oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
31,101 Commits 4 Branches 2 Tags
kadmin-get-printf-debugging
Commit Graph

5 Commits

Author SHA1 Message Date
Nicolas Williams
cbe156d927 Use OpenSSL 3.x _only_ and implement RFC 8636 
- No more OpenSSL 1.x support
 - Remove 1DES and 3DES
 - Remove NETLOGON, NTLM (client and 'digest' service)
 2026-01-18 19:06:16 -06:00
Nicolas Williams
20c4c0dea9 asn1: Fix ENOMEM leak in der_print_bit_string() 2023-01-04 00:43:35 -06:00
Jeffrey Altman
d269c30b2b lib/asn1: all exported functions must use ASN1CALL convention 
Otherwise, on 32-bit Windows there is a mismatch that and the
ESP register will not be populated correctly.

Prior to this change some exports were ASN1CALL and others
were not.   All of the tests assume ASN1CALL.

Change-Id: Icecff44aed4726b86100c939f64628d121bbd7ee
 2021-11-16 22:09:16 -05:00
Luke Howard
ed1ef5d776 asn1: correctly check gmtime_s() return value 
gmtime_s(), used on Windows, returns an errno_t not a struct tm *.

The previous code caused strftime() to dereference a NULL struct tm *.
 2021-08-27 16:10:03 +10:00
Nicolas Williams
fb2c81f3e8 asn1: Add printing of ASN.1 values 
JSON-like printing of ASN.1 parsed values.

Status:

 - Not X.697 (JER) compliant, not even close.

 - String escaping isn't JSON-compliant.

 - It's not printing the names of CHOICE types.

 - It's not printing the names of open type choices (i.e., IOS object
   names)

And yet it's quite useful already.  It prints all the weird things in EK
certs for example.

Here's what it outputs for the EK cert we use in check-gen.c:

