int create_kerberos_key_from_string_direct(krb5_context context,
krb5_principal host_princ,
krb5_data *password,
krb5_keyblock *key,
krb5_enctype enctype)
{
int ret;
krb5_data salt;
krb5_encrypt_block eblock;
ret = krb5_principal2salt(context, host_princ, &salt);
if (ret) {
DEBUG(1,("krb5_principal2salt failed (%s)\n", error_message(ret)));
return ret;
}
krb5_use_enctype(context, &eblock, enctype);
ret = krb5_string_to_key(context, &eblock, key, password, &salt);
SAFE_FREE(salt.data);
return ret;
}
int
ksm_rgenerate_out_msg(struct snmp_secmod_outgoing_params *parms)
{
krb5_auth_context auth_context = NULL;
krb5_error_code retcode;
krb5_ccache cc = NULL;
int retval = SNMPERR_SUCCESS;
krb5_data outdata, ivector;
krb5_keyblock *subkey = NULL;
#ifdef MIT_NEW_CRYPTO
krb5_data input;
krb5_enc_data output;
unsigned int numcksumtypes;
krb5_cksumtype *cksumtype_array;
#else /* MIT_NEW_CRYPTO */
krb5_encrypt_block eblock;
#endif /* MIT_NEW_CRYPTO */
size_t blocksize, encrypted_length;
unsigned char *encrypted_data = NULL;
int zero = 0, i;
u_char *cksum_pointer, *endp = *parms->wholeMsg;
krb5_cksumtype cksumtype;
krb5_checksum pdu_checksum;
u_char **wholeMsg = parms->wholeMsg;
size_t *offset = parms->wholeMsgOffset, seq_offset;
struct ksm_secStateRef *ksm_state = (struct ksm_secStateRef *)
parms->secStateRef;
int rc;
DEBUGMSGTL(("ksm", "Starting KSM processing\n"));
outdata.length = 0;
outdata.data = NULL;
ivector.length = 0;
ivector.data = NULL;
pdu_checksum.contents = NULL;
if (!ksm_state) {
/*
* If we don't have a ksm_state, then we're a request. Get a
* credential cache and build a ap_req.
*/
retcode = krb5_cc_default(kcontext, &cc);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM: krb5_cc_default failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: Set credential cache successfully\n"));
/*
* This seems odd, since we don't need this until later (or earlier,
* depending on how you look at it), but because the most likely
* errors are Kerberos at this point, I'll get this now to save
* time not encoding the rest of the packet.
*
* Also, we need the subkey to encrypt the PDU (if required).
*/
retcode =
krb5_mk_req(kcontext, &auth_context,
AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
(char *) service_name, parms->session->peername, NULL,
cc, &outdata);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM: krb5_mk_req failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: ticket retrieved successfully for \"%s/%s\" "
"(may not be actual ticket sname)\n", service_name,
parms->session->peername));
} else {
/*
* Grab the auth_context from our security state reference
*/
auth_context = ksm_state->auth_context;
/*
* Bundle up an AP_REP. Note that we do this only when we
* have a security state reference (which means we're in an agent
* and we're sending a response).
*/
DEBUGMSGTL(("ksm", "KSM: Starting reply processing.\n"));
retcode = krb5_mk_rep(kcontext, auth_context, &outdata);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM: krb5_mk_rep failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: Finished with krb5_mk_rep()\n"));
}
/*
* If we have to encrypt the PDU, do that now
*/
if (parms->secLevel == SNMP_SEC_LEVEL_AUTHPRIV) {
DEBUGMSGTL(("ksm", "KSM: Starting PDU encryption.\n"));
/*
* It's weird -
*
* If we're on the manager, it's a local subkey (because that's in
* our AP_REQ)
*
* If we're on the agent, it's a remote subkey (because that comes
* FROM the received AP_REQ).
*/
if (ksm_state)
retcode = krb5_auth_con_getremotesubkey(kcontext, auth_context,
&subkey);
else
retcode = krb5_auth_con_getlocalsubkey(kcontext, auth_context,
&subkey);
if (retcode) {
DEBUGMSGTL(("ksm",
"KSM: krb5_auth_con_getlocalsubkey failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
/*
* Note that here we need to handle different things between the
* old and new crypto APIs. First, we need to get the final encrypted
* length of the PDU.
*/
#ifdef MIT_NEW_CRYPTO
retcode = krb5_c_encrypt_length(kcontext, subkey->enctype,
parms->scopedPduLen,
&encrypted_length);
if (retcode) {
DEBUGMSGTL(("ksm",
"Encryption length calculation failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
#else /* MIT_NEW_CRYPTO */
krb5_use_enctype(kcontext, &eblock, subkey->enctype);
retcode = krb5_process_key(kcontext, &eblock, subkey);
if (retcode) {
DEBUGMSGTL(("ksm", "krb5_process_key failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
encrypted_length = krb5_encrypt_size(parms->scopedPduLen,
eblock.crypto_entry);
#endif /* MIT_NEW_CRYPTO */
encrypted_data = malloc(encrypted_length);
if (!encrypted_data) {
DEBUGMSGTL(("ksm",
"KSM: Unable to malloc %d bytes for encrypt "
"buffer: %s\n", parms->scopedPduLen,
strerror(errno)));
retval = SNMPERR_MALLOC;
#ifndef MIT_NEW_CRYPTO
krb5_finish_key(kcontext, &eblock);
#endif /* ! MIT_NEW_CRYPTO */
goto error;
}
/*
* We need to set up a blank initialization vector for the encryption.
