1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/krb5/krb/preauth_ec.c - Encrypted Challenge clpreauth module */
3 /*
4 * Copyright (C) 2009, 2011 by the Massachusetts Institute of Technology.
5 * All rights reserved.
6 *
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
11 *
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
25 */
26
27 /*
28 * Implement Encrypted Challenge fast factor from
29 * draft-ietf-krb-wg-preauth-framework
30 */
31
32 #include <k5-int.h>
33 #include <krb5/clpreauth_plugin.h>
34 #include "int-proto.h"
35
36 static krb5_error_code
ec_prep_questions(krb5_context context,krb5_clpreauth_moddata moddata,krb5_clpreauth_modreq modreq,krb5_get_init_creds_opt * opt,krb5_clpreauth_callbacks cb,krb5_clpreauth_rock rock,krb5_kdc_req * request,krb5_data * encoded_request_body,krb5_data * encoded_previous_request,krb5_pa_data * pa_data)37 ec_prep_questions(krb5_context context, krb5_clpreauth_moddata moddata,
38 krb5_clpreauth_modreq modreq, krb5_get_init_creds_opt *opt,
39 krb5_clpreauth_callbacks cb, krb5_clpreauth_rock rock,
40 krb5_kdc_req *request, krb5_data *encoded_request_body,
41 krb5_data *encoded_previous_request, krb5_pa_data *pa_data)
42 {
43 cb->need_as_key(context, rock);
44 return 0;
45 }
46
47 static krb5_error_code
ec_process(krb5_context context,krb5_clpreauth_moddata moddata,krb5_clpreauth_modreq modreq,krb5_get_init_creds_opt * opt,krb5_clpreauth_callbacks cb,krb5_clpreauth_rock rock,krb5_kdc_req * request,krb5_data * encoded_request_body,krb5_data * encoded_previous_request,krb5_pa_data * padata,krb5_prompter_fct prompter,void * prompter_data,krb5_pa_data *** out_padata)48 ec_process(krb5_context context, krb5_clpreauth_moddata moddata,
49 krb5_clpreauth_modreq modreq, krb5_get_init_creds_opt *opt,
50 krb5_clpreauth_callbacks cb,
51 krb5_clpreauth_rock rock, krb5_kdc_req *request,
52 krb5_data *encoded_request_body,
53 krb5_data *encoded_previous_request, krb5_pa_data *padata,
54 krb5_prompter_fct prompter, void *prompter_data,
55 krb5_pa_data ***out_padata)
56 {
57 krb5_error_code retval = 0;
58 krb5_keyblock *challenge_key = NULL, *armor_key, *as_key;
59
60 armor_key = cb->fast_armor(context, rock);
61 if (armor_key == NULL)
62 return ENOENT;
63 retval = cb->get_as_key(context, rock, &as_key);
64 if (retval == 0 && padata->length) {
65 krb5_enc_data *enc = NULL;
66 krb5_data scratch;
67 scratch.length = padata->length;
68 scratch.data = (char *) padata->contents;
69 retval = krb5_c_fx_cf2_simple(context,armor_key, "kdcchallengearmor",
70 as_key, "challengelongterm",
71 &challenge_key);
72 if (retval == 0)
73 retval = decode_krb5_enc_data(&scratch, &enc);
74 scratch.data = NULL;
75 if (retval == 0) {
76 scratch.data = malloc(enc->ciphertext.length);
77 scratch.length = enc->ciphertext.length;
78 if (scratch.data == NULL)
79 retval = ENOMEM;
80 }
81 if (retval == 0)
82 retval = krb5_c_decrypt(context, challenge_key,
83 KRB5_KEYUSAGE_ENC_CHALLENGE_KDC, NULL,
84 enc, &scratch);
85 /*
86 * Per draft 11 of the preauth framework, the client MAY but is not
87 * required to actually check the timestamp from the KDC other than to
88 * confirm it decrypts. This code does not perform that check.
89 */
90 if (scratch.data)
91 krb5_free_data_contents(context, &scratch);
92 /* If we had a callback to assert that the KDC is verified, we would
93 * call it here. */
94 if (enc)
95 krb5_free_enc_data(context, enc);
96 } else if (retval == 0) { /*No padata; we send*/
97 krb5_enc_data enc;
98 krb5_pa_data **pa = NULL;
99 krb5_data *encoded_ts = NULL;
100 krb5_pa_enc_ts ts;
101 enc.ciphertext.data = NULL;
102 /* Use the timestamp from the preauth-required error if possible.
103 * This time should always be secured by the FAST channel. */
104 retval = cb->get_preauth_time(context, rock, FALSE, &ts.patimestamp,
105 &ts.pausec);
106 if (retval == 0)
107 retval = encode_krb5_pa_enc_ts(&ts, &encoded_ts);
108 if (retval == 0)
109 retval = krb5_c_fx_cf2_simple(context,
110 armor_key, "clientchallengearmor",
111 as_key, "challengelongterm",
112 &challenge_key);
113 if (retval == 0)
114 retval = krb5_encrypt_helper(context, challenge_key,
115 KRB5_KEYUSAGE_ENC_CHALLENGE_CLIENT,
116 encoded_ts, &enc);
117 if (encoded_ts)
118 krb5_free_data(context, encoded_ts);
119 encoded_ts = NULL;
120 if (retval == 0) {
121 retval = encode_krb5_enc_data(&enc, &encoded_ts);
122 krb5_free_data_contents(context, &enc.ciphertext);
123 }
124 if (retval == 0) {
125 pa = calloc(2, sizeof(krb5_pa_data *));
126 if (pa == NULL)
127 retval = ENOMEM;
128 }
129 if (retval == 0) {
130 pa[0] = calloc(1, sizeof(krb5_pa_data));
131 if (pa[0] == NULL)
132 retval = ENOMEM;
133 }
134 if (retval == 0) {
135 pa[0]->length = encoded_ts->length;
136 pa[0]->contents = (unsigned char *) encoded_ts->data;
137 pa[0]->pa_type = KRB5_PADATA_ENCRYPTED_CHALLENGE;
138 encoded_ts->data = NULL;
139 *out_padata = pa;
140 pa = NULL;
141 cb->disable_fallback(context, rock);
142 }
143 free(pa);
144 krb5_free_data(context, encoded_ts);
145 }
146 if (challenge_key)
147 krb5_free_keyblock(context, challenge_key);
148 return retval;
149 }
150
151
152 static krb5_preauthtype ec_types[] = {
153 KRB5_PADATA_ENCRYPTED_CHALLENGE, 0};
154
155 krb5_error_code
clpreauth_encrypted_challenge_initvt(krb5_context context,int maj_ver,int min_ver,krb5_plugin_vtable vtable)156 clpreauth_encrypted_challenge_initvt(krb5_context context, int maj_ver,
157 int min_ver, krb5_plugin_vtable vtable)
158 {
159 krb5_clpreauth_vtable vt;
160
161 if (maj_ver != 1)
162 return KRB5_PLUGIN_VER_NOTSUPP;
163 vt = (krb5_clpreauth_vtable)vtable;
164 vt->name = "encrypted_challenge";
165 vt->pa_type_list = ec_types;
166 vt->prep_questions = ec_prep_questions;
167 vt->process = ec_process;
168 return 0;
169 }
170