krb5 commit: Add asn1c test vectors for alg-agility types
Greg Hudson
ghudson at MIT.EDU
Thu Sep 6 00:35:35 EDT 2012
https://github.com/krb5/krb5/commit/d8846c9de75cd7bdc2038d04fabf7be3551656ce
commit d8846c9de75cd7bdc2038d04fabf7be3551656ce
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu Sep 6 00:35:01 2012 -0400
Add asn1c test vectors for alg-agility types
For the test-vectors target in tests/asn.1, add ASN.1 modules from RFC
4556 and draft-ietf-krb-wg-pkinit-alg-agility-06.txt, and output test
encodings for PrincipalName, KRB5PrincipalName, OtherInfo, and
PkinitSuppPubInfo. In the alg-agility module, AuthPack and DHRepInfo
are renamed, as asn1c otherwise rejects them as conflicting with the
RFC 4556 definitions.
src/tests/asn.1/Makefile.in | 3 +-
src/tests/asn.1/make-vectors.c | 51 +++++++-
src/tests/asn.1/pkinit-agility.asn1 | 99 ++++++++++++++
src/tests/asn.1/pkinit.asn1 | 253 +++++++++++++++++++++++++++++++++++
4 files changed, 404 insertions(+), 2 deletions(-)
diff --git a/src/tests/asn.1/Makefile.in b/src/tests/asn.1/Makefile.in
index fe24c24..09d39a3 100644
--- a/src/tests/asn.1/Makefile.in
+++ b/src/tests/asn.1/Makefile.in
@@ -11,7 +11,8 @@ SRCS= $(srcdir)/krb5_encode_test.c $(srcdir)/krb5_decode_test.c \
$(srcdir)/ktest_equal.c $(srcdir)/utility.c \
$(srcdir)/trval.c $(srcdir)/t_trval.c
-ASN1SRCS= $(srcdir)/krb5.asn1 $(srcdir)/pkix.asn1 $(srcdir)/otp.asn1
+ASN1SRCS= $(srcdir)/krb5.asn1 $(srcdir)/pkix.asn1 $(srcdir)/otp.asn1 \
+ $(srcdir)/pkinit.asn1 $(srcdir)/pkinit-agility.asn1
all:: krb5_encode_test krb5_decode_test krb5_decode_leak t_trval
diff --git a/src/tests/asn.1/make-vectors.c b/src/tests/asn.1/make-vectors.c
index fd7bd48..93a072c 100644
--- a/src/tests/asn.1/make-vectors.c
+++ b/src/tests/asn.1/make-vectors.c
@@ -31,6 +31,10 @@
* are only generated for OTP preauth objects.
*/
+#include <PrincipalName.h>
+#include <KRB5PrincipalName.h>
+#include <OtherInfo.h>
+#include <PkinitSuppPubInfo.h>
#include <OTP-TOKENINFO.h>
#include <PA-OTP-CHALLENGE.h>
#include <PA-OTP-REQUEST.h>
@@ -39,6 +43,26 @@
static unsigned char buf[8192];
static size_t buf_pos;
+/* PrincipalName and KRB5PrincipalName */
+static KerberosString_t comp_1 = { "hftsai", 6 };
+static KerberosString_t comp_2 = { "extra", 5 };
+static KerberosString_t *comps[] = { &comp_1, &comp_2 };
+static PrincipalName_t princ = { 1, { comps, 2, 2 } };
+static KRB5PrincipalName_t krb5princ = { { "ATHENA.MIT.EDU", 14 },
+ { 1, { comps, 2, 2 } } };
+
+/* OtherInfo */
+static unsigned int krb5_arcs[] = { 1, 2, 840, 113554, 1, 2, 2 };
+static OCTET_STRING_t krb5data_ostring = { "krb5data", 8 };
+static OtherInfo_t other_info = {
+ { 0 }, { 0 }, { 0 }, /* Initialized in main() */
+ &krb5data_ostring, NULL
+};
+
+/* PkinitSuppPubInfo */
+static PkinitSuppPubInfo_t supp_pub_info = { 1, { "krb5data", 8 },
+ { "krb5data", 8 } };
+
/* Minimal OTP-TOKENINFO */
static OTP_TOKENINFO_t token_info_1 = { { "\0\0\0\0", 4, 0 } };
@@ -136,8 +160,33 @@ main()
OBJECT_IDENTIFIER_set_arcs(&alg_sha1.algorithm, sha1_arcs,
sizeof(*sha1_arcs),
