Page MenuHomeFreeBSD
Differential D17276 Diff 48789 projects/openssl111/crypto/heimdal/kdc/pkinit.c

Changeset View

Standalone View

View Options

projects/openssl111/crypto/heimdal/kdc/pkinit.c

Show First 20 LinesShow All 325 Lines▼ Show 20 Lines
static krb5_error_code static krb5_error_code
get_dh_param(krb5_context context, get_dh_param(krb5_context context,
krb5_kdc_configuration *config, krb5_kdc_configuration *config,
SubjectPublicKeyInfo *dh_key_info, SubjectPublicKeyInfo *dh_key_info,
pk_client_params *client_params) pk_client_params *client_params)
{ {
DomainParameters dhparam; DomainParameters dhparam;
DH *dh = NULL; DH *dh = NULL;
BIGNUM *p, *q, *g;
krb5_error_code ret; krb5_error_code ret;
memset(&dhparam, 0, sizeof(dhparam)); memset(&dhparam, 0, sizeof(dhparam));
if ((dh_key_info->subjectPublicKey.length % 8) != 0) { if ((dh_key_info->subjectPublicKey.length % 8) != 0) {
ret = KRB5_BADMSGTYPE; ret = KRB5_BADMSGTYPE;
krb5_set_error_message(context, ret, krb5_set_error_message(context, ret,
"PKINIT: subjectPublicKey not aligned " "PKINIT: subjectPublicKey not aligned "
Show All 28 Lines goto out;
dh = DH_new(); dh = DH_new();
if (dh == NULL) { if (dh == NULL) {
ret = ENOMEM; ret = ENOMEM;
krb5_set_error_message(context, ret, "Cannot create DH structure"); krb5_set_error_message(context, ret, "Cannot create DH structure");
goto out; goto out;
} }
ret = KRB5_BADMSGTYPE; ret = KRB5_BADMSGTYPE;
dh->p = integer_to_BN(context, "DH prime", &dhparam.p); p = integer_to_BN(context, "DH prime", &dhparam.p);
if (dh->p == NULL) g = integer_to_BN(context, "DH base", &dhparam.g);
q = integer_to_BN(context, "DH p-1 factor", &dhparam.q);
if (p == NULL || g == NULL || q == NULL) {
BN_free(p);
BN_free(g);
BN_free(q);
goto out; goto out;
dh->g = integer_to_BN(context, "DH base", &dhparam.g); }
if (dh->g == NULL) if (DH_set0_pqg(dh, p, g, q) != 1) {
BN_free(p);
BN_free(g);
BN_free(q);
goto out; goto out;
dh->q = integer_to_BN(context, "DH p-1 factor", &dhparam.q); }
if (dh->g == NULL)
goto out;
{ {
heim_integer glue; heim_integer glue;
size_t size; size_t size;
ret = decode_DHPublicKey(dh_key_info->subjectPublicKey.data, ret = decode_DHPublicKey(dh_key_info->subjectPublicKey.data,
dh_key_info->subjectPublicKey.length / 8, dh_key_info->subjectPublicKey.length / 8,
&glue, &glue,
▲ Show 20 LinesShow All 495 Lines▼ Show 20 Lines *ret_params = cp;
return ret; return ret;
} }
/* /*
* *
*/ */
static krb5_error_code static krb5_error_code
BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer) BN_to_integer(krb5_context context, const BIGNUM *bn, heim_integer *integer)
{ {
integer->length = BN_num_bytes(bn); integer->length = BN_num_bytes(bn);
integer->data = malloc(integer->length); integer->data = malloc(integer->length);
if (integer->data == NULL) { if (integer->data == NULL) {
krb5_clear_error_message(context); krb5_clear_error_message(context);
return ENOMEM; return ENOMEM;
} }
BN_bn2bin(bn, integer->data); BN_bn2bin(bn, integer->data);
▲ Show 20 LinesShow All 200 Lines▼ Show 20 Linespk_mk_pa_reply_dh(krb5_context context,
memset(&dh_info, 0, sizeof(dh_info)); memset(&dh_info, 0, sizeof(dh_info));
krb5_data_zero(&signed_data); krb5_data_zero(&signed_data);
krb5_data_zero(&buf); krb5_data_zero(&buf);
*kdc_cert = NULL; *kdc_cert = NULL;
if (cp->keyex == USE_DH) { if (cp->keyex == USE_DH) {
DH *kdc_dh = cp->u.dh.key; DH *kdc_dh = cp->u.dh.key;
const BIGNUM *pub_key;
heim_integer i; heim_integer i;
ret = BN_to_integer(context, kdc_dh->pub_key, &i); DH_get0_key(kdc_dh, &pub_key, NULL);
ret = BN_to_integer(context, pub_key, &i);
if (ret) if (ret)
return ret; return ret;
ASN1_MALLOC_ENCODE(DHPublicKey, buf.data, buf.length, &i, &size, ret); ASN1_MALLOC_ENCODE(DHPublicKey, buf.data, buf.length, &i, &size, ret);
der_free_heim_integer(&i); der_free_heim_integer(&i);
if (ret) { if (ret) {
krb5_set_error_message(context, ret, "ASN.1 encoding of " krb5_set_error_message(context, ret, "ASN.1 encoding of "
"DHPublicKey failed (%d)", ret); "DHPublicKey failed (%d)", ret);
▲ Show 20 LinesShow All 923 LinesShow Last 20 Lines