid = OBJ_txt2nid(oid); \
519 if (nid == NID_undef) { \
520 nid = OBJ_create(oid, sn, ln); \
521 if (nid == NID_undef) { \
522 pkiDebug("Error creating oid object for '%s'\n", oid); \
523 goto out; \
524 } \
525 } \
526 ctx->vn = OBJ_nid2obj(nid);
527
528 /* Solaris Kerberos */
529 retval = k5_mutex_lock(&oids_mutex);
530 if (retval != 0)
531 goto out;
532
533 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.2.2", id_pkinit_san,
534 "id-pkinit-san", "KRB5PrincipalName");
535
536 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.2.3.1", id_pkinit_authData,
537 "id-pkinit-authdata", "PKINIT signedAuthPack");
538
539 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.2.3.2", id_pkinit_DHKeyData,
540 "id-pkinit-DHKeyData", "PKINIT dhSignedData");
541
542 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.2.3.3", id_pkinit_rkeyData,
543 "id-pkinit-rkeyData", "PKINIT encKeyPack");
544
545 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.2.3.4", id_pkinit_KPClientAuth,
546 "id-pkinit-KPClientAuth", "PKINIT Client EKU");
547
548 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.2.3.5", id_pkinit_KPKdc,
549 "id-pkinit-KPKdc", "KDC EKU");
550
551 #if 0
552 CREATE_OBJ_IF_NEEDED("1.2.840.113549.1.7.1", id_pkinit_authData9,
553 "id-pkcs7-data", "PKCS7 data");
554 #else
555 /* See note in pkinit_pkcs7type2oid() */
556 ctx->id_pkinit_authData9 = NULL;
557 #endif
558
559 CREATE_OBJ_IF_NEEDED("1.3.6.1.4.1.311.20.2.2", id_ms_kp_sc_logon,
560 "id-ms-kp-sc-logon EKU", "Microsoft SmartCard Login EKU");
561
562 CREATE_OBJ_IF_NEEDED("1.3.6.1.4.1.311.20.2.3", id_ms_san_upn,
563 "id-ms-san-upn", "Microsoft Universal Principal Name");
564
565 CREATE_OBJ_IF_NEEDED("1.3.6.1.5.5.7.3.1", id_kp_serverAuth,
566 "id-kp-serverAuth EKU", "Server Authentication EKU");
567
568 /* Success */
569 retval = 0;
570
571 pkinit_oids_refs++;
572 /* Solaris Kerberos */
573 k5_mutex_unlock(&oids_mutex);
574
575 out:
576 return retval;
577 }
578
579 static krb5_error_code
580 get_cert(char *filename, X509 **retcert)
581 {
582 X509 *cert = NULL;
583 BIO *tmp = NULL;
584 int code;
585 krb5_error_code retval;
586
587 if (filename == NULL || retcert == NULL)
588 return EINVAL;
589
590 *retcert = NULL;
591
592 tmp = BIO_new(BIO_s_file());
593 if (tmp == NULL)
594 return ENOMEM;
595
596 code = BIO_read_filename(tmp, filename);
635 }
636 pkey = (EVP_PKEY *) PEM_read_bio_PrivateKey(tmp, NULL, NULL, NULL);
637 if (pkey == NULL) {
638 retval = EIO;
639 pkiDebug("failed to read private key from %s\n", filename);
640 goto cleanup;
641 }
642 *retkey = pkey;
643 retval = 0;
644 cleanup:
645 if (tmp != NULL)
646 BIO_free(tmp);
647 return retval;
648 }
649
650 static void
651 pkinit_fini_pkinit_oids(pkinit_plg_crypto_context ctx)
652 {
653 if (ctx == NULL)
654 return;
655
656 /* Only call OBJ_cleanup once! */
657 /* Solaris Kerberos: locking */
658 k5_mutex_lock(&oids_mutex);
659 if (--pkinit_oids_refs == 0)
660 OBJ_cleanup();
661 k5_mutex_unlock(&oids_mutex);
662 }
663
664 static krb5_error_code
665 pkinit_init_dh_params(pkinit_plg_crypto_context plgctx)
