oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
15,383 Commits 2 Branches 2 Tags
c6df2af5e9aa0f8fd3d1c5cdd572a1f1ca04acb0
Commit Graph

65 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
70a6c9a2e4 Support cached DH variable (still need to store it though), don't 
check the oid of the DH signedData for now.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16097 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-25 15:14:31 +00:00
Love Hörnquist Åstrand
8191484ee6 Wrap DH public key in a ASN.1 INTEGER wrapping. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16096 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-23 05:47:13 +00:00
Love Hörnquist Åstrand
defb6d5697 Don't check oid's too closely, they change in Windows Vista. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16087 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-22 04:18:05 +00:00
Love Hörnquist Åstrand
c850268273 Disable sending -19, fix parsing -27 of the protocol. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16083 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 23:21:36 +00:00
Love Hörnquist Åstrand
0b55d28880 Remove double free, now pk-init works again. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16082 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 22:18:24 +00:00
Love Hörnquist Åstrand
fa4a72a52b (pk_verify_chain_standard): set cert to NULL to make sure its not freed. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16079 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 19:06:40 +00:00
Love Hörnquist Åstrand
f7aeb827d3 Implement verification of asChecksum, now client side code is using 
-27 of the pk-init draft.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15919 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 08:53:00 +00:00
Love Hörnquist Åstrand
b24968272f Adapt to IMPLICIT changes in CMS module. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15714 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-23 10:42:01 +00:00
Love Hörnquist Åstrand
88be64c770 (pk_rd_pa_reply_dh): client do not contribute to the DH when the 
server doesn't support the cached DH request.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15629 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-12 22:31:22 +00:00
Love Hörnquist Åstrand
23dae960cd clean up pk-init DH support, not finished yet; 
improve error reporting


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15623 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-12 13:39:51 +00:00
Love Hörnquist Åstrand
2d1b36a743 (_krb5_pk_rd_pa_reply): non non asn1 decoding errors, fail. Make sure 
we free memory on error.
(pk_verify_chain_standard): make sure we provide good errors.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15190 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-19 18:49:05 +00:00
Love Hörnquist Åstrand
d90f956e94 (pk_verify_chain_standard): store better error message in the context 
for certificate errors.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15188 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-19 18:27:15 +00:00
Love Hörnquist Åstrand
a3c6124483 handle pkinit-9, pkinit-19, and pkinit-25 enckey, still no DH 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15116 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-10 19:40:39 +00:00
Love Hörnquist Åstrand
1b4b266006 (krb5_ui_method_read_string): use the fill in length 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15059 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-02 21:01:33 +00:00
Love Hörnquist Åstrand
a4f747ea8e Pass prompter data to the prompter function, implement a UI prompter 
function wrapping the kerberos prompter function so that the the
OpenSSL ENGINE can ask for a password when loading the private key.

From: Douglas E. Engert


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15040 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-30 16:12:18 +00:00
Love Hörnquist Åstrand
ed8f5734cb use the unexport the oid_to_enctype 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14922 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-24 14:14:49 +00:00
Love Hörnquist Åstrand
6611feed76 Since the decode can't make out the diffrence between PA-PK-AS-REP-19 
and PA-PK-AS-REQ-Win2k, try harder to verify both cases


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14722 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-04 08:54:45 +00:00
Love Hörnquist Åstrand
e0d75a3766 make generation of pa data into a switch instead of a bitmask 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14721 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-04 08:24:01 +00:00
Love Hörnquist Åstrand
4b695a4a24 handle the -25 generation path 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14632 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-10 05:39:21 +00:00
Love Hörnquist Åstrand
244e0b3971 do error handling and catch programmers errors 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14631 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 23:28:10 +00:00
Love Hörnquist Åstrand
81e92ae5b3 use KRB5_PADATA_PK_AS_REQ_19 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14630 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 22:59:39 +00:00
Love Hörnquist Åstrand
19c78d1e03 fold in pk-init-25 asn1 changes 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14629 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 22:39:17 +00:00
Love Hörnquist Åstrand
b68c2887d2 use generated oid's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14627 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 15:31:39 +00:00
Love Hörnquist Åstrand
f69e7ee138 use the new generated oid functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14626 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-08 22:57:22 +00:00
Love Hörnquist Åstrand
2b0b4dc044 update to the asn1 structures used in -25's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14625 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-08 22:17:46 +00:00
Love Hörnquist Åstrand
3e732e53ea unexport krb5_get_init_creds_opt_free_pkinit 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14339 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-11-09 18:52:03 +00:00
Love Hörnquist Åstrand
c56917439e match new error names 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14315 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-14 15:31:25 +00:00
Love Hörnquist Åstrand
aa710fc27f free openssl engine 
deal with RecipientIdentifier -> CMSIdentifier and heim_any -> name change
improve error messages


