kadm5_ret_t kadm5_s_create_principal(void *server_handle, kadm5_principal_ent_t princ, uint32_t mask, const char *password, int n_ks_tuple, krb5_key_salt_tuple *ks_tuple) { kadm5_ret_t ret; hdb_entry_ex ent; kadm5_server_context *context = server_handle; if ((mask & KADM5_KVNO) == 0) { /* create_principal() through _kadm5_setup_entry(), will need this */ princ->kvno = 1; mask |= KADM5_KVNO; } ret = create_principal(context, princ, mask, &ent, KADM5_PRINCIPAL, KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME | KADM5_MOD_NAME | KADM5_MKVNO | KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); if(ret) goto out; ent.entry.keys.len = 0; ent.entry.keys.val = NULL; ret = _kadm5_set_keys(context, &ent.entry, password, n_ks_tuple, ks_tuple); if (ret) goto out; ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out; if (!context->keep_open) { ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) goto out; } ret = context->db->hdb_store(context->context, context->db, 0, &ent); if (!context->keep_open) context->db->hdb_close(context->context, context->db); if (ret) goto out; kadm5_log_create (context, &ent.entry); out: hdb_free_entry(context->context, &ent); return _kadm5_error_code(ret); }
kadm5_ret_t kadm5_s_create_principal_with_key(void *server_handle, kadm5_principal_ent_t princ, uint32_t mask) { kadm5_ret_t ret; hdb_entry_ex ent; kadm5_server_context *context = server_handle; if ((mask & KADM5_KVNO) == 0) { /* create_principal() through _kadm5_setup_entry(), will need this */ princ->kvno = 1; mask |= KADM5_KVNO; } ret = create_principal(context, princ, mask, &ent, KADM5_PRINCIPAL | KADM5_KEY_DATA, KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME | KADM5_MOD_NAME | KADM5_MKVNO | KADM5_AUX_ATTRIBUTES | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); if (ret) return ret; if (!context->keep_open) { ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if (ret) { hdb_free_entry(context->context, &ent); return ret; } } ret = kadm5_log_init(context); if (ret) goto out; ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out2; /* This logs the change for iprop and writes to the HDB */ ret = kadm5_log_create(context, &ent.entry); out2: (void) kadm5_log_end(context); out: if (!context->keep_open) { kadm5_ret_t ret2; ret2 = context->db->hdb_close(context->context, context->db); if (ret == 0 && ret2 != 0) ret = ret2; } hdb_free_entry(context->context, &ent); return _kadm5_error_code(ret); }
kadm5_ret_t kadm5_s_create_principal(void *server_handle, kadm5_principal_ent_t princ, uint32_t mask, const char *password) { kadm5_ret_t ret; hdb_entry_ex ent; kadm5_server_context *context = server_handle; ret = create_principal(context, princ, mask, &ent, KADM5_PRINCIPAL, KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME | KADM5_MOD_NAME | KADM5_MKVNO | KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); if(ret) goto out; if ((mask & KADM5_KVNO) == 0) ent.entry.kvno = 1; ent.entry.keys.len = 0; ent.entry.keys.val = NULL; ret = _kadm5_set_keys(context, &ent.entry, password); if (ret) goto out; ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out; ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) goto out; ret = context->db->hdb_store(context->context, context->db, 0, &ent); context->db->hdb_close(context->context, context->db); if (ret) goto out; kadm5_log_create (context, &ent.entry); out: hdb_free_entry(context->context, &ent); return _kadm5_error_code(ret); }
int main() //@ : main_full(main_app) //@ requires module(main_app, true); //@ ensures true; { struct keypair *apair; struct keypair *pair; struct item *key; struct item *pub_key; struct item *priv_key; printf("\n\tExecuting \""); printf("auth secure_storage"); printf("protocol"); printf("\" ... \n\n"); //@ open_module(); //@ PACK_PROOF_OBLIGATIONS(ss_auth) init_crypto_lib(); int attacker = create_principal(&apair); //@ assume (bad(attacker)); int sender = create_principal(&pair); pub_key = keypair_get_public_key(pair); priv_key = keypair_get_private_key(pair); keypair_free(pair); void *null = (void *) 0; //@ leak world(ss_auth_pub); { pthread_t a_thread; struct ss_auth_args *args = malloc(sizeof(struct ss_auth_args)); if (args == 0) abort(); args->attacker = attacker; args->keypair = apair; //@ close pthread_run_pre(attacker_t)(args, _); pthread_create(&a_thread, NULL, &attacker_t, args); } int i = 0; #ifdef EXECUTE while (i++ < 10) #else while (true) #endif /*@ invariant [_]world(ss_auth_pub) &*& generated_values(_, _) &*& item(pub_key, public_key_item(sender, _), ss_auth_pub) &*& item(priv_key, private_key_item(sender, _), ss_auth_pub); @*/ { pthread_t s_thread, r_thread; struct ss_auth_args *args_s = malloc(sizeof(struct ss_auth_args)); if (args_s == 0) abort(); struct ss_auth_args *args_r = malloc(sizeof(struct ss_auth_args)); if (args_r == 0) abort(); args_s->key = priv_key; args_r->key = pub_key; { /*@ close pthread_run_pre(sender_t)(args_s, cons(pointer_value(priv_key), cons(int_value(sender), nil))); @*/ pthread_create(&s_thread, null, &sender_t, args_s); /*@ close pthread_run_pre(receiver_t)(args_r, cons(pointer_value(pub_key), cons(int_value(sender), nil))); @*/ pthread_create(&r_thread, null, &receiver_t, args_r); } { pthread_join(r_thread, null); //@ open pthread_run_post(receiver_t)(args_r, _); pthread_join(s_thread, null); //@ open pthread_run_post(sender_t)(args_s, _); } free(args_s); free(args_r); } //@ close_module(); //@ leak module(main_app, _); printf("Done\n"); }