666 {
667 krb5_error_code retval = ENOMEM;
668
669 plgctx->dh_1024 = DH_new();
670 if (plgctx->dh_1024 == NULL)
671 goto cleanup;
672 plgctx->dh_1024->p = BN_bin2bn(pkinit_1024_dhprime,
673 sizeof(pkinit_1024_dhprime), NULL);
674 if ((plgctx->dh_1024->g = BN_new()) == NULL ||
675 (plgctx->dh_1024->q = BN_new()) == NULL)
676 goto cleanup;
677 BN_set_word(plgctx->dh_1024->g, DH_GENERATOR_2);
678 BN_rshift1(plgctx->dh_1024->q, plgctx->dh_1024->p);
679
680 plgctx->dh_2048 = DH_new();
681 if (plgctx->dh_2048 == NULL)
854 PKCS7 *p7 = NULL, *inner_p7 = NULL;
855 PKCS7_SIGNED *p7s = NULL;
856 PKCS7_SIGNER_INFO *p7si = NULL;
857 unsigned char *p;
858 ASN1_TYPE *pkinit_data = NULL;
859 STACK_OF(X509) * cert_stack = NULL;
860 ASN1_OCTET_STRING *digest_attr = NULL;
861 EVP_MD_CTX ctx, ctx2;
862 const EVP_MD *md_tmp = NULL;
863 unsigned char md_data[EVP_MAX_MD_SIZE], md_data2[EVP_MAX_MD_SIZE];
864 unsigned char *digestInfo_buf = NULL, *abuf = NULL;
865 unsigned int md_len, md_len2, alen, digestInfo_len;
866 STACK_OF(X509_ATTRIBUTE) * sk;
867 unsigned char *sig = NULL;
868 unsigned int sig_len = 0;
869 X509_ALGOR *alg = NULL;
870 ASN1_OCTET_STRING *digest = NULL;
871 unsigned int alg_len = 0, digest_len = 0;
872 unsigned char *y = NULL, *alg_buf = NULL, *digest_buf = NULL;
873 X509 *cert = NULL;
874 ASN1_OBJECT *oid = NULL;
875
876 /* Solaris Kerberos */
877 if (signed_data == NULL)
878 return EINVAL;
879
880 if (signed_data_len == NULL)
881 return EINVAL;
882
883 /* start creating PKCS7 data */
884 if ((p7 = PKCS7_new()) == NULL)
885 goto cleanup;
886 p7->type = OBJ_nid2obj(NID_pkcs7_signed);
887
888 if ((p7s = PKCS7_SIGNED_new()) == NULL)
889 goto cleanup;
890 p7->d.sign = p7s;
891 if (!ASN1_INTEGER_set(p7s->version, 3))
892 goto cleanup;
893
894 /* create a cert chain that has at least the signer's certificate */
979 if (cms_msg_type == CMS_SIGN_DRAFT9) {
980 /* don't include signed attributes for pa-type 15 request */
981 abuf = data;
982 alen = data_len;
983 } else {
984 /* add signed attributes */
985 /* compute sha1 digest over the EncapsulatedContentInfo */
986 EVP_MD_CTX_init(&ctx);
987 EVP_DigestInit_ex(&ctx, EVP_sha1(), NULL);
988 EVP_DigestUpdate(&ctx, data, data_len);
989 md_tmp = EVP_MD_CTX_md(&ctx);
990 EVP_DigestFinal_ex(&ctx, md_data, &md_len);
991
992 /* create a message digest attr */
993 digest_attr = ASN1_OCTET_STRING_new();
994 ASN1_OCTET_STRING_set(digest_attr, md_data, (int)md_len);
995 PKCS7_add_signed_attribute(p7si, NID_pkcs9_messageDigest,
996 V_ASN1_OCTET_STRING, (char *) digest_attr);
997
998 /* create a content-type attr */
999 PKCS7_add_signed_attribute(p7si, NID_pkcs9_contentType,
1000 V_ASN1_OBJECT, oid);
1001
1002 /* create the signature over signed attributes. get DER encoded value */
1003 /* This is the place where smartcard signature needs to be calculated */
1004 sk = p7si->auth_attr;
1005 alen = ASN1_item_i2d((ASN1_VALUE *) sk, &abuf,
1006 ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
1007 if (abuf == NULL)
1008 goto cleanup2;
1009 }
1010
1011 #ifndef WITHOUT_PKCS11
