}
-/* Given KRB5 enctype (basically DES or 3DES), return
+/* Given KRB5 enctype (basically DES or 3DES),
+** return closest match openssl EVP_ encryption algorithm.
+** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.
+** Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK.
*/
EVP_CIPHER *
kssl_map_enc(krb5_enctype enctype)
{
switch (enctype)
{
+ case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
case ENCTYPE_DES_CBC_CRC:
case ENCTYPE_DES_CBC_MD4:
case ENCTYPE_DES_CBC_MD5:
case ENCTYPE_DES_CBC_RAW:
-#if ! defined(KRB5_MIT_OLD11)
- case ENCTYPE_DES_HMAC_SHA1:
-#endif
return (EVP_CIPHER *) EVP_des_cbc();
break;
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
case ENCTYPE_DES3_CBC_SHA:
case ENCTYPE_DES3_CBC_RAW:
-#if ! defined(KRB5_MIT_OLD11)
- case ENCTYPE_DES3_CBC_SHA1:
-#endif
return (EVP_CIPHER *) EVP_des_ede3_cbc();
break;
default: return (EVP_CIPHER *) NULL;
** what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
** it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
*/
-int *populate_cksumlens(void)
+size_t *populate_cksumlens(void)
{
- int i, j, n = 0x0010+1;
+ int i, j, n;
static size_t *cklens = NULL;
+#ifdef KRB5_MIT_OLD11
+ n = krb5_max_cksum;
+#else
+ n = 0x0010;
+#endif /* KRB5_MIT_OLD11 */
+
#ifdef KRB5CHECKAUTH
- if (!cklens && !(cklens = (size_t *) calloc(sizeof(int), n))) return NULL;
+ if (!cklens && !(cklens = (size_t *) calloc(sizeof(int),n+1))) return NULL;
for (i=0; i < n; i++) {
if (!valid_cksumtype(i)) continue; /* array has holes */
*/
unsigned char *kssl_skip_confound(krb5_enctype etype, unsigned char *a)
{
- int i, cklen, conlen;
- static int *cksumlens = NULL;
+ int i, conlen;
+ size_t cklen;
+ static size_t *cksumlens = NULL;
unsigned char *test_auth;
conlen = (etype)? 8: 0;
}
arlen = krb5_app_req.length;
- p = krb5_app_req.data;
+ p = (unsigned char *)krb5_app_req.data;
ap_req = (KRB5_APREQBODY *) d2i_KRB5_APREQ(NULL, &p, arlen);
if (ap_req)
{
if (authenp->length &&
(authenp->data = malloc(authenp->length)))
{
- unsigned char *p = authenp->data;
+ unsigned char *adp = (unsigned char *)authenp->data;
authenp->length = i2d_KRB5_ENCDATA(
- ap_req->authenticator, &p);
+ ap_req->authenticator, &adp);
}
}
** &ap_option, &krb5ticket)) != 0) { Error }
*/
- p = indata->data;
+ p = (unsigned char *)indata->data;
if ((asn1ticket = (KRB5_TKTBODY *) d2i_KRB5_TICKET(NULL, &p,
(long) indata->length)) == NULL)
{
}
#endif /* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
+
+/* Given pointers to KerberosTime and struct tm structs, convert the
+** KerberosTime string to struct tm. Note that KerberosTime is a
+** ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional
+** seconds as defined in RFC 1510.
+** Return pointer to the (partially) filled in struct tm on success,
+** return NULL on failure.
+*/
+struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+ {
+ char c, *p;
+
+ if (!k_tm) return NULL;
+ if (gtime == NULL || gtime->length < 14) return NULL;
+ if (gtime->data == NULL) return NULL;
+
+ p = (char *)>ime->data[14];
+
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_sec = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_min = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_hour = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_mday = atoi(p); *(p+2) = c;
+ c = *p; *p = '\0'; p -= 2; k_tm->tm_mon = atoi(p)-1; *(p+2) = c;
+ c = *p; *p = '\0'; p -= 4; k_tm->tm_year = atoi(p)-1900; *(p+4) = c;
+
+ return k_tm;
+ }
+
+
/* Helper function for kssl_validate_times().
** We need context->clockskew, but krb5_context is an opaque struct.
** So we try to sneek the clockskew out through the replay cache.
EVP_CIPHER_CTX ciph_ctx;
EVP_CIPHER *enc = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char *p, *unenc_authent, *tbuf = NULL;
+ unsigned char *p, *unenc_authent;
int padl, outl, unencbufsize;
+ struct tm tm_time, *tm_l, *tm_g;
+ time_t now, tl, tg, tr, tz_offset;
*atimep = 0;
kssl_err_set(kssl_err, 0, "");
goto err;
}
- p = authentp->data;
+ p = (unsigned char *)authentp->data;
if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
(long) authentp->length)) == NULL)
{
}
enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
+#if !defined(KRB5_MIT_OLD11)
+ switch ( enctype ) {
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+ case ENCTYPE_DES3_CBC_SHA:
+ case ENCTYPE_DES3_CBC_RAW:
+ krb5rc = 0; /* Skip, can't handle derived keys */
+ goto err;
+ }
+#endif
enc = kssl_map_enc(enctype);
memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
- EVP_DecryptInit(&ciph_ctx, enc, kssl_ctx->key, iv);
- EVP_DecryptUpdate(&ciph_ctx, unenc_authent, &outl,
- dec_authent->cipher->data, dec_authent->cipher->length);
+ if (enc == NULL)
+ {
+ /* Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1.
