* or implied warranty.
*/
-/* ASN.1 primitive encoders */
-
#include "asn1_encode.h"
+/**** Functions for encoding primitive types ****/
+
asn1_error_code
-asn1_encode_boolean(asn1buf *buf, asn1_intmax val, size_t *retlen)
+k5_asn1_encode_bool(asn1buf *buf, asn1_intmax val, size_t *len_out)
{
asn1_octet bval = val ? 0xFF : 0x00;
- *retlen = 1;
+ *len_out = 1;
return asn1buf_insert_octet(buf, bval);
}
asn1_error_code
-asn1_encode_integer(asn1buf *buf, asn1_intmax val, size_t *retlen)
+k5_asn1_encode_int(asn1buf *buf, asn1_intmax val, size_t *len_out)
{
- asn1_error_code retval;
- size_t length = 0;
+ asn1_error_code ret;
+ size_t len = 0;
long valcopy;
int digit;
valcopy = val;
do {
- digit = (int) (valcopy&0xFF);
- retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
- if (retval) return retval;
- length++;
+ digit = valcopy & 0xFF;
+ ret = asn1buf_insert_octet(buf, digit);
+ if (ret)
+ return ret;
+ len++;
valcopy = valcopy >> 8;
} while (valcopy != 0 && valcopy != ~0);
- if ((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
- retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
- if (retval) return retval;
- length++;
- } else if ((val < 0) && ((digit&0x80) != 0x80)) {
- retval = asn1buf_insert_octet(buf,0xFF);
- if (retval) return retval;
- length++;
+ if (val > 0 && (digit & 0x80) == 0x80) { /* make sure the high bit is */
+ ret = asn1buf_insert_octet(buf, 0); /* of the proper signed-ness */
+ if (ret)
+ return ret;
+ len++;
+ } else if (val < 0 && (digit & 0x80) != 0x80) {
+ ret = asn1buf_insert_octet(buf, 0xFF);
+ if (ret)
+ return ret;
+ len++;
}
- *retlen = length;
+ *len_out = len;
return 0;
}
asn1_error_code
-asn1_encode_unsigned_integer(asn1buf *buf, asn1_uintmax val, size_t *retlen)
+k5_asn1_encode_uint(asn1buf *buf, asn1_uintmax val, size_t *len_out)
{
- asn1_error_code retval;
- size_t length = 0;
- unsigned long valcopy;
+ asn1_error_code ret;
+ size_t len = 0;
+ asn1_uintmax valcopy;
int digit;
valcopy = val;
do {
- digit = (int) (valcopy&0xFF);
- retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
- if (retval) return retval;
- length++;
+ digit = valcopy & 0xFF;
+ ret = asn1buf_insert_octet(buf, digit);
+ if (ret)
+ return ret;
+ len++;
valcopy = valcopy >> 8;
} while (valcopy != 0);
- if (digit&0x80) { /* make sure the high bit is */
- retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
- if (retval) return retval;
- length++;
+ if (digit & 0x80) { /* make sure the high bit is */
+ ret = asn1buf_insert_octet(buf, 0); /* of the proper signed-ness */
+ if (ret)
+ return ret;
+ len++;
}
- *retlen = length;
+ *len_out = len;
return 0;
}
asn1_error_code
-asn1_encode_bytestring(asn1buf *buf, unsigned char *const *val, size_t len,
- size_t *retlen)
+k5_asn1_encode_bytestring(asn1buf *buf, unsigned char *const *val, size_t len,
+ size_t *len_out)
{
- if (len > 0 && val == NULL) return ASN1_MISSING_FIELD;
- *retlen = len;
+ if (len > 0 && val == NULL)
+ return ASN1_MISSING_FIELD;
+ *len_out = len;
return asn1buf_insert_octetstring(buf, len, *val);
}
asn1_error_code
-asn1_encode_generaltime(asn1buf *buf, time_t val, size_t *retlen)
+k5_asn1_encode_generaltime(asn1buf *buf, time_t val, size_t *len_out)
{
struct tm *gtime, gtimebuf;
char s[16];
unsigned char *sp;
time_t gmt_time = val;
+ int len;
/*
* Time encoding: YYYYMMDDhhmmssZ
if (gmt_time == 0) {
sp = (unsigned char *)"19700101000000Z";
} else {
- int len;
-
/*
* Sanity check this just to be paranoid, as gmtime can return NULL,
* and some bogus implementations might overrun on the sprintf.
*/
#ifdef HAVE_GMTIME_R
-# ifdef GMTIME_R_RETURNS_INT
+#ifdef GMTIME_R_RETURNS_INT
if (gmtime_r(&gmt_time, >imebuf) != 0)
return ASN1_BAD_GMTIME;
-# else
+#else
if (gmtime_r(&gmt_time, >imebuf) == NULL)
return ASN1_BAD_GMTIME;
-# endif
-#else
+#endif
+#else /* HAVE_GMTIME_R */
gtime = gmtime(&gmt_time);
if (gtime == NULL)
return ASN1_BAD_GMTIME;
memcpy(>imebuf, gtime, sizeof(gtimebuf));
-#endif
+#endif /* HAVE_GMTIME_R */
gtime = >imebuf;
if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
gtime->tm_min > 59 || gtime->tm_sec > 59)
return ASN1_BAD_GMTIME;
len = snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
- 1900+gtime->tm_year, gtime->tm_mon+1,
+ 1900 + gtime->tm_year, gtime->tm_mon + 1,
gtime->tm_mday, gtime->tm_hour,
gtime->tm_min, gtime->tm_sec);
if (SNPRINTF_OVERFLOW(len, sizeof(s)))
sp = (unsigned char *)s;
}
- return asn1_encode_bytestring(buf, &sp, 15, retlen);
+ return k5_asn1_encode_bytestring(buf, &sp, 15, len_out);
}
asn1_error_code
-asn1_encode_bitstring(asn1buf *buf, unsigned char *const *val, size_t len,
- size_t *retlen)
+k5_asn1_encode_bitstring(asn1buf *buf, unsigned char *const *val, size_t len,
+ size_t *len_out)
{
- asn1_error_code retval;
+ asn1_error_code ret;
- retval = asn1buf_insert_octetstring(buf, len, *val);
- if (retval) return retval;
- *retlen = len + 1;
+ ret = asn1buf_insert_octetstring(buf, len, *val);
+ if (ret)
+ return ret;
+ *len_out = len + 1;
return asn1buf_insert_octet(buf, '\0');
}
+/* Encode a DER tag into buf with the tag and length parameters in t. Place
+ * the length of the encoded tag in *retlen. */
static asn1_error_code
make_tag(asn1buf *buf, const taginfo *t, size_t *retlen)
{
return 0;
}
-/*
- * ASN.1 constructed type encoder engine
- *
- * Two entry points here:
- *
- * krb5int_asn1_encode_type: Incrementally adds the contents-only encoding of
- * an object to an already-initialized asn1buf, and returns its tag
- * information.
- *
- * krb5int_asn1_do_full_encode: Returns a completed encoding, in the
- * correct byte order, in an allocated krb5_data.