1012 /* Some tokens can only do RSAEncryption without sha1 hash */
1013 /* to compute sha1WithRSAEncryption, encode the algorithm ID for the hash
1014 * function and the hash value into an ASN.1 value of type DigestInfo
1015 * DigestInfo::=SEQUENCE {
1016 * digestAlgorithm AlgorithmIdentifier,
1017 * digest OCTET STRING }
1018 */
1019 if (id_cryptoctx->pkcs11_method == 1 &&
1020 id_cryptoctx->mech == CKM_RSA_PKCS) {
3110 return ok;
3111 }
3112
3113 static int
3114 openssl_callback_ignore_crls(int ok, X509_STORE_CTX * ctx)
3115 {
3116 if (!ok) {
3117 switch (ctx->error) {
3118 case X509_V_ERR_UNABLE_TO_GET_CRL:
3119 return 1;
3120 default:
3121 return 0;
3122 }
3123 }
3124 return ok;
3125 }
3126
3127 static ASN1_OBJECT *
3128 pkinit_pkcs7type2oid(pkinit_plg_crypto_context cryptoctx, int pkcs7_type)
3129 {
3130 int nid;
3131
3132 switch (pkcs7_type) {
3133 case CMS_SIGN_CLIENT:
3134 return cryptoctx->id_pkinit_authData;
3135 case CMS_SIGN_DRAFT9:
3136 /*
3137 * Delay creating this OID until we know we need it.
3138 * It shadows an existing OpenSSL oid. If it
3139 * is created too early, it breaks things like
3140 * the use of pkcs12 (which uses pkcs7 structures).
3141 * We need this shadow version because our code
3142 * depends on the "other" type to be unknown to the
3143 * OpenSSL code.
3144 */
3145 if (cryptoctx->id_pkinit_authData9 == NULL) {
3146 pkiDebug("%s: Creating shadow instance of pkcs7-data oid\n",
3147 __FUNCTION__);
3148 nid = OBJ_create("1.2.840.113549.1.7.1", "id-pkcs7-data",
3149 "PKCS7 data");
3150 if (nid == NID_undef)
3151 return NULL;
3152 cryptoctx->id_pkinit_authData9 = OBJ_nid2obj(nid);
3153 }
3154 return cryptoctx->id_pkinit_authData9;
3155 case CMS_SIGN_SERVER:
3156 return cryptoctx->id_pkinit_DHKeyData;
3157 case CMS_ENVEL_SERVER:
3158 return cryptoctx->id_pkinit_rkeyData;
3159 default:
3160 return NULL;
3161 }
3162
3163 }
3164
3165 #ifdef LONGHORN_BETA_COMPAT
3166 #if 0
3167 /*
3168 * This is a version that worked with Longhorn Beta 3.
3169 */
3170 static int
3171 wrap_signeddata(unsigned char *data, unsigned int data_len,
3172 unsigned char **out, unsigned int *out_len,
3173 int is_longhorn_server)
3174 {
|
14 * portion of this software, then the disclaimer below must
15 * also be included.
16 *
17 * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
18 * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
19 * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
20 * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
21 * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
22 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
23 * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
24 * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
25 * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
26 * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
27 * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGES.
29 */
30
31 /*
32 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
33 * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.
34 * Copyright 2015 RackTop Systems.
