diff options
author | Greg Hudson <ghudson@mit.edu> | 2012-09-06 00:35:01 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2012-09-06 00:35:01 -0400 |
commit | d8846c9de75cd7bdc2038d04fabf7be3551656ce (patch) | |
tree | bd3d99584d1c528ae6cd95588a8c6c5af482a789 /src | |
parent | c91cda209a1e2467bbb5fbb5a3116757d38ef374 (diff) | |
download | krb5-d8846c9de75cd7bdc2038d04fabf7be3551656ce.tar.gz krb5-d8846c9de75cd7bdc2038d04fabf7be3551656ce.tar.xz krb5-d8846c9de75cd7bdc2038d04fabf7be3551656ce.zip |
Add asn1c test vectors for alg-agility types
For the test-vectors target in tests/asn.1, add ASN.1 modules from RFC
4556 and draft-ietf-krb-wg-pkinit-alg-agility-06.txt, and output test
encodings for PrincipalName, KRB5PrincipalName, OtherInfo, and
PkinitSuppPubInfo. In the alg-agility module, AuthPack and DHRepInfo
are renamed, as asn1c otherwise rejects them as conflicting with the
RFC 4556 definitions.
Diffstat (limited to 'src')
-rw-r--r-- | src/tests/asn.1/Makefile.in | 3 | ||||
-rw-r--r-- | src/tests/asn.1/make-vectors.c | 51 | ||||
-rw-r--r-- | src/tests/asn.1/pkinit-agility.asn1 | 99 | ||||
-rw-r--r-- | src/tests/asn.1/pkinit.asn1 | 253 |
4 files changed, 404 insertions, 2 deletions
diff --git a/src/tests/asn.1/Makefile.in b/src/tests/asn.1/Makefile.in index fe24c247d8..09d39a3e09 100644 --- a/src/tests/asn.1/Makefile.in +++ b/src/tests/asn.1/Makefile.in @@ -11,7 +11,8 @@ SRCS= $(srcdir)/krb5_encode_test.c $(srcdir)/krb5_decode_test.c \ $(srcdir)/ktest_equal.c $(srcdir)/utility.c \ $(srcdir)/trval.c $(srcdir)/t_trval.c -ASN1SRCS= $(srcdir)/krb5.asn1 $(srcdir)/pkix.asn1 $(srcdir)/otp.asn1 +ASN1SRCS= $(srcdir)/krb5.asn1 $(srcdir)/pkix.asn1 $(srcdir)/otp.asn1 \ + $(srcdir)/pkinit.asn1 $(srcdir)/pkinit-agility.asn1 all:: krb5_encode_test krb5_decode_test krb5_decode_leak t_trval diff --git a/src/tests/asn.1/make-vectors.c b/src/tests/asn.1/make-vectors.c index fd7bd4824b..93a072ccd3 100644 --- a/src/tests/asn.1/make-vectors.c +++ b/src/tests/asn.1/make-vectors.c @@ -31,6 +31,10 @@ * are only generated for OTP preauth objects. */ +#include <PrincipalName.h> +#include <KRB5PrincipalName.h> +#include <OtherInfo.h> +#include <PkinitSuppPubInfo.h> #include <OTP-TOKENINFO.h> #include <PA-OTP-CHALLENGE.h> #include <PA-OTP-REQUEST.h> @@ -39,6 +43,26 @@ static unsigned char buf[8192]; static size_t buf_pos; +/* PrincipalName and KRB5PrincipalName */ +static KerberosString_t comp_1 = { "hftsai", 6 }; +static KerberosString_t comp_2 = { "extra", 5 }; +static KerberosString_t *comps[] = { &comp_1, &comp_2 }; +static PrincipalName_t princ = { 1, { comps, 2, 2 } }; +static KRB5PrincipalName_t krb5princ = { { "ATHENA.MIT.EDU", 14 }, + { 1, { comps, 2, 2 } } }; + +/* OtherInfo */ +static unsigned int krb5_arcs[] = { 1, 2, 840, 113554, 1, 2, 2 }; +static OCTET_STRING_t krb5data_ostring = { "krb5data", 8 }; +static OtherInfo_t other_info = { + { 0 }, { 0 }, { 0 }, /* Initialized in main() */ + &krb5data_ostring, NULL +}; + +/* PkinitSuppPubInfo */ +static PkinitSuppPubInfo_t supp_pub_info = { 1, { "krb5data", 8 }, + { "krb5data", 8 } }; + /* Minimal OTP-TOKENINFO */ static OTP_TOKENINFO_t token_info_1 = { { "\0\0\0\0", 4, 0 } }; @@ -136,8 +160,33 @@ main() OBJECT_IDENTIFIER_set_arcs(&alg_sha1.algorithm, sha1_arcs, sizeof(*sha1_arcs), sizeof(sha1_arcs) / sizeof(*sha1_arcs)); + OBJECT_IDENTIFIER_set_arcs(&other_info.algorithmID.algorithm, krb5_arcs, + sizeof(*krb5_arcs), + sizeof(krb5_arcs) / sizeof(*krb5_arcs)); + + printf("PrincipalName:\n"); + der_encode(&asn_DEF_PrincipalName, &princ, consume, NULL); + printbuf(); + + /* Print this encoding and also use it to initialize two fields of + * other_info. */ + printf("\nKRB5PrincipalName:\n"); + der_encode(&asn_DEF_KRB5PrincipalName, &krb5princ, consume, NULL); + OCTET_STRING_fromBuf(&other_info.partyUInfo, buf, buf_pos); + OCTET_STRING_fromBuf(&other_info.partyVInfo, buf, buf_pos); + printbuf(); + + printf("\nOtherInfo:\n"); + der_encode(&asn_DEF_OtherInfo, &other_info, consume, NULL); + printbuf(); + free(other_info.partyUInfo.buf); + free(other_info.partyVInfo.buf); + + printf("\nPkinitSuppPubInfo:\n"); + der_encode(&asn_DEF_PkinitSuppPubInfo, &supp_pub_info, consume, NULL); + printbuf(); - printf("Minimal OTP-TOKEN-INFO:\n"); + printf("\nMinimal OTP-TOKEN-INFO:\n"); der_encode(&asn_DEF_OTP_TOKENINFO, &token_info_1, consume, NULL); printbuf(); diff --git a/src/tests/asn.1/pkinit-agility.asn1 b/src/tests/asn.1/pkinit-agility.asn1 new file mode 100644 index 0000000000..ea9095b043 --- /dev/null +++ b/src/tests/asn.1/pkinit-agility.asn1 @@ -0,0 +1,99 @@ +KerberosV5-PK-INIT-Agility-SPEC { + iso(1) identified-organization(3) dod(6) internet(1) + security(5) kerberosV5(2) modules(4) pkinit(5) agility (1) +} DEFINITIONS EXPLICIT TAGS ::= BEGIN + +IMPORTS + AlgorithmIdentifier, SubjectPublicKeyInfo + FROM PKIX1Explicit88 { iso (1) + identified-organization (3) dod (6) internet (1) + security (5) mechanisms (5) pkix (7) id-mod (0) + id-pkix1-explicit (18) } + -- As defined in RFC 3280. + + Ticket, Int32, Realm, EncryptionKey, Checksum + FROM KerberosV5Spec2 { iso(1) identified-organization(3) + dod(6) internet(1) security(5) kerberosV5(2) + modules(4) krb5spec2(2) } + -- as defined in RFC 4120. + + PKAuthenticator, DHNonce + FROM KerberosV5-PK-INIT-SPEC { + iso(1) identified-organization(3) dod(6) internet(1) + security(5) kerberosV5(2) modules(4) pkinit(5) }; + -- as defined in RFC 4556. + +TD-CMS-DIGEST-ALGORITHMS-DATA ::= SEQUENCE OF + AlgorithmIdentifier + -- Contains the list of CMS algorithm [RFC3852] + -- identifiers that identify the digest algorithms + -- acceptable by the KDC for signing CMS data in + -- the order of decreasing preference. + +TD-CERT-DIGEST-ALGORITHMS-DATA ::= SEQUENCE { + allowedAlgorithms [0] SEQUENCE OF AlgorithmIdentifier, + -- Contains the list of CMS algorithm [RFC3852] + -- identifiers that identify the digest algorithms + -- that are used by the CA to sign the client's + -- X.509 certificate and acceptable by the KDC in + -- the process of validating the client's X.509 + -- certificate, in the order of decreasing + -- preference. + rejectedAlgorithm [1] AlgorithmIdentifier OPTIONAL, + -- This identifies the digest algorithm that was + -- used to sign the client's X.509 certificate and + -- has been rejected by the KDC in the process of + -- validating the client's X.509 certificate + -- [RFC3280]. + ... +} + +OtherInfo ::= SEQUENCE { + algorithmID AlgorithmIdentifier, + partyUInfo [0] OCTET STRING, + partyVInfo [1] OCTET STRING, + suppPubInfo [2] OCTET STRING OPTIONAL, + suppPrivInfo [3] OCTET STRING OPTIONAL +} + +PkinitSuppPubInfo ::= SEQUENCE { + enctype [0] Int32, + -- The enctype of the AS reply key. + as-REQ [1] OCTET STRING, + -- This contains the AS-REQ in the