sizeof(sha1_arcs) / sizeof(*sha1_arcs));
+ OBJECT_IDENTIFIER_set_arcs(&other_info.algorithmID.algorithm, krb5_arcs,
+ sizeof(*krb5_arcs),
+ sizeof(krb5_arcs) / sizeof(*krb5_arcs));
+
+ printf("PrincipalName:\n");
+ der_encode(&asn_DEF_PrincipalName, &princ, consume, NULL);
+ printbuf();
+
+ /* Print this encoding and also use it to initialize two fields of
+ * other_info. */
+ printf("\nKRB5PrincipalName:\n");
+ der_encode(&asn_DEF_KRB5PrincipalName, &krb5princ, consume, NULL);
+ OCTET_STRING_fromBuf(&other_info.partyUInfo, buf, buf_pos);
+ OCTET_STRING_fromBuf(&other_info.partyVInfo, buf, buf_pos);
+ printbuf();
+
+ printf("\nOtherInfo:\n");
+ der_encode(&asn_DEF_OtherInfo, &other_info, consume, NULL);
+ printbuf();
+ free(other_info.partyUInfo.buf);
+ free(other_info.partyVInfo.buf);
+
+ printf("\nPkinitSuppPubInfo:\n");
+ der_encode(&asn_DEF_PkinitSuppPubInfo, &supp_pub_info, consume, NULL);
+ printbuf();
- printf("Minimal OTP-TOKEN-INFO:\n");
+ printf("\nMinimal OTP-TOKEN-INFO:\n");
der_encode(&asn_DEF_OTP_TOKENINFO, &token_info_1, consume, NULL);
printbuf();
diff --git a/src/tests/asn.1/pkinit-agility.asn1 b/src/tests/asn.1/pkinit-agility.asn1
new file mode 100644
index 0000000..ea9095b
--- /dev/null
+++ b/src/tests/asn.1/pkinit-agility.asn1
@@ -0,0 +1,99 @@
+KerberosV5-PK-INIT-Agility-SPEC {
+ iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) kerberosV5(2) modules(4) pkinit(5) agility (1)
+} DEFINITIONS EXPLICIT TAGS ::= BEGIN
+
+IMPORTS
+ AlgorithmIdentifier, SubjectPublicKeyInfo
+ FROM PKIX1Explicit88 { iso (1)
+ identified-organization (3) dod (6) internet (1)
+ security (5) mechanisms (5) pkix (7) id-mod (0)
+ id-pkix1-explicit (18) }
+ -- As defined in RFC 3280.
+
+ Ticket, Int32, Realm, EncryptionKey, Checksum
+ FROM KerberosV5Spec2 { iso(1) identified-organization(3)
+ dod(6) internet(1) security(5) kerberosV5(2)
+ modules(4) krb5spec2(2) }
+ -- as defined in RFC 4120.
+
+ PKAuthenticator, DHNonce
+ FROM KerberosV5-PK-INIT-SPEC {
+ iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) kerberosV5(2) modules(4) pkinit(5) };
+ -- as defined in RFC 4556.
+
+TD-CMS-DIGEST-ALGORITHMS-DATA ::= SEQUENCE OF
+ AlgorithmIdentifier
+ -- Contains the list of CMS algorithm [RFC3852]
+ -- identifiers that identify the digest algorithms
+ -- acceptable by the KDC for signing CMS data in
+ -- the order of decreasing preference.
+
+TD-CERT-DIGEST-ALGORITHMS-DATA ::= SEQUENCE {
+ allowedAlgorithms [0] SEQUENCE OF AlgorithmIdentifier,
+ -- Contains the list of CMS algorithm [RFC3852]
+ -- identifiers that identify the digest algorithms
+ -- that are used by the CA to sign the client's
+ -- X.509 certificate and acceptable by the KDC in
+ -- the process of validating the client's X.509
+ -- certificate, in the order of decreasing
+ -- preference.
+ rejectedAlgorithm [1] AlgorithmIdentifier OPTIONAL,
+ -- This identifies the digest algorithm that was
+ -- used to sign the client's X.509 certificate and
+ -- has been rejected by the KDC in the process of
+ -- validating the client's X.509 certificate
+ -- [RFC3280].
+ ...
