updateMechList(void)
{
#if defined(_WIN32)
- time_t lastConfModTime = getRegConfigModTime(MECH_KEY);
- if (g_confFileModTime < lastConfModTime)
- {
- g_confFileModTime = lastConfModTime;
- loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
- loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
- }
+ time_t lastConfModTime = getRegConfigModTime(MECH_KEY);
+ if (g_confFileModTime < lastConfModTime) {
+ g_confFileModTime = lastConfModTime;
+ loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
+ loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
+ }
#else /* _WIN32 */
char *fileName;
struct stat fileInfo;
char *sharedLib, *kernMod, *modOptions, *oid, *endp;
char buffer[BUFSIZ], *oidStr;
FILE *confFile;
+
if ((confFile = fopen(fileName, "r")) == NULL) {
return;
}
if (! *endp)
continue;
- /* Find the end of the oid and make sure it is NULL-ended */
- for (oid=endp; *endp && !isspace(*endp); endp++)
- ;
-
- if (*endp) {
- *endp = '\0';
- endp++;
- }
-
- /* Find the start of the shared lib name */
- for (sharedLib = endp; *sharedLib && isspace(*sharedLib);
- sharedLib++)
- ;
-
- /*
- * Find the end of the shared lib name and make sure it is
- * NULL-terminated.
- */
- for (endp = sharedLib; *endp && !isspace(*endp); endp++)
- ;
-
- if (*endp) {
- *endp = '\0';
- endp++;
- }
-
- /* Find the start of the optional kernel module lib name */
- for (kernMod = endp; *kernMod && isspace(*kernMod);
- kernMod++)
- ;
-
- /*
- * If this item starts with a bracket "[", then
- * it is not a kernel module, but is a list of
- * options for the user module to parse later.
- */
- if (*kernMod && *kernMod != '[') {
- /*
- * Find the end of the shared lib name and make sure
- * it is NULL-terminated.
- */
- for (endp = kernMod; *endp && !isspace(*endp); endp++)
- ;
-
- if (*endp) {
- *endp = '\0';
- endp++;
- }
- } else
- kernMod = NULL;
-
- /* Find the start of the optional module options list */
- for (modOptions = endp; *modOptions && isspace(*modOptions);
- modOptions++);
-
- if (*modOptions == '[') {
- /* move past the opening bracket */
- for (modOptions = modOptions+1;
- *modOptions && isspace(*modOptions);
- modOptions++);
-
- /* Find the closing bracket */
- for (endp = modOptions;
- *endp && *endp != ']'; endp++);
-
- *endp = '\0';
- } else {
- modOptions = NULL;
- }
-
- addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
+ /* Find the end of the oid and make sure it is NULL-ended */
+ for (oid = endp; *endp && !isspace(*endp); endp++)
+ ;
+
+ if (*endp) {
+ *endp = '\0';
+ endp++;
+ }
+
+ /* Find the start of the shared lib name */
+ for (sharedLib = endp; *sharedLib && isspace(*sharedLib);
+ sharedLib++)
+ ;
+
+ /*
+ * Find the end of the shared lib name and make sure it is
+ * NULL-terminated.
+ */
+ for (endp = sharedLib; *endp && !isspace(*endp); endp++)
+ ;
+
+ if (*endp) {
+ *endp = '\0';
+ endp++;
+ }
+
+ /* Find the start of the optional kernel module lib name */
+ for (kernMod = endp; *kernMod && isspace(*kernMod);
+ kernMod++)
+ ;
+
+ /*
+ * If this item starts with a bracket "[", then
+ * it is not a kernel module, but is a list of
+ * options for the user module to parse later.
+ */
+ if (*kernMod && *kernMod != '[') {
+ /*
+ * Find the end of the shared lib name and make sure
+ * it is NULL-terminated.
