2 Copyright (c) 2004 The Regents of the University of Michigan.
5 Redistribution and use in source and binary forms, with or without
6 modification, are permitted provided that the following conditions
9 1. Redistributions of source code must retain the above copyright
10 notice, this list of conditions and the following disclaimer.
11 2. Redistributions in binary form must reproduce the above copyright
12 notice, this list of conditions and the following disclaimer in the
13 documentation and/or other materials provided with the distribution.
14 3. Neither the name of the University nor the names of its
15 contributors may be used to endorse or promote products derived
16 from this software without specific prior written permission.
18 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
19 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21 DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
25 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 #include <rpc/auth_gss.h>
45 /* spkm3 seems to actually want it this big, yipes. */
46 #define MAX_CTX_LEN 4096
48 #ifdef HAVE_KRB5 /* MIT Kerberos */
50 #ifdef HAVE_LUCID_CONTEXT_SUPPORT
52 /* Don't use the private structure, use the exported lucid structure */
53 #include <gssapi/gssapi.h>
54 #include <gssapi/gssapi_krb5.h>
56 #elif (KRB5_VERSION > 131)
57 /* XXX argggg, there's gotta be a better way than just duplicating this
58 * whole struct. Unfortunately, this is in a "private" header file,
59 * so this is our best choice at this point :-/
61 * XXX Does this match the Heimdal definition? */
63 typedef struct _krb5_gss_ctx_id_rec {
64 unsigned int initiate : 1; /* nonzero if initiating, zero if accepting */
65 unsigned int established : 1;
66 unsigned int big_endian : 1;
67 unsigned int have_acceptor_subkey : 1;
68 unsigned int seed_init : 1; /* XXX tested but never actually set */
70 unsigned int testing_unknown_tokid : 1; /* for testing only */
73 unsigned char seed[16];
76 krb5_keyblock *subkey;
82 krb5_timestamp endtime;
84 /* XXX these used to be signed. the old spec is inspecific, and
85 the new spec specifies unsigned. I don't believe that the change
86 affects the wire encoding. */
87 uint64_t seq_send; /* gssint_uint64 */
88 uint64_t seq_recv; /* gssint_uint64 */
90 krb5_auth_context auth_context;
91 gss_buffer_desc *mech_used; /* gss_OID_desc */
92 /* Protocol spec revision
93 0 => RFC 1964 with 3DES and RC4 enhancements
94 1 => draft-ietf-krb-wg-gssapi-cfx-01
95 No others defined so far. */
97 krb5_cksumtype cksumtype; /* for "main" subkey */
98 krb5_keyblock *acceptor_subkey; /* CFX only */
99 krb5_cksumtype acceptor_subkey_cksumtype;
101 gss_buffer_desc init_token;
103 } krb5_gss_ctx_id_rec, *krb5_gss_ctx_id_t;
105 #else /* KRB5_VERSION */
107 typedef struct _krb5_gss_ctx_id_rec {
111 unsigned char seed[16];
113 krb5_principal there;
114 krb5_keyblock *subkey;
120 krb5_timestamp endtime;
121 krb5_flags krb_flags;
127 krb5_auth_context auth_context;
128 gss_buffer_desc *mech_used;
130 krb5_cksumtype *ctypes;
131 } krb5_gss_ctx_id_rec, *krb5_gss_ctx_id_t;
133 #endif /* KRB5_VERSION */
134 #endif /* HAVE_KRB5 */
136 /* XXX We have the same issue as above. We can require SPKM-3 source
137 * at the time we compile gssd, or copy the context structure definitions
141 /* structure typedefs */
143 typedef struct spkm3_ctx_id_t {
149 /* first pass at spkm3 context. will add a bunch of stuff .... */
151 typedef struct spkm3_gss_ctx_id_desc_t {
152 spkm3_ctx_id ctx_id; /* per spkm token contextid */
154 int qop; /* negotiated qop */
158 /* DH should be abstracted to an EVP_ struct able to hold
159 * various kalg results */
160 /* XXX The following is defined as "DH *dh" in the original
161 * header we're gonna cheat and use "void *dh" here. */
163 gss_buffer_desc share_key;
164 /* derived keys are result from applying the owf_alg to the