{
  "_type": "Certificate",
  "tbsCertificate": {
    "_type": "TBSCertificate",
    "_save": "30820376A00302010202146A0597BA71D7E6D3AC0EDC9EDC95A15B998DE40A300D06092A864886F70D01010B05003055310B3009060355040613024348311E301C060355040A131553544D6963726F656C656374726F6E696373204E56312630240603550403131D53544D2054504D20454B20496E7465726D656469617465204341203035301E170D3138313231343030303030305A170D3238313231343030303030305A300030820122300D06092A864886F70D01010105000382010F003082010A0282010100CC14EB27A78CEB0EA486FA2DF7835F5FA8E905B097012B5BDE50380C355B1A2A721BBC3D08DD21796CDB239FA95310651B1B56FD2CFE53C87352EBD996E33256160404CE9302A08066801E786A2F86E181F949966F492A85B58EAA4A6A8CB3697551BB236E87CC7BF8EC1347871C91E15437E8F266BF1EA5EB271FDCF374D8B47DF8BCE89E1FAD61C2A088CB4036B359CB72A294973FEDCCF0C340AFFD14B64F041165581ACA34147C1C75617047058F7ED7D603E032508094FA73E8B9153DA3BF255D2CBBC5DF301BA8F74D198BEBCE86040FC1D2927C7657414490D802F482F3EBF2DE35EE149A1A6DE8D16891FBFBA02A18AFE59F9D6F149744E5F0D559B10203010001A38201A9308201A5301F0603551D230418301680141ADB994AB58BE57A0CC9B900E7851E1A43C0866030420603551D20043B303930370604551D2000302F302D06082B060105050702011621687474703A2F2F7777772E73742E636F6D2F54504D2F7265706F7369746F72792F30590603551D110101FF044F304DA44B304931163014060567810502010C0B69643A353335343444323031173015060567810502020C0C53543333485450484148433031163014060567810502030C0B69643A303034393030303830670603551D090460305E301706056781050210310E300C0C03322E300201000202008A304306056781050212313A30380201000101FFA0030A0101A1030A0100A2030A0100A310300E1603332E310A01040A01020101FFA40F300D16053134302D320A0102010100300E0603551D0F0101FF040403020520300C0603551D130101FF0402300030100603551D250409300706056781050801304A06082B06010505070101043E303C303A06082B06010505073002862E687474703A2F2F7365637572652E676C6F62616C7369676E2E636F6D2F73746D74706D656B696E7430352E637274",
    "version": "2",
    "serialNumber": "6A0597BA71D7E6D3AC0EDC9EDC95A15B998DE40A",
    "signature": {
      "_type": "AlgorithmIdentifier",
      "algorithm": "1.2.840.113549.1.1.11",
      "parameters": "0500"
    },
    "issuer": {
      "_choice": "rdnSequence",
      "value": [
        [
          {
            "_type": "AttributeTypeAndValue",
            "type": "2.5.4.6",
            "value": {
              "_choice": "printableString",
              "value": "CH"
            }
          }
        ],
        [
          {
            "_type": "AttributeTypeAndValue",
            "type": "2.5.4.10",
            "value": {
              "_choice": "printableString",
              "value": "STMicroelectronics NV"
            }
          }
        ],
        [
          {
            "_type": "AttributeTypeAndValue",
            "type": "2.5.4.3",
            "value": {
              "_choice": "printableString",
              "value": "STM TPM EK Intermediate CA 05"
            }
          }
        ]
      ]
    },
    "validity": {
      "_type": "Validity",
      "notBefore": {
        "_choice": "utcTime",
        "value": "2018-12-14T00:00:00Z"
      },
      "notAfter": {
        "_choice": "utcTime",
        "value": "2028-12-14T00:00:00Z"
      }
    },
    "subject": {
      "_choice": "rdnSequence",
      "value": []
    },
    "subjectPublicKeyInfo": {
      "_type": "SubjectPublicKeyInfo",
      "algorithm": {
        "_type": "AlgorithmIdentifier",
        "algorithm": "1.2.840.113549.1.1.1",
        "parameters": "0500"
      },
      "subjectPublicKey": "2160:3082010A0282010100CC14EB27A78CEB0EA486FA2DF7835F5FA8E905B097012B5BDE50380C355B1A2A721BBC3D08DD21796CDB239FA95310651B1B56FD2CFE53C87352EBD996E33256160404CE9302A08066801E786A2F86E181F949966F492A85B58EAA4A6A8CB3697551BB236E87CC7BF8EC1347871C91E15437E8F266BF1EA5EB271FDCF374D8B47DF8BCE89E1FAD61C2A088CB4036B359CB72A294973FEDCCF0C340AFFD14B64F041165581ACA34147C1C75617047058F7ED7D603E032508094FA73E8B9153DA3BF255D2CBBC5DF301BA8F74D198BEBCE86040FC1D2927C7657414490D802F482F3EBF2DE35EE149A1A6DE8D16891FBFBA02A18AFE59F9D6F149744E5F0D559B10203010001"
    },
    "issuerUniqueID": null,
    "subjectUniqueID": null,
    "extensions": [
      {
        "_type": "Extension",
        "extnID": "2.5.29.35",
        "critical": false,
        "extnValue": "301680141ADB994AB58BE57A0CC9B900E7851E1A43C08660",
        "_extnValue": {
          "_type": "AuthorityKeyIdentifier",
          "keyIdentifier": "1ADB994AB58BE57A0CC9B900E7851E1A43C08660",
          "authorityCertIssuer": null,
          "authorityCertSerialNumber": null
        }
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.32",
        "critical": false,
        "extnValue": "303930370604551D2000302F302D06082B060105050702011621687474703A2F2F7777772E73742E636F6D2F54504D2F7265706F7369746F72792F",
        "_extnValue": [
          {
            "_type": "PolicyInformation",
            "policyIdentifier": "2.5.29.32.0",
            "policyQualifiers": [
              {
                "_type": "PolicyQualifierInfo",
                "policyQualifierId": "1.3.6.1.5.5.7.2.1",
                "qualifier": "1621687474703A2F2F7777772E73742E636F6D2F54504D2F7265706F7369746F72792F"
              }
            ]
          }
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.17",
        "critical": true,
