diff options
author | Andrew Bartlett <abartlet@samba.org> | 2019-07-31 16:13:38 +1200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-08-21 09:57:31 +0000 |
commit | 52b91cb33c281aeecc6270824cadac6cefbcb136 (patch) | |
tree | d5c5926431b358eec459f33f82c3e79155a74b6b | |
parent | 974cebdf953259f41ecfc7375bc31d72af53f51e (diff) | |
download | samba-52b91cb33c281aeecc6270824cadac6cefbcb136.tar.gz |
s4-rpc_server: Remove Heimdal-based BackupKey server
We rely on a modern GnuTLS now.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
-rw-r--r-- | source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c | 1861 | ||||
-rw-r--r-- | source4/rpc_server/wscript_build | 24 | ||||
-rw-r--r-- | source4/torture/rpc/backupkey_heimdal.c | 2160 | ||||
-rw-r--r-- | source4/torture/wscript_build | 9 | ||||
-rw-r--r-- | wscript_configure_system_gnutls | 6 |
5 files changed, 8 insertions, 4052 deletions
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c b/source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c deleted file mode 100644 index 806f144a24b..00000000000 --- a/source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c +++ /dev/null @@ -1,1861 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - endpoint server for the backupkey interface - - Copyright (C) Matthieu Patou <mat@samba.org> 2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "rpc_server/dcerpc_server.h" -#include "rpc_server/common/common.h" -#include "librpc/gen_ndr/ndr_backupkey.h" -#include "dsdb/common/util.h" -#include "dsdb/samdb/samdb.h" -#include "lib/ldb/include/ldb_errors.h" -#include "../lib/util/util_ldb.h" -#include "param/param.h" -#include "auth/session.h" -#include "system/network.h" -#include <com_err.h> -#include <hx509.h> -#include <hcrypto/rsa.h> -#include <hcrypto/bn.h> -#include <hcrypto/sha.h> -#include <hcrypto/evp.h> -#include <hcrypto/hmac.h> -#include <der.h> -#include "../lib/tsocket/tsocket.h" -#include "../libcli/security/security.h" -#include "librpc/gen_ndr/ndr_security.h" -#include "lib/crypto/arcfour.h" -#include "libds/common/roles.h" -#include <gnutls/gnutls.h> -#include <gnutls/x509.h> - -#define DCESRV_INTERFACE_BACKUPKEY_BIND(context, iface) \ - dcesrv_interface_backupkey_bind(context, iface) -static NTSTATUS dcesrv_interface_backupkey_bind(struct dcesrv_connection_context *context, - const struct dcesrv_interface *iface) -{ - return dcesrv_interface_bind_require_privacy(context, iface); -} - -static const unsigned rsa_with_var_num[] = { 1, 2, 840, 113549, 1, 1, 1 }; -/* Equivalent to asn1_oid_id_pkcs1_rsaEncryption*/ -static const AlgorithmIdentifier _hx509_signature_rsa_with_var_num = { - { 7, discard_const_p(unsigned, rsa_with_var_num) }, NULL -}; - -static NTSTATUS set_lsa_secret(TALLOC_CTX *mem_ctx, - struct ldb_context *ldb, - const char *name, - const DATA_BLOB *lsa_secret) -{ - struct ldb_message *msg; - struct ldb_result *res; - struct ldb_dn *domain_dn; - struct ldb_dn *system_dn; - struct ldb_val val; - int ret; - char *name2; - struct timeval now = timeval_current(); - NTTIME nt_now = timeval_to_nttime(&now); - const char *attrs[] = { - NULL - }; - - domain_dn = ldb_get_default_basedn(ldb); - if (!domain_dn) { - return NT_STATUS_INTERNAL_ERROR; - } - - msg = ldb_msg_new(mem_ctx); - if (msg == NULL) { - return NT_STATUS_NO_MEMORY; - } - - /* - * This function is a lot like dcesrv_lsa_CreateSecret - * in the rpc_server/lsa directory - * The reason why we duplicate the effort here is that: - * * we want to keep the former function static - * * we want to avoid the burden of doing LSA calls - * when we can just manipulate the secrets directly - * * taillor the function to the particular needs of backup protocol - */ - - system_dn = samdb_search_dn(ldb, msg, domain_dn, "(&(objectClass=container)(cn=System))"); - if (system_dn == NULL) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - - name2 = talloc_asprintf(msg, "%s Secret", name); - if (name2 == NULL) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - - ret = ldb_search(ldb, mem_ctx, &res, system_dn, LDB_SCOPE_SUBTREE, attrs, - "(&(cn=%s)(objectclass=secret))", - ldb_binary_encode_string(mem_ctx, name2)); - - if (ret != LDB_SUCCESS || res->count != 0 ) { - DEBUG(2, ("Secret %s already exists !\n", name2)); - talloc_free(msg); - return NT_STATUS_OBJECT_NAME_COLLISION; - } - - /* - * We don't care about previous value as we are - * here only if the key didn't exists before - */ - - msg->dn = ldb_dn_copy(mem_ctx, system_dn); - if (msg->dn == NULL) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - if (!ldb_dn_add_child_fmt(msg->dn, "cn=%s", name2)) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - - ret = ldb_msg_add_string(msg, "cn", name2); - if (ret != LDB_SUCCESS) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - ret = ldb_msg_add_string(msg, "objectClass", "secret"); - if (ret != LDB_SUCCESS) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - ret = samdb_msg_add_uint64(ldb, mem_ctx, msg, "priorSetTime", nt_now); - if (ret != LDB_SUCCESS) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - val.data = lsa_secret->data; - val.length = lsa_secret->length; - ret = ldb_msg_add_value(msg, "currentValue", &val, NULL); - if (ret != LDB_SUCCESS) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - ret = samdb_msg_add_uint64(ldb, mem_ctx, msg, "lastSetTime", nt_now); - if (ret != LDB_SUCCESS) { - talloc_free(msg); - return NT_STATUS_NO_MEMORY; - } - - /* - * create the secret with DSDB_MODIFY_RELAX - * otherwise dsdb/samdb/ldb_modules/objectclass.c forbid - * the create of LSA secret object - */ - ret = dsdb_add(ldb, msg, DSDB_MODIFY_RELAX); - if (ret != LDB_SUCCESS) { - DEBUG(2,("Failed to create secret record %s: %s\n", - ldb_dn_get_linearized(msg->dn), - ldb_errstring(ldb))); - talloc_free(msg); - return NT_STATUS_ACCESS_DENIED; - } - - talloc_free(msg); - return NT_STATUS_OK; -} - -/* This function is pretty much like dcesrv_lsa_QuerySecret */ -static NTSTATUS get_lsa_secret(TALLOC_CTX *mem_ctx, - struct ldb_context *ldb, - const char *name, - DATA_BLOB *lsa_secret) -{ - TALLOC_CTX *tmp_mem; - struct ldb_result *res; - struct ldb_dn *domain_dn; - struct ldb_dn *system_dn; - const struct ldb_val *val; - uint8_t *data; - const char *attrs[] = { - "currentValue", - NULL - }; - int ret; - - lsa_secret->data = NULL; - lsa_secret->length = 0; - - domain_dn = ldb_get_default_basedn(ldb); - if (!domain_dn) { - return NT_STATUS_INTERNAL_ERROR; - } - - tmp_mem = talloc_new(mem_ctx); - if (tmp_mem == NULL) { - return NT_STATUS_NO_MEMORY; - } - - system_dn = samdb_search_dn(ldb, tmp_mem, domain_dn, "(&(objectClass=container)(cn=System))"); - if (system_dn == NULL) { - talloc_free(tmp_mem); - return NT_STATUS_NO_MEMORY; - } - - ret = ldb_search(ldb, mem_ctx, &res, system_dn, LDB_SCOPE_SUBTREE, attrs, - "(&(cn=%s Secret)(objectclass=secret))", - ldb_binary_encode_string(tmp_mem, name)); - - if (ret != LDB_SUCCESS) { - talloc_free(tmp_mem); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - if (res->count == 0) { - talloc_free(tmp_mem); - return NT_STATUS_RESOURCE_NAME_NOT_FOUND; - } - if (res->count > 1) { - DEBUG(2, ("Secret %s collision\n", name)); - talloc_free(tmp_mem); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - - val = ldb_msg_find_ldb_val(res->msgs[0], "currentValue"); - if (val == NULL) { - /* - * The secret object is here but we don't have the secret value - * The most common case is a RODC - */ - *lsa_secret = data_blob_null; - talloc_free(tmp_mem); - return NT_STATUS_OK; - } - - data = val->data; - lsa_secret->data = talloc_move(mem_ctx, &data); - lsa_secret->length = val->length; - - talloc_free(tmp_mem); - return NT_STATUS_OK; -} - -static DATA_BLOB *reverse_and_get_blob(TALLOC_CTX *mem_ctx, BIGNUM *bn) -{ - DATA_BLOB blob; - DATA_BLOB *rev = talloc(mem_ctx, DATA_BLOB); - uint32_t i; - - blob.length = BN_num_bytes(bn); - blob.data = talloc_array(mem_ctx, uint8_t, blob.length); - - if (blob.data == NULL) { - return NULL; - } - - BN_bn2bin(bn, blob.data); - - rev->data = talloc_array(mem_ctx, uint8_t, blob.length); - if (rev->data == NULL) { - return NULL; - } - - for(i=0; i < blob.length; i++) { - rev->data[i] = blob.data[blob.length - i -1]; - } - rev->length = blob.length; - talloc_free(blob.data); - return rev; -} - -static BIGNUM *reverse_and_get_bignum(TALLOC_CTX *mem_ctx, DATA_BLOB *blob) -{ - BIGNUM *ret; - DATA_BLOB rev; - uint32_t i; - - rev.data = talloc_array(mem_ctx, uint8_t, blob->length); - if (rev.data == NULL) { - return NULL; - } - - for(i=0; i < blob->length; i++) { - rev.data[i] = blob->data[blob->length - i -1]; - } - rev.length = blob->length; - - ret = BN_bin2bn(rev.data, rev.length, NULL); - talloc_free(rev.data); - - return ret; -} - -static NTSTATUS get_pk_from_raw_keypair_params(TALLOC_CTX *ctx, - struct bkrp_exported_RSA_key_pair *keypair, - hx509_private_key *pk) -{ - hx509_context hctx; - RSA *rsa; - struct hx509_private_key_ops *ops; - hx509_private_key privkey = NULL; - - hx509_context_init(&hctx); - ops = hx509_find_private_alg(&_hx509_signature_rsa_with_var_num.algorithm); - if (ops == NULL) { - DEBUG(2, ("Not supported algorithm\n")); - hx509_context_free(&hctx); - return NT_STATUS_INTERNAL_ERROR; - } - - if (hx509_private_key_init(&privkey, ops, NULL) != 0) { - hx509_context_free(&hctx); - return NT_STATUS_NO_MEMORY; - } - - rsa = RSA_new(); - if (rsa ==NULL) { - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - - rsa->n = reverse_and_get_bignum(ctx, &(keypair->modulus)); - if (rsa->n == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->d = reverse_and_get_bignum(ctx, &(keypair->private_exponent)); - if (rsa->d == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->p = reverse_and_get_bignum(ctx, &(keypair->prime1)); - if (rsa->p == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->q = reverse_and_get_bignum(ctx, &(keypair->prime2)); - if (rsa->q == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->dmp1 = reverse_and_get_bignum(ctx, &(keypair->exponent1)); - if (rsa->dmp1 == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->dmq1 = reverse_and_get_bignum(ctx, &(keypair->exponent2)); - if (rsa->dmq1 == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->iqmp = reverse_and_get_bignum(ctx, &(keypair->coefficient)); - if (rsa->iqmp == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - rsa->e = reverse_and_get_bignum(ctx, &(keypair->public_exponent)); - if (rsa->e == NULL) { - RSA_free(rsa); - hx509_private_key_free(&privkey); - hx509_context_free(&hctx); - return NT_STATUS_INVALID_PARAMETER; - } - - *pk = privkey; - - hx509_private_key_assign_rsa(*pk, rsa); - - hx509_context_free(&hctx); - return NT_STATUS_OK; -} - -static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, - uint32_t version, - uint8_t *key_and_iv, - uint8_t *access_check, - uint32_t access_check_len, - struct auth_session_info *session_info) -{ - heim_octet_string iv; - heim_octet_string access_check_os; - hx509_crypto crypto; - - DATA_BLOB blob_us; - uint32_t key_len; - uint32_t iv_len; - int res; - enum ndr_err_code ndr_err; - hx509_context hctx; - - struct dom_sid *access_sid = NULL; - struct dom_sid *caller_sid = NULL; - - /* This one should not be freed */ - const AlgorithmIdentifier *alg; - - switch (version) { - case 2: - key_len = 24; - iv_len = 8; - alg = hx509_crypto_des_rsdi_ede3_cbc(); - break; - - case 3: - key_len = 32; - iv_len = 16; - alg =hx509_crypto_aes256_cbc(); - break; - - default: - return WERR_INVALID_DATA; - } - - hx509_context_init(&hctx); - res = hx509_crypto_init(hctx, NULL, - &(alg->algorithm), - &crypto); - hx509_context_free(&hctx); - - if (res != 0) { - return WERR_INVALID_DATA; - } - - res = hx509_crypto_set_key_data(crypto, key_and_iv, key_len); - - iv.data = talloc_memdup(sub_ctx, key_len + key_and_iv, iv_len); - iv.length = iv_len; - - if (res != 0) { - hx509_crypto_destroy(crypto); - return WERR_INVALID_DATA; - } - - hx509_crypto_set_padding(crypto, HX509_CRYPTO_PADDING_NONE); - res = hx509_crypto_decrypt(crypto, - access_check, - access_check_len, - &iv, - &access_check_os); - - if (res != 0) { - hx509_crypto_destroy(crypto); - return WERR_INVALID_DATA; - } - - blob_us.data = access_check_os.data; - blob_us.length = access_check_os.length; - - hx509_crypto_destroy(crypto); - - switch (version) { - case 2: - { - uint32_t hash_size = 20; - uint8_t hash[hash_size]; - struct sha sctx; - struct bkrp_access_check_v2 uncrypted_accesscheckv2; - - ndr_err = ndr_pull_struct_blob(&blob_us, sub_ctx, &uncrypted_accesscheckv2, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_access_check_v2); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - /* Unable to unmarshall */ - der_free_octet_string(&access_check_os); - return WERR_INVALID_DATA; - } - if (uncrypted_accesscheckv2.magic != 0x1) { - /* wrong magic */ - der_free_octet_string(&access_check_os); - return WERR_INVALID_DATA; - } - - SHA1_Init(&sctx); - SHA1_Update(&sctx, blob_us.data, blob_us.length - hash_size); - SHA1_Final(hash, &sctx); - der_free_octet_string(&access_check_os); - /* - * We free it after the sha1 calculation because blob.data - * point to the same area - */ - - if (memcmp(hash, uncrypted_accesscheckv2.hash, hash_size) != 0) { - DEBUG(2, ("Wrong hash value in the access check in backup key remote protocol\n")); - return WERR_INVALID_DATA; - } - access_sid = &(uncrypted_accesscheckv2.sid); - break; - } - case 3: - { - uint32_t hash_size = 64; - uint8_t hash[hash_size]; - struct hc_sha512state sctx; - struct bkrp_access_check_v3 uncrypted_accesscheckv3; - - ndr_err = ndr_pull_struct_blob(&blob_us, sub_ctx, &uncrypted_accesscheckv3, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_access_check_v3); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - /* Unable to unmarshall */ - der_free_octet_string(&access_check_os); - return WERR_INVALID_DATA; - } - if (uncrypted_accesscheckv3.magic != 0x1) { - /* wrong magic */ - der_free_octet_string(&access_check_os); - return WERR_INVALID_DATA; - } - - SHA512_Init(&sctx); - SHA512_Update(&sctx, blob_us.data, blob_us.length - hash_size); - SHA512_Final(hash, &sctx); - der_free_octet_string(&access_check_os); - /* - * We free it after the sha1 calculation because blob.data - * point to the same area - */ - - if (memcmp(hash, uncrypted_accesscheckv3.hash, hash_size) != 0) { - DEBUG(2, ("Wrong hash value in the access check in backup key remote protocol\n")); - return WERR_INVALID_DATA; - } - access_sid = &(uncrypted_accesscheckv3.sid); - break; - } - default: - /* Never reached normally as we filtered at the switch / case level */ - return WERR_INVALID_DATA; - } - - caller_sid = &session_info->security_token->sids[PRIMARY_USER_SID_INDEX]; - - if (!dom_sid_equal(caller_sid, access_sid)) { - return WERR_INVALID_ACCESS; - } - return WERR_OK; -} - -/* - * We have some data, such as saved website or IMAP passwords that the - * client has in profile on-disk. This needs to be decrypted. This - * version gives the server the data over the network (protected by - * the X.509 certificate and public key encryption, and asks that it - * be decrypted returned for short-term use, protected only by the - * negotiated transport encryption. - * - * The data is NOT stored in the LSA, but a X.509 certificate, public - * and private keys used to encrypt the data will be stored. There is - * only one active encryption key pair and certificate per domain, it - * is pointed at with G$BCKUPKEY_PREFERRED in the LSA secrets store. - * - * The potentially multiple valid decrypting key pairs are in turn - * stored in the LSA secrets store as G$BCKUPKEY_keyGuidString. - * - */ -static WERROR bkrp_client_wrap_decrypt_data(struct dcesrv_call_state *dce_call, - TALLOC_CTX *mem_ctx, - struct bkrp_BackupKey *r, - struct ldb_context *ldb_ctx) -{ - struct auth_session_info *session_info = - dcesrv_call_session_info(dce_call); - struct bkrp_client_side_wrapped uncrypt_request; - DATA_BLOB blob; - enum ndr_err_code ndr_err; - char *guid_string; - char *cert_secret_name; - DATA_BLOB lsa_secret; - DATA_BLOB *uncrypted_data = NULL; - NTSTATUS status; - uint32_t requested_version; - - blob.data = r->in.data_in; - blob.length = r->in.data_in_len; - - if (r->in.data_in_len < 4 || r->in.data_in == NULL) { - return WERR_INVALID_PARAMETER; - } - - /* - * We check for the version here, so we can actually print the - * message as we are unlikely to parse it with NDR. - */ - requested_version = IVAL(r->in.data_in, 0); - if ((requested_version != BACKUPKEY_CLIENT_WRAP_VERSION2) - && (requested_version != BACKUPKEY_CLIENT_WRAP_VERSION3)) { - DEBUG(1, ("Request for unknown BackupKey sub-protocol %d\n", requested_version)); - return WERR_INVALID_PARAMETER; - } - - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &uncrypt_request, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_wrapped); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INVALID_PARAMETER; - } - - if ((uncrypt_request.version != BACKUPKEY_CLIENT_WRAP_VERSION2) - && (uncrypt_request.version != BACKUPKEY_CLIENT_WRAP_VERSION3)) { - DEBUG(1, ("Request for unknown BackupKey sub-protocol %d\n", uncrypt_request.version)); - return WERR_INVALID_PARAMETER; - } - - guid_string = GUID_string(mem_ctx, &uncrypt_request.guid); - if (guid_string == NULL) { - return WERR_NOT_ENOUGH_MEMORY; - } - - cert_secret_name = talloc_asprintf(mem_ctx, - "BCKUPKEY_%s", - guid_string); - if (cert_secret_name == NULL) { - return WERR_NOT_ENOUGH_MEMORY; - } - - status = get_lsa_secret(mem_ctx, - ldb_ctx, - cert_secret_name, - &lsa_secret); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("Error while fetching secret %s\n", cert_secret_name)); - return WERR_INVALID_DATA; - } else if (lsa_secret.length == 0) { - /* we do not have the real secret attribute, like if we are an RODC */ - return WERR_INVALID_PARAMETER; - } else { - hx509_context hctx; - struct bkrp_exported_RSA_key_pair keypair; - hx509_private_key pk; - uint32_t i, res; - heim_octet_string reversed_secret; - heim_octet_string uncrypted_secret; - AlgorithmIdentifier alg; - DATA_BLOB blob_us; - WERROR werr; - - ndr_err = ndr_pull_struct_blob(&lsa_secret, mem_ctx, &keypair, (ndr_pull_flags_fn_t)ndr_pull_bkrp_exported_RSA_key_pair); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - DEBUG(2, ("Unable to parse the ndr encoded cert in key %s\n", cert_secret_name)); - return WERR_FILE_NOT_FOUND; - } - - status = get_pk_from_raw_keypair_params(mem_ctx, &keypair, &pk); - if (!NT_STATUS_IS_OK(status)) { - return WERR_INTERNAL_ERROR; - } - - reversed_secret.data = talloc_array(mem_ctx, uint8_t, - uncrypt_request.encrypted_secret_len); - if (reversed_secret.data == NULL) { - hx509_private_key_free(&pk); - return WERR_NOT_ENOUGH_MEMORY; - } - - /* The secret has to be reversed ... */ - for(i=0; i< uncrypt_request.encrypted_secret_len; i++) { - uint8_t *reversed = (uint8_t *)reversed_secret.data; - uint8_t *uncrypt = uncrypt_request.encrypted_secret; - reversed[i] = uncrypt[uncrypt_request.encrypted_secret_len - 1 - i]; - } - reversed_secret.length = uncrypt_request.encrypted_secret_len; - - /* - * Let's try to decrypt the secret now that - * we have the private key ... - */ - hx509_context_init(&hctx); - res = hx509_private_key_private_decrypt(hctx, &reversed_secret, - &alg.algorithm, pk, - &uncrypted_secret); - hx509_context_free(&hctx); - hx509_private_key_free(&pk); - if (res != 0) { - /* We are not able to decrypt the secret, looks like something is wrong */ - return WERR_INVALID_PARAMETER; - } - blob_us.data = uncrypted_secret.data; - blob_us.length = uncrypted_secret.length; - - if (uncrypt_request.version == 2) { - struct bkrp_encrypted_secret_v2 uncrypted_secretv2; - - ndr_err = ndr_pull_struct_blob(&blob_us, mem_ctx, &uncrypted_secretv2, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_encrypted_secret_v2); - der_free_octet_string(&uncrypted_secret); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - /* Unable to unmarshall */ - return WERR_INVALID_DATA; - } - if (uncrypted_secretv2.magic != 0x20) { - /* wrong magic */ - return WERR_INVALID_DATA; - } - - werr = get_and_verify_access_check(mem_ctx, 2, - uncrypted_secretv2.payload_key, - uncrypt_request.access_check, - uncrypt_request.access_check_len, - session_info); - if (!W_ERROR_IS_OK(werr)) { - return werr; - } - uncrypted_data = talloc(mem_ctx, DATA_BLOB); - if (uncrypted_data == NULL) { - return WERR_INVALID_DATA; - } - - uncrypted_data->data = uncrypted_secretv2.secret; - uncrypted_data->length = uncrypted_secretv2.secret_len; - } - if (uncrypt_request.version == 3) { - struct bkrp_encrypted_secret_v3 uncrypted_secretv3; - - ndr_err = ndr_pull_struct_blob(&blob_us, mem_ctx, &uncrypted_secretv3, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_encrypted_secret_v3); - - der_free_octet_string(&uncrypted_secret); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - /* Unable to unmarshall */ - return WERR_INVALID_DATA; - } - - if (uncrypted_secretv3.magic1 != 0x30 || - uncrypted_secretv3.magic2 != 0x6610 || - uncrypted_secretv3.magic3 != 0x800e) { - /* wrong magic */ - return WERR_INVALID_DATA; - } - - /* - * Confirm that the caller is permitted to - * read this particular data. Because one key - * pair is used per domain, the caller could - * have stolen the profile data on-disk and - * would otherwise be able to read the - * passwords. - */ - - werr = get_and_verify_access_check(mem_ctx, 3, - uncrypted_secretv3.payload_key, - uncrypt_request.access_check, - uncrypt_request.access_check_len, - session_info); - if (!W_ERROR_IS_OK(werr)) { - return werr; - } - - uncrypted_data = talloc(mem_ctx, DATA_BLOB); - if (uncrypted_data == NULL) { - return WERR_INVALID_DATA; - } - - uncrypted_data->data = uncrypted_secretv3.secret; - uncrypted_data->length = uncrypted_secretv3.secret_len; - } - - /* - * Yeah if we are here all looks pretty good: - * - hash is ok - * - user sid is the same as the one in access check - * - we were able to decrypt the whole stuff - */ - } - - if (uncrypted_data->data == NULL) { - return WERR_INVALID_DATA; - } - - /* There is a magic value a the beginning of the data - * we can use an adhoc structure but as the - * parent structure is just an array of bytes it a lot of work - * work just prepending 4 bytes - */ - *(r->out.data_out) = talloc_zero_array(mem_ctx, uint8_t, uncrypted_data->length + 4); - W_ERROR_HAVE_NO_MEMORY(*(r->out.data_out)); - memcpy(4+*(r->out.data_out), uncrypted_data->data, uncrypted_data->length); - *(r->out.data_out_len) = uncrypted_data->length + 4; - - return WERR_OK; -} - -/* - * Strictly, this function no longer uses Heimdal in order to generate an RSA - * key, but GnuTLS. - * - * The resulting key is then imported into Heimdal's RSA structure. - * - * We use GnuTLS because it can reliably generate 2048 bit keys every time. - * Windows clients strictly require 2048, no more since it won't fit and no - * less either. Heimdal would almost always generate a smaller key. - */ -static WERROR create_heimdal_rsa_key(TALLOC_CTX *ctx, hx509_context *hctx, - hx509_private_key *pk, RSA **rsa) -{ - int ret; - uint8_t *p0 = NULL; - const uint8_t *p; - size_t len; - int bits = 2048; - int RSA_returned_bits; - gnutls_x509_privkey_t gtls_key; - WERROR werr; - - *rsa = NULL; - - ret = gnutls_global_init(); - if (ret != GNUTLS_E_SUCCESS) { - DBG_ERR("TLS error: %s\n", gnutls_strerror(ret)); - return WERR_INTERNAL_ERROR; - } - - ret = gnutls_x509_privkey_init(>ls_key); - if (ret != 0) { - gnutls_global_deinit(); - return WERR_INTERNAL_ERROR; - } - - /* - * Unlike Heimdal's RSA_generate_key_ex(), this generates a - * 2048 bit key 100% of the time. The heimdal code had a ~1/8 - * chance of doing so, chewing vast quantities of computation - * and entropy in the process. - */ - - ret = gnutls_x509_privkey_generate(gtls_key, GNUTLS_PK_RSA, bits, 0); - if (ret != 0) { - werr = WERR_INTERNAL_ERROR; - goto done; - } - - /* No need to check error code, this SHOULD fail */ - gnutls_x509_privkey_export(gtls_key, GNUTLS_X509_FMT_DER, NULL, &len); - - if (len < 1) { - werr = WERR_INTERNAL_ERROR; - goto done; - } - - p0 = talloc_size(ctx, len); - if (p0 == NULL) { - werr = WERR_NOT_ENOUGH_MEMORY; - goto done; - } - p = p0; - - /* - * Only this GnuTLS export function correctly exports the key, - * we can't use gnutls_rsa_params_export_raw() because while - * it appears to be fixed in more recent versions, in the - * Ubuntu 14.04 version 2.12.23 (at least) it incorrectly - * exports one of the key parameters (qInv). Additionally, we - * would have to work around subtle differences in big number - * representations. - * - * We need access to the RSA parameters directly (in the - * parameter RSA **rsa) as the caller has to manually encode - * them in a non-standard data structure. - */ - ret = gnutls_x509_privkey_export(gtls_key, GNUTLS_X509_FMT_DER, p0, &len); - - if (ret != 0) { - werr = WERR_INTERNAL_ERROR; - goto done; - } - - /* - * To dump the key we can use : - * rk_dumpdata("h5lkey", p0, len); - */ - ret = hx509_parse_private_key(*hctx, &_hx509_signature_rsa_with_var_num , - p0, len, HX509_KEY_FORMAT_DER, pk); - - if (ret != 0) { - werr = WERR_INTERNAL_ERROR; - goto done; - } - - *rsa = d2i_RSAPrivateKey(NULL, &p, len); - TALLOC_FREE(p0); - - if (*rsa == NULL) { - hx509_private_key_free(pk); - werr = WERR_INTERNAL_ERROR; - goto done; - } - - RSA_returned_bits = BN_num_bits((*rsa)->n); - DEBUG(6, ("GnuTLS returned an RSA private key with %d bits\n", RSA_returned_bits)); - - if (RSA_returned_bits != bits) { - DEBUG(0, ("GnuTLS unexpectedly returned an RSA private key with %d bits, needed %d\n", RSA_returned_bits, bits)); - hx509_private_key_free(pk); - werr = WERR_INTERNAL_ERROR; - goto done; - } - - werr = WERR_OK; - -done: - if (p0 != NULL) { - memset(p0, 0, len); - TALLOC_FREE(p0); - } - - gnutls_x509_privkey_deinit(gtls_key); - gnutls_global_deinit(); - return werr; -} - -static WERROR self_sign_cert(TALLOC_CTX *ctx, hx509_context *hctx, hx509_request *req, - time_t lifetime, hx509_private_key *private_key, - hx509_cert *cert, DATA_BLOB *guidblob) -{ - SubjectPublicKeyInfo spki; - hx509_name subject = NULL; - hx509_ca_tbs tbs; - struct heim_bit_string uniqueid; - struct heim_integer serialnumber; - int ret, i; - - uniqueid.data = talloc_memdup(ctx, guidblob->data, guidblob->length); - if (uniqueid.data == NULL) { - return WERR_NOT_ENOUGH_MEMORY; - } - /* uniqueid is a bit string in which each byte represent 1 bit (1 or 0) - * so as 1 byte is 8 bits we need to provision 8 times more space as in the - * blob - */ - uniqueid.length = 8 * guidblob->length; - - serialnumber.data = talloc_array(ctx, uint8_t, - guidblob->length); - if (serialnumber.data == NULL) { - talloc_free(uniqueid.data); - return WERR_NOT_ENOUGH_MEMORY; - } - - /* Native AD generates certificates with serialnumber in reversed notation */ - for (i = 0; i < guidblob->length; i++) { - uint8_t *reversed = (uint8_t *)serialnumber.data; - uint8_t *uncrypt = guidblob->data; - reversed[i] = uncrypt[guidblob->length - 1 - i]; - } - serialnumber.length = guidblob->length; - serialnumber.negative = 0; - - memset(&spki, 0, sizeof(spki)); - - ret = hx509_request_get_name(*hctx, *req, &subject); - if (ret !