oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Make OpenSSL an hcrypto backend proper

Browse Source 
This adds a new backend for libhcrypto: the OpenSSL backend.

Now libhcrypto has these backends:

 - hcrypto itself (i.e., the algorithms coded in lib/hcrypto)
 - Common Crypto (OS X)
 - PKCS#11 (specifically for Solaris, but not Solaris-specific)
 - Windows CNG (Windows)
 - OpenSSL (generic)

The ./configure --with-openssl=... option no longer disables the use of
hcrypto.  Instead it enables the use of OpenSSL as a (and the default)
backend in libhcrypto.  The libhcrypto framework is now always used.

OpenSSL should no longer be used directly within Heimdal, except in the
OpenSSL hcrypto backend itself, and files where elliptic curve (EC)
crypto is needed.

Because libhcrypto's EC support is incomplete, we can only use OpenSSL
for EC.  Currently that means separating all EC-using code so that it
does not use hcrypto, thus the libhx509/hxtool and PKINIT EC code has
been moved out of the files it used to be in.
This commit is contained in:
Nicolas Williams
2016-04-13 12:44:58 -05:00
parent 9df88205ba
commit 490337f4f9
60 changed files with 2206 additions and 976 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
kdc/Makefile.am
View File

@@ -2,7 +2,7 @@
include $(top_srcdir)/Makefile.am.common
AM_CPPFLAGS += $(INCLUDE_libintl) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5
AM_CPPFLAGS += $(INCLUDE_libintl) -I$(srcdir)/../lib/krb5
lib_LTLIBRARIES = libkdc.la
@@ -44,6 +44,7 @@ libkdc_la_SOURCES = \
kerberos5.c \
krb5tgs.c \
pkinit.c \
pkinit-ec.c \
log.c \
misc.c \
kx509.c \
@@ -108,6 +109,7 @@ libkdc_la_LIBADD = \
$(LIB_kdb) \
$(top_builddir)/lib/ntlm/libheimntlm.la \
$(LIB_hcrypto) \
$(LIB_openssl_crypto) \
$(top_builddir)/lib/asn1/libasn1.la \
$(LIB_roken) \
$(DB3LIB) $(DB1LIB) $(LMDBLIB) $(NDBMLIB)

15
kdc/NTMakefile
View File

@@ -1,6 +1,6 @@
########################################################################
#
# Copyright (c) 2009, Secure Endpoints Inc.
# Copyright (c) 2009-2016, Secure Endpoints Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
@@ -86,7 +86,7 @@ $(BINDIR)\digest-service.exe: $(OBJ)\digest-service.obj $(BIN_LIBS)
$(LIBEXECDIR)\kdc.exe: \
$(OBJ)\connect.obj $(OBJ)\config.obj $(OBJ)\announce.obj \
$(OBJ)\main.obj $(OBJ)\kdc-version.res \
$(LIBKDC) $(BIN_LIBS)
$(LIBKDC) $(BIN_LIBS) $(LIB_openssl_crypto)
$(EXECONLINK)
$(EXEPREP)
@@ -98,6 +98,7 @@ LIBKDC_OBJS=\
$(OBJ)\kerberos5.obj \
$(OBJ)\krb5tgs.obj \
$(OBJ)\pkinit.obj \
$(OBJ)\pkinit-ec.obj \
$(OBJ)\log.obj \
$(OBJ)\misc.obj \
$(OBJ)\kx509.obj \
@@ -105,10 +106,11 @@ LIBKDC_OBJS=\
$(OBJ)\windc.obj
LIBKDC_LIBS=\
$(LIBHDB) \
$(LIBHEIMBASE) \
$(LIBHEIMDAL) \
$(LIBHEIMNTLM) \
$(LIBHDB) \
$(LIBHEIMBASE) \
$(LIBHEIMDAL) \
$(LIBHEIMNTLM) \
$(LIB_openssl_crypto) \
$(LIBROKEN)
LIBKDCRES=$(OBJ)\libkdc-version.res
@@ -131,6 +133,7 @@ libkdc_la_SOURCES = \
kerberos5.c \
krb5tgs.c \
pkinit.c \
pkinit-ec.c \
log.c \
misc.c \
kx509.c \