* Use a block of all zero's (which is dependent on the block size
* of the encryption method).
*/
#ifdef MIT_NEW_CRYPTO
retcode = krb5_c_block_size(kcontext, subkey->enctype, &blocksize);
if (retcode) {
DEBUGMSGTL(("ksm",
"Unable to determine crypto block size: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
#else /* MIT_NEW_CRYPTO */
blocksize =
krb5_enctype_array[subkey->enctype]->system->block_length;
#endif /* MIT_NEW_CRYPTO */
ivector.data = malloc(blocksize);
if (!ivector.data) {
DEBUGMSGTL(("ksm", "Unable to allocate %d bytes for ivector\n",
blocksize));
retval = SNMPERR_MALLOC;
goto error;
}
ivector.length = blocksize;
memset(ivector.data, 0, blocksize);
/*
* Finally! Do the encryption!
*/
#ifdef MIT_NEW_CRYPTO
input.data = (char *) parms->scopedPdu;
input.length = parms->scopedPduLen;
output.ciphertext.data = (char *) encrypted_data;
output.ciphertext.length = encrypted_length;
retcode =
krb5_c_encrypt(kcontext, subkey, KSM_KEY_USAGE_ENCRYPTION,
&ivector, &input, &output);
#else /* MIT_NEW_CRYPTO */
retcode = krb5_encrypt(kcontext, (krb5_pointer) parms->scopedPdu,
(krb5_pointer) encrypted_data,
parms->scopedPduLen, &eblock, ivector.data);
krb5_finish_key(kcontext, &eblock);
#endif /* MIT_NEW_CRYPTO */
if (retcode) {
DEBUGMSGTL(("ksm", "KSM: krb5_encrypt failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
*offset = 0;
rc = asn_realloc_rbuild_string(wholeMsg, parms->wholeMsgLen,
offset, 1,
(u_char) (ASN_UNIVERSAL |
ASN_PRIMITIVE |
ASN_OCTET_STR),
encrypted_data,
encrypted_length);
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building encrypted payload failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: Encryption complete.\n"));
} else {
/*
* Plaintext PDU (not encrypted)
*/
if (*parms->wholeMsgLen < parms->scopedPduLen) {
DEBUGMSGTL(("ksm", "Not enough room for plaintext PDU.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
}
/*
* Start encoding the msgSecurityParameters
*
* For now, use 0 for the response hint
*/
DEBUGMSGTL(("ksm", "KSM: scopedPdu added to payload\n"));
seq_offset = *offset;
rc = asn_realloc_rbuild_int(wholeMsg, parms->wholeMsgLen,
offset, 1,
(u_char) (ASN_UNIVERSAL |
ASN_PRIMITIVE |
ASN_INTEGER),
(long *) &zero, sizeof(zero));
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building ksm security parameters failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
rc = asn_realloc_rbuild_string(wholeMsg, parms->wholeMsgLen,
offset, 1,
(u_char) (ASN_UNIVERSAL |
ASN_PRIMITIVE |
ASN_OCTET_STR),
(u_char *) outdata.data,
outdata.length);
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building ksm AP_REQ failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
/*
* Now, we need to pick the "right" checksum algorithm. For old
* crypto, just pick CKSUMTYPE_RSA_MD5_DES; for new crypto, pick
* one of the "approved" ones.
*/
#ifdef MIT_NEW_CRYPTO
retcode = krb5_c_keyed_checksum_types(kcontext, subkey->enctype,
&numcksumtypes, &cksumtype_array);
if (retcode) {
DEBUGMSGTL(("ksm", "Unable to find appropriate keyed checksum: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
if (numcksumtypes <= 0) {
DEBUGMSGTL(("ksm", "We received a list of zero cksumtypes for this "
"enctype (%d)\n", subkey->enctype));
snmp_set_detail("No valid checksum type for this encryption type");
retval = SNMPERR_KRB5;
goto error;
}
/*
* It's not clear to me from the API which checksum you're supposed
* to support, so I'm taking a guess at the first one
*/
cksumtype = cksumtype_array[0];
krb5_free_cksumtypes(kcontext, cksumtype_array);
DEBUGMSGTL(("ksm", "KSM: Choosing checksum type of %d (subkey type "
"of %d)\n", cksumtype, subkey->enctype));
retcode = krb5_c_checksum_length(kcontext, cksumtype, &blocksize);
if (retcode) {
DEBUGMSGTL(("ksm", "Unable to determine checksum length: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
pdu_checksum.length = blocksize;
#else /* MIT_NEW_CRYPTO */
if (ksm_state)
cksumtype = ksm_state->cksumtype;
else
cksumtype = CKSUMTYPE_RSA_MD5_DES;
if (!is_keyed_cksum(cksumtype)) {
DEBUGMSGTL(("ksm", "Checksum type %d is not a keyed checksum\n",
cksumtype));
snmp_set_detail("Checksum is not a keyed checksum");
retval = SNMPERR_KRB5;
goto error;
}
if (!is_coll_proof_cksum(cksumtype)) {
DEBUGMSGTL(("ksm", "Checksum type %d is not a collision-proof "
"checksum\n", cksumtype));
snmp_set_detail("Checksum is not a collision-proof checksum");
retval = SNMPERR_KRB5;
goto error;
}
pdu_checksum.length = krb5_checksum_size(kcontext, cksumtype);
pdu_checksum.checksum_type = cksumtype;
#endif /* MIT_NEW_CRYPTO */
/*
* Note that here, we're just leaving blank space for the checksum;
* we remember where that is, and we'll fill it in later.