=0) { - goto fail_subject; - } - ret = hx509_request_get_SubjectPublicKeyInfo(*hctx, *req, &spki); - if (ret !=0) { - goto fail_spki; - } - - ret = hx509_ca_tbs_init(*hctx, &tbs); - if (ret !=0) { - goto fail_tbs; - } - - ret = hx509_ca_tbs_set_spki(*hctx, tbs, &spki); - if (ret !=0) { - goto fail; - } - ret = hx509_ca_tbs_set_subject(*hctx, tbs, subject); - if (ret !=0) { - goto fail; - } - ret = hx509_ca_tbs_set_notAfter_lifetime(*hctx, tbs, lifetime); - if (ret !=0) { - goto fail; - } - ret = hx509_ca_tbs_set_unique(*hctx, tbs, &uniqueid, &uniqueid); - if (ret !=0) { - goto fail; - } - ret = hx509_ca_tbs_set_serialnumber(*hctx, tbs, &serialnumber); - if (ret !=0) { - goto fail; - } - ret = hx509_ca_sign_self(*hctx, tbs, *private_key, cert); - if (ret !=0) { - goto fail; - } - hx509_name_free(&subject); - free_SubjectPublicKeyInfo(&spki); - hx509_ca_tbs_free(&tbs); - - return WERR_OK; - -fail: - hx509_ca_tbs_free(&tbs); -fail_tbs: - free_SubjectPublicKeyInfo(&spki); -fail_spki: - hx509_name_free(&subject); -fail_subject: - talloc_free(uniqueid.data); - talloc_free(serialnumber.data); - return WERR_INTERNAL_ERROR; -} - -static WERROR create_req(TALLOC_CTX *ctx, hx509_context *hctx, hx509_request *req, - hx509_private_key *signer,RSA **rsa, const char *dn) -{ - int ret; - SubjectPublicKeyInfo key; - - hx509_name name; - WERROR werr; - - werr = create_heimdal_rsa_key(ctx, hctx, signer, rsa); - if (!W_ERROR_IS_OK(werr)) { - return werr; - } - - hx509_request_init(*hctx, req); - ret = hx509_parse_name(*hctx, dn, &name); - if (ret != 0) { - RSA_free(*rsa); - hx509_private_key_free(signer); - hx509_request_free(req); - hx509_name_free(&name); - return WERR_INTERNAL_ERROR; - } - - ret = hx509_request_set_name(*hctx, *req, name); - if (ret != 0) { - RSA_free(*rsa); - hx509_private_key_free(signer); - hx509_request_free(req); - hx509_name_free(&name); - return WERR_INTERNAL_ERROR; - } - hx509_name_free(&name); - - ret = hx509_private_key2SPKI(*hctx, *signer, &key); - if (ret != 0) { - RSA_free(*rsa); - hx509_private_key_free(signer); - hx509_request_free(req); - return WERR_INTERNAL_ERROR; - } - ret = hx509_request_set_SubjectPublicKeyInfo(*hctx, *req, &key); - if (ret != 0) { - RSA_free(*rsa); - hx509_private_key_free(signer); - free_SubjectPublicKeyInfo(&key); - hx509_request_free(req); - return WERR_INTERNAL_ERROR; - } - - free_SubjectPublicKeyInfo(&key); - - return WERR_OK; -} - -/* Return an error when we fail to generate a certificate */ -static WERROR generate_bkrp_cert(TALLOC_CTX *ctx, struct dcesrv_call_state *dce_call, struct ldb_context *ldb_ctx, const char *dn) -{ - heim_octet_string data; - WERROR werr; - RSA *rsa; - hx509_context hctx; - hx509_private_key pk; - hx509_request req; - hx509_cert cert; - DATA_BLOB blob; - DATA_BLOB blobkeypair; - DATA_BLOB *tmp; - int ret; - bool ok = true; - struct GUID guid = GUID_random(); - NTSTATUS status; - char *secret_name; - struct bkrp_exported_RSA_key_pair keypair; - enum ndr_err_code ndr_err; - uint32_t nb_seconds_validity = 3600 * 24 * 365; - - DEBUG(6, ("Trying to generate a certificate\n")); - hx509_context_init(&hctx); - werr = create_req(ctx, &hctx, &req, &pk, &rsa, dn); - if (!W_ERROR_IS_OK(werr)) { - hx509_context_free(&hctx); - return werr; - } - - status = GUID_to_ndr_blob(&guid, ctx, &blob); - if (!NT_STATUS_IS_OK(status)) { - hx509_context_free(&hctx); - hx509_private_key_free(&pk); - RSA_free(rsa); - return WERR_INVALID_DATA; - } - - werr = self_sign_cert(ctx, &hctx, &req, nb_seconds_validity, &pk, &cert, &blob); - if (!W_ERROR_IS_OK(werr)) { - hx509_private_key_free(&pk); - hx509_context_free(&hctx); - return WERR_INVALID_DATA; - } - - ret = hx509_cert_binary(hctx, cert, &data); - if (ret !=0) { - hx509_cert_free(cert); - hx509_private_key_free(&pk); - hx509_context_free(&hctx); - return WERR_INVALID_DATA; - } - - keypair.cert.data = talloc_memdup(ctx, data.data, data.length); - keypair.cert.length = data.length; - - /* - * Heimdal's bignum are big endian and the - * structure expect it to be in little endian - * so we reverse the buffer to make it work - */ - tmp = reverse_and_get_blob(ctx, rsa->e); - if (tmp == NULL) { - ok = false; - } else { - keypair.public_exponent = *tmp; - SMB_ASSERT(tmp->length <= 4); - /* - * The value is now in little endian but if can happen that the length is - * less than 4 bytes. - * So if we have less than 4 bytes we pad with zeros so that it correctly - * fit into the structure. - */ - if (tmp->length < 4) { - /* - * We need the expo to fit 4 bytes - */ - keypair.public_exponent.data = talloc_zero_array(ctx, uint8_t, 4); - memcpy(keypair.public_exponent.data, tmp->data, tmp->length); - keypair.public_exponent.length = 4; - } - } - - tmp = reverse_and_get_blob(ctx,rsa->d); - if (tmp == NULL) { - ok = false; - } else { - keypair.private_exponent = *tmp; - } - - tmp = reverse_and_get_blob(ctx,rsa->n); - if (tmp == NULL) { - ok = false; - } else { - keypair.modulus = *tmp; - } - - tmp = reverse_and_get_blob(ctx,rsa->p); - if (tmp == NULL) { - ok = false; - } else { - keypair.prime1 = *tmp; - } - - tmp = reverse_and_get_blob(ctx,rsa->q); - if (tmp == NULL) { - ok = false; - } else { - keypair.prime2 = *tmp; - } - - tmp = reverse_and_get_blob(ctx,rsa->dmp1); - if (tmp == NULL) { - ok = false; - } else { - keypair.exponent1 = *tmp; - } - - tmp = reverse_and_get_blob(ctx,rsa->dmq1); - if (tmp == NULL) { - ok = false; - } else { - keypair.exponent2 = *tmp; - } - - tmp = reverse_and_get_blob(ctx,rsa->iqmp); - if (tmp == NULL) { - ok = false; - } else { - keypair.coefficient = *tmp; - } - - /* One of the keypair allocation was wrong */ - if (ok == false) { - der_free_octet_string(&data); - hx509_cert_free(cert); - hx509_private_key_free(&pk); - hx509_context_free(&hctx); - RSA_free(rsa); - return WERR_INVALID_DATA; - } - keypair.certificate_len = keypair.cert.length; - ndr_err = ndr_push_struct_blob(&blobkeypair, ctx, &keypair, (ndr_push_flags_fn_t)ndr_push_bkrp_exported_RSA_key_pair); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - der_free_octet_string(&data); - hx509_cert_free(cert); - hx509_private_key_free(&pk); - hx509_context_free(&hctx); - RSA_free(rsa); - return WERR_INVALID_DATA; - } - - secret_name = talloc_asprintf(ctx, "BCKUPKEY_%s", GUID_string(ctx, &guid)); - if (secret_name == NULL) { - der_free_octet_string(&data); - hx509_cert_free(cert); - hx509_private_key_free(&pk); - hx509_context_free(&hctx); - RSA_free(rsa); - return WERR_OUTOFMEMORY; - } - - status = set_lsa_secret(ctx, ldb_ctx, secret_name, &blobkeypair); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to save the secret %s\n", secret_name)); - } - talloc_free(secret_name); - - GUID_to_ndr_blob(&guid, ctx, &blob); - status = set_lsa_secret(ctx, ldb_ctx, "BCKUPKEY_PREFERRED", &blob); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to save the secret BCKUPKEY_PREFERRED\n")); - } - - der_free_octet_string(&data); - hx509_cert_free(cert); - hx509_private_key_free(&pk); - hx509_context_free(&hctx); - RSA_free(rsa); - return WERR_OK; -} - -static WERROR bkrp_retrieve_client_wrap_key(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct bkrp_BackupKey *r, struct ldb_context *ldb_ctx) -{ - struct GUID guid; - char *guid_string; - DATA_BLOB lsa_secret; - enum ndr_err_code ndr_err; - NTSTATUS status; - - /* - * here we basicaly need to return our certificate - * search for lsa secret BCKUPKEY_PREFERRED first - */ - - status = get_lsa_secret(mem_ctx, - ldb_ctx, - "BCKUPKEY_PREFERRED", - &lsa_secret); - if (NT_STATUS_EQUAL(status, NT_STATUS_RESOURCE_NAME_NOT_FOUND)) { - /* Ok we can be in this case if there was no certs */ - struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx; - char *dn = talloc_asprintf(mem_ctx, "CN=%s", - lpcfg_realm(lp_ctx)); - - WERROR werr = generate_bkrp_cert(mem_ctx, dce_call, ldb_ctx, dn); - if (!W_ERROR_IS_OK(werr)) { - return WERR_INVALID_PARAMETER; - } - status = get_lsa_secret(mem_ctx, - ldb_ctx, - "BCKUPKEY_PREFERRED", - &lsa_secret); - - if (!NT_STATUS_IS_OK(status)) { - /* Ok we really don't manage to get this certs ...*/ - DEBUG(2, ("Unable to locate BCKUPKEY_PREFERRED after cert generation\n")); - return WERR_FILE_NOT_FOUND; - } - } else if (!NT_STATUS_IS_OK(status)) { - return WERR_INTERNAL_ERROR; - } - - if (lsa_secret.length == 0) { - DEBUG(1, ("No secret in BCKUPKEY_PREFERRED, are we an undetected RODC?\n")); - return WERR_INTERNAL_ERROR; - } else { - char *cert_secret_name; - - status = GUID_from_ndr_blob(&lsa_secret, &guid); - if (!NT_STATUS_IS_OK(status)) { - return WERR_FILE_NOT_FOUND; - } - - guid_string = GUID_string(mem_ctx, &guid); - if (guid_string == NULL) { - /* We return file not found because the client - * expect this error - */ - return WERR_FILE_NOT_FOUND; - } - - cert_secret_name = talloc_asprintf(mem_ctx, - "BCKUPKEY_%s", - guid_string); - status = get_lsa_secret(mem_ctx, - ldb_ctx, - cert_secret_name, - &lsa_secret); - if (!NT_STATUS_IS_OK(status)) { - return WERR_FILE_NOT_FOUND; - } - - if (lsa_secret.length != 0) { - struct bkrp_exported_RSA_key_pair keypair; - ndr_err = ndr_pull_struct_blob(&lsa_secret, mem_ctx, &keypair, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_exported_RSA_key_pair); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_FILE_NOT_FOUND; - } - *(r->out.data_out_len) = keypair.cert.length; - *(r->out.data_out) = talloc_memdup(mem_ctx, keypair.cert.data, keypair.cert.length); - W_ERROR_HAVE_NO_MEMORY(*(r->out.data_out)); - return WERR_OK; - } else { - DEBUG(1, ("No or broken secret called %s\n", cert_secret_name)); - return WERR_INTERNAL_ERROR; - } - } - - return WERR_NOT_SUPPORTED; -} - -static WERROR generate_bkrp_server_wrap_key(TALLOC_CTX *ctx, struct ldb_context *ldb_ctx) -{ - struct GUID guid = GUID_random(); - enum ndr_err_code ndr_err; - DATA_BLOB blob_wrap_key, guid_blob; - struct bkrp_dc_serverwrap_key wrap_key; - NTSTATUS status; - char *secret_name; - TALLOC_CTX *frame = talloc_stackframe(); - - generate_random_buffer(wrap_key.key, sizeof(wrap_key.key)); - - ndr_err = ndr_push_struct_blob(&blob_wrap_key, ctx, &wrap_key, (ndr_push_flags_fn_t)ndr_push_bkrp_dc_serverwrap_key); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - TALLOC_FREE(frame); - return WERR_INVALID_DATA; - } - - secret_name = talloc_asprintf(frame, "BCKUPKEY_%s", GUID_string(ctx, &guid)); - if (secret_name == NULL) { - TALLOC_FREE(frame); - return WERR_NOT_ENOUGH_MEMORY; - } - - status = set_lsa_secret(frame, ldb_ctx, secret_name, &blob_wrap_key); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to save the secret %s\n", secret_name)); - TALLOC_FREE(frame); - return WERR_INTERNAL_ERROR; - } - - status = GUID_to_ndr_blob(&guid, frame, &guid_blob); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to save the secret %s\n", secret_name)); - TALLOC_FREE(frame); - } - - status = set_lsa_secret(frame, ldb_ctx, "BCKUPKEY_P", &guid_blob); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to save the secret %s\n", secret_name)); - TALLOC_FREE(frame); - return WERR_INTERNAL_ERROR; - } - - TALLOC_FREE(frame); - - return WERR_OK; -} - -/* - * Find the specified decryption keys from the LSA secrets store as - * G$BCKUPKEY_keyGuidString. - */ - -static WERROR bkrp_do_retrieve_server_wrap_key(TALLOC_CTX *mem_ctx, struct ldb_context *ldb_ctx, - struct bkrp_dc_serverwrap_key *server_key, - struct GUID *guid) -{ - NTSTATUS status; - DATA_BLOB lsa_secret; - char *secret_name; - char *guid_string; - enum ndr_err_code ndr_err; - - guid_string = GUID_string(mem_ctx, guid); - if (guid_string == NULL) { - /* We return file not found because the client - * expect this error - */ - return WERR_FILE_NOT_FOUND; - } - - secret_name = talloc_asprintf(mem_ctx, "BCKUPKEY_%s", guid_string); - if (secret_name == NULL) { - return WERR_NOT_ENOUGH_MEMORY; - } - - status = get_lsa_secret(mem_ctx, ldb_ctx, secret_name, &lsa_secret); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("Error while fetching secret %s\n", secret_name)); - return WERR_INVALID_DATA; - } - if (lsa_secret.length == 0) { - /* RODC case, we do not have secrets locally */ - DEBUG(1, ("Unable to fetch value for secret %s, are we an undetected RODC?\n", - secret_name)); - return WERR_INTERNAL_ERROR; - } - ndr_err = ndr_pull_struct_blob(&lsa_secret, mem_ctx, server_key, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_dc_serverwrap_key); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - DEBUG(2, ("Unable to parse the ndr encoded server wrap key %s\n", secret_name)); - return WERR_INVALID_DATA; - } - - return WERR_OK; -} - -/* - * Find the current, preferred ServerWrap Key by looking at - * G$BCKUPKEY_P in the LSA secrets store. - * - * Then find the current decryption keys from the LSA secrets store as - * G$BCKUPKEY_keyGuidString. - */ - -static WERROR bkrp_do_retrieve_default_server_wrap_key(TALLOC_CTX *mem_ctx, - struct ldb_context *ldb_ctx, - struct bkrp_dc_serverwrap_key *server_key, - struct GUID *returned_guid) -{ - NTSTATUS status; - DATA_BLOB guid_binary; - - status = get_lsa_secret(mem_ctx, ldb_ctx, "BCKUPKEY_P", &guid_binary); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("Error while fetching secret BCKUPKEY_P to find current GUID\n")); - return WERR_FILE_NOT_FOUND; - } else if (guid_binary.length == 0) { - /* RODC case, we do not have secrets locally */ - DEBUG(1, ("Unable to fetch value for secret BCKUPKEY_P, are we an undetected RODC?