kadm5_ret_t
kadm5_s_create_principal(void *server_handle,
kadm5_principal_ent_t princ,
uint32_t mask,
const char *password,
int n_ks_tuple,
krb5_key_salt_tuple *ks_tuple)
{
kadm5_ret_t ret;
hdb_entry_ex ent;
kadm5_server_context *context = server_handle;
if ((mask & KADM5_KVNO) == 0) {
/* create_principal() through _kadm5_setup_entry(), will need this */
princ->kvno = 1;
mask |= KADM5_KVNO;
}
ret = create_principal(context, princ, mask, &ent,
KADM5_PRINCIPAL,
KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME
| KADM5_MOD_NAME | KADM5_MKVNO
| KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA
| KADM5_POLICY_CLR | KADM5_LAST_SUCCESS
| KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT);
if(ret)
goto out;
ent.entry.keys.len = 0;
ent.entry.keys.val = NULL;
ret = _kadm5_set_keys(context, &ent.entry, password, n_ks_tuple, ks_tuple);
if (ret)
goto out;
ret = hdb_seal_keys(context->context, context->db, &ent.entry);
if (ret)
goto out;
if (!context->keep_open) {
ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0);
if(ret)
goto out;
}
ret = context->db->hdb_store(context->context, context->db, 0, &ent);
if (!context->keep_open)
context->db->hdb_close(context->context, context->db);
if (ret)
goto out;
kadm5_log_create (context, &ent.entry);
out:
hdb_free_entry(context->context, &ent);
return _kadm5_error_code(ret);
}
kadm5_ret_t
kadm5_s_create_principal_with_key(void *server_handle,
kadm5_principal_ent_t princ,
uint32_t mask)
{
kadm5_ret_t ret;
hdb_entry_ex ent;
kadm5_server_context *context = server_handle;
if ((mask & KADM5_KVNO) == 0) {
/* create_principal() through _kadm5_setup_entry(), will need this */
princ->kvno = 1;
mask |= KADM5_KVNO;
}
ret = create_principal(context, princ, mask, &ent,
KADM5_PRINCIPAL | KADM5_KEY_DATA,
KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME
| KADM5_MOD_NAME | KADM5_MKVNO
| KADM5_AUX_ATTRIBUTES
| KADM5_POLICY_CLR | KADM5_LAST_SUCCESS
| KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT);
if (ret)
return ret;
if (!context->keep_open) {
ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0);
if (ret) {
hdb_free_entry(context->context, &ent);
return ret;
}
}
ret = kadm5_log_init(context);
if (ret)
goto out;
ret = hdb_seal_keys(context->context, context->db, &ent.entry);
if (ret)
goto out2;
/* This logs the change for iprop and writes to the HDB */
ret = kadm5_log_create(context, &ent.entry);
out2:
(void) kadm5_log_end(context);
out:
if (!context->keep_open) {
kadm5_ret_t ret2;
ret2 = context->db->hdb_close(context->context, context->db);
if (ret == 0 && ret2 != 0)
ret = ret2;
}
hdb_free_entry(context->context, &ent);
return _kadm5_error_code(ret);
}
kadm5_ret_t
kadm5_s_create_principal(void *server_handle,
kadm5_principal_ent_t princ,
uint32_t mask,
const char *password)
{
kadm5_ret_t ret;
hdb_entry_ex ent;
kadm5_server_context *context = server_handle;
ret = create_principal(context, princ, mask, &ent,
KADM5_PRINCIPAL,
KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME
| KADM5_MOD_NAME | KADM5_MKVNO
| KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA
| KADM5_POLICY_CLR | KADM5_LAST_SUCCESS
| KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT);
if(ret)
goto out;
if ((mask & KADM5_KVNO) == 0)
ent.entry.kvno = 1;
ent.entry.keys.len = 0;
ent.entry.keys.val = NULL;
ret = _kadm5_set_keys(context, &ent.entry, password);
if (ret)
goto out;
ret = hdb_seal_keys(context->context, context->db, &ent.entry);
if (ret)
goto out;
ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0);
if(ret)
goto out;
ret = context->db->hdb_store(context->context, context->db, 0, &ent);
context->db->hdb_close(context->context, context->db);
if (ret)
goto out;
kadm5_log_create (context, &ent.entry);
out:
hdb_free_entry(context->context, &ent);
return _kadm5_error_code(ret);
}
int main() //@ : main_full(main_app)
//@ requires module(main_app, true);
//@ ensures true;
{
struct keypair *apair;
struct keypair *pair;
struct item *key;
struct item *pub_key;
struct item *priv_key;
printf("\n\tExecuting \"");
printf("auth secure_storage");
printf("protocol");
printf("\" ... \n\n");
//@ open_module();
//@ PACK_PROOF_OBLIGATIONS(ss_auth)
init_crypto_lib();
int attacker = create_principal(&apair);
//@ assume (bad(attacker));
int sender = create_principal(&pair);
pub_key = keypair_get_public_key(pair);
priv_key = keypair_get_private_key(pair);
keypair_free(pair);
void *null = (void *) 0;
//@ leak world(ss_auth_pub);
{
pthread_t a_thread;
struct ss_auth_args *args = malloc(sizeof(struct ss_auth_args));
if (args == 0) abort();
args->attacker = attacker;
args->keypair = apair;
//@ close pthread_run_pre(attacker_t)(args, _);
pthread_create(&a_thread, NULL, &attacker_t, args);
}
int i = 0;
#ifdef EXECUTE
while (i++ < 10)
#else
while (true)
#endif
/*@ invariant [_]world(ss_auth_pub) &*&
generated_values(_, _) &*&
item(pub_key, public_key_item(sender, _), ss_auth_pub) &*&
item(priv_key, private_key_item(sender, _), ss_auth_pub);
@*/
{
pthread_t s_thread, r_thread;
struct ss_auth_args *args_s = malloc(sizeof(struct ss_auth_args));
if (args_s == 0) abort();
struct ss_auth_args *args_r = malloc(sizeof(struct ss_auth_args));
if (args_r == 0) abort();
args_s->key = priv_key;
args_r->key = pub_key;
{
/*@ close pthread_run_pre(sender_t)(args_s, cons(pointer_value(priv_key),
cons(int_value(sender), nil))); @*/
pthread_create(&s_thread, null, &sender_t, args_s);
/*@ close pthread_run_pre(receiver_t)(args_r, cons(pointer_value(pub_key),
cons(int_value(sender), nil))); @*/
pthread_create(&r_thread, null, &receiver_t, args_r);
}
{
pthread_join(r_thread, null);
//@ open pthread_run_post(receiver_t)(args_r, _);
pthread_join(s_thread, null);
//@ open pthread_run_post(sender_t)(args_s, _);
}
free(args_s);
free(args_r);
}
//@ close_module();
//@ leak module(main_app, _);
printf("Done\n");
}
