1 /* 2 * Copyright (c) 2000 - 2001 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "hdb_locl.h" 35 #ifndef O_BINARY 36 #define O_BINARY 0 37 #endif 38 39 RCSID("$Id: mkey.c,v 1.13 2001/12/05 14:41:45 nectar Exp $"); 40 41 struct hdb_master_key_data { 42 krb5_keytab_entry keytab; 43 krb5_crypto crypto; 44 struct hdb_master_key_data *next; 45 }; 46 47 void 48 hdb_free_master_key(krb5_context context, hdb_master_key mkey) 49 { 50 struct hdb_master_key_data *ptr; 51 while(mkey) { 52 krb5_kt_free_entry(context, &mkey->keytab); 53 if (mkey->crypto) 54 krb5_crypto_destroy(context, mkey->crypto); 55 ptr = mkey; 56 mkey = mkey->next; 57 free(ptr); 58 } 59 } 60 61 krb5_error_code 62 hdb_process_master_key(krb5_context context, 63 int kvno, krb5_keyblock *key, krb5_enctype etype, 64 hdb_master_key *mkey) 65 { 66 krb5_error_code ret; 67 68 *mkey = calloc(1, sizeof(**mkey)); 69 if(*mkey == NULL) { 70 krb5_set_error_string(context, "malloc: out of memory"); 71 return ENOMEM; 72 } 73 (*mkey)->keytab.vno = kvno; 74 ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal); 75 if(ret) 76 goto fail; 77 ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock); 78 if(ret) 79 goto fail; 80 if(etype != 0) 81 (*mkey)->keytab.keyblock.keytype = etype; 82 (*mkey)->keytab.timestamp = time(NULL); 83 ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto); 84 if(ret) 85 goto fail; 86 return 0; 87 fail: 88 hdb_free_master_key(context, *mkey); 89 *mkey = NULL; 90 return ret; 91 } 92 93 krb5_error_code 94 hdb_add_master_key(krb5_context context, krb5_keyblock *key, 95 hdb_master_key *inout) 96 { 97 int vno = 0; 98 hdb_master_key p; 99 krb5_error_code ret; 100 101 for(p = *inout; p; p = p->next) 102 vno = max(vno, p->keytab.vno); 103 vno++; 104 ret = hdb_process_master_key(context, vno, key, 0, &p); 105 if(ret) 106 return ret; 107 p->next = *inout; 108 *inout = p; 109 return 0; 110 } 111 112 static krb5_error_code 113 read_master_keytab(krb5_context context, const char *filename, 114 hdb_master_key *mkey) 115 { 116 krb5_error_code ret; 117 krb5_keytab id; 118 krb5_kt_cursor cursor; 119 krb5_keytab_entry entry; 120 hdb_master_key p; 121 122 ret = krb5_kt_resolve(context, filename, &id); 123 if(ret) 124 return ret; 125 126 ret = krb5_kt_start_seq_get(context, id, &cursor); 127 if(ret) 128 goto out; 129 *mkey = NULL; 130 while(krb5_kt_next_entry(context, id, &entry, &cursor) == 0) { 131 p = calloc(1, sizeof(*p)); 132 p->keytab = entry; 133 ret = krb5_crypto_init(context, &p->keytab.keyblock, 0, &p->crypto); 134 p->next = *mkey; 135 *mkey = p; 136 } 137 krb5_kt_end_seq_get(context, id, &cursor); 138 out: 139 krb5_kt_close(context, id); 140 return ret; 141 } 142 143 /* read a MIT master keyfile */ 144 static krb5_error_code 145 read_master_mit(krb5_context context, const char *filename, 146 hdb_master_key *mkey) 147 { 148 int fd; 149 krb5_error_code ret; 150 krb5_storage *sp; 151 u_int16_t enctype; 152 krb5_keyblock key; 153 154 fd = open(filename, O_RDONLY | O_BINARY); 155 if(fd < 0) { 156 int save_errno = errno; 157 krb5_set_error_string(context, "failed to open %s: %s", filename, 158 strerror(save_errno)); 159 return save_errno; 160 } 161 sp = krb5_storage_from_fd(fd); 162 if(sp == NULL) { 163 close(fd); 164 return errno; 165 } 166 krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER); 167 #if 0 168 /* could possibly use ret_keyblock here, but do it with more 169 checks for now */ 170 ret = krb5_ret_keyblock(sp, &key); 171 #else 172 ret = krb5_ret_int16(sp, &enctype); 173 if((htons(enctype) & 0xff00) == 0x3000) { 174 krb5_set_error_string(context, "unknown keytype in %s: %#x, expected %#x", 175 filename, htons(enctype), 0x3000); 176 ret = HEIM_ERR_BAD_MKEY; 177 goto out; 178 } 179 key.keytype = enctype; 180 ret = krb5_ret_data(sp, &key.keyvalue); 181 if(ret) 182 goto out; 183 #endif 184 ret = hdb_process_master_key(context, 0, &key, 0, mkey); 185 