323
kdc/pkinit-ec.c Normal file
View File

@@ -0,0 +1,323 @@
/*
* Copyright (c) 2016 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Portions Copyright (c) 2009 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
#ifdef PKINIT
/*
* As with the other *-ec.c files in Heimdal, this is a bit of a hack.
*
* The idea is to use OpenSSL for EC because hcrypto doesn't have the
* required functionality at this time. To do this we segregate
* EC-using code into separate source files and then we arrange for them
* to get the OpenSSL headers and not the conflicting hcrypto ones.
*
* Because of auto-generated *-private.h headers, we end up needing to
* make sure various types are defined before we include them, thus the
* strange header include order here.
*/
#ifdef HAVE_HCRYPTO_W_OPENSSL
#include <openssl/ec.h>
#include <openssl/ecdh.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
#define HEIM_NO_CRYPTO_HDRS
#endif /* HAVE_HCRYPTO_W_OPENSSL */
#ifdef HAVE_STDINT_H
#include <stdint.h>
#endif
#define NO_HCRYPTO_POLLUTION
#include <hcrypto/des.h>
#include "kdc_locl.h"
#include <heim_asn1.h>
#include <rfc2459_asn1.h>
#include <cms_asn1.h>
#include <pkinit_asn1.h>
#include <hx509.h>
#ifdef HAVE_HCRYPTO_W_OPENSSL
static void
free_client_ec_param(krb5_context context,
EC_KEY *ec_key_pk,
EC_KEY *ec_key_key)
{
if (ec_key_pk != NULL)
EC_KEY_free(ec_key_pk);
if (ec_key_key != NULL)
EC_KEY_free(ec_key_key);
}
#endif
void
_kdc_pk_free_client_ec_param(krb5_context context,
void *ec_key_pk,
void *ec_key_key)
{
#ifdef HAVE_HCRYPTO_W_OPENSSL
free_client_ec_param(context, ec_key_pk, ec_key_key);
#endif
}
#ifdef HAVE_HCRYPTO_W_OPENSSL
static krb5_error_code
generate_ecdh_keyblock(krb5_context context,
EC_KEY *ec_key_pk, /* the client's public key */
EC_KEY **ec_key_key, /* the KDC's ephemeral private */
unsigned char **dh_gen_key, /* shared secret */
size_t *dh_gen_keylen)
{
const EC_GROUP *group;
EC_KEY *ephemeral;
krb5_keyblock key;
krb5_error_code ret;
unsigned char *p;
size_t size;
int len;
*dh_gen_key = NULL;
*dh_gen_keylen = 0;
*ec_key_key = NULL;
memset(&key, 0, sizeof(key));
if (ec_key_pk == NULL) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "public_key");
return ret;
}
group = EC_KEY_get0_group(ec_key_pk);
if (group == NULL) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "failed to get the group of "
"the client's public key");
return ret;
}
ephemeral = EC_KEY_new();
if (ephemeral == NULL)
return krb5_enomem(context);
EC_KEY_set_group(ephemeral, group);
if (EC_KEY_generate_key(ephemeral) != 1) {
EC_KEY_free(ephemeral);
return krb5_enomem(context);
}
size = (EC_GROUP_get_degree(group) + 7) / 8;
p = malloc(size);
if (p == NULL) {
EC_KEY_free(ephemeral);
return krb5_enomem(context);
}
len = ECDH_compute_key(p, size,
EC_KEY_get0_public_key(ec_key_pk),
ephemeral, NULL);
if (len <= 0) {
free(p);
EC_KEY_free(ephemeral);
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "Failed to compute ECDH "
"public shared secret");
return ret;
}
*ec_key_key = ephemeral;