35 */
36
37 #include <errno.h>
38 #include <string.h>
39 #include <stdio.h>
40 #include <stdlib.h>
41 #include <dlfcn.h>
42 #include <unistd.h>
43 #include <dirent.h>
44
45
46 /* Solaris Kerberos */
47 #include <libintl.h>
48 #include <assert.h>
49 #include <security/pam_appl.h>
50 #include <ctype.h>
51 #include "k5-int.h"
52 #include <ctype.h>
53
54 /*
353 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
354 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
355 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
356 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
357 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
358 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
359 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
360 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
361 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
362 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
363 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
364 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
365 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
366 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
367 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
368 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
369 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
370 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
371 };
372
373 krb5_error_code
374 pkinit_init_plg_crypto(pkinit_plg_crypto_context *cryptoctx) {
375
376 krb5_error_code retval = ENOMEM;
377 pkinit_plg_crypto_context ctx = NULL;
378
379 /* initialize openssl routines */
380 /* Solaris Kerberos */
381 retval = openssl_init();
382 if (retval != 0)
383 goto out;
384
385 ctx = (pkinit_plg_crypto_context)malloc(sizeof(*ctx));
386 if (ctx == NULL)
387 goto out;
388 (void) memset(ctx, 0, sizeof(*ctx));
389
390 pkiDebug("%s: initializing openssl crypto context at %p\n",
391 __FUNCTION__, ctx);
392 retval = pkinit_init_pkinit_oids(ctx);
487 }
488
489 void
490 pkinit_fini_req_crypto(pkinit_req_crypto_context req_cryptoctx)
491 {
492 if (req_cryptoctx == NULL)
493 return;
494
495 pkiDebug("%s: freeing ctx at %p\n", __FUNCTION__, req_cryptoctx);
496 if (req_cryptoctx->dh != NULL)
497 DH_free(req_cryptoctx->dh);
498 if (req_cryptoctx->received_cert != NULL)
499 X509_free(req_cryptoctx->received_cert);
500
501 free(req_cryptoctx);
502 }
503
504 static krb5_error_code
505 pkinit_init_pkinit_oids(pkinit_plg_crypto_context ctx)
506 {
507 ctx->id_pkinit_san = OBJ_txt2obj("1.3.6.1.5.2.2", 1);
508 if (ctx->id_pkinit_san == NULL)
509 return ENOMEM;
510
511 ctx->id_pkinit_authData = OBJ_txt2obj("1.3.6.1.5.2.3.1", 1);
512 if (ctx->id_pkinit_authData == NULL)
513 return ENOMEM;
514
515 ctx->id_pkinit_DHKeyData = OBJ_txt2obj("1.3.6.1.5.2.3.2", 1);
516 if (ctx->id_pkinit_DHKeyData == NULL)
517 return ENOMEM;
518
519 ctx->id_pkinit_rkeyData = OBJ_txt2obj("1.3.6.1.5.2.3.3", 1);
520 if (ctx->id_pkinit_rkeyData == NULL)
521 return ENOMEM;
522
523 ctx->id_pkinit_KPClientAuth = OBJ_txt2obj("1.3.6.1.5.2.3.4", 1);
524 if (ctx->id_pkinit_KPClientAuth == NULL)
525 return ENOMEM;
526
527 ctx->id_pkinit_KPKdc = OBJ_txt2obj("1.3.6.1.5.2.3.5", 1);
