Implement FAST from draft-ietf-krb-wg-preauth-framework

Merge fast branch at 22146 onto trunk

Implement the kerberos pre-authentication framework FAST feature per
Projects/FAST on the wiki.

ticket: 6436
Target_Version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22149 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 154 insertions, 9 deletions

diff --git a/src/include/k5-int-pkinit.h b/src/include/k5-int-pkinit.h
index e75c8031f8..2fb5f87192 100644
--- a/src/include/k5-int-pkinit.h
+++ b/src/include/k5-int-pkinit.h
@@ -101,6 +101,9 @@ typedef struct _krb5_trusted_ca {
 } krb5_trusted_ca;
 
 /* typed data */
+/* The FAST error handling logic currently assumes that this structure  and krb5_pa_data * can be safely cast to each other
+ * if this structure changes, that code needs to be updated to copy.
+ */
 typedef struct _krb5_typed_data {
     krb5_magic magic;
     krb5_int32  type;
@@ -267,4 +270,6 @@ krb5_error_code decode_krb5_td_trusted_certifiers
 krb5_error_code decode_krb5_td_dh_parameters
 	(const krb5_data *, krb5_algorithm_identifier ***);
 
+void krb5_free_typed_data(krb5_context, krb5_typed_data **);
+
 #endif /* _KRB5_INT_PKINIT_H */
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 33ccb1690b..db3976057e 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -910,9 +910,11 @@ error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
  * requested information.  It is opaque to the plugin code and can be
  * expanded in the future as new types of requests are defined which
  * may require other things to be passed through. */
+    struct krb5int_fast_request_state;
 typedef struct _krb5_preauth_client_rock {
 	krb5_magic	magic;
-	krb5_kdc_rep	*as_reply;
+    krb5_enctype *etype;
+    struct krb5int_fast_request_state *fast_state;
 } krb5_preauth_client_rock;
 
 /* This structure lets us keep track of all of the modules which are loaded,
@@ -963,6 +965,48 @@ typedef struct _krb5_pa_for_user {
     krb5_data		auth_package;
 } krb5_pa_for_user;
 
+enum {
+  KRB5_FAST_ARMOR_AP_REQUEST = 0x1
+};
+
+typedef struct _krb5_fast_armor {
+    krb5_int32 armor_type;
+    krb5_data armor_value;
+} krb5_fast_armor;
+typedef struct _krb5_fast_armored_req {
+    krb5_magic magic;
+    krb5_fast_armor *armor;
+    krb5_checksum req_checksum;
+    krb5_enc_data enc_part;
+} krb5_fast_armored_req;
+
+typedef struct _krb5_fast_req {
+    krb5_magic magic;
+    krb5_int32 fast_options;
+    /* padata from req_body is used*/
+   krb5_kdc_req *req_body;
+} krb5_fast_req;
+
+/* Bits 0-15 are critical in fast options.*/
+#define UNSUPPORTED_CRITICAL_FAST_OPTIONS 0x00ff
+#define KRB5_FAST_OPTION_HIDE_CLIENT_NAMES 0x01
+
+typedef struct _krb5_fast_finished {
+    krb5_timestamp timestamp;
+    krb5_int32 usec;
+    krb5_principal client;
+    krb5_checksum ticket_checksum;
+} krb5_fast_finished;
+
+typedef struct _krb5_fast_response {
+    krb5_magic magic;
+    krb5_pa_data **padata;
+    krb5_keyblock *rep_key;
+    krb5_fast_finished *finished;
+    krb5_int32 nonce;
+} krb5_fast_response;
+
+
 typedef krb5_error_code (*krb5_preauth_obtain_proc)
     (krb5_context,
 		    krb5_pa_data *,
@@ -1036,6 +1080,10 @@ krb5_error_code krb5_process_padata
 		krb5_creds *, 
 		krb5_int32 *);		
 
+krb5_pa_data * krb5int_find_pa_data
+(krb5_context,  krb5_pa_data * const *, krb5_preauthtype);
+/* Does not return a copy; original padata sequence responsible for freeing*/
+
 void krb5_free_etype_info
     (krb5_context, krb5_etype_info);
 
@@ -1088,6 +1136,7 @@ void krb5_free_etype_info
 typedef struct _krb5_gic_opt_private {
     int num_preauth_data;
     krb5_gic_opt_pa_data *preauth_data;
+  char * fast_ccache_name;
 } krb5_gic_opt_private;
 
 /*
@@ -1254,6 +1303,16 @@ void KRB5_CALLCONV krb5_free_pa_pac_req
 void KRB5_CALLCONV krb5_free_etype_list
 	(krb5_context, krb5_etype_list * );
 