*/
*offset += pdu_checksum.length;
memset(*wholeMsg + *parms->wholeMsgLen - *offset, 0, pdu_checksum.length);
cksum_pointer = *wholeMsg + *parms->wholeMsgLen - *offset;
rc = asn_realloc_rbuild_header(wholeMsg, parms->wholeMsgLen,
parms->wholeMsgOffset, 1,
(u_char) (ASN_UNIVERSAL |
ASN_PRIMITIVE |
ASN_OCTET_STR),
pdu_checksum.length);
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building ksm security parameters failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
rc = asn_realloc_rbuild_int(wholeMsg, parms->wholeMsgLen,
parms->wholeMsgOffset, 1,
(u_char) (ASN_UNIVERSAL |
ASN_PRIMITIVE |
ASN_OCTET_STR),
(long *) &cksumtype,
sizeof(cksumtype));
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building ksm security parameters failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
rc = asn_realloc_rbuild_sequence(wholeMsg, parms->wholeMsgLen,
parms->wholeMsgOffset, 1,
(u_char) (ASN_SEQUENCE |
ASN_CONSTRUCTOR),
*offset - seq_offset);
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building ksm security parameters failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
rc = asn_realloc_rbuild_header(wholeMsg, parms->wholeMsgLen,
parms->wholeMsgOffset, 1,
(u_char) (ASN_UNIVERSAL |
ASN_PRIMITIVE |
ASN_OCTET_STR),
*offset - seq_offset);
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building ksm security parameters failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: Security parameter encoding completed\n"));
/*
* We're done with the KSM security parameters - now we do the global
* header and wrap up the whole PDU.
*/
if (*parms->wholeMsgLen < parms->globalDataLen) {
DEBUGMSGTL(("ksm", "Building global data failed.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
*offset += parms->globalDataLen;
memcpy(*wholeMsg + *parms->wholeMsgLen - *offset,
parms->globalData, parms->globalDataLen);
rc = asn_realloc_rbuild_sequence(wholeMsg, parms->wholeMsgLen,
offset, 1,
(u_char) (ASN_SEQUENCE |
ASN_CONSTRUCTOR),
*offset);
if (rc == 0) {
DEBUGMSGTL(("ksm", "Building master packet sequence.\n"));
retval = SNMPERR_TOO_LONG;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: PDU master packet encoding complete.\n"));
/*
* Now we need to checksum the entire PDU (since it's built).
*/
pdu_checksum.contents = malloc(pdu_checksum.length);
if (!pdu_checksum.contents) {
DEBUGMSGTL(("ksm", "Unable to malloc %d bytes for checksum\n",
pdu_checksum.length));
retval = SNMPERR_MALLOC;
goto error;
}
/*
* If we didn't encrypt the packet, we haven't yet got the subkey.
* Get that now.
*/
if (!subkey) {
if (ksm_state)
retcode = krb5_auth_con_getremotesubkey(kcontext, auth_context,
&subkey);
else
retcode = krb5_auth_con_getlocalsubkey(kcontext, auth_context,
&subkey);
if (retcode) {
DEBUGMSGTL(("ksm", "krb5_auth_con_getlocalsubkey failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
}
#ifdef MIT_NEW_CRYPTO
input.data = (char *) (*wholeMsg + *parms->wholeMsgLen - *offset);
input.length = *offset;
retcode = krb5_c_make_checksum(kcontext, cksumtype, subkey,
KSM_KEY_USAGE_CHECKSUM, &input,
&pdu_checksum);
#else /* MIT_NEW_CRYPTO */
retcode = krb5_calculate_checksum(kcontext, cksumtype, *wholeMsg +
*parms->wholeMsgLen - *offset,
*offset,
(krb5_pointer) subkey->contents,
subkey->length, &pdu_checksum);
#endif /* MIT_NEW_CRYPTO */
if (retcode) {
DEBUGMSGTL(("ksm", "Calculate checksum failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
DEBUGMSGTL(("ksm", "KSM: Checksum calculation complete.\n"));
memcpy(cksum_pointer, pdu_checksum.contents, pdu_checksum.length);
DEBUGMSGTL(("ksm", "KSM: Writing checksum of %d bytes at offset %d\n",
pdu_checksum.length, cksum_pointer - (*wholeMsg + 1)));
DEBUGMSGTL(("ksm", "KSM: Checksum:"));
for (i = 0; i < pdu_checksum.length; i++)
DEBUGMSG(("ksm", " %02x",
(unsigned int) pdu_checksum.contents[i]));
DEBUGMSG(("ksm", "\n"));
/*
* If we're _not_ called as part of a response (null ksm_state),
* then save the auth_context for later using our cache routines.