\n")); - return WERR_INTERNAL_ERROR; - } - - status = GUID_from_ndr_blob(&guid_binary, returned_guid); - if (!NT_STATUS_IS_OK(status)) { - return WERR_FILE_NOT_FOUND; - } - - return bkrp_do_retrieve_server_wrap_key(mem_ctx, ldb_ctx, - server_key, returned_guid); -} - -static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct bkrp_BackupKey *r ,struct ldb_context *ldb_ctx) -{ - struct auth_session_info *session_info = - dcesrv_call_session_info(dce_call); - WERROR werr; - struct bkrp_server_side_wrapped decrypt_request; - DATA_BLOB sid_blob, encrypted_blob, symkey_blob; - DATA_BLOB blob; - enum ndr_err_code ndr_err; - struct bkrp_dc_serverwrap_key server_key; - struct bkrp_rc4encryptedpayload rc4payload; - struct dom_sid *caller_sid; - uint8_t symkey[20]; /* SHA-1 hash len */ - uint8_t mackey[20]; /* SHA-1 hash len */ - uint8_t mac[20]; /* SHA-1 hash len */ - unsigned int hash_len; - HMAC_CTX ctx; - - blob.data = r->in.data_in; - blob.length = r->in.data_in_len; - - if (r->in.data_in_len == 0 || r->in.data_in == NULL) { - return WERR_INVALID_PARAMETER; - } - - ndr_err = ndr_pull_struct_blob_all(&blob, mem_ctx, &decrypt_request, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INVALID_PARAMETER; - } - - if (decrypt_request.magic != BACKUPKEY_SERVER_WRAP_VERSION) { - return WERR_INVALID_PARAMETER; - } - - werr = bkrp_do_retrieve_server_wrap_key(mem_ctx, ldb_ctx, &server_key, - &decrypt_request.guid); - if (!W_ERROR_IS_OK(werr)) { - return werr; - } - - dump_data_pw("server_key: \n", server_key.key, sizeof(server_key.key)); - - dump_data_pw("r2: \n", decrypt_request.r2, sizeof(decrypt_request.r2)); - - /* - * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 - * BACKUPKEY_BACKUP_GUID, it really is the whole key - */ - HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key), - decrypt_request.r2, sizeof(decrypt_request.r2), - symkey, &hash_len); - - dump_data_pw("symkey: \n", symkey, hash_len); - - /* rc4 decrypt sid and secret using sym key */ - symkey_blob = data_blob_const(symkey, sizeof(symkey)); - - encrypted_blob = data_blob_const(decrypt_request.rc4encryptedpayload, - decrypt_request.ciphertext_length); - - arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob); - - ndr_err = ndr_pull_struct_blob_all(&encrypted_blob, mem_ctx, &rc4payload, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_rc4encryptedpayload); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INVALID_PARAMETER; - } - - if (decrypt_request.payload_length != rc4payload.secret_data.length) { - return WERR_INVALID_PARAMETER; - } - - dump_data_pw("r3: \n", rc4payload.r3, sizeof(rc4payload.r3)); - - /* - * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 - * BACKUPKEY_BACKUP_GUID, it really is the whole key - */ - HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key), - rc4payload.r3, sizeof(rc4payload.r3), - mackey, &hash_len); - - dump_data_pw("mackey: \n", mackey, sizeof(mackey)); - - ndr_err = ndr_push_struct_blob(&sid_blob, mem_ctx, &rc4payload.sid, - (ndr_push_flags_fn_t)ndr_push_dom_sid); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INTERNAL_ERROR; - } - - HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, mackey, hash_len, EVP_sha1(), NULL); - /* SID field */ - HMAC_Update(&ctx, sid_blob.data, sid_blob.length); - /* Secret field */ - HMAC_Update(&ctx, rc4payload.secret_data.data, rc4payload.secret_data.length); - HMAC_Final(&ctx, mac, &hash_len); - HMAC_CTX_cleanup(&ctx); - - dump_data_pw("mac: \n", mac, sizeof(mac)); - dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac)); - - if (memcmp(mac, rc4payload.mac, sizeof(mac)) != 0) { - return WERR_INVALID_ACCESS; - } - - caller_sid = &session_info->security_token->sids[PRIMARY_USER_SID_INDEX]; - - if (!dom_sid_equal(&rc4payload.sid, caller_sid)) { - return WERR_INVALID_ACCESS; - } - - *(r->out.data_out) = rc4payload.secret_data.data; - *(r->out.data_out_len) = rc4payload.secret_data.length; - - return WERR_OK; -} - -/* - * For BACKUPKEY_RESTORE_GUID we need to check the first 4 bytes to - * determine what type of restore is wanted. - * - * See MS-BKRP 3.1.4.1.4 BACKUPKEY_RESTORE_GUID point 1. - */ - -static WERROR bkrp_generic_decrypt_data(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct bkrp_BackupKey *r, struct ldb_context *ldb_ctx) -{ - if (r->in.data_in_len < 4 || r->in.data_in == NULL) { - return WERR_INVALID_PARAMETER; - } - - if (IVAL(r->in.data_in, 0) == BACKUPKEY_SERVER_WRAP_VERSION) { - return bkrp_server_wrap_decrypt_data(dce_call, mem_ctx, r, ldb_ctx); - } - - return bkrp_client_wrap_decrypt_data(dce_call, mem_ctx, r, ldb_ctx); -} - -/* - * We have some data, such as saved website or IMAP passwords that the - * client would like to put into the profile on-disk. This needs to - * be encrypted. This version gives the server the data over the - * network (protected only by the negotiated transport encryption), - * and asks that it be encrypted and returned for long-term storage. - * - * The data is NOT stored in the LSA, but a key to encrypt the data - * will be stored. There is only one active encryption key per domain, - * it is pointed at with G$BCKUPKEY_P in the LSA secrets store. - * - * The potentially multiple valid decryptiong keys (and the encryption - * key) are in turn stored in the LSA secrets store as - * G$BCKUPKEY_keyGuidString. - * - */ - -static WERROR bkrp_server_wrap_encrypt_data(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct bkrp_BackupKey *r ,struct ldb_context *ldb_ctx) -{ - struct auth_session_info *session_info = - dcesrv_call_session_info(dce_call); - DATA_BLOB sid_blob, encrypted_blob, symkey_blob, server_wrapped_blob; - WERROR werr; - struct dom_sid *caller_sid; - uint8_t symkey[20]; /* SHA-1 hash len */ - uint8_t mackey[20]; /* SHA-1 hash len */ - unsigned int hash_len; - struct bkrp_rc4encryptedpayload rc4payload; - HMAC_CTX ctx; - struct bkrp_dc_serverwrap_key server_key; - enum ndr_err_code ndr_err; - struct bkrp_server_side_wrapped server_side_wrapped; - struct GUID guid; - - if (r->in.data_in_len == 0 || r->in.data_in == NULL) { - return WERR_INVALID_PARAMETER; - } - - werr = bkrp_do_retrieve_default_server_wrap_key(mem_ctx, - ldb_ctx, &server_key, - &guid); - - if (!W_ERROR_IS_OK(werr)) { - if (W_ERROR_EQUAL(werr, WERR_FILE_NOT_FOUND)) { - /* Generate the server wrap key since one wasn't found */ - werr = generate_bkrp_server_wrap_key(mem_ctx, - ldb_ctx); - if (!W_ERROR_IS_OK(werr)) { - return WERR_INVALID_PARAMETER; - } - werr = bkrp_do_retrieve_default_server_wrap_key(mem_ctx, - ldb_ctx, - &server_key, - &guid); - - if (W_ERROR_EQUAL(werr, WERR_FILE_NOT_FOUND)) { - /* Ok we really don't manage to get this secret ...*/ - return WERR_FILE_NOT_FOUND; - } - } else { - /* In theory we should NEVER reach this point as it - should only appear in a rodc server */ - /* we do not have the real secret attribute */ - return WERR_INVALID_PARAMETER; - } - } - - caller_sid = &session_info->security_token->sids[PRIMARY_USER_SID_INDEX]; - - dump_data_pw("server_key: \n", server_key.key, sizeof(server_key.key)); - - /* - * This is the key derivation step, so that the HMAC and RC4 - * operations over the user-supplied data are not able to - * disclose the master key. By using random data, the symkey - * and mackey values are unique for this operation, and - * discovering these (by reversing the RC4 over the - * attacker-controlled data) does not return something able to - * be used to decyrpt the encrypted data of other users - */ - generate_random_buffer(server_side_wrapped.r2, sizeof(server_side_wrapped.r2)); - - dump_data_pw("r2: \n", server_side_wrapped.r2, sizeof(server_side_wrapped.r2)); - - generate_random_buffer(rc4payload.r3, sizeof(rc4payload.r3)); - - dump_data_pw("r3: \n", rc4payload.r3, sizeof(rc4payload.r3)); - - - /* - * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 - * BACKUPKEY_BACKUP_GUID, it really is the whole key - */ - HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key), - server_side_wrapped.r2, sizeof(server_side_wrapped.r2), - symkey, &hash_len); - - dump_data_pw("symkey: \n", symkey, hash_len); - - /* - * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 - * BACKUPKEY_BACKUP_GUID, it really is the whole key - */ - HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key), - rc4payload.r3, sizeof(rc4payload.r3), - mackey, &hash_len); - - dump_data_pw("mackey: \n", mackey, sizeof(mackey)); - - ndr_err = ndr_push_struct_blob(&sid_blob, mem_ctx, caller_sid, - (ndr_push_flags_fn_t)ndr_push_dom_sid); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INTERNAL_ERROR; - } - - rc4payload.secret_data.data = r->in.data_in; - rc4payload.secret_data.length = r->in.data_in_len; - - HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, mackey, 20, EVP_sha1(), NULL); - /* SID field */ - HMAC_Update(&ctx, sid_blob.data, sid_blob.length); - /* Secret field */ - HMAC_Update(&ctx, rc4payload.secret_data.data, rc4payload.secret_data.length); - HMAC_Final(&ctx, rc4payload.mac, &hash_len); - HMAC_CTX_cleanup(&ctx); - - dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac)); - - rc4payload.sid = *caller_sid; - - ndr_err = ndr_push_struct_blob(&encrypted_blob, mem_ctx, &rc4payload, - (ndr_push_flags_fn_t)ndr_push_bkrp_rc4encryptedpayload); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INTERNAL_ERROR; - } - - /* rc4 encrypt sid and secret using sym key */ - symkey_blob = data_blob_const(symkey, sizeof(symkey)); - arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob); - - /* create server wrap structure */ - - server_side_wrapped.payload_length = rc4payload.secret_data.length; - server_side_wrapped.ciphertext_length = encrypted_blob.length; - server_side_wrapped.guid = guid; - server_side_wrapped.rc4encryptedpayload = encrypted_blob.data; - - ndr_err = ndr_push_struct_blob(&server_wrapped_blob, mem_ctx, &server_side_wrapped, - (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return WERR_INTERNAL_ERROR; - } - - *(r->out.data_out) = server_wrapped_blob.data; - *(r->out.data_out_len) = server_wrapped_blob.length; - - return WERR_OK; -} - -static WERROR dcesrv_bkrp_BackupKey(struct dcesrv_call_state *dce_call, - TALLOC_CTX *mem_ctx, struct bkrp_BackupKey *r) -{ - WERROR error = WERR_INVALID_PARAMETER; - struct ldb_context *ldb_ctx; - bool is_rodc; - const char *addr = "unknown"; - /* At which level we start to add more debug of what is done in the protocol */ - const int debuglevel = 4; - - if (DEBUGLVL(debuglevel)) { - const struct tsocket_address *remote_address; - remote_address = dcesrv_connection_get_remote_address(dce_call->conn); - if (tsocket_address_is_inet(remote_address, "ip")) { - addr = tsocket_address_inet_addr_string(remote_address, mem_ctx); - W_ERROR_HAVE_NO_MEMORY(addr); - } - } - - if (lpcfg_server_role(dce_call->conn->dce_ctx->lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC) { - return WERR_NOT_SUPPORTED; - } - - /* - * Save the current remote session details so they can used by the - * audit logging module. This allows the audit logging to report the - * remote users details, rather than the system users details. - */ - ldb_ctx = dcesrv_samdb_connect_as_system(mem_ctx, dce_call); - if (samdb_rodc(ldb_ctx, &is_rodc) != LDB_SUCCESS) { - talloc_unlink(mem_ctx, ldb_ctx); - return WERR_INVALID_PARAMETER; - } - - if (!is_rodc) { - if(strncasecmp(GUID_string(mem_ctx, r->in.guidActionAgent), - BACKUPKEY_RESTORE_GUID, strlen(BACKUPKEY_RESTORE_GUID)) == 0) { - DEBUG(debuglevel, ("Client %s requested to decrypt a wrapped secret\n", addr)); - error = bkrp_generic_decrypt_data(dce_call, mem_ctx, r, ldb_ctx); - } - - if (strncasecmp(GUID_string(mem_ctx, r->in.guidActionAgent), - BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID, strlen(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID)) == 0) { - DEBUG(debuglevel, ("Client %s requested certificate for client wrapped secret\n", addr)); - error = bkrp_retrieve_client_wrap_key(dce_call, mem_ctx, r, ldb_ctx); - } - - if (strncasecmp(GUID_string(mem_ctx, r->in.guidActionAgent), - BACKUPKEY_RESTORE_GUID_WIN2K, strlen(BACKUPKEY_RESTORE_GUID_WIN2K)) == 0) { - DEBUG(debuglevel, ("Client %s requested to decrypt a server side wrapped secret\n", addr)); - error = bkrp_server_wrap_decrypt_data(dce_call, mem_ctx, r, ldb_ctx); - } - - if (strncasecmp(GUID_string(mem_ctx, r->in.guidActionAgent), - BACKUPKEY_BACKUP_GUID, strlen(BACKUPKEY_BACKUP_GUID)) == 0) { - DEBUG(debuglevel, ("Client %s requested a server wrapped secret\n", addr)); - error = bkrp_server_wrap_encrypt_data(dce_call, mem_ctx, r, ldb_ctx); - } - } - /*else: I am a RODC so I don't handle backup key protocol */ - - talloc_unlink(mem_ctx, ldb_ctx); - return error; -} - -/* include the generated boilerplate */ -#include "librpc/gen_ndr/ndr_backupkey_s.c" diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build