libtommath: Fix possible integer overflow CVE-2023-36328
[heimdal.git] / kdc / kstash.c
blob6ec1a548aca6e41068a1ec357b77e4676151abf9
1 /*
2 * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
34 #include "headers.h"
36 krb5_context context;
38 static char *keyfile;
39 static int convert_flag;
40 static int help_flag;
41 static int version_flag;
43 static int master_key_fd = -1;
44 static int random_key_flag;
46 static const char *enctype_str = "des3-cbc-sha1";
48 static struct getargs args[] = {
49 { "enctype", 'e', arg_string, rk_UNCONST(&enctype_str), "encryption type",
50 NULL },
51 { "key-file", 'k', arg_string, &keyfile, "master key file", "file" },
52 { "convert-file", 0, arg_flag, &convert_flag,
53 "just convert keyfile to new format", NULL },
54 { "master-key-fd", 0, arg_integer, &master_key_fd,
55 "filedescriptor to read passphrase from", "fd" },
56 { "random-key", 0, arg_flag, &random_key_flag,
57 "generate a random master key", NULL },
58 { "help", 'h', arg_flag, &help_flag, NULL, NULL },
59 { "version", 0, arg_flag, &version_flag, NULL, NULL }
62 int num_args = sizeof(args) / sizeof(args[0]);
64 int
65 main(int argc, char **argv)
67 char buf[1024+1];
68 krb5_error_code ret;
69 int aret;
71 krb5_enctype enctype;
73 hdb_master_key mkey;
75 krb5_program_setup(&context, argc, argv, args, num_args, NULL);
77 if(help_flag)
78 krb5_std_usage(0, args, num_args);
79 if(version_flag){
80 print_version(NULL);
81 exit(0);
84 if (master_key_fd != -1 && random_key_flag)
85 krb5_errx(context, 1, "random-key and master-key-fd "
86 "is mutual exclusive");
88 if (keyfile == NULL) {
89 aret = asprintf(&keyfile, "%s/m-key", hdb_db_dir(context));
90 if (aret == -1)
91 krb5_errx(context, 1, "out of memory");
94 ret = krb5_string_to_enctype(context, enctype_str, &enctype);
95 if(ret)
96 krb5_err(context, 1, ret, "krb5_string_to_enctype");
98 ret = hdb_read_master_key(context, keyfile, &mkey);
99 if(ret && ret != ENOENT)
100 krb5_err(context, 1, ret, "reading master key from %s", keyfile);
102 if (convert_flag) {
103 if (ret)
104 krb5_err(context, 1, ret, "reading master key from %s", keyfile);
105 } else {
106 krb5_keyblock key;
107 krb5_salt salt;
108 salt.salttype = KRB5_PW_SALT;
109 /* XXX better value? */
110 salt.saltvalue.data = NULL;
111 salt.saltvalue.length = 0;
112 if (random_key_flag) {
113 ret = krb5_generate_random_keyblock(context, enctype, &key);
114 if (ret)
115 krb5_err(context, 1, ret, "krb5_generate_random_keyblock");
117 } else {
118 if(master_key_fd != -1) {
119 ssize_t n;
120 n = read(master_key_fd, buf, sizeof(buf)-1);
121 if(n <= 0)
122 krb5_err(context, 1, errno, "failed to read passphrase");
123 buf[n] = '\0';
124 buf[strcspn(buf, "\r\n")] = '\0';
126 } else {
127 if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ",
128 UI_UTIL_FLAG_VERIFY))
129 exit(1);
131 krb5_string_to_key_salt(context, enctype, buf, salt, &key);
133 ret = hdb_add_master_key(context, &key, &mkey);
134 if (ret)
135 krb5_err(context, 1, ret, "hdb_add_master_key");
137 krb5_free_keyblock_contents(context, &key);
142 char *new = NULL, *old = NULL;
144 aret = asprintf(&old, "%s.old", keyfile);
145 if (aret == -1) {
146 old = NULL;
147 ret = ENOMEM;
148 goto out;
150 aret = asprintf(&new, "%s.new", keyfile);
151 if (aret == -1) {
152 new = NULL;
153 ret = ENOMEM;
154 goto out;
156 if(unlink(new) < 0 && errno != ENOENT) {
157 ret = errno;
158 goto out;
160 krb5_warnx(context, "writing key to `%s'", keyfile);
161 ret = hdb_write_master_key(context, new, mkey);
162 if(ret)
163 unlink(new);
164 else {
165 #ifndef NO_POSIX_LINKS
166 unlink(old);
167 if(link(keyfile, old) < 0 && errno != ENOENT) {
168 ret = errno;
169 unlink(new);
170 } else {
171 #endif
172 if(rename(new, keyfile) < 0) {
173 ret = errno;
175 #ifndef NO_POSIX_LINKS
177 #endif
179 out:
180 free(old);
181 free(new);
182 if(ret)
183 krb5_warn(context, errno, "writing master key file");
186 hdb_free_master_key(context, mkey);
188 exit(ret != 0);