528 if (ctx->id_pkinit_KPKdc == NULL)
529 return ENOMEM;
530
531 ctx->id_ms_kp_sc_logon = OBJ_txt2obj("1.3.6.1.4.1.311.20.2.2", 1);
532 if (ctx->id_ms_kp_sc_logon == NULL)
533 return ENOMEM;
534
535 ctx->id_ms_san_upn = OBJ_txt2obj("1.3.6.1.4.1.311.20.2.3", 1);
536 if (ctx->id_ms_san_upn == NULL)
537 return ENOMEM;
538
539 ctx->id_kp_serverAuth = OBJ_txt2obj("1.3.6.1.5.5.7.3.1", 1);
540 if (ctx->id_kp_serverAuth == NULL)
541 return ENOMEM;
542
543 return 0;
544 }
545
546 static krb5_error_code
547 get_cert(char *filename, X509 **retcert)
548 {
549 X509 *cert = NULL;
550 BIO *tmp = NULL;
551 int code;
552 krb5_error_code retval;
553
554 if (filename == NULL || retcert == NULL)
555 return EINVAL;
556
557 *retcert = NULL;
558
559 tmp = BIO_new(BIO_s_file());
560 if (tmp == NULL)
561 return ENOMEM;
562
563 code = BIO_read_filename(tmp, filename);
602 }
603 pkey = (EVP_PKEY *) PEM_read_bio_PrivateKey(tmp, NULL, NULL, NULL);
604 if (pkey == NULL) {
605 retval = EIO;
606 pkiDebug("failed to read private key from %s\n", filename);
607 goto cleanup;
608 }
609 *retkey = pkey;
610 retval = 0;
611 cleanup:
612 if (tmp != NULL)
613 BIO_free(tmp);
614 return retval;
615 }
616
617 static void
618 pkinit_fini_pkinit_oids(pkinit_plg_crypto_context ctx)
619 {
620 if (ctx == NULL)
621 return;
622 ASN1_OBJECT_free(ctx->id_pkinit_san);
623 ASN1_OBJECT_free(ctx->id_pkinit_authData);
624 ASN1_OBJECT_free(ctx->id_pkinit_DHKeyData);
625 ASN1_OBJECT_free(ctx->id_pkinit_rkeyData);
626 ASN1_OBJECT_free(ctx->id_pkinit_KPClientAuth);
627 ASN1_OBJECT_free(ctx->id_pkinit_KPKdc);
628 ASN1_OBJECT_free(ctx->id_ms_kp_sc_logon);
629 ASN1_OBJECT_free(ctx->id_ms_san_upn);
630 ASN1_OBJECT_free(ctx->id_kp_serverAuth);
631 }
632
633 static krb5_error_code
634 pkinit_init_dh_params(pkinit_plg_crypto_context plgctx)
635 {
636 krb5_error_code retval = ENOMEM;
637
638 plgctx->dh_1024 = DH_new();
639 if (plgctx->dh_1024 == NULL)
640 goto cleanup;
641 plgctx->dh_1024->p = BN_bin2bn(pkinit_1024_dhprime,
642 sizeof(pkinit_1024_dhprime), NULL);
643 if ((plgctx->dh_1024->g = BN_new()) == NULL ||
644 (plgctx->dh_1024->q = BN_new()) == NULL)
645 goto cleanup;
646 BN_set_word(plgctx->dh_1024->g, DH_GENERATOR_2);
647 BN_rshift1(plgctx->dh_1024->q, plgctx->dh_1024->p);
648
649 plgctx->dh_2048 = DH_new();
650 if (plgctx->dh_2048 == NULL)
823 PKCS7 *p7 = NULL, *inner_p7 = NULL;
824 PKCS7_SIGNED *p7s = NULL;
825 PKCS7_SIGNER_INFO *p7si = NULL;
826 unsigned char *p;
827 ASN1_TYPE *pkinit_data = NULL;
828 STACK_OF(X509) * cert_stack = NULL;
829 ASN1_OCTET_STRING *digest_attr = NULL;
830 EVP_MD_CTX ctx, ctx2;
831 const EVP_MD *md_tmp = NULL;
832 unsigned char md_data[EVP_MAX_MD_SIZE], md_data2[EVP_MAX_MD_SIZE];
833 unsigned char *digestInfo_buf = NULL, *abuf = NULL;
834 unsigned int md_len, md_len2, alen, digestInfo_len;
835 STACK_OF(X509_ATTRIBUTE) * sk;
836 unsigned char *sig = NULL;
837 unsigned int sig_len = 0;
838 X509_ALGOR *alg = NULL;
839 ASN1_OCTET_STRING *digest = NULL;
840 unsigned int alg_len = 0, digest_len = 0;
841 unsigned char *y = NULL, *alg_buf = NULL, *digest_buf = NULL;
842 X509 *cert = NULL;
843 ASN1_OBJECT *oid = NULL, *oid_copy;
844
845 /* Solaris Kerberos */
846 if (signed_data == NULL)