+ */
+ for (endp = kernMod; *endp && !isspace(*endp); endp++)
+ ;
+
+ if (*endp) {
+ *endp = '\0';
+ endp++;
+ }
+ } else
+ kernMod = NULL;
+
+ /* Find the start of the optional module options list */
+ for (modOptions = endp; *modOptions && isspace(*modOptions);
+ modOptions++);
+
+ if (*modOptions == '[') {
+ /* move past the opening bracket */
+ for (modOptions = modOptions+1;
+ *modOptions && isspace(*modOptions);
+ modOptions++);
+
+ /* Find the closing bracket */
+ for (endp = modOptions;
+ *endp && *endp != ']'; endp++);
+
+ *endp = '\0';
+ } else {
+ modOptions = NULL;
+ }
+
+ addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
} /* while */
(void) fclose(confFile);
} /* loadConfigFile */
static time_t
filetimeToTimet(const FILETIME *ft)
{
- ULARGE_INTEGER ull;
- ull.LowPart = ft->dwLowDateTime;
- ull.HighPart = ft->dwHighDateTime;
- return (time_t )(ull.QuadPart / 10000000ULL - 11644473600ULL);
+ ULARGE_INTEGER ull;
+
+ ull.LowPart = ft->dwLowDateTime;
+ ull.HighPart = ft->dwHighDateTime;
+ return (time_t)(ull.QuadPart / 10000000ULL - 11644473600ULL);
}
static time_t
getRegConfigModTime(const char *keyPath)
{
- time_t currentUserModTime = getRegKeyModTime(HKEY_CURRENT_USER, keyPath);
- time_t localMachineModTime = getRegKeyModTime(HKEY_LOCAL_MACHINE, keyPath);
- return currentUserModTime > localMachineModTime ? currentUserModTime : localMachineModTime;
+ time_t currentUserModTime = getRegKeyModTime(HKEY_CURRENT_USER,
+ keyPath);
+ time_t localMachineModTime = getRegKeyModTime(HKEY_LOCAL_MACHINE,
+ keyPath);
+
+ return currentUserModTime > localMachineModTime ? currentUserModTime :
+ localMachineModTime;
}
static time_t
getRegKeyModTime(HKEY hBaseKey, const char *keyPath)
{
- HKEY hConfigKey;
- HRESULT rc;
- int iSubKey = 0;
- time_t modTime = 0, keyModTime;
- FILETIME keyLastWriteTime;
- char subKeyName[256];
- if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS,
- &hConfigKey)) != ERROR_SUCCESS) {
- /* TODO: log error message */
- return 0;
- }
- do {
- int subKeyNameSize=256;
- if ((rc = RegEnumKeyEx(hConfigKey, iSubKey++, subKeyName, &subKeyNameSize, NULL, NULL, NULL, &keyLastWriteTime)) != ERROR_SUCCESS) {
- break;
- }
- keyModTime = filetimeToTimet(&keyLastWriteTime);
- if (modTime < keyModTime) {
- modTime = keyModTime;
- }
- } while (1);
- RegCloseKey(hConfigKey);
- return modTime;
+ HKEY hConfigKey;
+ HRESULT rc;
+ int iSubKey = 0;
+ time_t modTime = 0, keyModTime;
+ FILETIME keyLastWriteTime;
+ char subKeyName[256];
+
+ if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS,
+ &hConfigKey)) != ERROR_SUCCESS) {
+ /* TODO: log error message */
+ return 0;
+ }
+ do {
+ int subKeyNameSize=256;
+ if ((rc = RegEnumKeyEx(hConfigKey, iSubKey++, subKeyName,
+ &subKeyNameSize, NULL, NULL, NULL,
+ &keyLastWriteTime)) != ERROR_SUCCESS) {
+ break;
+ }
+ keyModTime = filetimeToTimet(&keyLastWriteTime);
+ if (modTime < keyModTime) {
+ modTime = keyModTime;
+ }
+ } while (1);
+ RegCloseKey(hConfigKey);
+ return modTime;
}
static void
-getRegKeyValue(HKEY hKey, const char *keyPath, const char *valueName, void **data, DWORD* dataLen)
+getRegKeyValue(HKEY hKey, const char *keyPath, const char *valueName,
+ void **data, DWORD* dataLen)
{
- DWORD sizeRequired=*dataLen;
- HRESULT hr;
- /* Get data length required */
- if ((hr=RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL, NULL, &sizeRequired)) != ERROR_SUCCESS)
- {
- /* TODO: LOG registry error */
- return;
- }
- /* adjust data buffer size if necessary */
- if (*dataLen < sizeRequired)
- {
- *dataLen = sizeRequired;