*/
if (!ksm_state) {
if ((retval = ksm_insert_cache(parms->pdu->msgid, auth_context,
(u_char *) parms->secName,
parms->secNameLen)) !=
SNMPERR_SUCCESS)
goto error;
auth_context = NULL;
}
DEBUGMSGTL(("ksm", "KSM processing complete!\n"));
error:
if (pdu_checksum.contents)
#ifdef MIT_NEW_CRYPTO
krb5_free_checksum_contents(kcontext, &pdu_checksum);
#else /* MIT_NEW_CRYPTO */
free(pdu_checksum.contents);
#endif /* MIT_NEW_CRYPTO */
if (ivector.data)
free(ivector.data);
if (subkey)
krb5_free_keyblock(kcontext, subkey);
if (encrypted_data)
free(encrypted_data);
if (cc)
krb5_cc_close(kcontext, cc);
if (auth_context && !ksm_state)
krb5_auth_con_free(kcontext, auth_context);
return retval;
}
int
main(int argc, char **argv)
{
krb5_context context;
krb5_keytab kt;
krb5_keytab_entry ktent;
krb5_encrypt_block eblock;
krb5_creds my_creds;
krb5_get_init_creds_opt *opt;
kadm5_principal_ent_rec princ_ent;
krb5_principal princ, server;
char pw[16];
char *whoami, *principal, *authprinc, *authpwd;
krb5_data pwdata;
void *handle;
int ret, test, encnum;
unsigned int i;
whoami = argv[0];
if (argc < 2 || argc > 4) {
fprintf(stderr, "Usage: %s principal [authuser] [authpwd]\n", whoami);
exit(1);
}
principal = argv[1];
authprinc = (argc > 2) ? argv[2] : argv[0];
authpwd = (argc > 3) ? argv[3] : NULL;
/*
* Setup. Initialize data structures, open keytab, open connection
* to kadm5 server.
*/
memset(&context, 0, sizeof(context));
kadm5_init_krb5_context(&context);
ret = krb5_parse_name(context, principal, &princ);
if (ret) {
com_err(whoami, ret, "while parsing principal name %s", principal);
exit(1);
}
if((ret = krb5_build_principal_ext(context, &server,
krb5_princ_realm(kcontext, princ)->length,
krb5_princ_realm(kcontext, princ)->data,
tgtname.length, tgtname.data,
krb5_princ_realm(kcontext, princ)->length,
krb5_princ_realm(kcontext, princ)->data,
0))) {
com_err(whoami, ret, "while building server name");
exit(1);
}
ret = krb5_kt_default(context, &kt);
if (ret) {
com_err(whoami, ret, "while opening keytab");
exit(1);
}
ret = kadm5_init(context, authprinc, authpwd, KADM5_ADMIN_SERVICE, NULL,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL,
&handle);
if (ret) {
com_err(whoami, ret, "while initializing connection");
exit(1);
}
/* these pw's don't need to be secure, just different every time */
SRAND((RAND_TYPE)time((void *) NULL));
pwdata.data = pw;
pwdata.length = sizeof(pw);
/*
* For each test:
*
* For each enctype in the test, construct a random password/key.
* Assign all keys to principal with kadm5_setkey_principal. Add
* each key to the keytab, and acquire an initial ticket with the
* keytab (XXX can I specify the kvno explicitly?). If
* krb5_get_init_creds_keytab succeeds, then the keys were set
* successfully.