krb5_free_keyblock_contents(context, &key); 186 out: 187 krb5_storage_free(sp); 188 close(fd); 189 return ret; 190 } 191 192 /* read an old master key file */ 193 static krb5_error_code 194 read_master_encryptionkey(krb5_context context, const char *filename, 195 hdb_master_key *mkey) 196 { 197 int fd; 198 krb5_keyblock key; 199 krb5_error_code ret; 200 unsigned char buf[256]; 201 ssize_t len; 202 203 fd = open(filename, O_RDONLY | O_BINARY); 204 if(fd < 0) { 205 int save_errno = errno; 206 krb5_set_error_string(context, "failed to open %s: %s", 207 filename, strerror(save_errno)); 208 return save_errno; 209 } 210 211 len = read(fd, buf, sizeof(buf)); 212 close(fd); 213 if(len < 0) { 214 int save_errno = errno; 215 krb5_set_error_string(context, "error reading %s: %s", 216 filename, strerror(save_errno)); 217 return save_errno; 218 } 219 220 ret = decode_EncryptionKey(buf, len, &key, &len); 221 memset(buf, 0, sizeof(buf)); 222 if(ret) 223 return ret; 224 225 /* Originally, the keytype was just that, and later it got changed 226 to des-cbc-md5, but we always used des in cfb64 mode. This 227 should cover all cases, but will break if someone has hacked 228 this code to really use des-cbc-md5 -- but then that's not my 229 problem. */ 230 if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5) 231 key.keytype = ETYPE_DES_CFB64_NONE; 232 233 ret = hdb_process_master_key(context, 0, &key, 0, mkey); 234 krb5_free_keyblock_contents(context, &key); 235 return ret; 236 } 237 238 /* read a krb4 /.k style file */ 239 static krb5_error_code 240 read_master_krb4(krb5_context context, const char *filename, 241 hdb_master_key *mkey) 242 { 243 int fd; 244 krb5_keyblock key; 245 krb5_error_code ret; 246 unsigned char buf[256]; 247 ssize_t len; 248 249 fd = open(filename, O_RDONLY | O_BINARY); 250 if(fd < 0) { 251 int save_errno = errno; 252 krb5_set_error_string(context, "failed to open %s: %s", 253 filename, strerror(save_errno)); 254 return save_errno; 255 } 256 257 len = read(fd, buf, sizeof(buf)); 258 close(fd); 259 if(len < 0) { 260 int save_errno = errno; 261 krb5_set_error_string(context, "error reading %s: %s", 262 filename, strerror(save_errno)); 263 return save_errno; 264 } 265 if(len != 8) { 266 krb5_set_error_string(context, "bad contents of %s", filename); 267 return HEIM_ERR_EOF; /* XXX file might be too large */ 268 } 269 270 memset(&key, 0, sizeof(key)); 271 key.keytype = ETYPE_DES_PCBC_NONE; 272 ret = krb5_data_copy(&key.keyvalue, buf, len); 273 memset(buf, 0, sizeof(buf)); 274 if(ret) 275 return ret; 276 277 ret = hdb_process_master_key(context, 0, &key, 0, mkey); 278 krb5_free_keyblock_contents(context, &key); 279 return ret; 280 } 281 282 krb5_error_code 283 hdb_read_master_key(krb5_context context, const char *filename, 284 hdb_master_key *mkey) 285 { 286 FILE *f; 287 unsigned char buf[16]; 288 krb5_error_code ret; 289 290 off_t len; 291 292 *mkey = NULL; 293 294 if(filename == NULL) 295 filename = HDB_DB_DIR "/m-key"; 296 297 f = fopen(filename, "r"); 298 if(f == NULL) { 299 int save_errno = errno; 300 krb5_set_error_string(context, "failed to open %s: %s", 301 filename, strerror(save_errno)); 302 return save_errno; 303 } 304 305 if(fread(buf, 1, 2, f) != 2) { 306 krb5_set_error_string(context, "end of file reading %s", filename); 307 fclose(f); 308 return HEIM_ERR_EOF; 309 } 310 311 fseek(f, 0, SEEK_END); 312 len = ftell(f); 313 314 if(fclose(f) != 0) 315 return errno; 316 317 if(len < 0) 318 return errno; 319 320 if(len == 8) { 321 ret = read_master_krb4(context, filename, mkey); 322 } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) { 323 ret = read_master_encryptionkey(context, filename, mkey); 324 } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) { 325 ret = read_master_keytab(context, filename, mkey); 326 } else { 327 ret = read_master_mit(context, filename, mkey); 328 } 329 return ret; 330 } 331 332 krb5_error_code 333 hdb_write_master_key(krb5_context