request. + pk-as-rep [2] OCTET STRING, + -- Contains the DER encoding of the type + -- PA-PK-AS-REP [RFC4556] in the KDC reply. + ... +} + +-- Renamed from AuthPack to allow asn1c to process this and pkinit.asn1 +AuthPack2 ::= SEQUENCE { + pkAuthenticator [0] PKAuthenticator, + clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL, + supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier + OPTIONAL, + clientDHNonce [3] DHNonce OPTIONAL, + ..., + supportedKDFs [4] SEQUENCE OF KDFAlgorithmId OPTIONAL, + -- Contains an unordered set of KDFs supported by the + -- client. + ... +} + +KDFAlgorithmId ::= SEQUENCE { + kdf-id [0] OBJECT IDENTIFIER, + -- The object identifier of the KDF + ... +} + +-- Renamed from DHRepInfo to allow asn1c to process this and pkinit.asn1 +DHRepInfo2 ::= SEQUENCE { + dhSignedData [0] IMPLICIT OCTET STRING, + serverDHNonce [1] DHNonce OPTIONAL, + ..., + kdf [2] KDFAlgorithmId OPTIONAL, + -- The KDF picked by the KDC. + ... +} +END diff --git a/src/tests/asn.1/pkinit.asn1 b/src/tests/asn.1/pkinit.asn1 new file mode 100644 index 0000000000..8f9d8dda27 --- /dev/null +++ b/src/tests/asn.1/pkinit.asn1 @@ -0,0 +1,253 @@ +KerberosV5-PK-INIT-SPEC { + iso(1) identified-organization(3) dod(6) internet(1) + security(5) kerberosV5(2) modules(4) pkinit(5) +} DEFINITIONS EXPLICIT TAGS ::= BEGIN + +IMPORTS + + SubjectPublicKeyInfo, AlgorithmIdentifier + FROM PKIX1Explicit88 { iso (1) + identified-organization (3) dod (6) internet (1) + security (5) mechanisms (5) pkix (7) id-mod (0) + id-pkix1-explicit (18) } + -- As defined in RFC 3280. + + KerberosTime, PrincipalName, Realm, EncryptionKey, Checksum + FROM KerberosV5Spec2 { iso(1) identified-organization(3) + dod(6) internet(1) security(5) kerberosV5(2) + modules(4) krb5spec2(2) }; + -- as defined in RFC 4120. + +id-pkinit OBJECT IDENTIFIER ::= + { iso(1) identified-organization(3) dod(6) internet(1) + security(5) kerberosv5(2) pkinit (3) } + +id-pkinit-authData OBJECT IDENTIFIER ::= { id-pkinit 1 } +id-pkinit-DHKeyData OBJECT IDENTIFIER ::= { id-pkinit 2 } +id-pkinit-rkeyData OBJECT IDENTIFIER ::= { id-pkinit 3 } +id-pkinit-KPClientAuth OBJECT IDENTIFIER ::= { id-pkinit 4 } +id-pkinit-KPKdc OBJECT IDENTIFIER ::= { id-pkinit 5 } + +id-pkinit-san OBJECT IDENTIFIER ::= + { iso(1) org(3) dod(6) internet(1) security(5) kerberosv5(2) + x509SanAN (2) } + +pa-pk-as-req INTEGER ::= 16 +pa-pk-as-rep INTEGER ::= 17 + +ad-initial-verified-cas INTEGER ::= 9 + +td-trusted-certifiers INTEGER ::= 104 +td-invalid-certificates INTEGER ::= 105 +td-dh-parameters INTEGER ::= 109 + +PA-PK-AS-REQ ::= SEQUENCE { + signedAuthPack [0] IMPLICIT OCTET STRING, + -- Contains a CMS type ContentInfo encoded + -- according to [RFC3852]. + -- The contentType field of the type ContentInfo + -- is id-signedData (1.2.840.113549.1.7.2), + -- and the content field is a SignedData. + -- The eContentType field for the type SignedData is + -- id-pkinit-authData (1.3.6.1.5.2.3.1), and the + -- eContent field contains the DER encoding of the + -- type AuthPack. + -- AuthPack is defined below. + trustedCertifiers [1] SEQUENCE OF + ExternalPrincipalIdentifier OPTIONAL, + -- Contains a list of CAs, trusted by the client, + -- that can be used to certify the KDC. + -- Each ExternalPrincipalIdentifier identifies a CA + -- or a CA certificate (thereby its public key). + -- The information contained in the + -- trustedCertifiers SHOULD be used by the KDC as + -- hints to guide its selection of an appropriate + -- certificate chain to return to the client. + kdcPkId [2] IMPLICIT OCTET STRING + OPTIONAL, + -- Contains a CMS type SignerIdentifier encoded + -- according to [RFC3852]. + -- Identifies, if present, a particular KDC + -- public key that the client already has. + ... +} + +DHNonce ::= OCTET STRING + +ExternalPrincipalIdentifier ::= SEQUENCE { + subjectName [0] IMPLICIT OCTET STRING OPTIONAL, + -- Contains a PKIX type Name encoded according to + -- [RFC3280]. + -- Identifies the certificate subject by the + -- distinguished subject name. + -- REQUIRED when there is a distinguished subject + -- name present in the certificate. + issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL, + -- Contains a CMS type IssuerAndSerialNumber encoded + -- according to [RFC3852]. + -- Identifies a certificate of the subject. + -- REQUIRED for TD-INVALID-CERTIFICATES and + -- TD-TRUSTED-CERTIFIERS. + subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL, + -- Identifies the subject's public key by a key + -- identifier. When an X.509 certificate is + -- referenced, this key identifier matches the X.509 + -- subjectKeyIdentifier extension value. When other + -- certificate formats are referenced, the documents + -- that specify the certificate format and their use + -- with the CMS must include details on matching the + -- key identifier to the appropriate certificate + -- field. + -- RECOMMENDED for TD-TRUSTED-CERTIFIERS. + ... +} + +AuthPack ::= SEQUENCE { + pkAuthenticator [0] PKAuthenticator, + clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL, + -- Type SubjectPublicKeyInfo is defined in + -- [RFC3280]. + -- Specifies Diffie-Hellman domain parameters + -- and the client's public key value [IEEE1363]. + -- The DH public key value is encoded as a BIT + -- STRING according to [RFC3279]. + -- This field is present only if the client wishes + -- to use the Diffie-Hellman key agreement method. + supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier + OPTIONAL, + -- Type AlgorithmIdentifier is defined in + -- [RFC3280]. + -- List of CMS algorithm [RFC3370] identifiers + -- that identify key transport algorithms, or + -- content encryption algorithms, or signature + -- algorithms supported by the client in order of + -- (decreasing) preference. + clientDHNonce [3] DHNonce OPTIONAL, + -- Present only if the client indicates that it + -- wishes to reuse DH keys or to allow the KDC to + -- do so. + ... +} + +PKAuthenticator ::= SEQUENCE { + cusec [0] INTEGER (0..999999), + ctime [1] KerberosTime, + -- cusec and ctime are used as in [RFC4120], for + -- replay prevention. + nonce [2] INTEGER (0..4294967295), + -- Chosen randomly; this nonce does not need to + -- match with the nonce in the KDC-REQ-BODY. + paChecksum [3] OCTET STRING OPTIONAL, + -- MUST be present. + -- Contains the SHA1 checksum, performed over + -- KDC-REQ-BODY. + ... +} + +TD-TRUSTED-CERTIFIERS ::= SEQUENCE OF + ExternalPrincipalIdentifier + -- Identifies a list of CAs trusted by the KDC. + -- Each ExternalPrincipalIdentifier identifies a CA + -- or a CA certificate (thereby its public key). + +TD-INVALID-CERTIFICATES ::= SEQUENCE OF + ExternalPrincipalIdentifier + -- Each ExternalPrincipalIdentifier identifies a + -- certificate (sent by the