- *data = realloc(*data, sizeRequired);
- if (!*data)
- {
- *dataLen = 0;
- /* TODO: LOG OOM ERROR! */
- return;
- }
- }
- /* get data */
- if ((hr=RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL, *data, &sizeRequired)) != ERROR_SUCCESS)
- {
- /* LOG registry error */
- return;
- }
+ DWORD sizeRequired=*dataLen;
+ HRESULT hr;
+ /* Get data length required */
+ if ((hr = RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL,
+ NULL, &sizeRequired)) != ERROR_SUCCESS) {
+ /* TODO: LOG registry error */
+ return;
+ }
+ /* adjust data buffer size if necessary */
+ if (*dataLen < sizeRequired) {
+ *dataLen = sizeRequired;
+ *data = realloc(*data, sizeRequired);
+ if (!*data) {
+ *dataLen = 0;
+ /* TODO: LOG OOM ERROR! */
+ return;
+ }
+ }
+ /* get data */
+ if ((hr = RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL,
+ *data, &sizeRequired)) != ERROR_SUCCESS) {
+ /* LOG registry error */
+ return;
+ }
}
static void
loadConfigFromRegistry(HKEY hBaseKey, const char *keyPath)
{
- HKEY hConfigKey;
- DWORD iSubKey, nSubKeys, maxSubKeyNameLen;
- DWORD dataBufferSize, dataSizeRequired;
- char *oidStr=NULL, *oid=NULL, *sharedLib=NULL, *kernMod=NULL, *modOptions=NULL;
- DWORD oidStrLen=0, oidLen=0, sharedLibLen=0, kernModLen=0, modOptionsLen=0;
- HRESULT rc;
-
- if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS|KEY_QUERY_VALUE,
- &hConfigKey)) != ERROR_SUCCESS) {
- /* TODO: log registry error */
- return;
- }
-
- if ((rc = RegQueryInfoKey(hConfigKey,
- NULL, /* lpClass */
- NULL, /* lpcClass */
- NULL, /* lpReserved */
- &nSubKeys,
- &maxSubKeyNameLen,
- NULL, /* lpcMaxClassLen */
- NULL, /* lpcValues */
- NULL, /* lpcMaxValueNameLen */
- NULL, /* lpcMaxValueLen */
- NULL, /* lpcbSecurityDescriptor */
- NULL /* lpftLastWriteTime */ )) != ERROR_SUCCESS) {
- goto cleanup;
- }
- oidStr = malloc(++maxSubKeyNameLen);
- if (!oidStr) {
- goto cleanup;
- }
- for (iSubKey=0; iSubKey<nSubKeys; iSubKey++) {
- oidStrLen = maxSubKeyNameLen;
- if ((rc = RegEnumKeyEx(hConfigKey, iSubKey, oidStr, &oidStrLen, NULL, NULL, NULL, NULL)) != ERROR_SUCCESS) {
- /* TODO: log registry error */
- continue;
- }
- getRegKeyValue(hConfigKey, oidStr, "OID", &oid, &oidLen);
- getRegKeyValue(hConfigKey, oidStr, "Shared Library", &sharedLib, &sharedLibLen);
- getRegKeyValue(hConfigKey, oidStr, "Kernel Module", &kernMod, &kernModLen);
- getRegKeyValue(hConfigKey, oidStr, "Options", &modOptions, &modOptionsLen);
- addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
- }
+ HKEY hConfigKey;
+ DWORD iSubKey, nSubKeys, maxSubKeyNameLen;
+ DWORD dataBufferSize, dataSizeRequired;
+ char *oidStr = NULL, *oid = NULL, *sharedLib = NULL, *kernMod = NULL;
+ char *modOptions = NULL;
+ DWORD oidStrLen = 0, oidLen = 0, sharedLibLen = 0, kernModLen = 0;
+ DWORD modOptionsLen = 0;
+ HRESULT rc;
+
+ if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0,
+ KEY_ENUMERATE_SUB_KEYS|KEY_QUERY_VALUE,
+ &hConfigKey)) != ERROR_SUCCESS) {
+ /* TODO: log registry error */
+ return;
+ }
+
+ if ((rc = RegQueryInfoKey(hConfigKey,
+ NULL, /* lpClass */
+ NULL, /* lpcClass */
+ NULL, /* lpReserved */
+ &nSubKeys,
+ &maxSubKeyNameLen,
+ NULL, /* lpcMaxClassLen */
+ NULL, /* lpcValues */
+ NULL, /* lpcMaxValueNameLen */
+ NULL, /* lpcMaxValueLen */
+ NULL, /* lpcbSecurityDescriptor */
+ NULL /* lpftLastWriteTime */ )) != ERROR_SUCCESS) {
+ goto cleanup;
+ }
+ oidStr = malloc(++maxSubKeyNameLen);
+ if (!oidStr) {
+ goto cleanup;
+ }
+ for (iSubKey=0; iSubKey<nSubKeys; iSubKey++) {
+ oidStrLen = maxSubKeyNameLen;