- */
-
#ifdef POINTERS_ARE_ALL_THE_SAME
-#define LOADPTR(PTR,TYPE) \
- (*(const void *const *)(PTR))
+#define LOADPTR(PTR, TYPE) (*(const void *const *)(PTR))
#else
-#define LOADPTR(PTR,PTRINFO) \
+#define LOADPTR(PTR, PTRINFO) \
(assert((PTRINFO)->loadptr != NULL), (PTRINFO)->loadptr(PTR))
#endif
ptr = a->tinfo;
while (1) {
- eltptr = (const char *) valp + i * seq->size;
+ eltptr = (const char *)valp + i * seq->size;
elt = LOADPTR(eltptr, ptr);
if (elt == NULL)
break;
}
static asn1_error_code
encode_sequence_of(asn1buf *buf, size_t seqlen, const void *val,
- const struct atype_info *eltinfo, size_t *retlen);
+ const struct atype_info *eltinfo, size_t *len_out);
static asn1_error_code
encode_nullterm_sequence_of(asn1buf *buf, const void *val,
const struct atype_info *type,
- int can_be_empty, size_t *retlen)
+ int can_be_empty, size_t *len_out)
{
- size_t length = get_nullterm_sequence_len(val, type);
- if (!can_be_empty && length == 0) return ASN1_MISSING_FIELD;
- return encode_sequence_of(buf, length, val, type, retlen);
+ size_t len = get_nullterm_sequence_len(val, type);
+
+ if (!can_be_empty && len == 0)
+ return ASN1_MISSING_FIELD;
+ return encode_sequence_of(buf, len, val, type, len_out);
}
static asn1_intmax
static asn1_error_code
load_count(const void *val, const struct counted_info *counted,
- size_t *retcount)
+ size_t *count_out)
{
const void *countptr = (const char *)val + counted->lenoff;
asn1_intmax xlen = load_int(countptr, counted->lensize);
if (xlen < 0 || (asn1_uintmax)xlen > SIZE_MAX)
return EINVAL;
- *retcount = xlen;
+ *count_out = xlen;
} else {
asn1_uintmax xlen = load_uint(countptr, counted->lensize);
if ((size_t)xlen != xlen || xlen > SIZE_MAX)
return EINVAL;
- *retcount = xlen;
+ *count_out = xlen;
}
return 0;
}
/* Split a DER encoding into tag and contents. Insert the contents into buf,
* then return the length of the contents and the tag. */
static asn1_error_code
-split_der(asn1buf *buf, unsigned char *const *der, size_t len, taginfo *rettag)
+split_der(asn1buf *buf, unsigned char *const *der, size_t len,
+ taginfo *tag_out)
{
asn1buf der_buf;
krb5_data der_data = make_data(*der, len);
- asn1_error_code retval;
-
- retval = asn1buf_wrap_data(&der_buf, &der_data);
- if (retval)
- return retval;
- retval = asn1_get_tag_2(&der_buf, rettag);
- if (retval)
- return retval;
- if ((size_t)asn1buf_remains(&der_buf, 0) != rettag->length)
+ asn1_error_code ret;
+
+ ret = asn1buf_wrap_data(&der_buf, &der_data);
+ if (ret)
+ return ret;
+ ret = asn1_get_tag_2(&der_buf, tag_out);
+ if (ret)
+ return ret;
+ if ((size_t)asn1buf_remains(&der_buf, 0) != tag_out->length)
return EINVAL;
- return asn1buf_insert_bytestring(buf, rettag->length,
- *der + len - rettag->length);
+ return asn1buf_insert_bytestring(buf, tag_out->length,
+ *der + len - tag_out->length);
}
static asn1_error_code
encode_sequence(asn1buf *buf, const void *val, const struct seq_info *seq,
- size_t *retlen);
+ size_t *len_out);
static asn1_error_code
encode_cntype(asn1buf *buf, const void *val, size_t len,
- const struct cntype_info *c, taginfo *rettag);
+ const struct cntype_info *c, taginfo *tag_out);
/* Encode a value (contents only, no outer tag) according to a type, and return
* its encoded tag information. */
-asn1_error_code
-krb5int_asn1_encode_type(asn1buf *buf, const void *val,
- const struct atype_info *a, taginfo *rettag)
+static asn1_error_code
+encode_atype(asn1buf *buf, const void *val, const struct atype_info *a,
+ taginfo *tag_out)
{
- asn1_error_code retval;
+ asn1_error_code ret;
if (val == NULL)
return ASN1_MISSING_FIELD;
case atype_fn: {
const struct fn_info *fn = a->tinfo;
assert(fn->enc != NULL);
- return fn->enc(buf, val, rettag);
+ return fn->enc(buf, val, tag_out);
}
case atype_sequence:
assert(a->tinfo != NULL);
- retval = encode_sequence(buf, val, a->tinfo, &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = CONSTRUCTED;
- rettag->tagnum = ASN1_SEQUENCE;
+ ret = encode_sequence(buf, val, a->tinfo, &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = CONSTRUCTED;
+ tag_out->tagnum = ASN1_SEQUENCE;
break;
case atype_ptr: {
const struct ptr_info *ptr = a->tinfo;
assert(ptr->basetype != NULL);
- return krb5int_asn1_encode_type(buf, LOADPTR(val, ptr), ptr->basetype,
- rettag);
+ return encode_atype(buf, LOADPTR(val, ptr), ptr->basetype, tag_out);
}
case atype_offset: {
const struct offset_info *off = a->tinfo;
assert(off->basetype != NULL);
- return krb5int_asn1_encode_type(buf, (const char *)val + off->dataoff,
- off->basetype, rettag);
+ return encode_atype(buf, (const char *)val + off->dataoff,
+ off->basetype, tag_out);
}
case atype_counted: {
const struct counted_info *counted = a->tinfo;
const void *dataptr = (const char *)val + counted->dataoff;
size_t count;
assert(counted->basetype != NULL);
- retval = load_count(val, counted, &count);
- if (retval)
- return retval;
- return encode_cntype(buf, dataptr, count, counted->basetype, rettag);
+ ret = load_count(val, counted, &count);
+ if (ret)
+ return ret;
+ return encode_cntype(buf, dataptr, count, counted->basetype, tag_out);
}
case atype_nullterm_sequence_of:
case atype_nonempty_nullterm_sequence_of:
assert(a->tinfo != NULL);
- retval = encode_nullterm_sequence_of(buf, val, a->tinfo,
- a->type ==
- atype_nullterm_sequence_of,
- &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = CONSTRUCTED;
- rettag->tagnum = ASN1_SEQUENCE;
+ ret = encode_nullterm_sequence_of(buf, val, a->tinfo,
+ a->type ==
+ atype_nullterm_sequence_of,
+ &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = CONSTRUCTED;
+ tag_out->tagnum = ASN1_SEQUENCE;
break;
case atype_tagged_thing: {
const struct tagged_info *tag = a->tinfo;
- retval = krb5int_asn1_encode_type(buf, val, tag->basetype, rettag);
- if (retval)
- return retval;
+ ret = encode_atype(buf, val, tag->basetype, tag_out);
+ if (ret)
+ return ret;
if (!tag->implicit) {
size_t tlen;
- retval = make_tag(buf, rettag, &tlen);
- if (retval)
- return retval;
- rettag->length += tlen;
- rettag->construction = tag->construction;
+ ret = make_tag(buf, tag_out, &tlen);
+ if (ret)
+ return ret;
+ tag_out->length += tlen;
+ tag_out->construction = tag->construction;
}
- rettag->asn1class = tag->tagtype;
- rettag->tagnum = tag->tagval;
+ tag_out->asn1class = tag->tagtype;
+ tag_out->tagnum = tag->tagval;
break;
}
case atype_int:
- retval = asn1_encode_integer(buf, load_int(val, a->size),
- &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = PRIMITIVE;
- rettag->tagnum = ASN1_INTEGER;
+ ret = k5_asn1_encode_int(buf, load_int(val, a->size),