*/
for (test = 0; tests[test] != NULL; test++) {
krb5_keyblock *testp = tests[test];
kadm5_key_data *extracted;
int n_extracted, match;
printf("+ Test %d:\n", test);
for (encnum = 0; testp[encnum].magic != -1; encnum++) {
for (i = 0; i < sizeof(pw); i++)
pw[i] = (RAND() % 26) + '0'; /* XXX */
krb5_use_enctype(context, &eblock, testp[encnum].enctype);
ret = krb5_string_to_key(context, &eblock, &testp[encnum],
&pwdata, NULL);
if (ret) {
com_err(whoami, ret, "while converting string to key");
exit(1);
}
}
/* now, encnum == # of keyblocks in testp */
ret = kadm5_setkey_principal(handle, princ, testp, encnum);
if (ret) {
com_err(whoami, ret, "while setting keys");
exit(1);
}
ret = kadm5_get_principal(handle, princ, &princ_ent, KADM5_KVNO);
if (ret) {
com_err(whoami, ret, "while retrieving principal");
exit(1);
}
ret = kadm5_get_principal_keys(handle, princ, 0, &extracted,
&n_extracted);
if (ret) {
com_err(whoami, ret, "while extracting keys");
exit(1);
}
for (encnum = 0; testp[encnum].magic != -1; encnum++) {
printf("+ enctype %d\n", testp[encnum].enctype);
for (match = 0; match < n_extracted; match++) {
if (extracted[match].key.enctype == testp[encnum].enctype)
break;
}
if (match >= n_extracted) {
com_err(whoami, KRB5_WRONG_ETYPE, "while matching enctypes");
exit(1);
}
if (extracted[match].key.length != testp[encnum].length ||
memcmp(extracted[match].key.contents, testp[encnum].contents,
testp[encnum].length) != 0) {
com_err(whoami, KRB5_KDB_NO_MATCHING_KEY, "verifying keys");
exit(1);
}
memset(&ktent, 0, sizeof(ktent));
ktent.principal = princ;
ktent.key = testp[encnum];
ktent.vno = princ_ent.kvno;
ret = krb5_kt_add_entry(context, kt, &ktent);
if (ret) {
com_err(whoami, ret, "while adding keytab entry");
exit(1);
}
memset(&my_creds, 0, sizeof(my_creds));
my_creds.client = princ;
my_creds.server = server;
ktypes[0] = testp[encnum].enctype;
ret = krb5_get_init_creds_opt_alloc(context, &opt);
if (ret) {
com_err(whoami, ret, "while allocating gic opts");
exit(1);
}
krb5_get_init_creds_opt_set_etype_list(opt, ktypes, 1);
ret = krb5_get_init_creds_keytab(context, &my_creds, princ,
kt, 0, NULL /* in_tkt_service */,
opt);
krb5_get_init_creds_opt_free(context, opt);
if (ret) {
com_err(whoami, ret, "while acquiring initial ticket");
exit(1);
}
krb5_free_cred_contents(context, &my_creds);
/* since I can't specify enctype explicitly ... */
ret = krb5_kt_remove_entry(context, kt, &ktent);
if (ret) {
com_err(whoami, ret, "while removing keytab entry");
exit(1);
}
}
(void)kadm5_free_kadm5_key_data(context, n_extracted, extracted);
}
ret = krb5_kt_close(context, kt);
if (ret) {
com_err(whoami, ret, "while closing keytab");
exit(1);
}
ret = kadm5_destroy(handle);
if (ret) {
com_err(whoami, ret, "while closing kadmin connection");
exit(1);
}
krb5_free_principal(context, princ);
krb5_free_principal(context, server);
krb5_free_context(context);
return 0;
}
int
ksm_process_in_msg(struct snmp_secmod_incoming_params *parms)
{
long temp;
krb5_cksumtype cksumtype;
krb5_auth_context auth_context = NULL;
krb5_error_code retcode;
krb5_checksum checksum;
krb5_data ap_req, ivector;
krb5_flags flags;
krb5_keyblock *subkey = NULL;
#ifdef MIT_NEW_CRYPTO
krb5_data input, output;
krb5_boolean valid;
krb5_enc_data in_crypt;
#else /* MIT_NEW_CRYPTO */
krb5_encrypt_block eblock;
#endif /* MIT_NEW_CRYPTO */
krb5_ticket *ticket = NULL;
int retval = SNMPERR_SUCCESS, response = 0;
size_t length =
parms->wholeMsgLen - (u_int) (parms->secParams - parms->wholeMsg);
u_char *current = parms->secParams, type;
size_t cksumlength, blocksize;
long hint;
char *cname;
struct ksm_secStateRef *ksm_state;
struct ksm_cache_entry *entry;
DEBUGMSGTL(("ksm", "Processing has begun\n"));
checksum.contents = NULL;
ap_req.data = NULL;
ivector.length = 0;
ivector.data = NULL;
/*
* First, parse the security parameters (because we need the subkey inside
* of the ticket to do anything
*/
if ((current = asn_parse_sequence(current, &length, &type,
(ASN_UNIVERSAL | ASN_PRIMITIVE |