+void KRB5_CALLCONV krb5_free_fast_armor
+(krb5_context, krb5_fast_armor *);
+void KRB5_CALLCONV krb5_free_fast_armored_req
+(krb5_context, krb5_fast_armored_req *);
+void KRB5_CALLCONV krb5_free_fast_req(krb5_context, krb5_fast_req *);
+void KRB5_CALLCONV krb5_free_fast_finished
+(krb5_context, krb5_fast_finished *);
+void KRB5_CALLCONV krb5_free_fast_response
+(krb5_context, krb5_fast_response *);
+
 /* #include "krb5/wordsize.h" -- comes in through base-defs.h. */
 #include "com_err.h"
 #include "k5-plugin.h"
@@ -1563,6 +1622,16 @@ krb5_error_code encode_krb5_pa_pac_req
 krb5_error_code encode_krb5_etype_list
 	(const krb5_etype_list * , krb5_data **);
 
+krb5_error_code encode_krb5_pa_fx_fast_request
+(const krb5_fast_armored_req *, krb5_data **);
+krb5_error_code encode_krb5_fast_req
+(const krb5_fast_req *, krb5_data **);
+krb5_error_code encode_krb5_pa_fx_fast_reply
+(const krb5_enc_data *, krb5_data **);
+
+krb5_error_code encode_krb5_fast_response
+(const krb5_fast_response *, krb5_data **);
+
 /*************************************************************************
  * End of prototypes for krb5_encode.c
  *************************************************************************/
@@ -1722,6 +1791,19 @@ krb5_error_code decode_krb5_pa_pac_req
 krb5_error_code decode_krb5_etype_list
 	(const krb5_data *, krb5_etype_list **);
 
+krb5_error_code decode_krb5_pa_fx_fast_request
+(const krb5_data *, krb5_fast_armored_req **);
+
+krb5_error_code decode_krb5_fast_req
+(const krb5_data *, krb5_fast_req **);
+
+
+krb5_error_code decode_krb5_pa_fx_fast_reply
+(const krb5_data *, krb5_enc_data **);
+
+krb5_error_code decode_krb5_fast_response
+(const krb5_data *, krb5_fast_response **);
+
 struct _krb5_key_data;		/* kdb.h */
 
 struct ldap_seqof_key_data {
@@ -1951,7 +2033,7 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *);
 /* To keep happy libraries which are (for now) accessing internal stuff */
 
 /* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 13
+#define KRB5INT_ACCESS_STRUCT_VERSION 14
 
 #ifndef ANAME_SZ
 struct ktext;			/* from krb.h, for krb524 support */
@@ -2005,6 +2087,16 @@ typedef struct _krb5int_access {
     krb5_error_code
     (*asn1_ldap_decode_sequence_of_keys) (krb5_data *in,
 					  ldap_seqof_key_data **);
+  /* Used for encrypted challenge fast factor*/
+    krb5_error_code (*encode_enc_data)(const krb5_enc_data *, krb5_data **);
+    krb5_error_code (*decode_enc_data)(const krb5_data *, krb5_enc_data **);
+    void (*free_enc_data)(krb5_context, krb5_enc_data *);
+    krb5_error_code (*encode_enc_ts)(const krb5_pa_enc_ts *, krb5_data **);
+    krb5_error_code (*decode_enc_ts)(const krb5_data *, krb5_pa_enc_ts **);
+    void (*free_enc_ts)(krb5_context, krb5_pa_enc_ts *);
+    krb5_error_code (*encrypt_helper)
+	(krb5_context, const krb5_keyblock *, krb5_keyusage, const krb5_data *,
+	 krb5_enc_data *);
 
     /*
      * pkinit asn.1 encode/decode functions
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 69fb038ce1..bf8c29c59e 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -631,7 +631,15 @@ krb5_error_code KRB5_CALLCONV
 
 /* Defined in KDC referrals draft */
 #define KRB5_KEYUSAGE_PA_REFERRAL		26 /* XXX note conflict with above */
-
+/* define in draft-ietf-krb-wg-preauth-framework*/
+#define KRB5_KEYUSAGE_FAST_REQ_CHKSUM 50
+#define KRB5_KEYUSAGE_FAST_ENC 51
+#define KRB5_KEYUSAGE_FAST_REP 52
+#define KRB5_KEYUSAGE_FAST_FINISHED 53
+#define KRB5_KEYUSAGE_ENC_CHALLENGE_CLIENT 54
+#define KRB5_KEYUSAGE_ENC_CHALLENGE_KDC 55
+
+#define KRB5_KEYUSAGE_FAST_REP 52
 krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype
 	(krb5_enctype ktype);
 krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype
@@ -982,6 +990,11 @@ krb5_error_code KRB5_CALLCONV krb5_verify_checksum
 #define KRB5_PADATA_PAC_REQUEST		128 /* include Windows PAC */
 #define KRB5_PADATA_FOR_USER		129 /* username protocol transition request */
 #define KRB5_PADATA_S4U_X509_USER	130 /* certificate protocol transition request */
+#define KRB5_PADATA_FX_COOKIE 133
+#define KRB5_PADATA_FX_FAST  136
+#define KRB5_PADATA_FX_ERROR 137
+#define KRB5_PADATA_ENCRYPTED_CHALLENGE 138
+
 #define	KRB5_SAM_USE_SAD_AS_KEY		0x80000000
 #define	KRB5_SAM_SEND_ENCRYPTED_SAD	0x40000000
 #define	KRB5_SAM_MUST_PK_ENCRYPT_SAD	0x20000000 /* currently must be zero */
@@ -1005,7 +1018,7 @@ krb5_error_code KRB5_CALLCONV krb5_verify_checksum
 #define KRB5_AUTHDATA_SESAME	65
 #define KRB5_AUTHDATA_WIN2K_PAC	128
 #define KRB5_AUTHDATA_ETYPE_NEGOTIATION	129	/* RFC 4537 */
-
+#define KRB5_AUTHDATA_FX_ARMOR 71
 /* password change constants */
 