+ &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = PRIMITIVE;
+ tag_out->tagnum = ASN1_INTEGER;
break;
case atype_uint:
- retval = asn1_encode_unsigned_integer(buf, load_uint(val, a->size),
- &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = PRIMITIVE;
- rettag->tagnum = ASN1_INTEGER;
+ ret = k5_asn1_encode_uint(buf, load_uint(val, a->size),
+ &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = PRIMITIVE;
+ tag_out->tagnum = ASN1_INTEGER;
break;
case atype_int_immediate: {
const int *iptr = a->tinfo;
- retval = asn1_encode_integer(buf, *iptr, &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = PRIMITIVE;
- rettag->tagnum = ASN1_INTEGER;
+ ret = k5_asn1_encode_int(buf, *iptr, &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = PRIMITIVE;
+ tag_out->tagnum = ASN1_INTEGER;
break;
}
default:
}
static asn1_error_code
-encode_type_and_tag(asn1buf *buf, const void *val, const struct atype_info *a,
- size_t *retlen)
+encode_atype_and_tag(asn1buf *buf, const void *val, const struct atype_info *a,
+ size_t *len_out)
{
taginfo t;
- asn1_error_code retval;
+ asn1_error_code ret;
size_t tlen;
- retval = krb5int_asn1_encode_type(buf, val, a, &t);
- if (retval)
- return retval;
- retval = make_tag(buf, &t, &tlen);
- if (retval)
- return retval;
- *retlen = t.length + tlen;
+ ret = encode_atype(buf, val, a, &t);
+ if (ret)
+ return ret;
+ ret = make_tag(buf, &t, &tlen);
+ if (ret)
+ return ret;
+ *len_out = t.length + tlen;
return 0;
}
*/
static asn1_error_code
encode_cntype(asn1buf *buf, const void *val, size_t count,
- const struct cntype_info *c, taginfo *rettag)
+ const struct cntype_info *c, taginfo *tag_out)
{
- asn1_error_code retval;
+ asn1_error_code ret;
switch (c->type) {
case cntype_string: {
const struct string_info *string = c->tinfo;
assert(string->enc != NULL);
- retval = string->enc(buf, val, count, &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = PRIMITIVE;
- rettag->tagnum = string->tagval;
+ ret = string->enc(buf, val, count, &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = PRIMITIVE;
+ tag_out->tagnum = string->tagval;
break;
}
case cntype_der:
- return split_der(buf, val, count, rettag);
+ return split_der(buf, val, count, tag_out);
case cntype_seqof: {
const struct atype_info *a = c->tinfo;
const struct ptr_info *ptr = a->tinfo;
assert(a->type == atype_ptr);
val = LOADPTR(val, ptr);
- retval = encode_sequence_of(buf, count, val, ptr->basetype,
- &rettag->length);
- if (retval)
- return retval;
- rettag->asn1class = UNIVERSAL;
- rettag->construction = CONSTRUCTED;
- rettag->tagnum = ASN1_SEQUENCE;
+ ret = encode_sequence_of(buf, count, val, ptr->basetype,
+ &tag_out->length);
+ if (ret)
+ return ret;
+ tag_out->asn1class = UNIVERSAL;
+ tag_out->construction = CONSTRUCTED;
+ tag_out->tagnum = ASN1_SEQUENCE;
break;
}
case cntype_choice: {
const struct choice_info *choice = c->tinfo;
if (count >= choice->n_options)
return ASN1_MISSING_FIELD;
- return krb5int_asn1_encode_type(buf, val, choice->options[count],
- rettag);
+ return encode_atype(buf, val, choice->options[count], tag_out);
}
default:
static asn1_error_code
encode_sequence(asn1buf *buf, const void *val, const struct seq_info *seq,
- size_t *retlen)
+ size_t *len_out)
{
- asn1_error_code retval;
+ asn1_error_code ret;
unsigned int not_present;
- size_t i, length, sum = 0;
+ size_t i, len, sum = 0;
const struct atype_info *a;
/* If any fields might be optional, get a bitmask of fields not present. */
a = seq->fields[i - 1];
if ((1u << (i - 1)) & not_present)
continue;
- retval = encode_type_and_tag(buf, val, a, &length);
- if (retval)
- return retval;
- sum += length;
+ ret = encode_atype_and_tag(buf, val, a, &len);
+ if (ret)
+ return ret;
+ sum += len;
}
- *retlen = sum;
+ *len_out = sum;
return 0;
}
static asn1_error_code
encode_sequence_of(asn1buf *buf, size_t seqlen, const void *val,
- const struct atype_info *eltinfo, size_t *retlen)
+ const struct atype_info *eltinfo, size_t *len_out)
{
- asn1_error_code retval;
- size_t sum = 0, i, length;
+ asn1_error_code ret;
+ size_t sum = 0, i, len;
+ const void *eltptr;
+ assert(eltinfo->size != 0);
for (i = seqlen; i > 0; i--) {
- const void *eltptr;
- const struct atype_info *a = eltinfo;
-
- assert(eltinfo->size != 0);
eltptr = (const char *)val + (i - 1) * eltinfo->size;
- retval = encode_type_and_tag(buf, eltptr, a, &length);
- if (retval)
- return retval;
- sum += length;
+ ret = encode_atype_and_tag(buf, eltptr, eltinfo, &len);
+ if (ret)
+ return ret;
+ sum += len;
}
- *retlen = sum;
+ *len_out = sum;
return 0;
}
+asn1_error_code
+k5_asn1_encode_atype(asn1buf *buf, const void *val, const struct atype_info *a,
+ taginfo *tag_out)
+{
+ return encode_atype(buf, val, a, tag_out);
+}
+
krb5_error_code
-krb5int_asn1_do_full_encode(const void *rep, krb5_data **code,
- const struct atype_info *a)
+k5_asn1_full_encode(const void *rep, const struct atype_info *a,
+ krb5_data **code_out)
{
- size_t length;
- asn1_error_code retval;
+ size_t len;
+ asn1_error_code ret;
asn1buf *buf = NULL;
krb5_data *d;
- *code = NULL;
+ *code_out = NULL;
if (rep == NULL)
return ASN1_MISSING_FIELD;
-
- retval = asn1buf_create(&buf);
- if (retval)
- return retval;
-
- retval = encode_type_and_tag(buf, rep, a, &length);
- if (retval)
+ ret = asn1buf_create(&buf);
+ if (ret)
+ return ret;
+ ret = encode_atype_and_tag(buf, rep, a, &len);
+ if (ret)
goto cleanup;
- retval = asn12krb5_buf(buf, &d);
- if (retval)
+ ret = asn12krb5_buf(buf, &d);
+ if (ret)
goto cleanup;
- *code = d;
+ *code_out = d;
cleanup:
asn1buf_destroy(&buf);
- return retval;
+ return ret;
}
#include "asn1_get.h"
#include <time.h>
-/*
- * Overview
- *
- * Each of these procedures inserts the encoding of an ASN.1
- * primitive in a coding buffer.
- *
- * Operations
- *
- * asn1_encode_boolean
- * asn1_encode_integer
- * asn1_encode_unsigned_integer
- * asn1_encode_bytestring
- * asn1_encode_generaltime
- * asn1_encode_bitstring
- */
-
-asn1_error_code asn1_encode_boolean(asn1buf *buf, asn1_intmax val,
- size_t *retlen);
-asn1_error_code asn1_encode_integer(asn1buf *buf, asn1_intmax val,
- size_t *retlen);
-/*
- * requires *buf is allocated
- * modifies *buf, *retlen
- * effects Inserts the encoding of val into *buf and returns
- * the length of the encoding in *retlen.
- * Returns ENOMEM to signal an unsuccesful attempt
- * to expand the buffer.
- */
-
-asn1_error_code asn1_encode_unsigned_integer(asn1buf *buf, asn1_uintmax val,
- size_t *retlen);
-/*
- * requires *buf is allocated
- * modifies *buf, *retlen
- * effects Inserts the encoding of val into *buf and returns
- * the length of the encoding in *retlen.