165 * shared key - see spkm3_derive_supkey */
166 gss_buffer_desc derived_conf_key;
167 gss_buffer_desc derived_integ_key;
168 /* openssl NID's of the negotiated algorithms */
169 int keyestb_alg; /* key establishment */
170 int owf_alg; /* one way function */
171 int intg_alg; /* integrity */
172 int conf_alg; /* privacy */
173 /* der encoded REQ_TOKEN reqcontets and length */
174 unsigned char *der_reqcontents;
176 } spkm3_gss_ctx_id_desc;
179 /* adapted from mit kerberos 5 ../lib/gssapi/mechglue/mglueP.h
180 * this is what gets passed around when the mechglue code is enabled : */
181 typedef struct gss_union_ctx_id_t {
183 gss_ctx_id_t internal_ctx_id;
184 } gss_union_ctx_id_desc, *gss_union_ctx_id_t;
186 #ifdef HAVE_KRB5 /* MIT Kerberos */
187 #ifdef HAVE_LUCID_CONTEXT_SUPPORT /* Lucid context support */
189 write_lucid_keyblock(char **p, char *end, gss_krb5_lucid_key_t *key)
193 if (WRITE_BYTES(p, end, key->type)) return -1;
194 tmp.length = key->length;
195 tmp.value = key->data;
196 if (write_buffer(p, end, &tmp)) return -1;
200 #else /* lucid context support */
203 write_keyblock(char **p, char *end, struct _krb5_keyblock *arg)
207 if (WRITE_BYTES(p, end, arg->enctype)) return -1;
208 tmp.length = arg->length;
209 tmp.value = arg->contents;
210 if (write_buffer(p, end, &tmp)) return -1;
213 #endif /* lucid context support */
214 #endif /* HAVE_KRB5 */
217 #ifdef HAVE_LUCID_CONTEXT_SUPPORT /* Lucid context support */
219 prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
220 gss_buffer_desc *buf)
223 static int constant_zero = 0;
224 unsigned char fakeseed[16];
225 uint32_t word_send_seq;
226 gss_krb5_lucid_key_t enc_key;
229 gss_buffer_desc fakeoid;
232 * The new Kerberos interface to get the gss context
233 * does not include the seed or seed_init fields
234 * because we never really use them. But for now,
235 * send down a fake buffer so we can use the same
236 * interface to the kernel.
238 memset(&enc_key, 0, sizeof(enc_key));
239 memset(&fakeoid, 0, sizeof(fakeoid));
241 if (!(buf->value = calloc(1, MAX_CTX_LEN)))
244 end = buf->value + MAX_CTX_LEN;
246 if (WRITE_BYTES(&p, end, lctx->initiate)) goto out_err;
248 /* seed_init and seed not used by kernel anyway */
249 if (WRITE_BYTES(&p, end, constant_zero)) goto out_err;
250 if (write_bytes(&p, end, &fakeseed, 16)) goto out_err;
252 if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.sign_alg)) goto out_err;
253 if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.seal_alg)) goto out_err;
254 if (WRITE_BYTES(&p, end, lctx->endtime)) goto out_err;
255 word_send_seq = lctx->send_seq; /* XXX send_seq is 64-bit */
256 if (WRITE_BYTES(&p, end, word_send_seq)) goto out_err;
257 if (write_buffer(&p, end, (gss_buffer_desc*)&krb5oid)) goto out_err;
259 /* derive the encryption key and copy it into buffer */
260 enc_key.type = lctx->rfc1964_kd.ctx_key.type;
261 enc_key.length = lctx->rfc1964_kd.ctx_key.length;
262 if ((enc_key.data = calloc(1, enc_key.length)) == NULL)
264 skd = (char *) lctx->rfc1964_kd.ctx_key.data;
265 dkd = (char *) enc_key.data;
266 for (i = 0; i < enc_key.length; i++)
267 dkd[i] = skd[i] ^ 0xf0;
268 if (write_lucid_keyblock(&p, end, &enc_key)) {
274 if (write_lucid_keyblock(&p, end, &lctx->rfc1964_kd.ctx_key))
277 buf->length = p - (char *)buf->value;
280 printerr(0, "ERROR: failed serializing krb5 context for kernel\n");
281 if (buf->value) free(buf->value);
283 if (enc_key.data) free(enc_key.data);
288 prepare_krb5_rfc_cfx_buffer(gss_krb5_lucid_context_v1_t *lctx,
289 gss_buffer_desc *buf)
291 printerr(0, "ERROR: prepare_krb5_rfc_cfx_buffer: not implemented\n");
296 serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf)
298 OM_uint32 maj_stat, min_stat;
299 void *return_ctx = 0;
301 gss_krb5_lucid_context_v1_t *lctx = 0;
304 printerr(2, "DEBUG: serialize_krb5_ctx: lucid version!\n");