*dh_gen_key = p;
*dh_gen_keylen = len;
return 0;
}
#endif /* HAVE_HCRYPTO_W_OPENSSL */
krb5_error_code
_kdc_generate_ecdh_keyblock(krb5_context context,
void *ec_key_pk, /* the client's public key */
void **ec_key_key, /* the KDC's ephemeral private */
unsigned char **dh_gen_key, /* shared secret */
size_t *dh_gen_keylen)
{
#ifdef HAVE_HCRYPTO_W_OPENSSL
return generate_ecdh_keyblock(context, ec_key_pk,
(EC_KEY **)ec_key_key,
dh_gen_key, dh_gen_keylen);
#else
return ENOTSUP;
#endif /* HAVE_HCRYPTO_W_OPENSSL */
}
#ifdef HAVE_HCRYPTO_W_OPENSSL
static krb5_error_code
get_ecdh_param(krb5_context context,
krb5_kdc_configuration *config,
SubjectPublicKeyInfo *dh_key_info,
EC_KEY **out)
{
ECParameters ecp;
EC_KEY *public = NULL;
krb5_error_code ret;
const unsigned char *p;
size_t len;
int nid;
if (dh_key_info->algorithm.parameters == NULL) {
krb5_set_error_message(context, KRB5_BADMSGTYPE,
"PKINIT missing algorithm parameter "
"in clientPublicValue");
return KRB5_BADMSGTYPE;
}
memset(&ecp, 0, sizeof(ecp));
ret = decode_ECParameters(dh_key_info->algorithm.parameters->data,
dh_key_info->algorithm.parameters->length, &ecp, &len);
if (ret)
goto out;
if (ecp.element != choice_ECParameters_namedCurve) {
ret = KRB5_BADMSGTYPE;
goto out;
}
if (der_heim_oid_cmp(&ecp.u.namedCurve, &asn1_oid_id_ec_group_secp256r1) == 0)
nid = NID_X9_62_prime256v1;
else {
ret = KRB5_BADMSGTYPE;
goto out;
}
/* XXX verify group is ok */
public = EC_KEY_new_by_curve_name(nid);
p = dh_key_info->subjectPublicKey.data;
len = dh_key_info->subjectPublicKey.length / 8;
if (o2i_ECPublicKey(&public, &p, len) == NULL) {
ret = KRB5_BADMSGTYPE;
krb5_set_error_message(context, ret,
"PKINIT failed to decode ECDH key");
goto out;
}
*out = public;
public = NULL;
out:
if (public)
EC_KEY_free(public);
free_ECParameters(&ecp);
return ret;
}
#endif /* HAVE_HCRYPTO_W_OPENSSL */
krb5_error_code
_kdc_get_ecdh_param(krb5_context context,
krb5_kdc_configuration *config,
SubjectPublicKeyInfo *dh_key_info,
void **out)
{
#ifdef HAVE_HCRYPTO_W_OPENSSL
return get_ecdh_param(context, config, dh_key_info, (EC_KEY **)out);
#else
return ENOTSUP;
#endif /* HAVE_HCRYPTO_W_OPENSSL */
}
/*
*
*/
#ifdef HAVE_HCRYPTO_W_OPENSSL
static krb5_error_code
serialize_ecdh_key(krb5_context context,
EC_KEY *key,
unsigned char **out,
size_t *out_len)
{
krb5_error_code ret = 0;
unsigned char *p;
int len;
*out = NULL;
*out_len = 0;
len = i2o_ECPublicKey(key, NULL);
if (len <= 0)
return EOVERFLOW;
*out = malloc(len);
if (*out == NULL)
return krb5_enomem(context);
p = *out;
len = i2o_ECPublicKey(key, &p);
if (len <= 0) {
free(*out);
*out = NULL;
ret = EINVAL; /* XXX Better error please */
krb5_set_error_message(context, ret,
"PKINIT failed to encode ECDH key");
return ret;
}
*out_len = len * 8;
return ret;
}
#endif
krb5_error_code
_kdc_serialize_ecdh_key(krb5_context context,
void *key,
unsigned char **out,
size_t *out_len)
{
#ifdef HAVE_HCRYPTO_W_OPENSSL
return serialize_ecdh_key(context, key, out, out_len);
#else
return ENOTSUP;
#endif
}
#endif