index a7459d6b851..a5c1c1d9a2c 100644 --- a/source4/rpc_server/wscript_build +++ b/source4/rpc_server/wscript_build @@ -119,23 +119,13 @@ bld.SAMBA_MODULE('dcerpc_lsarpc', ) -if (bld.CONFIG_SET('HAVE_GNUTLS_PRIVKEY_EXPORT_X509') and - bld.CONFIG_SET('HAVE_GNUTLS_X509_CRT_SET_SUBJECT_UNIQUE_ID')): - bld.SAMBA_MODULE('dcerpc_backupkey', - source='backupkey/dcesrv_backupkey.c ', - autoproto='backupkey/proto.h', - subsystem='dcerpc_server', - init_function='dcerpc_server_backupkey_init', - deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY gnutls', - ) -else: - bld.SAMBA_MODULE('dcerpc_backupkey', - source='backupkey/dcesrv_backupkey_heimdal.c ', - autoproto='backupkey/proto.h', - subsystem='dcerpc_server', - init_function='dcerpc_server_backupkey_init', - deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY krb5 hx509 hcrypto gnutls DCERPC_COMMON', - ) +bld.SAMBA_MODULE('dcerpc_backupkey', + source='backupkey/dcesrv_backupkey.c ', + autoproto='backupkey/proto.h', + subsystem='dcerpc_server', + init_function='dcerpc_server_backupkey_init', + deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY gnutls', + ) bld.SAMBA_MODULE('dcerpc_drsuapi', diff --git a/source4/torture/rpc/backupkey_heimdal.c b/source4/torture/rpc/backupkey_heimdal.c deleted file mode 100644 index 79b45e7aab8..00000000000 --- a/source4/torture/rpc/backupkey_heimdal.c +++ /dev/null @@ -1,2160 +0,0 @@ -/* - Unix SMB/CIFS implementation. - test suite for backupkey remote protocol rpc operations - - Copyright (C) Matthieu Patou 2010-2011 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "../libcli/security/security.h" - -#include "torture/rpc/torture_rpc.h" -#include "torture/ndr/ndr.h" - -#include "librpc/gen_ndr/ndr_backupkey_c.h" -#include "librpc/gen_ndr/ndr_backupkey.h" -#include "librpc/gen_ndr/ndr_lsa_c.h" -#include "librpc/gen_ndr/ndr_security.h" -#include "lib/cmdline/popt_common.h" -#include "libcli/auth/proto.h" -#include "lib/crypto/arcfour.h" -#include <com_err.h> -#include <hcrypto/sha.h> -#include <system/network.h> -#include <hx509.h> -#include <der.h> -#include <hcrypto/rsa.h> -#include <hcrypto/hmac.h> -#include <hcrypto/sha.h> -#include <hcrypto/evp.h> - -enum test_wrong { - WRONG_MAGIC, - WRONG_R2, - WRONG_PAYLOAD_LENGTH, - WRONG_CIPHERTEXT_LENGTH, - SHORT_PAYLOAD_LENGTH, - SHORT_CIPHERTEXT_LENGTH, - ZERO_PAYLOAD_LENGTH, - ZERO_CIPHERTEXT_LENGTH, - RIGHT_KEY, - WRONG_KEY, - WRONG_SID, -}; - -/* Our very special and valued secret */ -/* No need to put const as we cast the array in uint8_t - * we will get a warning about the discared const - */ -static const char secret[] = "tata yoyo mais qu'est ce qu'il y a sous ton grand chapeau ?"; - -/* Get the SID from a user */ -static struct dom_sid *get_user_sid(struct torture_context *tctx, - TALLOC_CTX *mem_ctx, - const char *user) -{ - struct lsa_ObjectAttribute attr; - struct lsa_QosInfo qos; - struct lsa_OpenPolicy2 r; - struct lsa_Close c; - NTSTATUS status; - struct policy_handle handle; - struct lsa_LookupNames l; - struct lsa_TransSidArray sids; - struct lsa_RefDomainList *domains = NULL; - struct lsa_String lsa_name; - uint32_t count = 0; - struct dom_sid *result; - TALLOC_CTX *tmp_ctx; - struct dcerpc_pipe *p2; - struct dcerpc_binding_handle *b; - - const char *domain = cli_credentials_get_domain( - popt_get_cmdline_credentials()); - - torture_assert_ntstatus_ok(tctx, - torture_rpc_connection(tctx, &p2, &ndr_table_lsarpc), - "could not open lsarpc pipe"); - b = p2->binding_handle; - - if (!(tmp_ctx = talloc_new(mem_ctx))) { - return NULL; - } - qos.len = 0; - qos.impersonation_level = 2; - qos.context_mode = 1; - qos.effective_only = 0; - - attr.len = 0; - attr.root_dir = NULL; - attr.object_name = NULL; - attr.attributes = 0; - attr.sec_desc = NULL; - attr.sec_qos = &qos; - - r.in.system_name = "\\"; - r.in.attr = &attr; - r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r.out.handle = &handle; - - status = dcerpc_lsa_OpenPolicy2_r(b, tmp_ctx, &r); - if (!NT_STATUS_IS_OK(status)) { - torture_comment(tctx, - "OpenPolicy2 failed - %s\n", - nt_errstr(status)); - talloc_free(tmp_ctx); - return NULL; - } - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, - "OpenPolicy2_ failed - %s\n", - nt_errstr(r.out.result)); - talloc_free(tmp_ctx); - return NULL; - } - - sids.count = 0; - sids.sids = NULL; - - lsa_name.string = talloc_asprintf(tmp_ctx, "%s\\%s", domain, user); - - l.in.handle = &handle; - l.in.num_names = 1; - l.in.names = &lsa_name; - l.in.sids = &sids; - l.in.level = 1; - l.in.count = &count; - l.out.count = &count; - l.out.sids = &sids; - l.out.domains = &domains; - - status = dcerpc_lsa_LookupNames_r(b, tmp_ctx, &l); - if (!NT_STATUS_IS_OK(status)) { - torture_comment(tctx, - "LookupNames of %s failed - %s\n", - lsa_name.string, - nt_errstr(status)); - talloc_free(tmp_ctx); - return NULL; - } - - if (domains->count == 0) { - return NULL; - } - - result = dom_sid_add_rid(mem_ctx, - domains->domains[0].sid, - l.out.sids->sids[0].rid); - c.in.handle = &handle; - c.out.handle = &handle; - - status = dcerpc_lsa_Close_r(b, tmp_ctx, &c); - - if (!NT_STATUS_IS_OK(status)) { - torture_comment(tctx, - "dcerpc_lsa_Close failed - %s\n", - nt_errstr(status)); - talloc_free(tmp_ctx); - return NULL; - } - - if (!NT_STATUS_IS_OK(c.out.result)) { - torture_comment(tctx, - "dcerpc_lsa_Close failed - %s\n", - nt_errstr(c.out.result)); - talloc_free(tmp_ctx); - return NULL; - } - - talloc_free(tmp_ctx); - talloc_free(p2); - - torture_comment(tctx, "Get_user_sid finished\n"); - return result; -} - -/* - * Create a bkrp_encrypted_secret_vX structure - * the version depends on the version parameter - * the structure is returned as a blob. - * The broken flag is to indicate if we want - * to create a non conform to specification structre - */ -static DATA_BLOB *create_unencryptedsecret(TALLOC_CTX *mem_ctx, - bool broken, - int version) -{ - TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); - DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB); - enum ndr_err_code ndr_err; - - if (version == 2) { - struct bkrp_encrypted_secret_v2 unenc_sec; - - ZERO_STRUCT(unenc_sec); - unenc_sec.secret_len = sizeof(secret); - unenc_sec.secret = discard_const_p(uint8_t, secret); - generate_random_buffer(unenc_sec.payload_key, - sizeof(unenc_sec.payload_key)); - - ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec, - (ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v2); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NULL; - } - - if (broken) { - /* The magic value is correctly set by the NDR push - * but we want to test the behavior of the server - * if a differrent value is provided - */ - ((uint8_t*)blob->data)[4] = 79; /* A great year !!! */ - } - } - - if (version == 3) { - struct bkrp_encrypted_secret_v3 unenc_sec; - - ZERO_STRUCT(unenc_sec); - unenc_sec.secret_len = sizeof(secret); - unenc_sec.secret = discard_const_p(uint8_t, secret); - generate_random_buffer(unenc_sec.payload_key, - sizeof(unenc_sec.payload_key)); - - ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec, - (ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v3); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NULL; - } - - if (broken) { - /* - * The magic value is correctly set by the NDR push - * but we want to test the behavior of the server - * if a differrent value is provided - */ - ((uint8_t*)blob->data)[4] = 79; /* A great year !!! */ - } - } - talloc_free(tmp_ctx); - return blob; -} - -/* - * Create an access check structure, the format depends on the version parameter. - * If broken is specified then we create a stucture that isn't conform to the - * specification. - * - * If the structure can't be created then NULL is returned. - */ -static DATA_BLOB *create_access_check(struct torture_context *tctx, - struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - const char *user, - bool broken, - uint32_t version) -{ - TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); - DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB); - enum ndr_err_code ndr_err; - const struct dom_sid *sid = get_user_sid(tctx, tmp_ctx, user); - - if (sid == NULL) { - return NULL; - } - - if (version == 2) { - struct bkrp_access_check_v2 access_struct; - struct sha sctx; - uint8_t nonce[32]; - - ZERO_STRUCT(access_struct); - generate_random_buffer(nonce, sizeof(nonce)); - access_struct.nonce_len = sizeof(nonce); - access_struct.nonce = nonce; - access_struct.sid = *sid; - - ndr_err = ndr_push_struct_blob(blob, blob, &access_struct, - (ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v2); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NULL; - } - - /* - * We pushed the whole structure including a null hash - * but the hash need to be calculated only up to the hash field - * so we reduce the size of what has to be calculated - */ - - SHA1_Init(&sctx); - SHA1_Update(&sctx, blob->data, - blob->length - sizeof(access_struct.hash)); - SHA1_Final(blob->data + blob->length - sizeof(access_struct.hash), - &sctx); - - /* Altering the SHA */ - if (broken) { - blob->data[blob->length - 1]++; - } - } - - if (version == 3) { - struct bkrp_access_check_v3 access_struct; - struct hc_sha512state sctx; - uint8_t nonce[32]; - - ZERO_STRUCT(access_struct); - generate_random_buffer(nonce, sizeof(nonce)); - access_struct.nonce_len = sizeof(nonce); - access_struct.nonce = nonce; - access_struct.sid = *sid; - - ndr_err = ndr_push_struct_blob(blob, blob, &access_struct, - (ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v3); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NULL; - } - - /*We pushed the whole structure including a null hash - * but the hash need to be calculated only up to the hash field - * so we reduce the size of what has to be calculated - */ - - SHA512_Init(&sctx); - SHA512_Update(&sctx, blob->data, - blob->length - sizeof(access_struct.hash)); - SHA512_Final(blob->data + blob->length - sizeof(access_struct.hash), - &sctx); - - /* Altering the SHA */ - if (broken) { - blob->data[blob->length -1]++; - } - } - talloc_free(tmp_ctx); - return blob; -} - - -static DATA_BLOB *encrypt_blob(struct torture_context *tctx, - TALLOC_CTX *mem_ctx, - DATA_BLOB *key, - DATA_BLOB *iv, - DATA_BLOB *to_encrypt, - const AlgorithmIdentifier *alg) -{ - hx509_crypto crypto; - hx509_context hctx; - heim_octet_string ivos; - heim_octet_string *encrypted; - DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB); - int res; - - ivos.data = talloc_array(mem_ctx, uint8_t, iv->length); - ivos.length = iv->length; - memcpy(ivos.data, iv->data, iv->length); - - hx509_context_init(&hctx); - res = hx509_crypto_init(hctx, NULL, &alg->algorithm, &crypto); - if (res) { - torture_comment(tctx, - "error while doing the init of the crypto object\n"); - hx509_context_free(&hctx); - return NULL; - } - res = hx509_crypto_set_key_data(crypto, key->data, key->length); - if (res) { - torture_comment(tctx, - "error while setting the key of the crypto object\n"); - hx509_context_free(&hctx); - return NULL; - } - - hx509_crypto_set_padding(crypto, HX509_CRYPTO_PADDING_NONE); - res = hx509_crypto_encrypt(crypto, - to_encrypt->data, - to_encrypt->length, - &ivos, - &encrypted); - if (res) { - torture_comment(tctx, "error while encrypting\n"); - hx509_crypto_destroy(crypto); - hx509_context_free(&hctx); - return NULL; - } - - *blob = data_blob_talloc(blob, encrypted->data, encrypted->length); - der_free_octet_string(encrypted); - free(encrypted); - hx509_crypto_destroy(crypto); - hx509_context_free(&hctx); - return blob; -} - -/* - * Certs used for this protocol have a GUID in the issuer_uniq_id field. - * This function fetch it. - */ -static struct GUID *get_cert_guid(struct torture_context *tctx, - TALLOC_CTX *mem_ctx, - uint8_t *cert_data, - uint32_t cert_len) -{ - hx509_context hctx; - hx509_cert cert; - heim_bit_string issuer_unique_id; - DATA_BLOB data; - int hret; - uint32_t size; - struct GUID *guid = talloc_zero(mem_ctx, struct GUID); - NTSTATUS status; - - hx509_context_init(&hctx); - - hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert); - if (hret) { - torture_comment(tctx, "error while loading the cert\n"); - hx509_context_free(&hctx); - return NULL; - } - hret = hx509_cert_get_issuer_unique_id(hctx, cert, &issuer_unique_id); - if (hret) { - torture_comment(tctx, "error while getting the issuer_uniq_id\n"); - hx509_cert_free(cert); - hx509_context_free(&hctx); - return NULL; - } - - /* The issuer_unique_id is a bit string, - * which means that the real size has to be divided by 8 - * to have the number of bytes - */ - hx509_cert_free(cert); - hx509_context_free(&hctx); - size = issuer_unique_id.length / 8; - data = data_blob_const(issuer_unique_id.data, size); - - status = GUID_from_data_blob(&data, guid); - der_free_bit_string(&issuer_unique_id); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - - return guid; -} - -/* - * Encrypt a blob with the private key of the certificate - * passed as a parameter. - */ -static DATA_BLOB *encrypt_blob_pk(struct torture_context *tctx, - TALLOC_CTX *mem_ctx, - uint8_t *cert_data, - uint32_t cert_len, - DATA_BLOB *to_encrypt) -{ - hx509_context hctx; - hx509_cert cert; - heim_octet_string secretdata; - heim_octet_string encrypted; - heim_oid encryption_oid; - DATA_BLOB *blob; - int