- * Returns ENOMEM to signal an unsuccesful attempt
- * to expand the buffer.
- */
-
-asn1_error_code asn1_encode_bytestring(asn1buf *buf, unsigned char *const *val,
- size_t len, size_t *retlen);
-/*
- * requires *buf is allocated
- * modifies *buf, *retlen
- * effects Inserts the encoding of val into *buf and returns
- * the length of the encoding in *retlen.
- * Returns ENOMEM to signal an unsuccesful attempt
- * to expand the buffer.
- */
-
-asn1_error_code asn1_encode_null(asn1buf *buf, int *retlen);
-/*
- * requires *buf is allocated
- * modifies *buf, *retlen
- * effects Inserts the encoding of NULL into *buf and returns
- * the length of the encoding in *retlen.
- * Returns ENOMEM to signal an unsuccesful attempt
- * to expand the buffer.
- */
-
-asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
- size_t *retlen);
-/*
- * requires *buf is allocated
- * modifies *buf, *retlen
- * effects Inserts the encoding of val into *buf and returns
- * the length of the encoding in *retlen.
- * Returns ENOMEM to signal an unsuccesful attempt
- * to expand the buffer.
- * Note: The encoding of GeneralizedTime is YYYYMMDDhhmmZ
- */
-
-asn1_error_code asn1_encode_bitstring(asn1buf *buf, unsigned char *const *val,
- size_t len, size_t *retlen);
-/*
- * requires *buf is allocated, *val has a length of len characters
- * modifies *buf, *retlen
- * effects Inserts the encoding of val into *buf and returns
- * the length of the encoding in *retlen.
- * Returns ENOMEM to signal an unsuccesful attempt
- * to expand the buffer.
- */
+/* These functions are referenced by encoder structures. They handle the
+ * encoding of primitive ASN.1 types. */
+asn1_error_code k5_asn1_encode_bool(asn1buf *buf, asn1_intmax val,
+ size_t *len_out);
+asn1_error_code k5_asn1_encode_int(asn1buf *buf, asn1_intmax val,
+ size_t *len_out);
+asn1_error_code k5_asn1_encode_uint(asn1buf *buf, asn1_uintmax val,
+ size_t *len_out);
+asn1_error_code k5_asn1_encode_bytestring(asn1buf *buf,
+ unsigned char *const *val,
+ size_t len, size_t *len_out);
+asn1_error_code k5_asn1_encode_bitstring(asn1buf *buf,
+ unsigned char *const *val,
+ size_t len, size_t *len_out);
+asn1_error_code k5_asn1_encode_generaltime(asn1buf *buf, time_t val,
+ size_t *len_out);
/*
* An atype_info structure specifies how to encode a pointer to a C
*/
enum atype_type {
- /*
- * For bounds checking only. By starting with values above 1, we
- * guarantee that zero-initialized storage will be recognized as
- * invalid.
- */
+ /* For bounds checking only. By starting with 2, we guarantee that
+ * zero-initialized storage will be recognized as invalid. */
atype_min = 1,
- /*
- * Encoder function to be called with address of <thing>. tinfo is a
- * struct fn_info *.
- */
+ /* Encoder function to be called with address of <thing>. tinfo is a
+ * struct fn_info *. */
atype_fn,
/* Pointer to actual thing to be encoded. tinfo is a struct ptr_info *. */
atype_ptr,
/*
* Actual thing to be encoded is an object at an offset from the original
* pointer, combined with an integer at a different offset, in a manner
- * specified by a cntype_info base type. tinfo is a struct counted_info *.
+ * specified by a cntype_info structure. tinfo is a struct counted_info *.
*/
atype_counted,
/* Sequence. tinfo is a struct seq_info *. */
atype_sequence,
/*
- * Sequence-of, with pointer to base type descriptor, represented
- * as a null-terminated array of pointers (and thus the "base"
- * type descriptor is actually an atype_ptr node). tinfo is a
- * struct atype_info * giving the base type.
+ * Sequence-of, with pointer to base type descriptor, represented as a
+ * null-terminated array of pointers (and thus the "base" type descriptor
+ * is actually an atype_ptr node). tinfo is a struct atype_info * giving
+ * the base type.
*/
atype_nullterm_sequence_of,
atype_nonempty_nullterm_sequence_of,
size_t n_options;
};
+struct seq_info {
+ /* If present, returns a bitmask indicating which fields are present. The
+ * bit (1 << N) corresponds to index N in the fields array. */
+ unsigned int (*optional)(const void *);
+ /* Indicates an array of sequence field descriptors. */
+ const struct atype_info **fields;
+ size_t n_fields;
+ /* Currently all sequences are assumed to be extensible. */
+};
+
/*
* The various DEF*TYPE macros must:
*
- * + Define a type named aux_typedefname_##DESCNAME, for use in any
- * types derived from the type being defined.
+ * + Define a type named aux_type_##DESCNAME, for use in any types derived from
+ * the type being defined.
*
* + Define an atype_info struct named k5_atype_##DESCNAME
*
*/
/* Define a type using an encoder function. */
-#define DEFFNTYPE(DESCNAME, CTYPENAME, ENCFN) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
- static const struct fn_info aux_info_##DESCNAME = { \
- ENCFN \
- }; \
- const struct atype_info k5_atype_##DESCNAME = { \
- atype_fn, sizeof(CTYPENAME), &aux_info_##DESCNAME \
+#define DEFFNTYPE(DESCNAME, CTYPENAME, ENCFN) \
+ typedef CTYPENAME aux_type_##DESCNAME; \
+ static const struct fn_info aux_info_##DESCNAME = { \
+ ENCFN \
+ }; \
+ const struct atype_info k5_atype_##DESCNAME = { \
+ atype_fn, sizeof(CTYPENAME), &aux_info_##DESCNAME \
}
/* A sequence, defined by the indicated series of types, and an optional
* function indicating which fields are not present. */
#define DEFSEQTYPE(DESCNAME, CTYPENAME, FIELDS, OPT) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
+ typedef CTYPENAME aux_type_##DESCNAME; \
static const struct seq_info aux_seqinfo_##DESCNAME = { \
OPT, FIELDS, sizeof(FIELDS)/sizeof(FIELDS[0]) \
}; \
}
/* Integer types. */
#define DEFINTTYPE(DESCNAME, CTYPENAME) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
+ typedef CTYPENAME aux_type_##DESCNAME; \
