oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
20,053 Commits 2 Branches 2 Tags
9df9f6a9da83c49e8f14d1ee804dd2a06de539bf
Commit Graph

127 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
9f095696c7 Make struct krb5_dh_moduli available when compiling w/o pkinit. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16736 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-14 10:08:29 +00:00
Love Hörnquist Åstrand
1b1e73d1ff update to new paChecksum definition, update the dhgroup handling 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16734 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-13 11:51:23 +00:00
Love Hörnquist Åstrand
993ae3a82f (_krb5_dh_group_ok): if not enough bits are generated from the DH groups, fail. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16211 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-21 17:18:38 +00:00
Love Hörnquist Åstrand
8a06dac4ff Add option to require binding between reply and response. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16196 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-20 09:29:19 +00:00
Love Hörnquist Åstrand
79146c3e71 Try both ReplyKey and ReplyKey-Win2k for the Windows case to support 
the updated -09 protocol (using asChecksum). Tell KDC we support this
by sending KRB5-PADATA-PK-AS-09-BINDING in the pa-data.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16192 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-19 21:15:41 +00:00
Love Hörnquist Åstrand
296d9d6457 rename element private to opt_private to make c++ picky compilers less upset. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16167 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-12 12:41:04 +00:00
Love Hörnquist Åstrand
6b484c39a5 Inline short functions, share more code, rename COMPAT_27 to 
COMPAT_IETF, pass down a krb5_krbhst_info for verification of KDC
info, and general cleaning up.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16151 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-08 15:32:14 +00:00
Love Hörnquist Åstrand
1ef128fbff Removing PK-INIT-19 support. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16141 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 11:00:05 +00:00
Love Hörnquist Åstrand
0915d6890b (_krb5_dh_group_ok): return DH group name on success. 
(krb5_get_init_creds_opt_set_pkinit): use moduli file if it exists


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 10:40:52 +00:00
Love Hörnquist Åstrand
ff2f0da2df (_krb5_dh_group_ok): if q is zero, ignore it. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16138 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 08:59:27 +00:00
Love Hörnquist Åstrand
29bab5c5f9 Update error codes. Add name to group. Change return value of 
_krb5_dh_group_ok.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16131 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 08:53:15 +00:00
Love Hörnquist Åstrand
178e4c0087 Add support for reading a moduli-file for DH parameters. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16129 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 04:37:28 +00:00
Love Hörnquist Åstrand
70a6c9a2e4 Support cached DH variable (still need to store it though), don't 
check the oid of the DH signedData for now.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16097 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-25 15:14:31 +00:00
Love Hörnquist Åstrand
8191484ee6 Wrap DH public key in a ASN.1 INTEGER wrapping. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16096 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-23 05:47:13 +00:00
Love Hörnquist Åstrand
defb6d5697 Don't check oid's too closely, they change in Windows Vista. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16087 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-22 04:18:05 +00:00
Love Hörnquist Åstrand
c850268273 Disable sending -19, fix parsing -27 of the protocol. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16083 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 23:21:36 +00:00
Love Hörnquist Åstrand
0b55d28880 Remove double free, now pk-init works again. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16082 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 22:18:24 +00:00
Love Hörnquist Åstrand
fa4a72a52b (pk_verify_chain_standard): set cert to NULL to make sure its not freed. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16079 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 19:06:40 +00:00
Love Hörnquist Åstrand
f7aeb827d3 Implement verification of asChecksum, now client side code is using 
-27 of the pk-init draft.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15919 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 08:53:00 +00:00
Love Hörnquist Åstrand
b24968272f Adapt to IMPLICIT changes in CMS module. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15714 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-23 10:42:01 +00:00
Love Hörnquist Åstrand
88be64c770 (pk_rd_pa_reply_dh): client do not contribute to the DH when the 
server doesn't support the cached DH request.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15629 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-12 22:31:22 +00:00
Love Hörnquist Åstrand
23dae960cd clean up pk-init DH support, not finished yet; 
improve error reporting


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15623 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-12 13:39:51 +00:00
Love Hörnquist Åstrand
2d1b36a743 (_krb5_pk_rd_pa_reply): non non asn1 decoding errors, fail. Make sure 
we free memory on error.
(pk_verify_chain_standard): make sure we provide good errors.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15190 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-19 18:49:05 +00:00
Love Hörnquist Åstrand
d90f956e94 (pk_verify_chain_standard): store better error message in the context 
for certificate errors.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15188 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-19 18:27:15 +00:00
Love Hörnquist Åstrand
a3c6124483 handle pkinit-9, pkinit-19, and pkinit-25 enckey, still no DH 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15116 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-10 19:40:39 +00:00
Love Hörnquist Åstrand
1b4b266006 (krb5_ui_method_read_string): use the fill in length 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15059 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-02 21:01:33 +00:00
Love Hörnquist Åstrand
a4f747ea8e Pass prompter data to the prompter function, implement a UI prompter 
function wrapping the kerberos prompter function so that the the
OpenSSL ENGINE can ask for a password when loading the private key.