ASN_OCTET_STR),
"ksm first octet")) == NULL) {
DEBUGMSGTL(("ksm", "Initial security paramter parsing failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
if ((current = asn_parse_sequence(current, &length, &type,
(ASN_SEQUENCE | ASN_CONSTRUCTOR),
"ksm sequence")) == NULL) {
DEBUGMSGTL(("ksm",
"Security parameter sequence parsing failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
if ((current = asn_parse_int(current, &length, &type, &temp,
sizeof(temp))) == NULL) {
DEBUGMSGTL(("ksm", "Security parameter checksum type parsing"
"failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
cksumtype = temp;
#ifdef MIT_NEW_CRYPTO
if (!krb5_c_valid_cksumtype(cksumtype)) {
DEBUGMSGTL(("ksm", "Invalid checksum type (%d)\n", cksumtype));
retval = SNMPERR_KRB5;
snmp_set_detail("Invalid checksum type");
goto error;
}
if (!krb5_c_is_keyed_cksum(cksumtype)) {
DEBUGMSGTL(("ksm", "Checksum type %d is not a keyed checksum\n",
cksumtype));
snmp_set_detail("Checksum is not a keyed checksum");
retval = SNMPERR_KRB5;
goto error;
}
if (!krb5_c_is_coll_proof_cksum(cksumtype)) {
DEBUGMSGTL(("ksm", "Checksum type %d is not a collision-proof "
"checksum\n", cksumtype));
snmp_set_detail("Checksum is not a collision-proof checksum");
retval = SNMPERR_KRB5;
goto error;
}
#else /* ! MIT_NEW_CRYPTO */
if (!valid_cksumtype(cksumtype)) {
DEBUGMSGTL(("ksm", "Invalid checksum type (%d)\n", cksumtype));
retval = SNMPERR_KRB5;
snmp_set_detail("Invalid checksum type");
goto error;
}
if (!is_keyed_cksum(cksumtype)) {
DEBUGMSGTL(("ksm", "Checksum type %d is not a keyed checksum\n",
cksumtype));
snmp_set_detail("Checksum is not a keyed checksum");
retval = SNMPERR_KRB5;
goto error;
}
if (!is_coll_proof_cksum(cksumtype)) {
DEBUGMSGTL(("ksm", "Checksum type %d is not a collision-proof "
"checksum\n", cksumtype));
snmp_set_detail("Checksum is not a collision-proof checksum");
retval = SNMPERR_KRB5;
goto error;
}
#endif /* MIT_NEW_CRYPTO */
checksum.checksum_type = cksumtype;
cksumlength = length;
if ((current = asn_parse_sequence(current, &cksumlength, &type,
(ASN_UNIVERSAL | ASN_PRIMITIVE |
ASN_OCTET_STR), "ksm checksum")) ==
NULL) {
DEBUGMSGTL(("ksm",
"Security parameter checksum parsing failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
checksum.contents = malloc(cksumlength);
if (!checksum.contents) {
DEBUGMSGTL(("ksm", "Unable to malloc %d bytes for checksum.\n",
cksumlength));
retval = SNMPERR_MALLOC;
goto error;
}
memcpy(checksum.contents, current, cksumlength);
checksum.length = cksumlength;
checksum.checksum_type = cksumtype;
/*
* Zero out the checksum so the validation works correctly
*/
memset(current, 0, cksumlength);
current += cksumlength;
length = parms->wholeMsgLen - (u_int) (current - parms->wholeMsg);
if ((current = asn_parse_sequence(current, &length, &type,
(ASN_UNIVERSAL | ASN_PRIMITIVE |
ASN_OCTET_STR), "ksm ap_req")) ==
NULL) {
DEBUGMSGTL(("ksm", "KSM security parameter AP_REQ/REP parsing "
"failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
ap_req.length = length;
ap_req.data = malloc(length);
if (!ap_req.data) {
DEBUGMSGTL(("ksm",
"KSM unable to malloc %d bytes for AP_REQ/REP.\n",
length));
retval = SNMPERR_MALLOC;
goto error;
}
memcpy(ap_req.data, current, length);
current += length;
length = parms->wholeMsgLen - (u_int) (current - parms->wholeMsg);
if ((current = asn_parse_int(current, &length, &type, &hint,
sizeof(hint))) == NULL) {
DEBUGMSGTL(("ksm",
"KSM security parameter hint parsing failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
/*
* Okay! We've got it all! Now try decoding the damn ticket.
*
* But of course there's a WRINKLE! We need to figure out if we're
* processing a AP_REQ or an AP_REP. How do we do that? We're going
* to cheat, and look at the first couple of bytes (which is what
* the Kerberos library routines do anyway).
*
* If there are ever new Kerberos message formats, we'll need to fix
* this here.
*
* If it's a _response_, then we need to get the auth_context
* from our cache.