+}
+
+OtherInfo ::= SEQUENCE {
+ algorithmID AlgorithmIdentifier,
+ partyUInfo [0] OCTET STRING,
+ partyVInfo [1] OCTET STRING,
+ suppPubInfo [2] OCTET STRING OPTIONAL,
+ suppPrivInfo [3] OCTET STRING OPTIONAL
+}
+
+PkinitSuppPubInfo ::= SEQUENCE {
+ enctype [0] Int32,
+ -- The enctype of the AS reply key.
+ as-REQ [1] OCTET STRING,
+ -- This contains the AS-REQ in the request.
+ pk-as-rep [2] OCTET STRING,
+ -- Contains the DER encoding of the type
+ -- PA-PK-AS-REP [RFC4556] in the KDC reply.
+ ...
+}
+
+-- Renamed from AuthPack to allow asn1c to process this and pkinit.asn1
+AuthPack2 ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator,
+ clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
+ supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier
+ OPTIONAL,
+ clientDHNonce [3] DHNonce OPTIONAL,
+ ...,
+ supportedKDFs [4] SEQUENCE OF KDFAlgorithmId OPTIONAL,
+ -- Contains an unordered set of KDFs supported by the
+ -- client.
+ ...
+}
+
+KDFAlgorithmId ::= SEQUENCE {
+ kdf-id [0] OBJECT IDENTIFIER,
+ -- The object identifier of the KDF
+ ...
+}
+
+-- Renamed from DHRepInfo to allow asn1c to process this and pkinit.asn1
+DHRepInfo2 ::= SEQUENCE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ serverDHNonce [1] DHNonce OPTIONAL,
+ ...,
+ kdf [2] KDFAlgorithmId OPTIONAL,
+ -- The KDF picked by the KDC.
+ ...
+}
+END
diff --git a/src/tests/asn.1/pkinit.asn1 b/src/tests/asn.1/pkinit.asn1
new file mode 100644
index 0000000..8f9d8dd
--- /dev/null
+++ b/src/tests/asn.1/pkinit.asn1
@@ -0,0 +1,253 @@
+KerberosV5-PK-INIT-SPEC {
+ iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) kerberosV5(2) modules(4) pkinit(5)
+} DEFINITIONS EXPLICIT TAGS ::= BEGIN
+
+IMPORTS
+
+ SubjectPublicKeyInfo, AlgorithmIdentifier
+ FROM PKIX1Explicit88 { iso (1)
+ identified-organization (3) dod (6) internet (1)
+ security (5) mechanisms (5) pkix (7) id-mod (0)
+ id-pkix1-explicit (18) }
+ -- As defined in RFC 3280.
+
+ KerberosTime, PrincipalName, Realm, EncryptionKey, Checksum
+ FROM KerberosV5Spec2 { iso(1) identified-organization(3)
+ dod(6) internet(1) security(5) kerberosV5(2)
+ modules(4) krb5spec2(2) };
+ -- as defined in RFC 4120.
+
+id-pkinit OBJECT IDENTIFIER ::=
+ { iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) kerberosv5(2) pkinit (3) }
+
+id-pkinit-authData OBJECT IDENTIFIER ::= { id-pkinit 1 }
+id-pkinit-DHKeyData OBJECT IDENTIFIER ::= { id-pkinit 2 }
+id-pkinit-rkeyData OBJECT IDENTIFIER ::= { id-pkinit 3 }
+id-pkinit-KPClientAuth OBJECT IDENTIFIER ::= { id-pkinit 4 }
+id-pkinit-KPKdc OBJECT IDENTIFIER ::= { id-pkinit 5 }
+
+id-pkinit-san OBJECT IDENTIFIER ::=
+ { iso(1) org(3) dod(6) internet(1) security(5) kerberosv5(2)
+ x509SanAN (2) }
+
+pa-pk-as-req INTEGER ::= 16
+pa-pk-as-rep INTEGER ::= 17
+
+ad-initial-verified-cas INTEGER ::= 9
+
+td-trusted-certifiers INTEGER ::= 104
+td-invalid-certificates INTEGER ::= 105
+td-dh-parameters INTEGER ::= 109
+
+PA-PK-AS-REQ ::= SEQUENCE {
+ signedAuthPack [0] IMPLICIT OCTET STRING,
+ -- Contains a CMS type ContentInfo encoded
+ -- according to [RFC3852].