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14294 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-06 22:38:21 +00:00
Love Hörnquist Åstrand
ee9f6e571b filter out dup openssl engine keys, parse user options first 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-03 17:46:01 +00:00
Love Hörnquist Åstrand
c80a3c8ebc stop using AlgorithmIdentifierNonOpt, add openssl engine support for 
private key


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14284 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-03 17:20:38 +00:00
Love Hörnquist Åstrand
ba0ff6be30 make variable shorter, make error messages from pkinit, make freeing easier 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14201 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-09-07 22:26:40 +00:00
Love Hörnquist Åstrand
91351971f7 add KRB5_LIB_FUNCTION to all exported functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13863 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-05-25 21:46:46 +00:00
Love Hörnquist Åstrand
37fccbef81 (pk_rd_pa_reply_dh): use krb5_random_to_key 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13823 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-29 08:21:59 +00:00
Love Hörnquist Åstrand
0d09bd5540 use krb5_oid_to_enctype and remove all oids that are no longer needed 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13817 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-26 21:23:42 +00:00
Love Hörnquist Åstrand
fa6167819e use krb5_crypto_get_params to implement kcrypto RC2 support 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13804 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-26 19:18:04 +00:00
Love Hörnquist Åstrand
63ac41ecad use the right oid for pkauthdata 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13782 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 15:58:07 +00:00
Love Hörnquist Åstrand
fe0d0505cf always send both win2k compat version and the ietf draft one, this is 
possible microsoft since they use wrong/diffrent PA number.  Make the
configuration flag boolean configuring if NOT to send the win2k compat
glue.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13780 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 15:34:29 +00:00
Love Hörnquist Åstrand
2b36497494 use IV for envelopeddata encryption, patch originally from Luke Howard 
<lukeh@padl.com>, tweeked by me.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13773 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 14:20:07 +00:00
Love Hörnquist Åstrand
227900ca1c move out the oid check from get_reply_key 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13765 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-24 16:09:42 +00:00
Love Hörnquist Åstrand
261d6cef84 uniquify error messages 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13764 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-24 15:19:01 +00:00
Love Hörnquist Åstrand
ab0c82c636 more w2k compat from Luke Howard <lukeh@padl.com> 
add RC2 support, clean up error messages


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13762 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-24 15:07:39 +00:00
Love Hörnquist Åstrand
1365676e29 remove more dependency on krb5_config->pkinit_flags 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13761 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-24 13:29:23 +00:00
Love Hörnquist Åstrand
c9aac6c50e (_krb5_pk_convert_rep): convert microsoft style answer to IETF, From 
Luke Howard <lukeh@padl.com>
(_krb5_pk_create_sign): ms handles NULL in param, so always send it
(_krb5_pk_mk_padata): look for [realms]REALM = { win2k_pkinit = bool }


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13760 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-24 13:15:01 +00:00
Love Hörnquist Åstrand
76d1e32354 (_krb5_pk_create_sign): always set the digestAlgorithm to sha1 (both 
for SignerInfo and SignedData, add new function _set_digest_alg to set it


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13759 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-24 12:26:38 +00:00
Love Hörnquist Åstrand
272e7e5504 (build_auth_pack): use heim_integer to encode DH public key 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13732 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-19 21:40:57 +00:00
Love Hörnquist Åstrand
69cdbef7a8 merge certificate/private_key to a user_id 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13722 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-15 23:45:40 +00:00
Love Hörnquist Åstrand
abc38c3ab4 use KRB5_PADATA_PK_AS_REQ_WIN 
free X509_STORE


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13720 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-15 13:52:49 +00:00
Love Hörnquist Åstrand
787d41d896 add missing } 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13612 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-22 08:45:01 +00:00
Love Hörnquist Åstrand
c762fbde59 (krb5_get_init_creds_opt_set_pkinit): add prompter argument and use it 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13607 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-21 18:47:29 +00:00
Love Hörnquist Åstrand
9197bbb0c8 rename ca_dir to pkinit/x509_anchors since its more like that language 
in RFC3280


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13494 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-09 21:06:10 +00:00