        "extnValue": "304DA44B304931163014060567810502010C0B69643A353335343444323031173015060567810502020C0C53543333485450484148433031163014060567810502030C0B69643A3030343930303038",
        "_extnValue": [
          {
            "_choice": "directoryName",
            "value": {
              "_choice": "rdnSequence",
              "value": [
                [
                  {
                    "_type": "AttributeTypeAndValue",
                    "type": "2.23.133.2.1",
                    "value": {
                      "_choice": "utf8String",
                      "value": "id:53544D20"
                    }
                  }
                ],
                [
                  {
                    "_type": "AttributeTypeAndValue",
                    "type": "2.23.133.2.2",
                    "value": {
                      "_choice": "utf8String",
                      "value": "ST33HTPHAHC0"
                    }
                  }
                ],
                [
                  {
                    "_type": "AttributeTypeAndValue",
                    "type": "2.23.133.2.3",
                    "value": {
                      "_choice": "utf8String",
                      "value": "id:00490008"
                    }
                  }
                ]
              ]
            }
          }
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.9",
        "critical": false,
        "extnValue": "305E301706056781050210310E300C0C03322E300201000202008A304306056781050212313A30380201000101FFA0030A0101A1030A0100A2030A0100A310300E1603332E310A01040A01020101FFA40F300D16053134302D320A0102010100",
        "_extnValue": [
          {
            "_type": "AttributeSet",
            "type": "2.23.133.2.16",
            "values": [
              "300C0C03322E300201000202008A"
            ],
            "_values": [
              {
                "_type": "TPMSpecification",
                "family": "2.0",
                "level": "0",
                "revision": "138"
              }
            ]
          },
          {
            "_type": "AttributeSet",
            "type": "2.23.133.2.18",
            "values": [
              "30380201000101FFA0030A0101A1030A0100A2030A0100A310300E1603332E310A01040A01020101FFA40F300D16053134302D320A0102010100"
            ],
            "_values": [
              {
                "_type": "TPMSecurityAssertions",
                "version": "0",
                "fieldUpgradable": true,
                "ekGenerationType": "655617",
                "ekGenerationLocation": "655616",
                "ekCertificateGenerationLocation": "655616",
                "ccInfo": {
                  "_type": "CommonCriteriaMeasures",
                  "version": "3.1",
                  "assurancelevel": "4",
                  "evaluationStatus": "2",
                  "plus": true,
                  "strengthOfFunction": null,
                  "profileOid": null,
                  "profileUri": null,
                  "targetOid": null,
                  "targetUri": null
                },
                "fipsLevel": {
                  "_type": "FIPSLevel",
                  "version": "140-2",
                  "level": "2",
                  "plus": false
                },
                "iso9000Certified": false,
                "iso9000Uri": null
              }
            ]
          }
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.15",
        "critical": true,
        "extnValue": "03020520",
        "_extnValue": [
          "keyEncipherment"
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.19",
        "critical": true,
        "extnValue": "3000",
        "_extnValue": {
          "_type": "BasicConstraints",
          "cA": false,
          "pathLenConstraint": null
        }
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.37",
        "critical": false,
        "extnValue": "300706056781050801",
        "_extnValue": [
          "2.23.133.8.1"
        ]
      },
      {
        "_type": "Extension",
        "extnID": "1.3.6.1.5.5.7.1.1",
        "critical": false,
        "extnValue": "303C303A06082B06010505073002862E687474703A2F2F7365637572652E676C6F62616C7369676E2E636F6D2F73746D74706D656B696E7430352E637274",
        "_extnValue": [
          {
            "_type": "AccessDescription",
            "accessMethod": "1.3.6.1.5.5.7.48.2",
            "accessLocation": {
              "_choice": "uniformResourceIdentifier",
              "value": "http://secure.globalsign.com/stmtpmekint05.crt"
            }
          }
        ]
      }
    ]
  },
  "signatureAlgorithm": {
    "_type": "AlgorithmIdentifier",
    "algorithm": "1.2.840.113549.1.1.11",
    "parameters": "0500"
  },
  "signatureValue": "2048:3D4C381E5B4F1BCBE09C63D52F1F04570CAEA142FD9CD942043B11F8E3BDCF50007AE16CF8869013041E92CDD3280BA4B51FBBD40582ED750219E261A695095674855AACEB520ADAFF9E7E908480A39CDCF900462D9171960FFE55D3AC49E8C981341BBD2EFBCC252A4C18A4F3B7C84CCE42CE70A208C84D2630A7ABFBE72D6271E75B9FF1C971D20EB3DBD763F1E04D834EAA692D2E4001BBF4730A3E3FDA9711AE386524D91C63BE0E516D00D5C6141FCCF6C539F3518E180049865BE16B69CAE1F8CB7FDC474B38F7EE56CBE7D8A89D9BA99B65D5265AEF32AA62426B10E6D75BB8677EC44F755BBC2806FD2B4E04BDF5D44259DBEAA42B6F563DF7AA7506"
}
 2021-02-28 18:13:08 -06:00