const struct atype_info k5_atype_##DESCNAME = { \
atype_int, sizeof(CTYPENAME), NULL \
}
#define DEFUINTTYPE(DESCNAME, CTYPENAME) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
+ typedef CTYPENAME aux_type_##DESCNAME; \
const struct atype_info k5_atype_##DESCNAME = { \
atype_uint, sizeof(CTYPENAME), NULL \
}
#define DEFINT_IMMEDIATE(DESCNAME, VAL) \
- typedef int aux_typedefname_##DESCNAME; \
+ typedef int aux_type_##DESCNAME; \
static const int aux_int_##DESCNAME = VAL; \
const struct atype_info k5_atype_##DESCNAME = { \
atype_int_immediate, 0, &aux_int_##DESCNAME \
/* Pointers to other types, to be encoded as those other types. */
#ifdef POINTERS_ARE_ALL_THE_SAME
-#define DEFPTRTYPE(DESCNAME,BASEDESCNAME) \
- typedef aux_typedefname_##BASEDESCNAME * aux_typedefname_##DESCNAME; \
- static const struct ptr_info aux_info_##DESCNAME = { \
- NULL, &k5_atype_##BASEDESCNAME \
- }; \
- const struct atype_info k5_atype_##DESCNAME = { \
- atype_ptr, sizeof(aux_typedefname_##DESCNAME), \
- &aux_info_##DESCNAME \
+#define DEFPTRTYPE(DESCNAME,BASEDESCNAME) \
+ typedef aux_type_##BASEDESCNAME *aux_type_##DESCNAME; \
+ static const struct ptr_info aux_info_##DESCNAME = { \
+ NULL, &k5_atype_##BASEDESCNAME \
+ }; \
+ const struct atype_info k5_atype_##DESCNAME = { \
+ atype_ptr, sizeof(aux_type_##DESCNAME), \
+ &aux_info_##DESCNAME \
}
#else
-#define DEFPTRTYPE(DESCNAME,BASEDESCNAME) \
- typedef aux_typedefname_##BASEDESCNAME * aux_typedefname_##DESCNAME; \
- static const void * \
- loadptr_for_##BASEDESCNAME##_from_##DESCNAME(const void *p) \
- { \
- const aux_typedefname_##DESCNAME *inptr = p; \
- const aux_typedefname_##BASEDESCNAME *retptr; \
- retptr = *inptr; \
- return retptr; \
- } \
- static const struct ptr_info aux_info_##DESCNAME = { \
- loadptr_for_##BASEDESCNAME##_from_##DESCNAME, \
- &k5_atype_##BASEDESCNAME \
- }; \
- const struct atype_info k5_atype_##DESCNAME = { \
- atype_ptr, sizeof(aux_typedefname_##DESCNAME), \
- &aux_info_##DESCNAME \
+#define DEFPTRTYPE(DESCNAME,BASEDESCNAME) \
+ typedef aux_type_##BASEDESCNAME *aux_type_##DESCNAME; \
+ static const void * \
+ aux_loadptr_##DESCNAME(const void *p) \
+ { \
+ return *(aux_type_##DESCNAME *)p; \
+ } \
+ static const struct ptr_info aux_info_##DESCNAME = { \
+ aux_loadptr_##DESCNAME, &k5_atype_##BASEDESCNAME \
+ }; \
+ const struct atype_info k5_atype_##DESCNAME = { \
+ atype_ptr, sizeof(aux_type_##DESCNAME), \
+ &aux_info_##DESCNAME \
}
#endif
-#define DEFOFFSETTYPE(DESCNAME, STYPE, FIELDNAME, BASEDESC) \
- typedef STYPE aux_typedefname_##DESCNAME; \
- static const struct offset_info aux_info_##DESCNAME = { \
- OFFOF(STYPE, FIELDNAME, aux_typedefname_##BASEDESC), \
- &k5_atype_##BASEDESC \
- }; \
- const struct atype_info k5_atype_##DESCNAME = { \
- atype_offset, sizeof(aux_typedefname_##DESCNAME), \
- &aux_info_##DESCNAME \
+#define DEFOFFSETTYPE(DESCNAME, STYPE, FIELDNAME, BASEDESC) \
+ typedef STYPE aux_type_##DESCNAME; \
+ static const struct offset_info aux_info_##DESCNAME = { \
+ OFFOF(STYPE, FIELDNAME, aux_type_##BASEDESC), \
+ &k5_atype_##BASEDESC \
+ }; \
+ const struct atype_info k5_atype_##DESCNAME = { \
+ atype_offset, sizeof(aux_type_##DESCNAME), \
+ &aux_info_##DESCNAME \
}
#define DEFCOUNTEDTYPE_base(DESCNAME, STYPE, DATAFIELD, COUNTFIELD, SIGNED, \
CDESC) \
- typedef STYPE aux_typedefname_##DESCNAME; \
+ typedef STYPE aux_type_##DESCNAME; \
const struct counted_info aux_info_##DESCNAME = { \
OFFOF(STYPE, DATAFIELD, aux_ptrtype_##CDESC), \
OFFOF(STYPE, COUNTFIELD, aux_counttype_##CDESC), \
* and use that type for the structure field.
*/
#define DEFNULLTERMSEQOFTYPE(DESCNAME,BASEDESCNAME) \
- typedef aux_typedefname_##BASEDESCNAME aux_typedefname_##DESCNAME; \
+ typedef aux_type_##BASEDESCNAME aux_type_##DESCNAME; \
const struct atype_info k5_atype_##DESCNAME = { \
- atype_nullterm_sequence_of, sizeof(aux_typedefname_##DESCNAME), \
+ atype_nullterm_sequence_of, sizeof(aux_type_##DESCNAME), \
&k5_atype_##BASEDESCNAME \
}
-#define DEFNONEMPTYNULLTERMSEQOFTYPE(DESCNAME,BASEDESCNAME) \
- typedef aux_typedefname_##BASEDESCNAME aux_typedefname_##DESCNAME; \
- const struct atype_info k5_atype_##DESCNAME = { \
- atype_nonempty_nullterm_sequence_of, \
- sizeof(aux_typedefname_##DESCNAME), \
- &k5_atype_##BASEDESCNAME \
+#define DEFNONEMPTYNULLTERMSEQOFTYPE(DESCNAME,BASEDESCNAME) \
+ typedef aux_type_##BASEDESCNAME aux_type_##DESCNAME; \
+ const struct atype_info k5_atype_##DESCNAME = { \
+ atype_nonempty_nullterm_sequence_of, \
+ sizeof(aux_type_##DESCNAME), \
+ &k5_atype_##BASEDESCNAME \
}
/* Objects with an explicit or implicit tag. (Implicit tags will ignore the
* construction field.) */
#define DEFTAGGEDTYPE(DESCNAME, CLASS, CONSTRUCTION, TAG, IMPLICIT, BASEDESC) \
- typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME; \
+ typedef aux_type_##BASEDESC aux_type_##DESCNAME; \
static const struct tagged_info aux_info_##DESCNAME = { \
TAG, CLASS, CONSTRUCTION, IMPLICIT, &k5_atype_##BASEDESC \
}; \
const struct atype_info k5_atype_##DESCNAME = { \
- atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME), \
+ atype_tagged_thing, sizeof(aux_type_##DESCNAME), \
&aux_info_##DESCNAME \
}
/* Objects with an explicit APPLICATION tag added. */
}
#define DEFCOUNTEDSEQOFTYPE(DESCNAME, LTYPE, BASEDESC) \
- typedef aux_typedefname_##BASEDESC aux_ptrtype_##DESCNAME; \
+ typedef aux_type_##BASEDESC aux_ptrtype_##DESCNAME; \
typedef LTYPE aux_counttype_##DESCNAME; \
const struct cntype_info k5_cntype_##DESCNAME = { \
cntype_seqof, &k5_atype_##BASEDESC \
* type.)
*/
#define IMPORT_TYPE(DESCNAME, CTYPENAME) \
- typedef CTYPENAME aux_typedefname_##DESCNAME; \
+ typedef CTYPENAME aux_type_##DESCNAME; \
extern const struct atype_info k5_atype_##DESCNAME
/* Partially encode the contents of a type and return its tag information.
