1 /*
2  * lib/gssapi/krb5/set_allowable_enctypes.c
3  *
4  * Copyright 2004  by the Massachusetts Institute of Technology.
5  * All Rights Reserved.
6  *
7  * Export of this software from the United States of America may
8  *   require a specific license from the United States Government.
9  *   It is the responsibility of any person or organization contemplating
10  *   export to obtain such a license before exporting.
11  *
12  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13  * distribute this software and its documentation for any purpose and
14  * without fee is hereby granted, provided that the above copyright
15  * notice appear in all copies and that both that copyright notice and
16  * this permission notice appear in supporting documentation, and that
17  * the name of M.I.T. not be used in advertising or publicity pertaining
18  * to distribution of the software without specific, written prior
19  * permission.  Furthermore if you modify this software you must label
20  * your software as modified software and not distribute it in such a
21  * fashion that it might be confused with the original M.I.T. software.
22  * M.I.T. makes no representations about the suitability of
23  * this software for any purpose.  It is provided "as is" without express
24  * or implied warranty.
25  *
26  * krb5_gss_set_allowable_enctypes()
27  */
28 
29 /*
30  * gss_krb5_set_allowable_enctypes
31  *
32  * This function may be called by a context initiator after calling
33  * gss_acquire_cred(), but before calling gss_init_sec_context(),
34  * to restrict the set of enctypes which will be negotiated during
35  * context establishment to those in the provided array.
36  *
37  * 'cred_handle' must be a valid credential handle obtained via
38  * gss_acquire_cred().  It may not be GSS_C_NO_CREDENTIAL.
39  * gss_acquire_cred() may be called with GSS_C_NO_CREDENTIAL
40  * to get a handle to the default credential.
41  *
42  * The purpose of this function is to limit the keys that may
43  * be exported via gss_krb5_export_lucid_sec_context(); thus it
44  * should limit the enctypes of all keys that will be needed
45  * after the security context has been established.
46  * (i.e. context establishment may use a session key with a
47  * stronger enctype than in the provided array, however a
48  * subkey must be established within the enctype limits
49  * established by this function.)
50  *
51  */
52 
53 #include "gssapiP_krb5.h"
54 #ifdef HAVE_STRING_H
55 #include <string.h>
56 #else
57 #include <strings.h>
58 #endif
59 #include "gssapi_krb5.h"
60 
61 OM_uint32 KRB5_CALLCONV
gss_krb5int_set_allowable_enctypes(OM_uint32 * minor_status,gss_cred_id_t cred_handle,OM_uint32 num_ktypes,krb5_enctype * ktypes)62 gss_krb5int_set_allowable_enctypes(OM_uint32 *minor_status,
63 				   gss_cred_id_t cred_handle,
64 				   OM_uint32 num_ktypes,
65 				   krb5_enctype *ktypes)
66 {
67     int i;
68     krb5_enctype * new_ktypes;
69     OM_uint32 major_status;
70     krb5_gss_cred_id_t cred;
71     krb5_error_code kerr = 0;
72     OM_uint32 temp_status;
73 
74     /* Assume a failure */
75     *minor_status = 0;
76     major_status = GSS_S_FAILURE;
77 
78     /* verify and valildate cred handle */
79     if (cred_handle == GSS_C_NO_CREDENTIAL) {
80 	kerr = KRB5_NOCREDS_SUPPLIED;
81 	goto error_out;
82     }
83     major_status = krb5_gss_validate_cred(&temp_status, cred_handle);
84     if (GSS_ERROR(major_status)) {
85 	kerr = temp_status;
86 	goto error_out;
87     }
88     cred = (krb5_gss_cred_id_t) cred_handle;
89 
90     if (ktypes) {
91 	for (i = 0; i < num_ktypes && ktypes[i]; i++) {
92 	    if (!krb5_c_valid_enctype(ktypes[i])) {
93 		kerr = KRB5_PROG_ETYPE_NOSUPP;
94 		goto error_out;
95 	    }
96 	}
97     } else {
98 	kerr = k5_mutex_lock(&cred->lock);
99 	if (kerr)
100 	    goto error_out;
101 	if (cred->req_enctypes)
102 	    free(cred->req_enctypes);
103 	cred->req_enctypes = NULL;
104 	k5_mutex_unlock(&cred->lock);
105 	return GSS_S_COMPLETE;
106     }
107 
108     /* Copy the requested ktypes into the cred structure */
109     if ((new_ktypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * (i + 1)))) {
110 	memcpy(new_ktypes, ktypes, sizeof(krb5_enctype) * i);
111 	new_ktypes[i] = 0;	/* "null-terminate" the list */
112     }
113     else {
114 	kerr = ENOMEM;
115 	goto error_out;
116     }
117     kerr = k5_mutex_lock(&cred->lock);
118     if (kerr) {
119 	free(new_ktypes);
120 	goto error_out;
121     }
122     if (cred->req_enctypes)
123 	free(cred->req_enctypes);
124     cred->req_enctypes = new_ktypes;
125     k5_mutex_unlock(&cred->lock);
126 
127     /* Success! */
128     return GSS_S_COMPLETE;
129 
130 error_out:
131     *minor_status = kerr;
132     return(major_status);
133 }
134