*/
if (ap_req.length
&& (ap_req.data[0] == 0x6e || ap_req.data[0] == 0x4e)) {
/*
* We need to initalize the authorization context, and set the
* replay cache in it (and initialize the replay cache if we
* haven't already
*/
retcode = krb5_auth_con_init(kcontext, &auth_context);
if (retcode) {
DEBUGMSGTL(("ksm", "krb5_auth_con_init failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
if (!rcache) {
krb5_data server;
server.data = "host";
server.length = strlen(server.data);
retcode = krb5_get_server_rcache(kcontext, &server, &rcache);
if (retcode) {
DEBUGMSGTL(("ksm", "krb5_get_server_rcache failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
}
retcode = krb5_auth_con_setrcache(kcontext, auth_context, rcache);
if (retcode) {
DEBUGMSGTL(("ksm", "krb5_auth_con_setrcache failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
retcode = krb5_rd_req(kcontext, &auth_context, &ap_req, NULL,
keytab, &flags, &ticket);
krb5_auth_con_setrcache(kcontext, auth_context, NULL);
if (retcode) {
DEBUGMSGTL(("ksm", "krb5_rd_req() failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
retcode =
krb5_unparse_name(kcontext, ticket->enc_part2->client, &cname);
if (retcode == 0) {
DEBUGMSGTL(("ksm", "KSM authenticated principal name: %s\n",
cname));
free(cname);
}
/*
* Check to make sure AP_OPTS_MUTUAL_REQUIRED was set
*/
if (!(flags & AP_OPTS_MUTUAL_REQUIRED)) {
DEBUGMSGTL(("ksm",
"KSM MUTUAL_REQUIRED not set in request!\n"));
retval = SNMPERR_KRB5;
snmp_set_detail("MUTUAL_REQUIRED not set in message");
goto error;
}
retcode =
krb5_auth_con_getremotesubkey(kcontext, auth_context, &subkey);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM remote subkey retrieval failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
} else if (ap_req.length && (ap_req.data[0] == 0x6f ||
ap_req.data[0] == 0x4f)) {
/*
* Looks like a response; let's see if we've got that auth_context
* in our cache.
*/
krb5_ap_rep_enc_part *repl = NULL;
response = 1;
entry = ksm_get_cache(parms->pdu->msgid);
if (!entry) {
DEBUGMSGTL(("ksm",
"KSM: Unable to find auth_context for PDU with "
"message ID of %ld\n", parms->pdu->msgid));
retval = SNMPERR_KRB5;
goto error;
}
auth_context = entry->auth_context;
/*
* In that case, let's call the rd_rep function
*/
retcode = krb5_rd_rep(kcontext, auth_context, &ap_req, &repl);
if (repl)
krb5_free_ap_rep_enc_part(kcontext, repl);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM: krb5_rd_rep() failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
goto error;
}
DEBUGMSGTL(("ksm", "KSM: krb5_rd_rep() decoded successfully.\n"));
retcode =
krb5_auth_con_getlocalsubkey(kcontext, auth_context, &subkey);
if (retcode) {
DEBUGMSGTL(("ksm", "Unable to retrieve local subkey: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail("Unable to retrieve local subkey");
goto error;
}
} else {
DEBUGMSGTL(("ksm", "Unknown Kerberos message type (%02x)\n",
ap_req.data[0]));
retval = SNMPERR_KRB5;
snmp_set_detail("Unknown Kerberos message type");
goto error;
}
#ifdef MIT_NEW_CRYPTO
input.data = (char *) parms->wholeMsg;
input.length = parms->wholeMsgLen;
retcode =
krb5_c_verify_checksum(kcontext, subkey, KSM_KEY_USAGE_CHECKSUM,
&input, &checksum, &valid);
#else /* MIT_NEW_CRYPTO */
retcode = krb5_verify_checksum(kcontext, cksumtype, &checksum,
parms->wholeMsg, parms->wholeMsgLen,
(krb5_pointer) subkey->contents,
subkey->length);
#endif /* MIT_NEW_CRYPTO */
if (retcode) {
DEBUGMSGTL(("ksm", "KSM checksum verification failed: %s\n",
error_message(retcode)));
retval = SNMPERR_KRB5;
snmp_set_detail(error_message(retcode));
goto error;
}
/*
* Don't ask me why they didn't simply return an error, but we have
* to check to see if "valid" is false.
*/
#ifdef MIT_NEW_CRYPTO
if (!valid) {
DEBUGMSGTL(("ksm", "Computed checksum did not match supplied "
"checksum!\n"));
retval = SNMPERR_KRB5;
snmp_set_detail
("Computed checksum did not match supplied checksum");
goto error;
}
#endif /* MIT_NEW_CRYPTO */
/*
* Handle an encrypted PDU. Note that it's an OCTET_STRING of the
* output of whatever Kerberos cryptosystem you're using (defined by
* the encryption type). Note that this is NOT the EncryptedData
* sequence - it's what goes in the "cipher" field of EncryptedData.
*/
if (parms->secLevel == SNMP_SEC_LEVEL_AUTHPRIV) {
if ((current = asn_parse_sequence(current, &length, &type,
(ASN_UNIVERSAL | ASN_PRIMITIVE |
ASN_OCTET_STR), "ksm pdu")) ==
NULL) {
DEBUGMSGTL(("ksm", "KSM sPDU octet decoding failed\n"));
retval = SNMPERR_ASN_PARSE_ERR;
goto error;
}
/*
* The PDU is now pointed at by "current", and the length is in
* "length".
*/
DEBUGMSGTL(("ksm", "KSM starting sPDU decode\n"));
/*
* We need to set up a blank initialization vector for the decryption.
* Use a block of all zero's (which is dependent on the block size
* of the encryption method).