- * Used only by asn1_encode_kdc_req_body. */
+ * Used only by kdc_req_body. */
asn1_error_code
-krb5int_asn1_encode_type(asn1buf *buf, const void *val,
- const struct atype_info *a, taginfo *rettag);
-
-struct seq_info {
- /* If present, returns a bitmask indicating which fields are present. The
- * bit (1 << N) corresponds to index N in the fields array. */
- unsigned int (*optional)(const void *);
- /* Indicates an array of sequence field descriptors. */
- const struct atype_info **fields;
- size_t n_fields;
- /* Currently all sequences are assumed to be extensible. */
-};
+k5_asn1_encode_atype(asn1buf *buf, const void *val, const struct atype_info *a,
+ taginfo *tag_out);
+/* Returns a completed encoding, with tag and in the correct byte order, in an
+ * allocated krb5_data. */
extern krb5_error_code
-krb5int_asn1_do_full_encode(const void *rep, krb5_data **code,
- const struct atype_info *a);
+k5_asn1_full_encode(const void *rep, const struct atype_info *a,
+ krb5_data **code_out);
-#define MAKE_FULL_ENCODER(FNAME, DESC) \
- krb5_error_code FNAME(const aux_typedefname_##DESC *rep, \
- krb5_data **code) \
+#define MAKE_ENCODER(FNAME, DESC) \
+ krb5_error_code \
+ FNAME(const aux_type_##DESC *rep, krb5_data **code_out) \
{ \
- return krb5int_asn1_do_full_encode(rep, code, \
- &k5_atype_##DESC); \
+ return k5_asn1_full_encode(rep, &k5_atype_##DESC, code_out); \
} \
extern int dummy /* gobble semicolon */
DEFCOUNTEDTYPE(der_data, krb5_data, data, length, der);
DEFCOUNTEDSTRINGTYPE(octetstring, unsigned char *, unsigned int,
- asn1_encode_bytestring, ASN1_OCTETSTRING);
+ k5_asn1_encode_bytestring, ASN1_OCTETSTRING);
DEFCOUNTEDSTRINGTYPE(s_octetstring, char *, unsigned int,
- asn1_encode_bytestring, ASN1_OCTETSTRING);
+ k5_asn1_encode_bytestring, ASN1_OCTETSTRING);
DEFCOUNTEDTYPE(ostring_data, krb5_data, data, length, s_octetstring);
DEFPTRTYPE(ostring_data_ptr, ostring_data);
DEFCOUNTEDSTRINGTYPE(generalstring, char *, unsigned int,
- asn1_encode_bytestring, ASN1_GENERALSTRING);
+ k5_asn1_encode_bytestring, ASN1_GENERALSTRING);
DEFCOUNTEDSTRINGTYPE(u_generalstring, unsigned char *, unsigned int,
- asn1_encode_bytestring, ASN1_GENERALSTRING);
+ k5_asn1_encode_bytestring, ASN1_GENERALSTRING);
DEFCOUNTEDTYPE(gstring_data, krb5_data, data, length, generalstring);
DEFPTRTYPE(gstring_data_ptr, gstring_data);
DEFCOUNTEDSEQOFTYPE(cseqof_gstring_data, krb5_int32, gstring_data_ptr);
DEFPTRTYPE(principal, principal_data);
static asn1_error_code
-encode_kerberos_time(asn1buf *buf, const void *val, taginfo *rettag)
+encode_kerberos_time(asn1buf *buf, const void *p, taginfo *rettag)
{
/* Range checking for time_t vs krb5_timestamp? */
- time_t tval = *(krb5_timestamp *)val;
+ time_t val = *(krb5_timestamp *)p;
rettag->asn1class = UNIVERSAL;
rettag->construction = PRIMITIVE;
rettag->tagnum = ASN1_GENERALTIME;
- return asn1_encode_generaltime(buf, tval, &rettag->length);
+ return k5_asn1_encode_generaltime(buf, val, &rettag->length);
}
DEFFNTYPE(kerberos_time, krb5_timestamp, encode_kerberos_time);
* as a 32-bit integer in host order.
*/
static asn1_error_code
-encode_krb5_flags(asn1buf *buf, const void *val, taginfo *rettag)
+encode_krb5_flags(asn1buf *buf, const void *p, taginfo *rettag)
{
unsigned char cbuf[4], *cptr = cbuf;
- store_32_be((krb5_ui_4)*(const krb5_flags *)val, cbuf);
+ store_32_be((krb5_ui_4)*(const krb5_flags *)p, cbuf);
rettag->asn1class = UNIVERSAL;
rettag->construction = PRIMITIVE;
rettag->tagnum = ASN1_BITSTRING;
- return asn1_encode_bitstring(buf, &cptr, 4, &rettag->length);
+ return k5_asn1_encode_bitstring(buf, &cptr, 4, &rettag->length);
}
DEFFNTYPE(krb5_flags, krb5_flags, encode_krb5_flags);
krb5_kdc_req v;
krb5_data *server_realm;
} kdc_req_hack;
-DEFFIELD(kdc_req_0, kdc_req_hack, v.kdc_options, 0, krb5_flags);
-DEFFIELD(kdc_req_1, kdc_req_hack, v.client, 1, principal);
-DEFFIELD(kdc_req_2, kdc_req_hack, server_realm, 2, gstring_data_ptr);
-DEFFIELD(kdc_req_3, kdc_req_hack, v.server, 3, principal);
-DEFFIELD(kdc_req_4, kdc_req_hack, v.from, 4, kerberos_time);
-DEFFIELD(kdc_req_5, kdc_req_hack, v.till, 5, kerberos_time);
-DEFFIELD(kdc_req_6, kdc_req_hack, v.rtime, 6, kerberos_time);
-DEFFIELD(kdc_req_7, kdc_req_hack, v.nonce, 7, int32);
-DEFCNFIELD(kdc_req_8, kdc_req_hack, v.ktype, v.nktypes, 8, cseqof_int32);
-DEFFIELD(kdc_req_9, kdc_req_hack, v.addresses, 9, ptr_seqof_host_addresses);
-DEFFIELD(kdc_req_10, kdc_req_hack, v.authorization_data, 10, encrypted_data);
-DEFFIELD(kdc_req_11, kdc_req_hack, v.second_ticket, 11, ptr_seqof_ticket);
+DEFFIELD(req_body_0, kdc_req_hack, v.kdc_options, 0, krb5_flags);
+DEFFIELD(req_body_1, kdc_req_hack, v.client, 1, principal);
+DEFFIELD(req_body_2, kdc_req_hack, server_realm, 2, gstring_data_ptr);
+DEFFIELD(req_body_3, kdc_req_hack, v.server, 3, principal);
+DEFFIELD(req_body_4, kdc_req_hack, v.from, 4, kerberos_time);
+DEFFIELD(req_body_5, kdc_req_hack, v.till, 5, kerberos_time);
+DEFFIELD(req_body_6, kdc_req_hack, v.rtime, 6, kerberos_time);
+DEFFIELD(req_body_7, kdc_req_hack, v.nonce, 7, int32);
+DEFCNFIELD(req_body_8, kdc_req_hack, v.ktype, v.nktypes, 8, cseqof_int32);
+DEFFIELD(req_body_9, kdc_req_hack, v.addresses, 9, ptr_seqof_host_addresses);
+DEFFIELD(req_body_10, kdc_req_hack, v.authorization_data, 10, encrypted_data);
+DEFFIELD(req_body_11, kdc_req_hack, v.second_ticket, 11, ptr_seqof_ticket);
static const struct atype_info *kdc_req_hack_fields[] = {