 #define KRB5_KPASSWD_SUCCESS		0
@@ -1142,6 +1155,13 @@ typedef struct _krb5_kdc_req {
     krb5_authdata **unenc_authdata; /* unencrypted auth data,
 					   if available */
     krb5_ticket **second_ticket;/* second ticket array; OPTIONAL */
+    /* the following field is added in March 2009; it is a hack so
+     * that FAST state can be carried to pre-authentication plugins.
+     * A new plugin interface may be a better long-term approach.  It
+     * is believed to be safe to extend this structure because it is
+     * not found in any public APIs.
+     */
+    void * kdc_state;
 } krb5_kdc_req;
 
 typedef struct _krb5_enc_kdc_rep_part {
@@ -2393,6 +2413,15 @@ krb5_get_init_creds_opt_set_pa
 		const char *attr,
 		const char *value);
 
+krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_fast_ccache_name
+(krb5_context context, krb5_get_init_creds_opt *opt,
+ const char * fast_ccache_name);
+    /*   This API sets a ccache name that will contain some TGT on
+	 calls to get_init_creds functions.   If set, this ccache will
+	 be used for FAST (draft-ietf-krb-wg-preauth-framework) to
+	 protect the AS-REQ from observation and active attack.  If
+	 the fast_ccache_name is set, then FAST may be required by the
+	 client library.  In this version FAST is required.*/
 krb5_error_code KRB5_CALLCONV
 krb5_get_init_creds_password
 (krb5_context context,
diff --git a/src/include/krb5/preauth_plugin.h b/src/include/krb5/preauth_plugin.h
index 2429560762..e11913e3f0 100644
--- a/src/include/krb5/preauth_plugin.h
+++ b/src/include/krb5/preauth_plugin.h
@@ -123,11 +123,22 @@ typedef krb5_error_code
  * information to enable it to process a request.
  */
 enum krb5plugin_preauth_client_request_type {
-    /* The returned krb5_data item holds the enctype used to encrypt the
-     * encrypted portion of the AS_REP packet. */
+    /* The returned krb5_data item holds the enctype expected to be  used to encrypt the
+     * encrypted portion of the AS_REP packet. When handling a
+     * PREAUTH_REQUIRED error, this typically comes from etype-info2.
+     * When handling an AS reply, it is initialized from the AS reply itself.*/
     krb5plugin_preauth_client_get_etype = 1,
     /* Free the data returned from krb5plugin_preauth_client_req_get_etype */
-    krb5plugin_preauth_client_free_etype = 2
+    krb5plugin_preauth_client_free_etype = 2,
+    /* The returned krb5_data contains the FAST armor key in a
+     * krb5_keyblock.  Returns success with a NULL data item in the
+     * krb5_data if the client library supports FAST but is not using it.*/
+    krb5plugin_preauth_client_fast_armor = 3,
+    /* Frees return from KRB5PLUGIN_PREAUTH_CLIENT_FAST_ARMOR.  It is
+     * acceptable to set data to NULL and free the keyblock using
+     * krb5_free_keyblock; in that case, this frees the krb5_data
+     * only.*/
+krb5plugin_preauth_client_free_fast_armor = 4,
 };
 typedef krb5_error_code
 (*preauth_get_client_data_proc)(krb5_context,
@@ -326,8 +337,16 @@ enum krb5plugin_preauth_entry_request_type {
      * implementation, there's a good chance that the result will not match
      * what the client sent, so don't go creating any fatal errors if it
      * doesn't match up. */
-    krb5plugin_preauth_request_body = 4
-};
+    krb5plugin_preauth_request_body = 4,
+    /* The returned krb5_data contains a krb5_keyblock with the FAST
+       armor key.  The data member is NULL if this method is not part
+       of a FAST tunnel */
+    krb5plugin_preauth_fast_armor = 5,
+    /* Frees a fast armor key; it is acceptable to set data to NULL
+       and free the keyblock using krb5_free_keyblock; in that  case,
+       this function simply frees the data*/
+    krb5plugin_preauth_free_fast_armor = 6,
+       };
 
 typedef krb5_error_code
 (*preauth_get_entry_data_proc)(krb5_context,