305 maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, &ctx,
307 if (maj_stat != GSS_S_COMPLETE)
310 /* Check the version returned, we only support v1 right now */
311 vers = ((gss_krb5_lucid_context_version_t *)return_ctx)->version;
314 lctx = (gss_krb5_lucid_context_v1_t *) return_ctx;
317 printerr(0, "ERROR: unsupported lucid sec context version %d\n",
323 /* Now lctx points to a lucid context that we can send down to kernel */
324 if (lctx->protocol == 0)
325 retcode = prepare_krb5_rfc1964_buffer(lctx, buf);
327 retcode = prepare_krb5_rfc_cfx_buffer(lctx, buf);
329 maj_stat = gss_krb5_free_lucid_sec_context(&min_stat,
331 if (maj_stat != GSS_S_COMPLETE)
332 printerr(0, "WARN: failed to free lucid sec context\n");
339 printerr(0, "ERROR: failed serializing krb5 context for kernel\n");
344 #else /* lucid context support */
347 serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf)
349 krb5_gss_ctx_id_t kctx = (krb5_gss_ctx_id_t)ctx;
351 static int constant_one = 1;
352 static int constant_zero = 0;
353 uint32_t word_seq_send;
355 if (!(buf->value = calloc(1, MAX_CTX_LEN)))
358 end = buf->value + MAX_CTX_LEN;
360 if (kctx->initiate) {
361 if (WRITE_BYTES(&p, end, constant_one)) goto out_err;
364 if (WRITE_BYTES(&p, end, constant_zero)) goto out_err;
366 if (kctx->seed_init) {
367 if (WRITE_BYTES(&p, end, constant_one)) goto out_err;
370 if (WRITE_BYTES(&p, end, constant_zero)) goto out_err;
372 if (write_bytes(&p, end, &kctx->seed, sizeof(kctx->seed)))
374 if (WRITE_BYTES(&p, end, kctx->signalg)) goto out_err;
375 if (WRITE_BYTES(&p, end, kctx->sealalg)) goto out_err;
376 if (WRITE_BYTES(&p, end, kctx->endtime)) goto out_err;
377 word_seq_send = kctx->seq_send;
378 if (WRITE_BYTES(&p, end, word_seq_send)) goto out_err;
379 if (write_buffer(&p, end, kctx->mech_used)) goto out_err;
380 if (write_keyblock(&p, end, kctx->enc)) goto out_err;
381 if (write_keyblock(&p, end, kctx->seq)) goto out_err;
383 buf->length = p - (char *)buf->value;
386 printerr(0, "ERROR: failed serializing krb5 context for kernel\n");
387 if (buf->value) free(buf->value);
391 #endif /* lucid context support */
392 #endif /* HAVE_KRB5 */
395 /* ANDROS: need to determine which fields of the spkm3_gss_ctx_id_desc_t
396 * are needed in the kernel for get_mic, validate, wrap, unwrap, and destroy
397 * and only export those fields to the kernel.
400 serialize_spkm3_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf)
402 spkm3_gss_ctx_id_desc *sctx = (spkm3_gss_ctx_id_desc *)ctx;
405 printerr(1, "serialize_spkm3_ctx called\n");
407 if (!(buf->value = calloc(1, MAX_CTX_LEN)))
410 end = buf->value + MAX_CTX_LEN;
425 if (write_buffer(&p, end, (gss_buffer_desc *)&sctx->ctx_id))
427 if (WRITE_BYTES(&p, end, sctx->qop)) goto out_err;
428 if (write_buffer(&p, end, (gss_buffer_desc *)sctx->mech_used)) goto out_err;
429 if (WRITE_BYTES(&p, end, sctx->ret_flags)) goto out_err;
430 if (WRITE_BYTES(&p, end, sctx->req_flags)) goto out_err;
431 if (write_buffer(&p, end, &sctx->share_key))
434 if (WRITE_BYTES(&p, end, sctx->conf_alg)) goto out_err;
435 if (write_buffer(&p, end, &sctx->derived_conf_key))
438 if (WRITE_BYTES(&p, end, sctx->intg_alg)) goto out_err;
439 if (write_buffer(&p, end, &sctx->derived_integ_key))
442 if (WRITE_BYTES(&p, end, sctx->keyestb_alg)) goto out_err;
443 if (WRITE_BYTES(&p, end, sctx->owf_alg)) goto out_err;
445 buf->length = p - (char *)buf->value;
448 if (buf->value) free(buf->value);
454 serialize_context_for_kernel(gss_ctx_id_t ctx, gss_buffer_desc *buf)
456 gss_union_ctx_id_t uctx = (gss_union_ctx_id_t)ctx;
458 if (g_OID_equal(&krb5oid, uctx->mech_type))
459 return serialize_krb5_ctx(uctx->internal_ctx_id, buf);
460 else if (g_OID_equal(&spkm3oid, uctx->mech_type))
461 return serialize_spkm3_ctx(uctx->internal_ctx_id, buf);
463 printerr(0, "ERROR: attempting to serialize context with "
464 "unknown mechanism oid\n");