+ -- The contentType field of the type ContentInfo
+ -- is id-signedData (1.2.840.113549.1.7.2),
+ -- and the content field is a SignedData.
+ -- The eContentType field for the type SignedData is
+ -- id-pkinit-authData (1.3.6.1.5.2.3.1), and the
+ -- eContent field contains the DER encoding of the
+ -- type AuthPack.
+ -- AuthPack is defined below.
+ trustedCertifiers [1] SEQUENCE OF
+ ExternalPrincipalIdentifier OPTIONAL,
+ -- Contains a list of CAs, trusted by the client,
+ -- that can be used to certify the KDC.
+ -- Each ExternalPrincipalIdentifier identifies a CA
+ -- or a CA certificate (thereby its public key).
+ -- The information contained in the
+ -- trustedCertifiers SHOULD be used by the KDC as
+ -- hints to guide its selection of an appropriate
+ -- certificate chain to return to the client.
+ kdcPkId [2] IMPLICIT OCTET STRING
+ OPTIONAL,
+ -- Contains a CMS type SignerIdentifier encoded
+ -- according to [RFC3852].
+ -- Identifies, if present, a particular KDC
+ -- public key that the client already has.
+ ...
+}
+
+DHNonce ::= OCTET STRING
+
+ExternalPrincipalIdentifier ::= SEQUENCE {
+ subjectName [0] IMPLICIT OCTET STRING OPTIONAL,
+ -- Contains a PKIX type Name encoded according to
+ -- [RFC3280].
+ -- Identifies the certificate subject by the
+ -- distinguished subject name.
+ -- REQUIRED when there is a distinguished subject
+ -- name present in the certificate.
+ issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL,
+ -- Contains a CMS type IssuerAndSerialNumber encoded
+ -- according to [RFC3852].
+ -- Identifies a certificate of the subject.
+ -- REQUIRED for TD-INVALID-CERTIFICATES and
+ -- TD-TRUSTED-CERTIFIERS.
+ subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL,
+ -- Identifies the subject's public key by a key
+ -- identifier. When an X.509 certificate is
+ -- referenced, this key identifier matches the X.509
+ -- subjectKeyIdentifier extension value. When other
+ -- certificate formats are referenced, the documents
+ -- that specify the certificate format and their use
+ -- with the CMS must include details on matching the
+ -- key identifier to the appropriate certificate
+ -- field.
+ -- RECOMMENDED for TD-TRUSTED-CERTIFIERS.
+ ...
+}
+
+AuthPack ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator,
+ clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
+ -- Type SubjectPublicKeyInfo is defined in
+ -- [RFC3280].
+ -- Specifies Diffie-Hellman domain parameters
+ -- and the client's public key value [IEEE1363].
+ -- The DH public key value is encoded as a BIT
+ -- STRING according to [RFC3279].
+ -- This field is present only if the client wishes
+ -- to use the Diffie-Hellman key agreement method.
+ supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier
+ OPTIONAL,
+ -- Type AlgorithmIdentifier is defined in
+ -- [RFC3280].
+ -- List of CMS algorithm [RFC3370] identifiers
+ -- that identify key transport algorithms, or
+ -- content encryption algorithms, or signature
+ -- algorithms supported by the client in order of
+ -- (decreasing) preference.
+ clientDHNonce [3] DHNonce OPTIONAL,
+ -- Present only if the client indicates that it
+ -- wishes to reuse DH keys or to allow the KDC to
+ -- do so.
+ ...
+}
+
+PKAuthenticator ::= SEQUENCE {
+ cusec [0] INTEGER (0..999999),
+ ctime [1] KerberosTime,
+ -- cusec and ctime are used as in [RFC4120], for
+ -- replay prevention.
+ nonce [2] INTEGER (0..4294967295),
+ -- Chosen randomly; this nonce does not need to
+ -- match with the nonce in the KDC-REQ-BODY.
+ paChecksum [3] OCTET STRING OPTIONAL,
+ -- MUST be present.
+ -- Contains the SHA1 checksum, performed over
+ -- KDC-REQ-BODY.
+ ...
+}
+
+TD-TRUSTED-CERTIFIERS ::= SEQUENCE OF
+ ExternalPrincipalIdentifier
+ -- Identifies a list of CAs trusted by the KDC.