From: Douglas E. Engert


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15040 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-30 16:12:18 +00:00
Love Hörnquist Åstrand
ed8f5734cb use the unexport the oid_to_enctype 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14922 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-24 14:14:49 +00:00
Love Hörnquist Åstrand
6611feed76 Since the decode can't make out the diffrence between PA-PK-AS-REP-19 
and PA-PK-AS-REQ-Win2k, try harder to verify both cases


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14722 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-04 08:54:45 +00:00
Love Hörnquist Åstrand
e0d75a3766 make generation of pa data into a switch instead of a bitmask 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14721 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-04 08:24:01 +00:00
Love Hörnquist Åstrand
4b695a4a24 handle the -25 generation path 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14632 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-10 05:39:21 +00:00
Love Hörnquist Åstrand
244e0b3971 do error handling and catch programmers errors 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14631 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 23:28:10 +00:00
Love Hörnquist Åstrand
81e92ae5b3 use KRB5_PADATA_PK_AS_REQ_19 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14630 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 22:59:39 +00:00
Love Hörnquist Åstrand
19c78d1e03 fold in pk-init-25 asn1 changes 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14629 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 22:39:17 +00:00
Love Hörnquist Åstrand
b68c2887d2 use generated oid's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14627 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 15:31:39 +00:00
Love Hörnquist Åstrand
f69e7ee138 use the new generated oid functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14626 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-08 22:57:22 +00:00
Love Hörnquist Åstrand
2b0b4dc044 update to the asn1 structures used in -25's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14625 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-08 22:17:46 +00:00
Love Hörnquist Åstrand
3e732e53ea unexport krb5_get_init_creds_opt_free_pkinit 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14339 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-11-09 18:52:03 +00:00
Love Hörnquist Åstrand
c56917439e match new error names 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14315 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-14 15:31:25 +00:00
Love Hörnquist Åstrand
aa710fc27f free openssl engine 
deal with RecipientIdentifier -> CMSIdentifier and heim_any -> name change
improve error messages


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14294 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-06 22:38:21 +00:00
Love Hörnquist Åstrand
ee9f6e571b filter out dup openssl engine keys, parse user options first 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-03 17:46:01 +00:00
Love Hörnquist Åstrand
c80a3c8ebc stop using AlgorithmIdentifierNonOpt, add openssl engine support for 
private key


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14284 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-03 17:20:38 +00:00
Love Hörnquist Åstrand
ba0ff6be30 make variable shorter, make error messages from pkinit, make freeing easier 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14201 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-09-07 22:26:40 +00:00
Love Hörnquist Åstrand
91351971f7 add KRB5_LIB_FUNCTION to all exported functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13863 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-05-25 21:46:46 +00:00
Love Hörnquist Åstrand
37fccbef81 (pk_rd_pa_reply_dh): use krb5_random_to_key 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13823 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-29 08:21:59 +00:00
Love Hörnquist Åstrand
0d09bd5540 use krb5_oid_to_enctype and remove all oids that are no longer needed 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13817 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-26 21:23:42 +00:00
Love Hörnquist Åstrand
fa6167819e use krb5_crypto_get_params to implement kcrypto RC2 support 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13804 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-26 19:18:04 +00:00
Love Hörnquist Åstrand
63ac41ecad use the right oid for pkauthdata 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13782 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 15:58:07 +00:00
Love Hörnquist Åstrand
fe0d0505cf always send both win2k compat version and the ietf draft one, this is 
possible microsoft since they use wrong/diffrent PA number.  Make the
configuration flag boolean configuring if NOT to send the win2k compat
glue.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13780 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 15:34:29 +00:00
Love Hörnquist Åstrand
2b36497494 use IV for envelopeddata encryption, patch originally from Luke Howard 
<lukeh@padl.com>, tweeked by me.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13773 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 14:20:07 +00:00