- &k5_atype_kdc_req_0, &k5_atype_kdc_req_1, &k5_atype_kdc_req_2,
- &k5_atype_kdc_req_3, &k5_atype_kdc_req_4, &k5_atype_kdc_req_5,
- &k5_atype_kdc_req_6, &k5_atype_kdc_req_7, &k5_atype_kdc_req_8,
- &k5_atype_kdc_req_9, &k5_atype_kdc_req_10, &k5_atype_kdc_req_11
+ &k5_atype_req_body_0, &k5_atype_req_body_1, &k5_atype_req_body_2,
+ &k5_atype_req_body_3, &k5_atype_req_body_4, &k5_atype_req_body_5,
+ &k5_atype_req_body_6, &k5_atype_req_body_7, &k5_atype_req_body_8,
+ &k5_atype_req_body_9, &k5_atype_req_body_10, &k5_atype_req_body_11
};
static unsigned int
optional_kdc_req_hack(const void *p)
DEFSEQTYPE(kdc_req_body_hack, kdc_req_hack, kdc_req_hack_fields,
optional_kdc_req_hack);
static asn1_error_code
-asn1_encode_kdc_req_body(asn1buf *buf, const void *ptr, taginfo *rettag)
+encode_kdc_req_body(asn1buf *buf, const void *p, taginfo *tag_out)
{
- const krb5_kdc_req *val = ptr;
- kdc_req_hack val2;
- val2.v = *val;
+ const krb5_kdc_req *val = p;
+ kdc_req_hack h;
+ h.v = *val;
if (val->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY) {
- if (val->second_ticket != NULL && val->second_ticket[0] != NULL) {
- val2.server_realm = &val->second_ticket[0]->server->realm;
- } else return ASN1_MISSING_FIELD;
- } else if (val->server != NULL) {
- val2.server_realm = &val->server->realm;
- } else return ASN1_MISSING_FIELD;
- return krb5int_asn1_encode_type(buf, &val2, &k5_atype_kdc_req_body_hack,
- rettag);
+ if (val->second_ticket != NULL && val->second_ticket[0] != NULL)
+ h.server_realm = &val->second_ticket[0]->server->realm;
+ else
+ return ASN1_MISSING_FIELD;
+ } else if (val->server != NULL)
+ h.server_realm = &val->server->realm;
+ else
+ return ASN1_MISSING_FIELD;
+ return k5_asn1_encode_atype(buf, &h, &k5_atype_kdc_req_body_hack, tag_out);
}
-DEFFNTYPE(kdc_req_body, krb5_kdc_req, asn1_encode_kdc_req_body);
+DEFFNTYPE(kdc_req_body, krb5_kdc_req, encode_kdc_req_body);
/* end ugly hack */
DEFFIELD(transited_0, krb5_transited, tr_type, 0, octet);
DEFFIELD(safe_body_3, krb5_safe, seq_number, 3, uint);
DEFFIELD(safe_body_4, krb5_safe, s_address, 4, address_ptr);
DEFFIELD(safe_body_5, krb5_safe, r_address, 5, address_ptr);
-static const struct atype_info *krb_safe_body_fields[] = {
+static const struct atype_info *safe_body_fields[] = {
&k5_atype_safe_body_0, &k5_atype_safe_body_1, &k5_atype_safe_body_2,
&k5_atype_safe_body_3, &k5_atype_safe_body_4, &k5_atype_safe_body_5
};
not_present |= (1u << 5);
return not_present;
}
-DEFSEQTYPE(krb_safe_body, krb5_safe, krb_safe_body_fields,
- optional_krb_safe_body);
+DEFSEQTYPE(safe_body, krb5_safe, safe_body_fields, optional_krb_safe_body);
DEFFIELD(cred_info_0, krb5_cred_info, session, 0, ptr_encryption_key);
DEFFIELD(cred_info_1, krb5_cred_info, client, 1, realm_of_principal);
DEFFIELD(authenticator_7, krb5_authenticator, seq_number, 7, uint);
DEFFIELD(authenticator_8, krb5_authenticator, authorization_data, 8,
auth_data_ptr);
-static const struct atype_info *krb5_authenticator_fields[] = {
+static const struct atype_info *authenticator_fields[] = {
&k5_atype_authenticator_0, &k5_atype_authenticator_1,
&k5_atype_authenticator_2, &k5_atype_authenticator_3,
&k5_atype_authenticator_4, &k5_atype_authenticator_5,
&k5_atype_authenticator_8
};
static unsigned int
-optional_krb5_authenticator(const void *p)
+optional_authenticator(const void *p)
{
const krb5_authenticator *val = p;
unsigned int not_present = 0;
not_present |= (1u << 3);
return not_present;
}
-DEFSEQTYPE(untagged_krb5_authenticator, krb5_authenticator,
- krb5_authenticator_fields, optional_krb5_authenticator);
-DEFAPPTAGGEDTYPE(krb5_authenticator, 2, untagged_krb5_authenticator);
+DEFSEQTYPE(untagged_authenticator, krb5_authenticator, authenticator_fields,
+ optional_authenticator);
+DEFAPPTAGGEDTYPE(authenticator, 2, untagged_authenticator);
DEFFIELD(enc_tkt_0, krb5_enc_tkt_part, flags, 0, krb5_flags);
DEFFIELD(enc_tkt_1, krb5_enc_tkt_part, session, 1, ptr_encryption_key);
DEFINT_IMMEDIATE(safe_msg_type, ASN1_KRB_SAFE);
DEFCTAGGEDTYPE(safe_0, 0, krb5_version);
DEFCTAGGEDTYPE(safe_1, 1, safe_msg_type);
-DEFCTAGGEDTYPE(safe_2, 2, krb_safe_body);
+DEFCTAGGEDTYPE(safe_2, 2, safe_body);
DEFFIELD(safe_3, krb5_safe, checksum, 3, checksum_ptr);
-static const struct atype_info *krb5_safe_fields[] = {
+static const struct atype_info *safe_fields[] = {
&k5_atype_safe_0, &k5_atype_safe_1, &k5_atype_safe_2, &k5_atype_safe_3
};
-DEFSEQTYPE(untagged_krb5_safe, krb5_safe, krb5_safe_fields, NULL);
-DEFAPPTAGGEDTYPE(krb5_safe, 20, untagged_krb5_safe);
+DEFSEQTYPE(untagged_safe, krb5_safe, safe_fields, NULL);
+DEFAPPTAGGEDTYPE(safe, 20, untagged_safe);
/* Hack to encode a KRB-SAFE with a pre-specified body encoding. The integer-
* immediate fields are borrowed from krb5_safe_fields above. */
-DEFPTRTYPE(krb_saved_safe_body_ptr, der_data);
-DEFOFFSETTYPE(krb5_safe_checksum_only, krb5_safe, checksum, checksum_ptr);
-DEFPTRTYPE(krb5_safe_checksum_only_ptr, krb5_safe_checksum_only);
+DEFPTRTYPE(saved_safe_body_ptr, der_data);
+DEFOFFSETTYPE(safe_checksum_only, krb5_safe, checksum, checksum_ptr);
+DEFPTRTYPE(safe_checksum_only_ptr, safe_checksum_only);
DEFFIELD(safe_with_body_2, struct krb5_safe_with_body, body, 2,
- krb_saved_safe_body_ptr);
+ saved_safe_body_ptr);
DEFFIELD(safe_with_body_3, struct krb5_safe_with_body, safe, 3,
- krb5_safe_checksum_only_ptr);
-static const struct atype_info *krb5_safe_with_body_fields[] = {
+ safe_checksum_only_ptr);