hret; - - hx509_context_init(&hctx); - - hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert); - if (hret) { - torture_comment(tctx, "error while loading the cert\n"); - hx509_context_free(&hctx); - return NULL; - } - - secretdata.data = to_encrypt->data; - secretdata.length = to_encrypt->length; - hret = hx509_cert_public_encrypt(hctx, &secretdata, - cert, &encryption_oid, - &encrypted); - hx509_cert_free(cert); - hx509_context_free(&hctx); - if (hret) { - torture_comment(tctx, "error while encrypting\n"); - return NULL; - } - - blob = talloc_zero(mem_ctx, DATA_BLOB); - if (blob == NULL) { - der_free_oid(&encryption_oid); - der_free_octet_string(&encrypted); - return NULL; - } - - *blob = data_blob_talloc(blob, encrypted.data, encrypted.length); - der_free_octet_string(&encrypted); - der_free_oid(&encryption_oid); - if (blob->data == NULL) { - return NULL; - } - - return blob; -} - - -static struct bkrp_BackupKey *createRetrieveBackupKeyGUIDStruct(struct torture_context *tctx, - struct dcerpc_pipe *p, int version, DATA_BLOB *out) -{ - struct dcerpc_binding *binding; - struct bkrp_client_side_wrapped data; - struct GUID *g = talloc(tctx, struct GUID); - struct bkrp_BackupKey *r = talloc_zero(tctx, struct bkrp_BackupKey); - enum ndr_err_code ndr_err; - DATA_BLOB blob; - NTSTATUS status; - - if (r == NULL) { - return NULL; - } - - binding = dcerpc_binding_dup(tctx, p->binding); - if (binding == NULL) { - return NULL; - } - - status = dcerpc_binding_set_flags(binding, DCERPC_SEAL|DCERPC_AUTH_SPNEGO, 0); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - - ZERO_STRUCT(data); - status = GUID_from_string(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID, g); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - - r->in.guidActionAgent = g; - data.version = version; - ndr_err = ndr_push_struct_blob(&blob, tctx, &data, - (ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NULL; - } - r->in.data_in = blob.data; - r->in.data_in_len = blob.length; - r->out.data_out = &out->data; - r->out.data_out_len = talloc(r, uint32_t); - return r; -} - -static struct bkrp_BackupKey *createRestoreGUIDStruct(struct torture_context *tctx, - struct dcerpc_pipe *p, int version, DATA_BLOB *out, - bool norevert, - bool broken_version, - bool broken_user, - bool broken_magic_secret, - bool broken_magic_access, - bool broken_hash_access, - bool broken_cert_guid) -{ - struct dcerpc_binding_handle *b = p->binding_handle; - struct bkrp_client_side_wrapped data; - DATA_BLOB *xs; - DATA_BLOB *sec; - DATA_BLOB *enc_sec = NULL; - DATA_BLOB *enc_xs = NULL; - DATA_BLOB *blob2; - DATA_BLOB enc_sec_reverted; - DATA_BLOB des3_key; - DATA_BLOB aes_key; - DATA_BLOB iv; - DATA_BLOB out_blob; - struct GUID *guid, *g; - int t; - uint32_t size; - enum ndr_err_code ndr_err; - NTSTATUS status; - const char *user; - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, version, &out_blob); - if (r == NULL) { - return NULL; - } - - if (broken_user) { - /* we take a fake user*/ - user = "guest"; - } else { - user = cli_credentials_get_username( - popt_get_cmdline_credentials()); - } - - - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - "Get GUID"); - torture_assert_werr_ok(tctx, r->out.result, - "Get GUID"); - - /* - * We have to set it outside of the function createRetrieveBackupKeyGUIDStruct - * the len of the blob, this is due to the fact that they don't have the - * same size (one is 32bits the other 64bits) - */ - out_blob.length = *r->out.data_out_len; - - sec = create_unencryptedsecret(tctx, broken_magic_secret, version); - if (sec == NULL) { - return NULL; - } - - xs = create_access_check(tctx, p, tctx, user, broken_hash_access, version); - if (xs == NULL) { - return NULL; - } - - if (broken_magic_access){ - /* The start of the access_check structure contains the - * GUID of the certificate - */ - xs->data[0]++; - } - - enc_sec = encrypt_blob_pk(tctx, tctx, out_blob.data, out_blob.length, sec); - if (!enc_sec) { - return NULL; - } - enc_sec_reverted.data = talloc_array(tctx, uint8_t, enc_sec->length); - if (enc_sec_reverted.data == NULL) { - return NULL; - } - enc_sec_reverted.length = enc_sec->length; - - /* - * We DO NOT revert the array on purpose it's in order to check that - * when the server is not able to decrypt then it answer the correct error - */ - if (norevert) { - for(t=0; t< enc_sec->length; t++) { - enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[t]; - } - } else { - for(t=0; t< enc_sec->length; t++) { - enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[enc_sec->length - t -1]; - } - } - - size = sec->length; - if (version ==2) { - const AlgorithmIdentifier *alg = hx509_crypto_des_rsdi_ede3_cbc(); - iv.data = sec->data+(size - 8); - iv.length = 8; - - des3_key.data = sec->data+(size - 32); - des3_key.length = 24; - - enc_xs = encrypt_blob(tctx, tctx, &des3_key, &iv, xs, alg); - } - if (version == 3) { - const AlgorithmIdentifier *alg = hx509_crypto_aes256_cbc(); - iv.data = sec->data+(size-16); - iv.length = 16; - - aes_key.data = sec->data+(size-48); - aes_key.length = 32; - - enc_xs = encrypt_blob(tctx, tctx, &aes_key, &iv, xs, alg); - } - - if (!enc_xs) { - return NULL; - } - - /* To cope with the fact that heimdal do padding at the end for the moment */ - enc_xs->length = xs->length; - - guid = get_cert_guid(tctx, tctx, out_blob.data, out_blob.length); - if (guid == NULL) { - return NULL; - } - - if (broken_version) { - data.version = 1; - } else { - data.version = version; - } - - data.guid = *guid; - data.encrypted_secret = enc_sec_reverted.data; - data.access_check = enc_xs->data; - data.encrypted_secret_len = enc_sec->length; - data.access_check_len = enc_xs->length; - - /* We want the blob to persist after this function so we don't - * allocate it in the stack - */ - blob2 = talloc(tctx, DATA_BLOB); - if (blob2 == NULL) { - return NULL; - } - - ndr_err = ndr_push_struct_blob(blob2, tctx, &data, - (ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NULL; - } - - if (broken_cert_guid) { - blob2->data[12]++; - } - - ZERO_STRUCT(*r); - - g = talloc(tctx, struct GUID); - if (g == NULL) { - return NULL; - } - - status = GUID_from_string(BACKUPKEY_RESTORE_GUID, g); - if (!NT_STATUS_IS_OK(status)) { - return NULL; - } - - r->in.guidActionAgent = g; - r->in.data_in = blob2->data; - r->in.data_in_len = blob2->length; - r->in.param = 0; - r->out.data_out = &(out->data); - r->out.data_out_len = talloc(r, uint32_t); - return r; -} - -/* Check that we are able to receive the certificate of the DCs - * used for client wrap version of the backup key protocol - */ -static bool test_RetrieveBackupKeyGUID(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - if (r == NULL) { - return false; - } - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, r), - "Get GUID"); - - out_blob.length = *r->out.data_out_len; - torture_assert_werr_equal(tctx, - r->out.result, - WERR_OK, - "Wrong dce/rpc error code"); - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, - "Get GUID"); - } - return true; -} - -/* Test to check the failure to recover a secret because the - * secret blob is not reversed - */ -static bool test_RestoreGUID_ko(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, - true, false, false, false, false, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - if (!W_ERROR_EQUAL(r->out.result, WERR_INVALID_PARAMETER)) { - torture_assert_werr_equal(tctx, r->out.result, - WERR_INVALID_DATA, - "Wrong error code"); - } - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_wrongversion(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, - false, true, false, false, false, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Wrong error code on wrong version"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_wronguser(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, - false, false, true, false, false, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_ACCESS, "Restore GUID"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_v3(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, - false, false, false, false, false, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 1, "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID"); - torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, - false, false, false, false, false, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID"); - torture_assert_ndr_err_equal(tctx, - ndr_pull_struct_blob(&out_blob, tctx, &resp, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped), - NDR_ERR_SUCCESS, - "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_badmagiconsecret(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, - false, false, false, true, false, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Wrong error code while providing bad magic in secret"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_emptyrequest(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, - false, false, false, true, false, false, true); - - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - r->in.data_in = talloc(tctx, uint8_t); - r->in.data_in_len = 0; - r->in.param = 0; - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Bad error code on wrong has in access check"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_badcertguid(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, - false, false, false, false, false, false, true); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct() failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - - /* - * Windows 2012R2 has, presumably, a programming error - * returning an NTSTATUS code on this interface - */ - if (W_ERROR_V(r->out.result) != NT_STATUS_V(NT_STATUS_OBJECT_NAME_NOT_FOUND)) { - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check"); - } - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_badmagicaccesscheck(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, - false, false, false, false, true, false, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -static bool test_RestoreGUID_badhashaccesscheck(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - enum ndr_err_code ndr_err; - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_client_side_unwrapped resp; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, - false, false, false, false, false, true, false); - torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); - torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); - out_blob.length = *r->out.data_out_len; - ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); - torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); - torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check"); - } else { - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, "Get GUID"); - } - return true; -} - -/* - * Check that the RSA modulus in the certificate of the DCs has 2048 bits. - */ -static bool test_RetrieveBackupKeyGUID_2048bits(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct dcerpc_binding_handle *b = p->binding_handle; - DATA_BLOB out_blob; - struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - - hx509_context hctx; - int hret; - hx509_cert cert; - SubjectPublicKeyInfo spki; - RSA *rsa; - int RSA_returned_bits; - - torture_assert(tctx, r != NULL, "createRetrieveBackupKeyGUIDStruct failed"); - - hx509_context_init(&hctx); - - if (r == NULL) { - return false; - } - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - const unsigned char *spki_spk_data; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, r), - "Get GUID"); - - torture_assert_werr_ok(tctx, r->out.result, - "Get GUID"); - - out_blob.length = *r->out.data_out_len; - - hret = hx509_cert_init_data(hctx, out_blob.data, out_blob.length, &cert); - torture_assert_int_equal(tctx, hret, 0, "hx509_cert_init_data failed"); - - hret = hx509_cert_get_SPKI(hctx, cert , &spki); - torture_assert_int_equal(tctx, hret, 0, "hx509_cert_get_SPKI failed"); - - /* We must take a copy, as d2i_RSAPublicKey *changes* the input parameter */ - spki_spk_data = spki.subjectPublicKey.data; - rsa = d2i_RSAPublicKey(NULL, &spki_spk_data, spki.subjectPublicKey.length / 8); - torture_assert_int_equal(tctx, rsa != NULL, 1, "d2i_RSAPublicKey failed"); - - RSA_returned_bits = BN_num_bits(rsa->n); - torture_assert_int_equal(tctx, - RSA_returned_bits, - 2048, - "RSA Key doesn't have 2048 bits"); - - RSA_free(rsa); - - /* - * Because we prevented spki from being changed above, - * we can now safely call this to free it - */ - free_SubjectPublicKeyInfo(&spki); - hx509_cert_free(cert); - hx509_context_free(&hctx); - - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, r), - NT_STATUS_ACCESS_DENIED, - "Get GUID"); - } - return true; -} - -static bool test_ServerWrap_encrypt_decrypt(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct bkrp_BackupKey r; - struct GUID guid; - DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); - DATA_BLOB encrypted; - uint32_t enclen; - DATA_BLOB decrypted; - uint32_t declen; - struct dcerpc_binding_handle *b = p->binding_handle; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - ZERO_STRUCT(r); - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - /* Encrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = plaintext.data; - r.in.data_in_len = plaintext.length; - r.in.param = 0; - r.out.data_out = &encrypted.data; - r.out.data_out_len = &enclen; - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "encrypt"); - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_ACCESS_DENIED, - "encrypt"); - return true; - } - torture_assert_werr_ok(tctx, - r.out.result, - "encrypt"); - encrypted.length = *r.out.data_out_len; - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = encrypted.data; - r.in.data_in_len = encrypted.length; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_ok(tctx, - r.out.result, - "decrypt"); - decrypted.length = *r.out.data_out_len; - - /* Compare */ - torture_assert_data_blob_equal(tctx, plaintext, decrypted, "Decrypt failed"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = encrypted.data; - r.in.data_in_len = encrypted.length; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_ok(tctx, - r.out.result, - "decrypt"); - decrypted.length = *r.out.data_out_len; - - /* Compare */ - torture_assert_data_blob_equal(tctx, plaintext, decrypted, "Decrypt failed"); - return true; -} - -static bool test_ServerWrap_decrypt_wrong_keyGUID(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct bkrp_BackupKey r; - struct GUID guid; - DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); - DATA_BLOB encrypted; - uint32_t enclen; - DATA_BLOB decrypted; - uint32_t declen; - struct dcerpc_binding_handle *b = p->binding_handle; - enum ndr_err_code ndr_err; - struct bkrp_server_side_wrapped server_side_wrapped; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - ZERO_STRUCT(r); - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - /* Encrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = plaintext.data; - r.in.data_in_len = plaintext.length; - r.in.param = 0; - r.out.data_out = &encrypted.data; - r.out.data_out_len = &enclen; - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "encrypt"); - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_ACCESS_DENIED, - "encrypt"); - return true; - } - torture_assert_werr_ok(tctx, - r.out.result, - "encrypt"); - encrypted.length = *r.out.data_out_len; - - ndr_err = ndr_pull_struct_blob(&encrypted, tctx, &server_side_wrapped, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped); - torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "pull of server_side_wrapped"); - - /* Change the GUID */ - server_side_wrapped.guid = GUID_random(); - - ndr_err = ndr_push_struct_blob(&encrypted, tctx, &server_side_wrapped, - (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped); - torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "push of server_side_wrapped"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = encrypted.data; - r.in.data_in_len = encrypted.length; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_DATA, - "decrypt should fail with WERR_INVALID_DATA"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = encrypted.data; - r.in.data_in_len = encrypted.length; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_DATA, - "decrypt should fail with WERR_INVALID_DATA"); - - return true; -} - -static bool test_ServerWrap_decrypt_empty_request(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct bkrp_BackupKey r; - struct GUID guid; - DATA_BLOB decrypted; - uint32_t declen; - struct dcerpc_binding_handle *b = p->binding_handle; - uint8_t short_request[4] = { 1, 0, 0, 0 }; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - ZERO_STRUCT(r); - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = short_request; - r.in.data_in_len = 0; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "encrypt"); - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_ACCESS_DENIED, - "encrypt"); - return true; - } - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_PARAMETER, - "decrypt should fail with WERR_INVALID_PARAMETER"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = short_request; - r.in.data_in_len = 0; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_PARAMETER, - "decrypt should fail with WERR_INVALID_PARAMETER"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = NULL; - r.in.data_in_len = 0; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_INVALID_PARAMETER_MIX, - "decrypt"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = NULL; - r.in.data_in_len = 0; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_INVALID_PARAMETER_MIX, - "decrypt"); - - return true; -} - - -static bool test_ServerWrap_decrypt_short_request(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - struct bkrp_BackupKey r; - struct GUID guid; - DATA_BLOB decrypted; - uint32_t declen; - struct dcerpc_binding_handle *b = p->binding_handle; - uint8_t short_request[4] = { 1, 0, 0, 0 }; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - ZERO_STRUCT(r); - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = short_request; - r.in.data_in_len = 4; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "encrypt"); - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_ACCESS_DENIED, - "encrypt"); - return true; - } - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_PARAMETER, - "decrypt should fail with WERR_INVALID_PARAMETER"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = short_request; - r.in.data_in_len = 4; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_PARAMETER, - "decrypt should fail with WERR_INVALID_PARAMETER"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = short_request; - r.in.data_in_len = 1; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_PARAMETER, - "decrypt should fail with WERR_INVALID_PARAMETER"); - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = short_request; - r.in.data_in_len = 1; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_PARAMETER, - "decrypt should fail with WERR_INVALID_PARAMETER"); - - return true; -} - -static bool test_ServerWrap_encrypt_decrypt_manual(struct torture_context *tctx, - struct bkrp_server_side_wrapped *server_side_wrapped, - enum test_wrong wrong) -{ - char *lsa_binding_string = NULL; - struct dcerpc_binding *lsa_binding = NULL; - struct dcerpc_pipe *lsa_p = NULL; - struct dcerpc_binding_handle *lsa_b = NULL; - struct lsa_OpenSecret r_secret; - struct lsa_QuerySecret r_query_secret; - struct policy_handle *handle, sec_handle; - struct bkrp_BackupKey r; - struct GUID preferred_key_guid; - DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); - DATA_BLOB preferred_key, preferred_key_clear, session_key, - decrypt_key, decrypt_key_clear, encrypted_blob, symkey_blob, - sid_blob; - struct bkrp_dc_serverwrap_key server_key; - struct lsa_DATA_BUF_PTR bufp1; - char *key_guid_string; - struct bkrp_rc4encryptedpayload rc4payload; - struct dom_sid *caller_sid; - uint8_t symkey[20]; /* SHA-1 hash len */ - uint8_t mackey[20]; /* SHA-1 hash len */ - uint8_t mac[20]; /* SHA-1 hash len */ - unsigned int hash_len; - HMAC_CTX ctx; - ZERO_STRUCT(r); - ZERO_STRUCT(r_secret); - ZERO_STRUCT(r_query_secret); - - /* Now read BCKUPKEY_P and prove we can do a matching decrypt and encrypt */ - - /* lsa_OpenSecret only works with ncacn_np and AUTH_LEVEL_NONE */ - lsa_binding_string = talloc_asprintf(tctx, "ncacn_np:%s", - torture_setting_string(tctx, "host", NULL)); - torture_assert(tctx, lsa_binding_string != NULL, "lsa_binding_string"); - - torture_assert_ntstatus_ok(tctx, - dcerpc_parse_binding(tctx, lsa_binding_string, &lsa_binding), - "Failed to parse dcerpc binding"); - - torture_assert_ntstatus_ok(tctx, - dcerpc_pipe_connect_b(tctx, &lsa_p, - lsa_binding, &ndr_table_lsarpc, - popt_get_cmdline_credentials(), - tctx->ev, tctx->lp_ctx), - "Opening LSA pipe"); - lsa_b = lsa_p->binding_handle; - - torture_assert(tctx, test_lsa_OpenPolicy2(lsa_b, tctx, &handle), "OpenPolicy failed"); - r_secret.in.name.string = "G$BCKUPKEY_P"; - - r_secret.in.handle = handle; - r_secret.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r_secret.out.sec_handle = &sec_handle; - - torture_comment(tctx, "Testing OpenSecret\n"); - - torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(lsa_b, tctx, &r_secret), - "OpenSecret failed"); - torture_assert_ntstatus_ok(tctx, r_secret.out.result, - "OpenSecret failed"); - - r_query_secret.in.sec_handle = &sec_handle; - r_query_secret.in.new_val = &bufp1; - bufp1.buf = NULL; - - torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QuerySecret_r(lsa_b, tctx, &r_query_secret), - "QuerySecret failed"); - torture_assert_ntstatus_ok(tctx, r_query_secret.out.result, - "QuerySecret failed"); - - - preferred_key.data = r_query_secret.out.new_val->buf->data; - preferred_key.length = r_query_secret.out.new_val->buf->size; - torture_assert_ntstatus_ok(tctx, dcerpc_fetch_session_key(lsa_p, &session_key), - "dcerpc_fetch_session_key failed"); - - torture_assert_ntstatus_ok(tctx, - sess_decrypt_blob(tctx, - &preferred_key, &session_key, &preferred_key_clear), - "sess_decrypt_blob failed"); - - torture_assert_ntstatus_ok(tctx, GUID_from_ndr_blob(&preferred_key_clear, &preferred_key_guid), - "GUID parse failed"); - - torture_assert_guid_equal(tctx, server_side_wrapped->guid, - preferred_key_guid, - "GUID didn't match value pointed at by G$BCKUPKEY_P"); - - /* And read BCKUPKEY_<guid> and get the actual key */ - - key_guid_string = GUID_string(tctx, &server_side_wrapped->guid); - r_secret.in.name.string = talloc_asprintf(tctx, "G$BCKUPKEY_%s", key_guid_string); - - r_secret.in.handle = handle; - r_secret.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r_secret.out.sec_handle = &sec_handle; - - torture_comment(tctx, "Testing OpenSecret\n"); - - torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(lsa_b, tctx, &r_secret), - "OpenSecret failed"); - torture_assert_ntstatus_ok(tctx, r_secret.out.result, - "OpenSecret failed"); - - r_query_secret.in.sec_handle = &sec_handle; - r_query_secret.in.new_val = &bufp1; - - torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QuerySecret_r(lsa_b, tctx, &r_query_secret), - "QuerySecret failed"); - torture_assert_ntstatus_ok(tctx, r_query_secret.out.result, - "QuerySecret failed"); - - - decrypt_key.data = r_query_secret.out.new_val->buf->data; - decrypt_key.length = r_query_secret.out.new_val->buf->size; - - torture_assert_ntstatus_ok(tctx, - sess_decrypt_blob(tctx, - &decrypt_key, &session_key, &decrypt_key_clear), - "sess_decrypt_blob failed"); - - torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&decrypt_key_clear, tctx, &server_key, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_dc_serverwrap_key), - NDR_ERR_SUCCESS, "Failed to parse server_key"); - - torture_assert_int_equal(tctx, server_key.magic, 1, "Failed to correctly decrypt server key"); - - /* - * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 - * BACKUPKEY_BACKUP_GUID, it really is the whole key - */ - HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key), - server_side_wrapped->r2, sizeof(server_side_wrapped->r2), - symkey, &hash_len); - - /* rc4 decrypt sid and secret using sym key */ - symkey_blob = data_blob_const(symkey, sizeof(symkey)); - - encrypted_blob = data_blob_talloc(tctx, server_side_wrapped->rc4encryptedpayload, - server_side_wrapped->ciphertext_length); - - arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob); - - torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&encrypted_blob, tctx, &rc4payload, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_rc4encryptedpayload), - NDR_ERR_SUCCESS, "Failed to parse rc4encryptedpayload"); - - torture_assert_int_equal(tctx, rc4payload.secret_data.length, - server_side_wrapped->payload_length, - "length of decrypted payload not the length declared in surrounding structure"); - - /* - * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 - * BACKUPKEY_BACKUP_GUID, it really is the whole key - */ - HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key), - rc4payload.r3, sizeof(rc4payload.r3), - mackey, &hash_len); - - torture_assert_ndr_err_equal(tctx, ndr_push_struct_blob(&sid_blob, tctx, &rc4payload.sid, - (ndr_push_flags_fn_t)ndr_push_dom_sid), - NDR_ERR_SUCCESS, "unable to push SID"); - - HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, mackey, hash_len, EVP_sha1(), NULL); - /* SID field */ - HMAC_Update(&ctx, sid_blob.data, sid_blob.length); - /* Secret field */ - HMAC_Update(&ctx, rc4payload.secret_data.data, rc4payload.secret_data.length); - HMAC_Final(&ctx, mac, &hash_len); - HMAC_CTX_cleanup(&ctx); - - torture_assert_mem_equal(tctx, mac, rc4payload.mac, sizeof(mac), "mac not correct"); - torture_assert_int_equal(tctx, rc4payload.secret_data.length, - plaintext.length, "decrypted data is not correct length"); - torture_assert_mem_equal(tctx, rc4payload.secret_data.data, - plaintext.data, plaintext.length, - "decrypted data is not correct"); - - /* Not strictly correct all the time, but good enough for this test */ - caller_sid = get_user_sid(tctx, tctx, - cli_credentials_get_username( - popt_get_cmdline_credentials())); - - torture_assert_sid_equal(tctx, &rc4payload.sid, caller_sid, "Secret saved with wrong SID"); - - - /* RE-encrypt */ - - if (wrong == WRONG_SID) { - rc4payload.sid.sub_auths[rc4payload.sid.num_auths - 1] = DOMAIN_RID_KRBTGT; - } - - dump_data_pw("mackey: \n", mackey, sizeof(mackey)); - - torture_assert_ndr_err_equal(tctx, - ndr_push_struct_blob(&sid_blob, tctx, &rc4payload.sid, - (ndr_push_flags_fn_t)ndr_push_dom_sid), - NDR_ERR_SUCCESS, - "push of sid failed"); - - HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, mackey, 20, EVP_sha1(), NULL); - /* SID field */ - HMAC_Update(&ctx, sid_blob.data, sid_blob.length); - /* Secret