context, const char *filename, 334 hdb_master_key mkey) 335 { 336 krb5_error_code ret; 337 hdb_master_key p; 338 krb5_keytab kt; 339 340 if(filename == NULL) 341 filename = HDB_DB_DIR "/m-key"; 342 343 ret = krb5_kt_resolve(context, filename, &kt); 344 if(ret) 345 return ret; 346 347 for(p = mkey; p; p = p->next) { 348 ret = krb5_kt_add_entry(context, kt, &p->keytab); 349 } 350 351 krb5_kt_close(context, kt); 352 353 return ret; 354 } 355 356 static hdb_master_key 357 find_master_key(Key *key, hdb_master_key mkey) 358 { 359 hdb_master_key ret = NULL; 360 while(mkey) { 361 if(ret == NULL && mkey->keytab.vno == 0) 362 ret = mkey; 363 if(key->mkvno == NULL) { 364 if(ret == NULL || mkey->keytab.vno > ret->keytab.vno) 365 ret = mkey; 366 } else if(mkey->keytab.vno == *key->mkvno) 367 return mkey; 368 mkey = mkey->next; 369 } 370 return ret; 371 } 372 373 krb5_error_code 374 hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) 375 { 376 int i; 377 krb5_error_code ret; 378 krb5_data res; 379 Key *k; 380 381 for(i = 0; i < ent->keys.len; i++){ 382 hdb_master_key key; 383 384 k = &ent->keys.val[i]; 385 if(k->mkvno == NULL) 386 continue; 387 388 key = find_master_key(&ent->keys.val[i], mkey); 389 390 if (key == NULL) 391 return HDB_ERR_NO_MKEY; 392 393 ret = krb5_decrypt(context, key->crypto, HDB_KU_MKEY, 394 k->key.keyvalue.data, 395 k->key.keyvalue.length, 396 &res); 397 if (ret) 398 return ret; 399 400 memset(k->key.keyvalue.data, 0, k->key.keyvalue.length); 401 free(k->key.keyvalue.data); 402 k->key.keyvalue = res; 403 free(k->mkvno); 404 k->mkvno = NULL; 405 } 406 return 0; 407 } 408 409 krb5_error_code 410 hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent) 411 { 412 if (db->master_key_set == 0) 413 return 0; 414 return hdb_unseal_keys_mkey(context, ent, db->master_key); 415 } 416 417 krb5_error_code 418 hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) 419 { 420 int i; 421 krb5_error_code ret; 422 krb5_data res; 423 for(i = 0; i < ent->keys.len; i++){ 424 Key *k = &ent->keys.val[i]; 425 hdb_master_key key; 426 427 if(k->mkvno != NULL) 428 continue; 429 430 key = find_master_key(k, mkey); 431 432 if (key == NULL) 433 return HDB_ERR_NO_MKEY; 434 435 ret = krb5_encrypt(context, key->crypto, HDB_KU_MKEY, 436 k->key.keyvalue.data, 437 k->key.keyvalue.length, 438 &res); 439 if (ret) 440 return ret; 441 442 memset(k->key.keyvalue.data, 0, k->key.keyvalue.length); 443 free(k->key.keyvalue.data); 444 k->key.keyvalue = res; 445 446 k->mkvno = malloc(sizeof(*k->mkvno)); 447 if (k->mkvno == NULL) 448 return ENOMEM; 449 *k->mkvno = key->keytab.vno; 450 } 451 return 0; 452 } 453 454 krb5_error_code 455 hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent) 456 { 457 if (db->master_key_set == 0) 458 return 0; 459 460 return hdb_seal_keys_mkey(context, ent, db->master_key); 461 } 462 463 krb5_error_code 464 hdb_set_master_key (krb5_context context, 465 HDB *db, 466 krb5_keyblock *key) 467 { 468 krb5_error_code ret; 469 hdb_master_key mkey; 470 471 ret = hdb_process_master_key(context, 0, key, 0, &mkey); 472 if (ret) 473 return ret; 474 db->master_key = mkey; 475 #if 0 /* XXX - why? */ 476 des_set_random_generator_seed(key.keyvalue.data); 477 #endif 478 db->master_key_set = 1; 479 return 0; 480 } 481 482 krb5_error_code 483 hdb_set_master_keyfile (krb5_context context, 484 HDB *db, 485 const char *keyfile) 486 { 487 hdb_master_key key; 488 krb5_error_code ret; 489 490 ret = hdb_read_master_key(context, keyfile, &key); 491 if (ret) { 492 if (ret != ENOENT) 493 return ret; 494 krb5_clear_error_string(context); 495 return 0; 496 } 497 db->master_key = key; 498 db->master_key_set = 1; 499 return ret; 500 } 501 502 krb5_error_code 503 hdb_clear_master_key (krb5_context context, 504 HDB *db) 505 { 506 if (db->master_key_set) { 507 hdb_free_master_key(context, db->master_key); 508 db->master_key_set = 0; 509 } 510 return 0; 511 } 512