+ ** This enctype indicates the authenticator was encrypted
+ ** using key-usage derived keys which openssl cannot decrypt.
+ */
+ goto err;
+ }
+ if (!EVP_DecryptInit(&ciph_ctx, enc, kssl_ctx->key, iv))
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_DecryptInit error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
+ if (!EVP_DecryptUpdate(&ciph_ctx, unenc_authent, &outl,
+ dec_authent->cipher->data, dec_authent->cipher->length))
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_DecryptUpdate error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
if (outl > unencbufsize)
{
kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err;
}
- EVP_DecryptFinal(&ciph_ctx, &(unenc_authent[outl]), &padl);
+ if (!EVP_DecryptFinal(&ciph_ctx, &(unenc_authent[outl]), &padl))
+ {
+ kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+ "EVP_DecryptFinal error decrypting authenticator.\n");
+ krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto err;
+ }
outl += padl;
if (outl > unencbufsize)
{
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err;
}
- if ((tbuf = calloc(1, auth->ctime->length + 1)) == NULL)
- {
- kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
- "Unable to allocate atime buffer.\n");
- krb5rc = KRB5KRB_ERR_GENERIC;
- goto err;
- }
- else strncpy(tbuf, auth->ctime->data, auth->ctime->length);
-
- if ( auth->ctime->length >= 9 && auth->ctime->length <= 14 )
- /* tbuf == "%Y%m%d%H%M%S" */
- {
- struct tm tm_time, *tm_l, *tm_g;
- time_t now, tl, tg, tr, tz_offset;
- int i;
- char *p = tbuf;
-
- memset(&tm_time,0,sizeof(struct tm));
- for ( i=0;
- i<4 && isdigit(*p);
- i++, p++ )
- tm_time.tm_year = tm_time.tm_year*10 + (*p-'0');
- for ( i=0;
- i<2 && isdigit(*p) && tm_time.tm_mon <= 1;
- i++, p++ )
- tm_time.tm_mon = tm_time.tm_mon*10 + (*p-'0');
- for ( i=0;
- i<2 && isdigit(*p) && tm_time.tm_mday <= 3;
- i++, p++ )
- tm_time.tm_mday = tm_time.tm_mday*10 + (*p-'0');
- for ( i=0;
- i<2 && isdigit(*p) && tm_time.tm_hour <= 2;
- i++, p++ )
- tm_time.tm_hour = tm_time.tm_hour*10 + (*p-'0');
- for ( i=0;
- i<2 && isdigit(*p) && tm_time.tm_min <= 6;
- i++, p++ )
- tm_time.tm_min = tm_time.tm_min*10 + (*p-'0');
- for ( i=0;
- i<2 && isdigit(*p) && tm_time.tm_sec <= 6;
- i++, p++ )
- tm_time.tm_sec = tm_time.tm_sec*10 + (*p-'0');
-
- now = time(&now);
- tm_l = localtime(&now); tl = mktime(tm_l);
- tm_g = gmtime(&now); tg = mktime(tm_g);
- tz_offset = tg - tl;
- tr = mktime(&tm_time);
-
- if (tr != (time_t)(-1))
- *atimep = mktime(&tm_time) - tz_offset;
- }
+
+ memset(&tm_time,0,sizeof(struct tm));
+ if (k_gmtime(auth->ctime, &tm_time) &&
+ ((tr = mktime(&tm_time)) != (time_t)(-1)))
+ {
+ now = time(&now);
+ tm_l = localtime(&now); tl = mktime(tm_l);
+ tm_g = gmtime(&now); tg = mktime(tm_g);
+ tz_offset = tg - tl;
+
+ *atimep = tr - tz_offset;
+ }
+
#ifdef KSSL_DEBUG
- printf("kssl_check_authent: client time %s = %d\n", tbuf, *atimep);
+ printf("kssl_check_authent: returns %d for client time ", *atimep);
+ if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
+ printf("%.*s\n", auth->ctime->length, auth->ctime->data);
+ else printf("NULL\n");
#endif /* KSSL_DEBUG */
err:
- if (tbuf) free(tbuf);
if (auth) KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
if (dec_authent) KRB5_ENCDATA_free(dec_authent);
if (unenc_authent) free(unenc_authent);
projects / openssl.git / blobdiff