+ if ((rc = RegEnumKeyEx(hConfigKey, iSubKey, oidStr, &oidStrLen,
+ NULL, NULL, NULL, NULL)) !=
+ ERROR_SUCCESS) {
+ /* TODO: log registry error */
+ continue;
+ }
+ getRegKeyValue(hConfigKey, oidStr, "OID", &oid, &oidLen);
+ getRegKeyValue(hConfigKey, oidStr, "Shared Library",
+ &sharedLib, &sharedLibLen);
+ getRegKeyValue(hConfigKey, oidStr, "Kernel Module", &kernMod,
+ &kernModLen);
+ getRegKeyValue(hConfigKey, oidStr, "Options", &modOptions,
+ &modOptionsLen);
+ addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
+ }
cleanup:
- RegCloseKey(hConfigKey);
- if (oidStr) {
- free(oidStr);
- }
- if (oid) {
- free(oid);
- }
- if (sharedLib) {
- free(sharedLib);
- }
- if (kernMod) {
- free(kernMod);
- }
- if (modOptions) {
- free(modOptions);
- }
+ RegCloseKey(hConfigKey);
+ if (oidStr) {
+ free(oidStr);
+ }
+ if (oid) {
+ free(oid);
+ }
+ if (sharedLib) {
+ free(sharedLib);
+ }
+ if (kernMod) {
+ free(kernMod);
+ }
+ if (modOptions) {
+ free(modOptions);
+ }
}
#endif
static void
-addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib, const char *kernMod, const char *modOptions)
+addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib,
+ const char *kernMod, const char *modOptions)
{
#if defined(_WIN32)
- const char *sharedPath;
+ const char *sharedPath;
#else
char sharedPath[sizeof (MECH_LIB_PREFIX) + BUFSIZ];
#endif
OM_uint32 minor;
gss_buffer_desc oidBuf;
- if ((!oid) || (!oidStr)) {
- return;
- }
+ if ((!oid) || (!oidStr)) {
+ return;
+ }
/*
* check if an entry for this oid already exists
* if it does, and the library is already loaded then
(void) syslog(LOG_INFO, "invalid mechanism oid"
" [%s] in configuration file", oid);
#endif
- return;
- }
+ return;
+ }
aMech = searchMechList(mechOid);
if (aMech && aMech->mech) {
return;
}
#if defined(_WIN32)
- sharedPath = sharedLib;
+ sharedPath = sharedLib;
#else
if (sharedLib[0] == '/')
snprintf(sharedPath, sizeof(sharedPath), "%s", sharedLib);
else
snprintf(sharedPath, sizeof(sharedPath), "%s%s",
- MECH_LIB_PREFIX, sharedLib);
+ MECH_LIB_PREFIX, sharedLib);
#endif
/*
* are we creating a new mechanism entry or
&aux_seqinfo_##DESCNAME, \
}
/* Integer types. */
-#define DEFINTTYPE(DESCNAME, CTYPENAME) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
- static asn1_intmax loadint_##DESCNAME(const void *p) \
- { \
- assert(sizeof(CTYPENAME) <= sizeof(asn1_intmax)); \
- return *(const aux_typedefname_##DESCNAME *)p; \
- } \
- const struct atype_info krb5int_asn1type_##DESCNAME = { \
+#define DEFINTTYPE(DESCNAME, CTYPENAME) \
+ typedef CTYPENAME aux_typedefname_##DESCNAME; \
+ static asn1_intmax loadint_##DESCNAME(const void *p) \
+ { \
+ assert(sizeof(CTYPENAME) <= sizeof(asn1_intmax)); \
+ return *(const aux_typedefname_##DESCNAME *)p; \
+ } \
+ const struct atype_info krb5int_asn1type_##DESCNAME = { \
atype_int, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0, 0, \
- loadint_##DESCNAME, 0, \
+ loadint_##DESCNAME, 0, \
}
-#define DEFUINTTYPE(DESCNAME, CTYPENAME) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
- static asn1_uintmax loaduint_##DESCNAME(const void *p) \
- { \
- assert(sizeof(CTYPENAME) <= sizeof(asn1_uintmax)); \
- return *(const aux_typedefname_##DESCNAME *)p; \
- } \
- const struct atype_info krb5int_asn1type_##DESCNAME = { \
- atype_uint, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0, \
+#define DEFUINTTYPE(DESCNAME, CTYPENAME) \
+ typedef CTYPENAME aux_typedefname_##DESCNAME; \
+ static asn1_uintmax loaduint_##DESCNAME(const void *p) \
+ { \
+ assert(sizeof(CTYPENAME) <= sizeof(asn1_uintmax)); \