field */ - HMAC_Update(&ctx, rc4payload.secret_data.data, rc4payload.secret_data.length); - HMAC_Final(&ctx, rc4payload.mac, &hash_len); - HMAC_CTX_cleanup(&ctx); - - dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac)); - - torture_assert_ndr_err_equal(tctx, - ndr_push_struct_blob(&encrypted_blob, tctx, &rc4payload, - (ndr_push_flags_fn_t)ndr_push_bkrp_rc4encryptedpayload), - NDR_ERR_SUCCESS, - "push of rc4payload failed"); - - if (wrong == WRONG_KEY) { - symkey_blob.data[0] = 78; - symkey_blob.data[1] = 78; - symkey_blob.data[2] = 78; - } - - /* rc4 encrypt sid and secret using sym key */ - arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob); - - /* re-create server wrap structure */ - - torture_assert_int_equal(tctx, encrypted_blob.length, - server_side_wrapped->ciphertext_length, - "expected encrypted length not to change"); - if (wrong == RIGHT_KEY) { - torture_assert_mem_equal(tctx, server_side_wrapped->rc4encryptedpayload, - encrypted_blob.data, - encrypted_blob.length, - "expected encrypted data not to change"); - } - - server_side_wrapped->payload_length = rc4payload.secret_data.length; - server_side_wrapped->ciphertext_length = encrypted_blob.length; - server_side_wrapped->rc4encryptedpayload = encrypted_blob.data; - - return true; -} - - -static bool test_ServerWrap_decrypt_wrong_stuff(struct torture_context *tctx, - struct dcerpc_pipe *p, - enum test_wrong wrong) -{ - struct bkrp_BackupKey r; - struct GUID guid; - DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); - DATA_BLOB encrypted; - uint32_t enclen; - DATA_BLOB decrypted; - uint32_t declen; - struct dcerpc_binding_handle *b = p->binding_handle; - enum ndr_err_code ndr_err; - struct bkrp_server_side_wrapped server_side_wrapped; - bool repush = false; - enum dcerpc_AuthType auth_type; - enum dcerpc_AuthLevel auth_level; - ZERO_STRUCT(r); - - dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); - - /* Encrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = plaintext.data; - r.in.data_in_len = plaintext.length; - r.in.param = 0; - r.out.data_out = &encrypted.data; - r.out.data_out_len = &enclen; - if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "encrypt"); - } else { - torture_assert_ntstatus_equal(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - NT_STATUS_ACCESS_DENIED, - "encrypt"); - return true; - } - torture_assert_werr_ok(tctx, - r.out.result, - "encrypt"); - encrypted.length = *r.out.data_out_len; - - ndr_err = ndr_pull_struct_blob(&encrypted, tctx, &server_side_wrapped, - (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped); - torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "pull of server_side_wrapped"); - - torture_assert_int_equal(tctx, server_side_wrapped.payload_length, plaintext.length, - "wrong payload length"); - - switch (wrong) { - case WRONG_MAGIC: - /* Change the magic. Forced by our NDR layer, so do it raw */ - SIVAL(encrypted.data, 0, 78); /* valid values are 1-3 */ - break; - case WRONG_R2: - server_side_wrapped.r2[0] = 78; - server_side_wrapped.r2[1] = 78; - server_side_wrapped.r2[3] = 78; - repush = true; - break; - case WRONG_PAYLOAD_LENGTH: - server_side_wrapped.payload_length = UINT32_MAX - 8; - repush = true; - break; - case WRONG_CIPHERTEXT_LENGTH: - /* - * Change the ciphertext len. We can't push this if - * we have it wrong, so do it raw - */ - SIVAL(encrypted.data, 8, UINT32_MAX - 8); /* valid values are 1-3 */ - break; - case SHORT_PAYLOAD_LENGTH: - server_side_wrapped.payload_length = server_side_wrapped.payload_length - 8; - repush = true; - break; - case SHORT_CIPHERTEXT_LENGTH: - /* - * Change the ciphertext len. We can't push this if - * we have it wrong, so do it raw - */ - SIVAL(encrypted.data, 8, server_side_wrapped.ciphertext_length - 8); /* valid values are 1-3 */ - break; - case ZERO_PAYLOAD_LENGTH: - server_side_wrapped.payload_length = 0; - repush = true; - break; - case ZERO_CIPHERTEXT_LENGTH: - /* - * Change the ciphertext len. We can't push this if - * we have it wrong, so do it raw - */ - SIVAL(encrypted.data, 8, 0); /* valid values are 1-3 */ - break; - - case RIGHT_KEY: - case WRONG_KEY: - case WRONG_SID: - torture_assert(tctx, - test_ServerWrap_encrypt_decrypt_manual(tctx, &server_side_wrapped, wrong), - "test_ServerWrap_encrypt_decrypt_manual failed"); - repush = true; - break; - } - - if (repush) { - ndr_err = ndr_push_struct_blob(&encrypted, tctx, &server_side_wrapped, - (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped); - torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "push of server_side_wrapped"); - } - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = encrypted.data; - r.in.data_in_len = encrypted.length; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - - if ((wrong == WRONG_R2 || wrong == WRONG_KEY) - && W_ERROR_EQUAL(r.out.result, WERR_INVALID_SID)) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_SID, - "decrypt should fail with WERR_INVALID_SID or WERR_INVALID_PARAMETER"); - } else if (wrong == RIGHT_KEY) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_OK, - "decrypt should succeed!"); - } else if (wrong == WRONG_SID) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_ACCESS, - "decrypt should fail with WERR_INVALID_ACCESS"); - } else { - if (!W_ERROR_EQUAL(r.out.result, WERR_INVALID_PARAMETER)) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_ACCESS, - "decrypt should fail with WERR_INVALID_ACCESS or WERR_INVALID_PARAMETER"); - } - } - - /* Decrypt */ - torture_assert_ntstatus_ok(tctx, - GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), - "obtain GUID"); - - r.in.guidActionAgent = &guid; - r.in.data_in = encrypted.data; - r.in.data_in_len = encrypted.length; - r.in.param = 0; - r.out.data_out = &(decrypted.data); - r.out.data_out_len = &declen; - torture_assert_ntstatus_ok(tctx, - dcerpc_bkrp_BackupKey_r(b, tctx, &r), - "decrypt"); - - if ((wrong == WRONG_R2 || wrong == WRONG_KEY) - && W_ERROR_EQUAL(r.out.result, WERR_INVALID_SID)) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_SID, - "decrypt should fail with WERR_INVALID_SID or WERR_INVALID_PARAMETER"); - } else if (wrong == RIGHT_KEY) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_OK, - "decrypt should succeed!"); - } else if (wrong == WRONG_SID) { - torture_assert_werr_equal(tctx, - r.out.result, - WERR_INVALID_ACCESS, - "decrypt should fail with WERR_INVALID_ACCESS"); - } else { - if (!W_ERROR_EQUAL(r.out.result, WERR_INVALID_ACCESS) - && !W_ERROR_EQUAL(r.out.result, WERR_INVALID_PARAMETER)) { - torture_assert_werr_equal(tctx, r.out.result, - WERR_INVALID_DATA, - "decrypt should fail with WERR_INVALID_ACCESS, WERR_INVALID_PARAMETER or WERR_INVALID_DATA"); - } - } - - return true; -} - -static bool test_ServerWrap_decrypt_wrong_magic(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_MAGIC); -} - -static bool test_ServerWrap_decrypt_wrong_r2(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_R2); -} - -static bool test_ServerWrap_decrypt_wrong_payload_length(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_PAYLOAD_LENGTH); -} - -static bool test_ServerWrap_decrypt_short_payload_length(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, SHORT_PAYLOAD_LENGTH); -} - -static bool test_ServerWrap_decrypt_zero_payload_length(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, ZERO_PAYLOAD_LENGTH); -} - -static bool test_ServerWrap_decrypt_wrong_ciphertext_length(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_CIPHERTEXT_LENGTH); -} - -static bool test_ServerWrap_decrypt_short_ciphertext_length(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, SHORT_CIPHERTEXT_LENGTH); -} - -static bool test_ServerWrap_decrypt_zero_ciphertext_length(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, ZERO_CIPHERTEXT_LENGTH); -} - -static bool test_ServerWrap_encrypt_decrypt_remote_key(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, RIGHT_KEY); -} - -static bool test_ServerWrap_encrypt_decrypt_wrong_key(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_KEY); -} - -static bool test_ServerWrap_encrypt_decrypt_wrong_sid(struct torture_context *tctx, - struct dcerpc_pipe *p) -{ - return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_SID); -} - -struct torture_suite *torture_rpc_backupkey(TALLOC_CTX *mem_ctx) -{ - struct torture_suite *suite = torture_suite_create(mem_ctx, "backupkey"); - - struct torture_rpc_tcase *tcase; - - tcase = torture_suite_add_rpc_iface_tcase(suite, "backupkey", - &ndr_table_backupkey); - - torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid", - test_RetrieveBackupKeyGUID); - - torture_rpc_tcase_add_test(tcase, "restore_guid", - test_RestoreGUID); - - torture_rpc_tcase_add_test(tcase, "restore_guid version 3", - test_RestoreGUID_v3); - -/* We double the test in order to be sure that we don't mess stuff (ie. freeing static stuff) */ - - torture_rpc_tcase_add_test(tcase, "restore_guid_2nd", - test_RestoreGUID); - - torture_rpc_tcase_add_test(tcase, "unable_to_decrypt_secret", - test_RestoreGUID_ko); - - torture_rpc_tcase_add_test(tcase, "wrong_user_restore_guid", - test_RestoreGUID_wronguser); - - torture_rpc_tcase_add_test(tcase, "wrong_version_restore_guid", - test_RestoreGUID_wrongversion); - - torture_rpc_tcase_add_test(tcase, "bad_magic_on_secret_restore_guid", - test_RestoreGUID_badmagiconsecret); - - torture_rpc_tcase_add_test(tcase, "bad_hash_on_secret_restore_guid", - test_RestoreGUID_badhashaccesscheck); - - torture_rpc_tcase_add_test(tcase, "bad_magic_on_accesscheck_restore_guid", - test_RestoreGUID_badmagicaccesscheck); - - torture_rpc_tcase_add_test(tcase, "bad_cert_guid_restore_guid", - test_RestoreGUID_badcertguid); - - torture_rpc_tcase_add_test(tcase, "empty_request_restore_guid", - test_RestoreGUID_emptyrequest); - - torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid_2048_bits", - test_RetrieveBackupKeyGUID_2048bits); - - torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt", - test_ServerWrap_encrypt_decrypt); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_keyGUID", - test_ServerWrap_decrypt_wrong_keyGUID); - - torture_rpc_tcase_add_test(tcase, "server_wrap_empty_request", - test_ServerWrap_decrypt_empty_request); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_request", - test_ServerWrap_decrypt_short_request); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_magic", - test_ServerWrap_decrypt_wrong_magic); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_r2", - test_ServerWrap_decrypt_wrong_r2); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_payload_length", - test_ServerWrap_decrypt_wrong_payload_length); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_payload_length", - test_ServerWrap_decrypt_short_payload_length); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_zero_payload_length", - test_ServerWrap_decrypt_zero_payload_length); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_ciphertext_length", - test_ServerWrap_decrypt_wrong_ciphertext_length); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_ciphertext_length", - test_ServerWrap_decrypt_short_ciphertext_length); - - torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_zero_ciphertext_length", - test_ServerWrap_decrypt_zero_ciphertext_length); - - torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_remote_key", - test_ServerWrap_encrypt_decrypt_remote_key); - - torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_wrong_key", - test_ServerWrap_encrypt_decrypt_wrong_key); - - torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_wrong_sid", - test_ServerWrap_encrypt_decrypt_wrong_sid); - - return suite; -} diff --git a/source4/torture/wscript_build b/source4/torture/wscript_build index 1908f7eac31..c729558a98d 100644 --- a/source4/torture/wscript_build +++ b/source4/torture/wscript_build @@ -82,13 +82,6 @@ bld.SAMBA_SUBSYSTEM('IREMOTEWINSPOOL_COMMON', deps='talloc', enabled=bld.PYTHON_BUILD_IS_ENABLED()) -torture_rpc_backupkey = '' -if bld.AD_DC_BUILD_IS_ENABLED(): - if (bld.CONFIG_SET('HAVE_GNUTLS_PRIVKEY_EXPORT_X509') and - bld.CONFIG_SET('HAVE_GNUTLS_X509_CRT_SET_SUBJECT_UNIQUE_ID')): - torture_rpc_backupkey = 'rpc/backupkey.c' - else: - torture_rpc_backupkey = 'rpc/backupkey_heimdal.c' bld.SAMBA_MODULE('torture_rpc', source=''' rpc/join.c @@ -146,7 +139,7 @@ bld.SAMBA_MODULE('torture_rpc', rpc/iremotewinspool.c rpc/iremotewinspool_driver.c rpc/mdssvc.c - ''' + torture_rpc_backupkey + ntvfs_specific['source'], + rpc/backupkey.c''' + ntvfs_specific['source'], autoproto='rpc/proto.h', subsystem='smbtorture', init_function='torture_rpc_init', diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls index 8ff0529e10c..02e6567ba2f 100644 --- a/wscript_configure_system_gnutls +++ b/wscript_configure_system_gnutls @@ -12,12 +12,6 @@ conf.CHECK_CFG(package='gnutls', # Define gnutls as a system library conf.SET_TARGET_TYPE('gnutls', 'SYSLIB') -# Check for gnutls_privkey_export_x509 (>= 3.4.0) required by backupkey -conf.CHECK_FUNCS_IN('gnutls_privkey_export_x509', 'gnutls') - -# Check for gnutls_x509_crt_set_subject_unique_id (>= 3.4.7) required by backupkey -conf.CHECK_FUNCS_IN('gnutls_x509_crt_set_subject_unique_id', 'gnutls') - # Check for gnutls_pkcs7_get_embedded_data_oid (>= 3.5.5) required by libmscat conf.CHECK_FUNCS_IN('gnutls_pkcs7_get_embedded_data_oid', 'gnutls') |