*/
#ifdef MIT_NEW_CRYPTO
retcode = krb5_c_block_size(kcontext, subkey->enctype, &blocksize);
if (retcode) {
DEBUGMSGTL(("ksm",
"Unable to determine crypto block size: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
#else /* MIT_NEW_CRYPTO */
blocksize =
krb5_enctype_array[subkey->enctype]->system->block_length;
#endif /* MIT_NEW_CRYPTO */
ivector.data = malloc(blocksize);
if (!ivector.data) {
DEBUGMSGTL(("ksm", "Unable to allocate %d bytes for ivector\n",
blocksize));
retval = SNMPERR_MALLOC;
goto error;
}
ivector.length = blocksize;
memset(ivector.data, 0, blocksize);
#ifndef MIT_NEW_CRYPTO
krb5_use_enctype(kcontext, &eblock, subkey->enctype);
retcode = krb5_process_key(kcontext, &eblock, subkey);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM key post-processing failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
#endif /* !MIT_NEW_CRYPTO */
if (length > *parms->scopedPduLen) {
DEBUGMSGTL(("ksm", "KSM not enough room - have %d bytes to "
"decrypt but only %d bytes available\n", length,
*parms->scopedPduLen));
retval = SNMPERR_TOO_LONG;
#ifndef MIT_NEW_CRYPTO
krb5_finish_key(kcontext, &eblock);
#endif /* ! MIT_NEW_CRYPTO */
goto error;
}
#ifdef MIT_NEW_CRYPTO
in_crypt.ciphertext.data = (char *) current;
in_crypt.ciphertext.length = length;
in_crypt.enctype = subkey->enctype;
output.data = (char *) *parms->scopedPdu;
output.length = *parms->scopedPduLen;
retcode =
krb5_c_decrypt(kcontext, subkey, KSM_KEY_USAGE_ENCRYPTION,
&ivector, &in_crypt, &output);
#else /* MIT_NEW_CRYPTO */
retcode = krb5_decrypt(kcontext, (krb5_pointer) current,
*parms->scopedPdu, length, &eblock,
ivector.data);
krb5_finish_key(kcontext, &eblock);
#endif /* MIT_NEW_CRYPTO */
if (retcode) {
DEBUGMSGTL(("ksm", "Decryption failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
*parms->scopedPduLen = length;
} else {
/*
* Clear PDU
*/
*parms->scopedPdu = current;
*parms->scopedPduLen =
parms->wholeMsgLen - (current - parms->wholeMsg);
}
/*
* A HUGE GROSS HACK
*/
*parms->maxSizeResponse = parms->maxMsgSize - 200;
DEBUGMSGTL(("ksm", "KSM processing complete\n"));
/*
* Set the secName to the right value (a hack for now). But that's
* only used for when we're processing a request, not a response.
*/
if (!response) {
retcode = krb5_unparse_name(kcontext, ticket->enc_part2->client,
&cname);
if (retcode) {
DEBUGMSGTL(("ksm", "KSM krb5_unparse_name failed: %s\n",
error_message(retcode)));
snmp_set_detail(error_message(retcode));
retval = SNMPERR_KRB5;
goto error;
}
if (strlen(cname) > *parms->secNameLen + 1) {
DEBUGMSGTL(("ksm",
"KSM: Principal length (%d) is too long (%d)\n",
strlen(cname), parms->secNameLen));
retval = SNMPERR_TOO_LONG;
free(cname);
goto error;
}
strcpy(parms->secName, cname);
*parms->secNameLen = strlen(cname);
free(cname);
/*
* Also, if we're not a response, keep around our auth_context so we
* can encode the reply message correctly
*/
ksm_state = SNMP_MALLOC_STRUCT(ksm_secStateRef);
if (!ksm_state) {
DEBUGMSGTL(("ksm", "KSM unable to malloc memory for "
"ksm_secStateRef\n"));
retval = SNMPERR_MALLOC;
goto error;
}
ksm_state->auth_context = auth_context;
auth_context = NULL;
ksm_state->cksumtype = cksumtype;
*parms->secStateRef = ksm_state;
} else {
/*
* We _still_ have to set the secName in process_in_msg(). Do
* that now with what we were passed in before (we cached it,
* remember?)
*/
memcpy(parms->secName, entry->secName, entry->secNameLen);
*parms->secNameLen = entry->secNameLen;
}
/*
* Just in case
*/
parms->secEngineID = (u_char *) "";
*parms->secEngineIDLen = 0;
auth_context = NULL; /* So we don't try to free it on success */
error:
if (retval == SNMPERR_ASN_PARSE_ERR &&
snmp_increment_statistic(STAT_SNMPINASNPARSEERRS) == 0)
DEBUGMSGTL(("ksm", "Failed to increment statistics.\n"));
if (subkey)
krb5_free_keyblock(kcontext, subkey);
if (checksum.contents)
free(checksum.contents);
if (ivector.data)
free(ivector.data);
if (ticket)
krb5_free_ticket(kcontext, ticket);
if (!response && auth_context)
krb5_auth_con_free(kcontext, auth_context);
if (ap_req.data)
free(ap_req.data);
return retval;
}