158
kdc/pkinit.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003 - 2008 Kungliga Tekniska Högskolan
* Copyright (c) 2003 - 2016 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -53,12 +53,10 @@ struct pk_client_params {
BIGNUM *public_key;
DH *key;
} dh;
#ifdef HAVE_OPENSSL
struct {
EC_KEY *public_key;
EC_KEY *key;
void *public_key;
void *key;
} ecdh;
#endif
} u;
hx509_cert cert;
unsigned nonce;
@@ -181,14 +179,9 @@ _kdc_pk_free_client_param(krb5_context context, pk_client_params *cp)
if (cp->u.dh.public_key)
BN_free(cp->u.dh.public_key);
}
#ifdef HAVE_OPENSSL
if (cp->keyex == USE_ECDH) {
if (cp->u.ecdh.key)
EC_KEY_free(cp->u.ecdh.key);
if (cp->u.ecdh.public_key)
EC_KEY_free(cp->u.ecdh.public_key);
}
#endif
if (cp->keyex == USE_ECDH)
_kdc_pk_free_client_ec_param(context, cp->u.ecdh.key,
cp->u.ecdh.public_key);
krb5_free_keyblock_contents(context, &cp->reply_key);
if (cp->dh_group_name)
free(cp->dh_group_name);
@@ -216,7 +209,7 @@ generate_dh_keyblock(krb5_context context,
if (client_params->u.dh.public_key == NULL) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "public_key");
krb5_set_error_message(context, ret, "missing DH public_key");
goto out;
}
@@ -250,42 +243,18 @@ generate_dh_keyblock(krb5_context context,
}
ret = 0;
#ifdef HAVE_OPENSSL
} else if (client_params->keyex == USE_ECDH) {
if (client_params->u.ecdh.public_key == NULL) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "public_key");
krb5_set_error_message(context, ret, "missing ECDH public_key");
goto out;
}
client_params->u.ecdh.key = EC_KEY_new();
if (client_params->u.ecdh.key == NULL) {
ret = ENOMEM;
goto out;
}
EC_KEY_set_group(client_params->u.ecdh.key,
EC_KEY_get0_group(client_params->u.ecdh.public_key));
if (EC_KEY_generate_key(client_params->u.ecdh.key) != 1) {
ret = ENOMEM;
goto out;
}
size = (EC_GROUP_get_degree(EC_KEY_get0_group(client_params->u.ecdh.key)) + 7) / 8;
dh_gen_key = malloc(size);
if (dh_gen_key == NULL) {
ret = ENOMEM;
krb5_set_error_message(context, ret,
N_("malloc: out of memory", ""));
goto out;
}
dh_gen_keylen = ECDH_compute_key(dh_gen_key, size,
EC_KEY_get0_public_key(client_params->u.ecdh.public_key),
client_params->u.ecdh.key, NULL);
#endif /* HAVE_OPENSSL */
ret = _kdc_generate_ecdh_keyblock(context,
client_params->u.ecdh.public_key,
&client_params->u.ecdh.key,
&dh_gen_key, &dh_gen_keylen);
if (ret)
goto out;
} else {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret,
@@ -422,71 +391,6 @@ get_dh_param(krb5_context context,
return ret;
}
#ifdef HAVE_OPENSSL
static krb5_error_code
get_ecdh_param(krb5_context context,
krb5_kdc_configuration *config,
SubjectPublicKeyInfo *dh_key_info,
pk_client_params *client_params)
{
ECParameters ecp;
EC_KEY *public = NULL;
krb5_error_code ret;