client) with an invalid + -- signature. + +KRB5PrincipalName ::= SEQUENCE { + realm [0] Realm, + principalName [1] PrincipalName +} + +AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF + ExternalPrincipalIdentifier + -- Identifies the certification path based on which + -- the client certificate was validated. + -- Each ExternalPrincipalIdentifier identifies a CA + -- or a CA certificate (thereby its public key). + +PA-PK-AS-REP ::= CHOICE { + dhInfo [0] DHRepInfo, + -- Selected when Diffie-Hellman key exchange is + -- used. + encKeyPack [1] IMPLICIT OCTET STRING, + -- Selected when public key encryption is used. + -- Contains a CMS type ContentInfo encoded + -- according to [RFC3852]. + -- The contentType field of the type ContentInfo is + -- id-envelopedData (1.2.840.113549.1.7.3). + -- The content field is an EnvelopedData. + -- The contentType field for the type EnvelopedData + -- is id-signedData (1.2.840.113549.1.7.2). + -- The eContentType field for the inner type + -- SignedData (when unencrypted) is + -- id-pkinit-rkeyData (1.3.6.1.5.2.3.3) and the + -- eContent field contains the DER encoding of the + -- type ReplyKeyPack. + -- ReplyKeyPack is defined below. + ... +} + +DHRepInfo ::= SEQUENCE { + dhSignedData [0] IMPLICIT OCTET STRING, + -- Contains a CMS type ContentInfo encoded according + -- to [RFC3852]. + -- The contentType field of the type ContentInfo is + -- id-signedData (1.2.840.113549.1.7.2), and the + -- content field is a SignedData. + -- The eContentType field for the type SignedData is + -- id-pkinit-DHKeyData (1.3.6.1.5.2.3.2), and the + -- eContent field contains the DER encoding of the + -- type KDCDHKeyInfo. + -- KDCDHKeyInfo is defined below. + serverDHNonce [1] DHNonce OPTIONAL, + -- Present if and only if dhKeyExpiration is + -- present. + ... +} + +KDCDHKeyInfo ::= SEQUENCE { + subjectPublicKey [0] BIT STRING, + -- The KDC's DH public key. + -- The DH public key value is encoded as a BIT + -- STRING according to [RFC3279]. + nonce [1] INTEGER (0..4294967295), + -- Contains the nonce in the pkAuthenticator field + -- in the request if the DH keys are NOT reused, + -- 0 otherwise. + dhKeyExpiration [2] KerberosTime OPTIONAL, + -- Expiration time for KDC's key pair, + -- present if and only if the DH keys are reused. + -- If present, the KDC's DH public key MUST not be + -- used past the point of this expiration time. + -- If this field is omitted then the serverDHNonce + -- field MUST also be omitted. + ... +} + +ReplyKeyPack ::= SEQUENCE { + replyKey [0] EncryptionKey, + -- Contains the session key used to encrypt the + -- enc-part field in the AS-REP, i.e., the + -- AS reply key. + asChecksum [1] Checksum, + -- Contains the checksum of the AS-REQ + -- corresponding to the containing AS-REP. + -- The checksum is performed over the type AS-REQ. + -- The protocol key [RFC3961] of the checksum is the + -- replyKey and the key usage number is 6. + -- If the replyKey's enctype is "newer" [RFC4120] + -- [RFC4121], the checksum is the required + -- checksum operation [RFC3961] for that enctype. + -- The client MUST verify this checksum upon receipt + -- of the AS-REP. + ... +} + +TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier + -- Each AlgorithmIdentifier specifies a set of + -- Diffie-Hellman domain parameters [IEEE1363]. + -- This list is in decreasing preference order. +END |