+ -- Each ExternalPrincipalIdentifier identifies a CA
+ -- or a CA certificate (thereby its public key).
+
+TD-INVALID-CERTIFICATES ::= SEQUENCE OF
+ ExternalPrincipalIdentifier
+ -- Each ExternalPrincipalIdentifier identifies a
+ -- certificate (sent by the client) with an invalid
+ -- signature.
+
+KRB5PrincipalName ::= SEQUENCE {
+ realm [0] Realm,
+ principalName [1] PrincipalName
+}
+
+AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF
+ ExternalPrincipalIdentifier
+ -- Identifies the certification path based on which
+ -- the client certificate was validated.
+ -- Each ExternalPrincipalIdentifier identifies a CA
+ -- or a CA certificate (thereby its public key).
+
+PA-PK-AS-REP ::= CHOICE {
+ dhInfo [0] DHRepInfo,
+ -- Selected when Diffie-Hellman key exchange is
+ -- used.
+ encKeyPack [1] IMPLICIT OCTET STRING,
+ -- Selected when public key encryption is used.
+ -- Contains a CMS type ContentInfo encoded
+ -- according to [RFC3852].
+ -- The contentType field of the type ContentInfo is
+ -- id-envelopedData (1.2.840.113549.1.7.3).
+ -- The content field is an EnvelopedData.
+ -- The contentType field for the type EnvelopedData
+ -- is id-signedData (1.2.840.113549.1.7.2).
+ -- The eContentType field for the inner type
+ -- SignedData (when unencrypted) is
+ -- id-pkinit-rkeyData (1.3.6.1.5.2.3.3) and the
+ -- eContent field contains the DER encoding of the
+ -- type ReplyKeyPack.
+ -- ReplyKeyPack is defined below.
+ ...
+}
+
+DHRepInfo ::= SEQUENCE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ -- Contains a CMS type ContentInfo encoded according
+ -- to [RFC3852].
+ -- The contentType field of the type ContentInfo is
+ -- id-signedData (1.2.840.113549.1.7.2), and the
+ -- content field is a SignedData.
+ -- The eContentType field for the type SignedData is
+ -- id-pkinit-DHKeyData (1.3.6.1.5.2.3.2), and the
+ -- eContent field contains the DER encoding of the
+ -- type KDCDHKeyInfo.
+ -- KDCDHKeyInfo is defined below.
+ serverDHNonce [1] DHNonce OPTIONAL,
+ -- Present if and only if dhKeyExpiration is
+ -- present.
+ ...
+}
+
+KDCDHKeyInfo ::= SEQUENCE {
+ subjectPublicKey [0] BIT STRING,
+ -- The KDC's DH public key.
+ -- The DH public key value is encoded as a BIT
+ -- STRING according to [RFC3279].
+ nonce [1] INTEGER (0..4294967295),
+ -- Contains the nonce in the pkAuthenticator field
+ -- in the request if the DH keys are NOT reused,
+ -- 0 otherwise.
+ dhKeyExpiration [2] KerberosTime OPTIONAL,
+ -- Expiration time for KDC's key pair,
+ -- present if and only if the DH keys are reused.
+ -- If present, the KDC's DH public key MUST not be
+ -- used past the point of this expiration time.
+ -- If this field is omitted then the serverDHNonce
+ -- field MUST also be omitted.
+ ...
+}
+
+ReplyKeyPack ::= SEQUENCE {
+ replyKey [0] EncryptionKey,
+ -- Contains the session key used to encrypt the
+ -- enc-part field in the AS-REP, i.e., the
+ -- AS reply key.
+ asChecksum [1] Checksum,
+ -- Contains the checksum of the AS-REQ
+ -- corresponding to the containing AS-REP.
+ -- The checksum is performed over the type AS-REQ.
+ -- The protocol key [RFC3961] of the checksum is the
+ -- replyKey and the key usage number is 6.
+ -- If the replyKey's enctype is "newer" [RFC4120]
+ -- [RFC4121], the checksum is the required
+ -- checksum operation [RFC3961] for that enctype.
+ -- The client MUST verify this checksum upon receipt
+ -- of the AS-REP.
+ ...
+}
+
+TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier
+ -- Each AlgorithmIdentifier specifies a set of
+ -- Diffie-Hellman domain parameters [IEEE1363].
+ -- This list is in decreasing preference order.
+END
More information about the cvs-krb5
mailing list