const unsigned char *p;
size_t len;
int nid;
if (dh_key_info->algorithm.parameters == NULL) {
krb5_set_error_message(context, KRB5_BADMSGTYPE,
"PKINIT missing algorithm parameter "
"in clientPublicValue");
return KRB5_BADMSGTYPE;
}
memset(&ecp, 0, sizeof(ecp));
ret = decode_ECParameters(dh_key_info->algorithm.parameters->data,
dh_key_info->algorithm.parameters->length, &ecp, &len);
if (ret)
goto out;
if (ecp.element != choice_ECParameters_namedCurve) {
ret = KRB5_BADMSGTYPE;
goto out;
}
if (der_heim_oid_cmp(&ecp.u.namedCurve, &asn1_oid_id_ec_group_secp256r1) == 0)
nid = NID_X9_62_prime256v1;
else {
ret = KRB5_BADMSGTYPE;
goto out;
}
/* XXX verify group is ok */
public = EC_KEY_new_by_curve_name(nid);
p = dh_key_info->subjectPublicKey.data;
len = dh_key_info->subjectPublicKey.length / 8;
if (o2i_ECPublicKey(&public, &p, len) == NULL) {
ret = KRB5_BADMSGTYPE;
krb5_set_error_message(context, ret,
"PKINIT failed to decode ECDH key");
goto out;
}
client_params->u.ecdh.public_key = public;
public = NULL;
out:
if (public)
EC_KEY_free(public);
free_ECParameters(&ecp);
return ret;
}
#endif /* HAVE_OPENSSL */
krb5_error_code
_kdc_pk_rd_padata(krb5_context context,
krb5_kdc_configuration *config,
@@ -829,12 +733,11 @@ _kdc_pk_rd_padata(krb5_context context,
cp->keyex = USE_DH;
ret = get_dh_param(context, config,
ap.clientPublicValue, cp);
#ifdef HAVE_OPENSSL
} else if (der_heim_oid_cmp(&ap.clientPublicValue->algorithm.algorithm, &asn1_oid_id_ecPublicKey) == 0) {
cp->keyex = USE_ECDH;
ret = get_ecdh_param(context, config,
ap.clientPublicValue, cp);
#endif /* HAVE_OPENSSL */
ret = _kdc_get_ecdh_param(context, config,
ap.clientPublicValue,
&cp->u.ecdh.public_key);
} else {
ret = KRB5_BADMSGTYPE;
krb5_set_error_message(context, ret, "PKINIT unknown DH mechanism");
@@ -1134,26 +1037,13 @@ pk_mk_pa_reply_dh(krb5_context context,
dh_info.subjectPublicKey.length = buf.length * 8;
dh_info.subjectPublicKey.data = buf.data;
krb5_data_zero(&buf);
#ifdef HAVE_OPENSSL
} else if (cp->keyex == USE_ECDH) {
unsigned char *p;
int len;
len = i2o_ECPublicKey(cp->u.ecdh.key, NULL);
if (len <= 0)
abort();
p = malloc(len);
if (p == NULL)
abort();
dh_info.subjectPublicKey.length = len * 8;
dh_info.subjectPublicKey.data = p;
len = i2o_ECPublicKey(cp->u.ecdh.key, &p);
if (len <= 0)
abort();
#endif
unsigned char *p;
ret = _kdc_serialize_ecdh_key(context, cp->u.ecdh.key, &p,
&dh_info.subjectPublicKey.length);
dh_info.subjectPublicKey.data = p;
if (ret)
goto out;
} else
krb5_abortx(context, "no keyex selected ?");
@@ -1329,9 +1219,7 @@ _kdc_pk_mk_pa_reply(krb5_context context,
switch (cp->keyex) {
case USE_DH: type = "dh"; break;
#ifdef HAVE_OPENSSL
case USE_ECDH: type = "ecdh"; break;
#endif
default: krb5_abortx(context, "unknown keyex"); break;
}