/*
Unix SMB/CIFS implementation.
Group Key Distribution Protocol functions
Copyright (C) Catalyst.Net Ltd 2023
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
*/
#ifndef LIB_CRYPTO_GKDI_H
#define LIB_CRYPTO_GKDI_H
#include
#include
#include "lib/util/data_blob.h"
#include "libcli/util/ntstatus.h"
#include "librpc/gen_ndr/misc.h"
#include "lib/util/time.h"
#include "talloc.h"
enum KdfAlgorithmId {
KDF_ALGORITHM_SP800_108_CTR_HMAC,
};
#define SP800_108_CTR_HMAC "SP800_108_CTR_HMAC"
enum KdfSp800_108Param {
KDF_PARAM_SHA1,
KDF_PARAM_SHA256,
KDF_PARAM_SHA384,
KDF_PARAM_SHA512,
};
struct KdfAlgorithm {
union {
enum KdfSp800_108Param sp800_108;
} param;
enum KdfAlgorithmId id;
};
enum {
root_key_version_1 = 1,
};
struct ProvRootKey {
struct GUID id;
DATA_BLOB data;
NTTIME create_time;
NTTIME use_start_time;
const char *domain_id;
struct KdfAlgorithm kdf_algorithm;
int32_t version;
};
NTSTATUS ProvRootKey(TALLOC_CTX *mem_ctx,
const struct GUID root_key_id,
const int32_t version,
const DATA_BLOB root_key_data,
const NTTIME create_time,
const NTTIME use_start_time,
const char *const domain_id,
const struct KdfAlgorithm kdf_algorithm,
const struct ProvRootKey **const root_key_out);
struct Gkid {
int32_t l0_idx;
int8_t l1_idx; /* [range(0, 31)] */
int8_t l2_idx; /* [range(0, 31)] */
};
enum GkidType {
GKID_DEFAULT = -1,
GKID_L0_SEED_KEY = 0,
GKID_L1_SEED_KEY = 1,
GKID_L2_SEED_KEY = 2,
};
/*
* Construct a GKID. The caller must check the returned GKID is valid before
* using it!
*/
static inline struct Gkid Gkid(int32_t l0_idx, int8_t l1_idx, int8_t l2_idx)
{
return (struct Gkid){l0_idx, l1_idx, l2_idx};
}
static const struct Gkid invalid_gkid = {
INT32_MIN,
INT8_MIN,
INT8_MIN,
};
static const uint32_t key_envelope_magic = 0x4b53444b; /* ‘KDSK’ */
struct KeyEnvelopeId {
struct GUID root_key_id;
struct Gkid gkid;
};
struct KeyEnvelope;
NTSTATUS gkdi_pull_KeyEnvelope(TALLOC_CTX *mem_ctx,
const DATA_BLOB *pwd_id_blob,
struct KeyEnvelope *pwd_id_out);
const struct KeyEnvelopeId *gkdi_pull_KeyEnvelopeId(
const DATA_BLOB key_env,
struct KeyEnvelopeId *key_env_out);
enum GkidType gkid_key_type(const struct Gkid gkid);
bool gkid_is_valid(const struct Gkid gkid);
static const int gkdi_l1_key_iteration = 32;
static const int gkdi_l2_key_iteration = 32;
static const int64_t gkdi_key_cycle_duration = 360000000000; /* ten hours */
static const int gkdi_max_clock_skew_mins = 5;
static const int64_t gkdi_max_clock_skew = 3000000000; /* five minutes */
#define GKDI_KEY_LEN 64
struct Gkid gkdi_get_interval_id(const NTTIME time);
bool gkdi_get_key_start_time(const struct Gkid gkid, NTTIME *start_time_out);
NTTIME gkdi_get_interval_start_time(const NTTIME time);
bool gkid_less_than_or_equal_to(const struct Gkid g1, const struct Gkid g2);
bool gkdi_rollover_interval(const int64_t managed_password_interval,
NTTIME *result);
gnutls_mac_algorithm_t get_sp800_108_mac_algorithm(
const struct KdfAlgorithm kdf_algorithm);
NTSTATUS compute_seed_key(TALLOC_CTX *mem_ctx,
const DATA_BLOB target_security_descriptor,
const struct ProvRootKey *const root_key,
const struct Gkid gkid,
uint8_t out[static const GKDI_KEY_LEN]);
NTSTATUS kdf_sp_800_108_from_params(
const DATA_BLOB *const kdf_param,
struct KdfAlgorithm *const kdf_algorithm_out);
NTSTATUS kdf_algorithm_from_params(
const char *const kdf_algorithm_id,
const DATA_BLOB *const kdf_param,
struct KdfAlgorithm *const kdf_algorithm_out);
#endif /* LIB_CRYPTO_GKDI_H */