+ return *(const aux_typedefname_##DESCNAME *)p; \
+ } \
+ const struct atype_info krb5int_asn1type_##DESCNAME = { \
+ atype_uint, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0, \
0, 0, loaduint_##DESCNAME, \
}
/* Pointers to other types, to be encoded as those other types. */
typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME; \
const struct atype_info krb5int_asn1type_##DESCNAME = { \
atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME), \
- 0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, TAG, APPLICATION, CONSTRUCTED \
+ 0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, TAG, APPLICATION, \
+ CONSTRUCTED \
}
/**
* An encoding wrapped in an octet string
*/
-#define DEFOCTETWRAPTYPE(DESCNAME, BASEDESC) \
+#define DEFOCTETWRAPTYPE(DESCNAME, BASEDESC) \
typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME; \
const struct atype_info krb5int_asn1type_##DESCNAME = { \
atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME), \
- 0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, ASN1_OCTETSTRING, UNIVERSAL, PRIMITIVE \
+ 0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, ASN1_OCTETSTRING, \
+ UNIVERSAL, PRIMITIVE \
}
/*
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c */
+/* plugins/preauth/pkinit/pkinit_kdf_test.c */
/*
* Copyright (C) 2011 by the Massachusetts Institute of Technology.
* All rights reserved.
int secret_len = 256;
char twenty_as[10];
char eighteen_bs[9] ;
-char party_u_name [] = "lha@SU.SE";
-char party_v_name [] = "krbtgt/SU.SE@SU.SE";
+char party_u_name[] = "lha@SU.SE";
+char party_v_name[] = "krbtgt/SU.SE@SU.SE";
int enctype_value = 18;
-krb5_octet key_hex [] =
+krb5_octet key_hex[] =
{0xe6, 0xAB, 0x38, 0xC9, 0x41, 0x3E, 0x03, 0x5B,
0xB0, 0x79, 0x20, 0x1E, 0xD0, 0xB6, 0xB7, 0x3D,
0x8D, 0x49, 0xA8, 0x14, 0xA7, 0x37, 0xC0, 0x4E,
const krb5_data lha_data = DATA_FROM_STRING("lha");
int
-main (int argc,
- char **argv)
+main(int argc, char **argv)
{
/* arguments for calls to pkinit_alg_agility_kdf() */
krb5_context context = 0;
/* initialize variables that get malloc'ed, so cleanup is safe */
krb5_init_context (&context);
- memset (&alg_id, 0, sizeof(alg_id));
- memset (&as_req, 0, sizeof(as_req));
- memset (&pk_as_rep, 0, sizeof(pk_as_rep));
- memset (&key_block, 0, sizeof(key_block));
+ memset(&alg_id, 0, sizeof(alg_id));
+ memset(&as_req, 0, sizeof(as_req));
+ memset(&pk_as_rep, 0, sizeof(pk_as_rep));
+ memset(&key_block, 0, sizeof(key_block));
/* set up algorithm id */
- alg_id.algorithm.data = (unsigned char *) &krb5_pkinit_sha1_oid;
+ alg_id.algorithm.data = (unsigned char *)&krb5_pkinit_sha1_oid;
alg_id.algorithm.length = krb5_pkinit_sha1_oid_len;
/* set up a 256-byte, ALL-ZEROS secret */
}
/* call pkinit_alg_agility_kdf() with test vector values*/
- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret, &alg_id.algorithm,
+ if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
+ &alg_id.algorithm,
u_principal, v_principal,
enctype, &as_req, &pk_as_rep,
&key_block))) {
(0 == memcmp(key_block.contents, key_hex, key_block.length))) {
printf("SUCCESS: Correct key value generated!");
retval = 0;
- }
- else {
+ } else {
printf("FAILURE: Incorrect key value generated!");
retval = 1;
}
cleanup:
/* release all allocated resources, whether good or bad return */
- if (secret.data)
- free(secret.data);
- if (u_principal)
- free(u_principal);
- if (v_principal)
- free(v_principal);
+ free(secret.data);
+ free(u_principal);
+ free(v_principal);
krb5_free_keyblock_contents(context, &key_block);
exit(retval);
}