847 return EINVAL;
848
849 if (signed_data_len == NULL)
850 return EINVAL;
851
852 /* start creating PKCS7 data */
853 if ((p7 = PKCS7_new()) == NULL)
854 goto cleanup;
855 p7->type = OBJ_nid2obj(NID_pkcs7_signed);
856
857 if ((p7s = PKCS7_SIGNED_new()) == NULL)
858 goto cleanup;
859 p7->d.sign = p7s;
860 if (!ASN1_INTEGER_set(p7s->version, 3))
861 goto cleanup;
862
863 /* create a cert chain that has at least the signer's certificate */
948 if (cms_msg_type == CMS_SIGN_DRAFT9) {
949 /* don't include signed attributes for pa-type 15 request */
950 abuf = data;
951 alen = data_len;
952 } else {
953 /* add signed attributes */
954 /* compute sha1 digest over the EncapsulatedContentInfo */
955 EVP_MD_CTX_init(&ctx);
956 EVP_DigestInit_ex(&ctx, EVP_sha1(), NULL);
957 EVP_DigestUpdate(&ctx, data, data_len);
958 md_tmp = EVP_MD_CTX_md(&ctx);
959 EVP_DigestFinal_ex(&ctx, md_data, &md_len);
960
961 /* create a message digest attr */
962 digest_attr = ASN1_OCTET_STRING_new();
963 ASN1_OCTET_STRING_set(digest_attr, md_data, (int)md_len);
964 PKCS7_add_signed_attribute(p7si, NID_pkcs9_messageDigest,
965 V_ASN1_OCTET_STRING, (char *) digest_attr);
966
967 /* create a content-type attr */
968 oid_copy = OBJ_dup(oid);
969 if (oid_copy == NULL)
970 goto cleanup2;
971 PKCS7_add_signed_attribute(p7si, NID_pkcs9_contentType,
972 V_ASN1_OBJECT, oid_copy);
973
974 /* create the signature over signed attributes. get DER encoded value */
975 /* This is the place where smartcard signature needs to be calculated */
976 sk = p7si->auth_attr;
977 alen = ASN1_item_i2d((ASN1_VALUE *) sk, &abuf,
978 ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
979 if (abuf == NULL)
980 goto cleanup2;
981 }
982
983 #ifndef WITHOUT_PKCS11
984 /* Some tokens can only do RSAEncryption without sha1 hash */
985 /* to compute sha1WithRSAEncryption, encode the algorithm ID for the hash
986 * function and the hash value into an ASN.1 value of type DigestInfo
987 * DigestInfo::=SEQUENCE {
988 * digestAlgorithm AlgorithmIdentifier,
989 * digest OCTET STRING }
990 */
991 if (id_cryptoctx->pkcs11_method == 1 &&
992 id_cryptoctx->mech == CKM_RSA_PKCS) {
3082 return ok;
3083 }
3084
3085 static int
3086 openssl_callback_ignore_crls(int ok, X509_STORE_CTX * ctx)
3087 {
3088 if (!ok) {
3089 switch (ctx->error) {
3090 case X509_V_ERR_UNABLE_TO_GET_CRL:
3091 return 1;
3092 default:
3093 return 0;
3094 }
3095 }
3096 return ok;
3097 }
3098
3099 static ASN1_OBJECT *
3100 pkinit_pkcs7type2oid(pkinit_plg_crypto_context cryptoctx, int pkcs7_type)
3101 {
3102 switch (pkcs7_type) {
3103 case CMS_SIGN_CLIENT:
3104 return cryptoctx->id_pkinit_authData;
3105 case CMS_SIGN_DRAFT9:
3106 return OBJ_nid2obj(NID_pkcs7_data);
3107 case CMS_SIGN_SERVER:
3108 return cryptoctx->id_pkinit_DHKeyData;
3109 case CMS_ENVEL_SERVER:
3110 return cryptoctx->id_pkinit_rkeyData;
3111 default:
3112 return NULL;
3113 }
3114
3115 }
3116
3117 #ifdef LONGHORN_BETA_COMPAT
3118 #if 0
3119 /*
3120 * This is a version that worked with Longhorn Beta 3.
3121 */
3122 static int
3123 wrap_signeddata(unsigned char *data, unsigned int data_len,
3124 unsigned char **out, unsigned int *out_len,
3125 int is_longhorn_server)
3126 {
|