+static const struct atype_info *safe_with_body_fields[] = {
&k5_atype_safe_0, &k5_atype_safe_1, &k5_atype_safe_with_body_2,
&k5_atype_safe_with_body_3
};
-DEFSEQTYPE(untagged_krb5_safe_with_body, struct krb5_safe_with_body,
- krb5_safe_with_body_fields, NULL);
-DEFAPPTAGGEDTYPE(krb5_safe_with_body, 20, untagged_krb5_safe_with_body);
+DEFSEQTYPE(untagged_safe_with_body, struct krb5_safe_with_body,
+ safe_with_body_fields, NULL);
+DEFAPPTAGGEDTYPE(safe_with_body, 20, untagged_safe_with_body);
/* Third tag is [3] instead of [2]. */
DEFINT_IMMEDIATE(priv_msg_type, ASN1_KRB_PRIV);
&k5_atype_priv_0, &k5_atype_priv_1, &k5_atype_priv_3
};
DEFSEQTYPE(untagged_priv, krb5_priv, priv_fields, NULL);
-DEFAPPTAGGEDTYPE(krb5_priv, 21, untagged_priv);
+DEFAPPTAGGEDTYPE(priv, 21, untagged_priv);
DEFFIELD(priv_enc_part_0, krb5_priv_enc_part, user_data, 0, ostring_data);
DEFFIELD(priv_enc_part_1, krb5_priv_enc_part, timestamp, 1, kerberos_time);
/* Exported complete encoders -- these produce a krb5_data with
the encoding in the correct byte order. */
-MAKE_FULL_ENCODER(encode_krb5_authenticator, krb5_authenticator);
-MAKE_FULL_ENCODER(encode_krb5_ticket, ticket);
-MAKE_FULL_ENCODER(encode_krb5_encryption_key, encryption_key);
-MAKE_FULL_ENCODER(encode_krb5_enc_tkt_part, enc_tkt_part);
+MAKE_ENCODER(encode_krb5_authenticator, authenticator);
+MAKE_ENCODER(encode_krb5_ticket, ticket);
+MAKE_ENCODER(encode_krb5_encryption_key, encryption_key);
+MAKE_ENCODER(encode_krb5_enc_tkt_part, enc_tkt_part);
/* XXX We currently (for backwards compatibility) encode both
EncASRepPart and EncTGSRepPart with application tag 26. */
-MAKE_FULL_ENCODER(encode_krb5_enc_kdc_rep_part, enc_tgs_rep_part);
-MAKE_FULL_ENCODER(encode_krb5_as_rep, as_rep);
-MAKE_FULL_ENCODER(encode_krb5_tgs_rep, tgs_rep);
-MAKE_FULL_ENCODER(encode_krb5_ap_req, ap_req);
-MAKE_FULL_ENCODER(encode_krb5_ap_rep, ap_rep);
-MAKE_FULL_ENCODER(encode_krb5_ap_rep_enc_part, ap_rep_enc_part);
-MAKE_FULL_ENCODER(encode_krb5_as_req, as_req);
-MAKE_FULL_ENCODER(encode_krb5_tgs_req, tgs_req);
-MAKE_FULL_ENCODER(encode_krb5_kdc_req_body, kdc_req_body);
-MAKE_FULL_ENCODER(encode_krb5_safe, krb5_safe);
+MAKE_ENCODER(encode_krb5_enc_kdc_rep_part, enc_tgs_rep_part);
+MAKE_ENCODER(encode_krb5_as_rep, as_rep);
+MAKE_ENCODER(encode_krb5_tgs_rep, tgs_rep);
+MAKE_ENCODER(encode_krb5_ap_req, ap_req);
+MAKE_ENCODER(encode_krb5_ap_rep, ap_rep);
+MAKE_ENCODER(encode_krb5_ap_rep_enc_part, ap_rep_enc_part);
+MAKE_ENCODER(encode_krb5_as_req, as_req);
+MAKE_ENCODER(encode_krb5_tgs_req, tgs_req);
+MAKE_ENCODER(encode_krb5_kdc_req_body, kdc_req_body);
+MAKE_ENCODER(encode_krb5_safe, safe);
/*
* encode_krb5_safe_with_body
* Like encode_krb5_safe(), except takes a saved KRB-SAFE-BODY
* encoding to avoid problems with re-encoding.
*/
-MAKE_FULL_ENCODER(encode_krb5_safe_with_body, krb5_safe_with_body);
-
-MAKE_FULL_ENCODER(encode_krb5_priv, krb5_priv);
-MAKE_FULL_ENCODER(encode_krb5_enc_priv_part, priv_enc_part);
-MAKE_FULL_ENCODER(encode_krb5_checksum, checksum);
-
-MAKE_FULL_ENCODER(encode_krb5_cred, krb5_cred);
-MAKE_FULL_ENCODER(encode_krb5_enc_cred_part, enc_cred_part);
-MAKE_FULL_ENCODER(encode_krb5_error, krb5_error);
-MAKE_FULL_ENCODER(encode_krb5_authdata, auth_data);
-MAKE_FULL_ENCODER(encode_krb5_etype_info, etype_info);
-MAKE_FULL_ENCODER(encode_krb5_etype_info2, etype_info2);
-MAKE_FULL_ENCODER(encode_krb5_enc_data, encrypted_data);
-MAKE_FULL_ENCODER(encode_krb5_pa_enc_ts, pa_enc_ts);
-MAKE_FULL_ENCODER(encode_krb5_padata_sequence, seqof_pa_data);
+MAKE_ENCODER(encode_krb5_safe_with_body, safe_with_body);
+
+MAKE_ENCODER(encode_krb5_priv, priv);
+MAKE_ENCODER(encode_krb5_enc_priv_part, priv_enc_part);
+MAKE_ENCODER(encode_krb5_checksum, checksum);
+
+MAKE_ENCODER(encode_krb5_cred, krb5_cred);
+MAKE_ENCODER(encode_krb5_enc_cred_part, enc_cred_part);
+MAKE_ENCODER(encode_krb5_error, krb5_error);
+MAKE_ENCODER(encode_krb5_authdata, auth_data);
+MAKE_ENCODER(encode_krb5_etype_info, etype_info);
+MAKE_ENCODER(encode_krb5_etype_info2, etype_info2);
+MAKE_ENCODER(encode_krb5_enc_data, encrypted_data);
+MAKE_ENCODER(encode_krb5_pa_enc_ts, pa_enc_ts);
+MAKE_ENCODER(encode_krb5_padata_sequence, seqof_pa_data);
/* sam preauth additions */
-MAKE_FULL_ENCODER(encode_krb5_sam_challenge_2, sam_challenge_2);
-MAKE_FULL_ENCODER(encode_krb5_sam_challenge_2_body,
- sam_challenge_2_body);
-MAKE_FULL_ENCODER(encode_krb5_enc_sam_response_enc_2,
- enc_sam_response_enc_2);
-MAKE_FULL_ENCODER(encode_krb5_sam_response_2, sam_response_2);
-MAKE_FULL_ENCODER(encode_krb5_setpw_req, setpw_req);
-MAKE_FULL_ENCODER(encode_krb5_pa_for_user, pa_for_user);
-MAKE_FULL_ENCODER(encode_krb5_s4u_userid, s4u_userid);
-MAKE_FULL_ENCODER(encode_krb5_pa_s4u_x509_user, pa_s4u_x509_user);
-MAKE_FULL_ENCODER(encode_krb5_etype_list, etype_list);
-
-MAKE_FULL_ENCODER(encode_krb5_pa_fx_fast_request, pa_fx_fast_request);
-MAKE_FULL_ENCODER( encode_krb5_fast_req, fast_req);
-MAKE_FULL_ENCODER( encode_krb5_pa_fx_fast_reply, pa_fx_fast_reply);
-MAKE_FULL_ENCODER(encode_krb5_fast_response, fast_response);
-
-MAKE_FULL_ENCODER(encode_krb5_ad_kdcissued, ad_kdc_issued);
-MAKE_FULL_ENCODER(encode_krb5_ad_signedpath_data, ad_signedpath_data);
-MAKE_FULL_ENCODER(encode_krb5_ad_signedpath, ad_signedpath);
-MAKE_FULL_ENCODER(encode_krb5_iakerb_header, iakerb_header);
-MAKE_FULL_ENCODER(encode_krb5_iakerb_finished, iakerb_finished);
+MAKE_ENCODER(encode_krb5_sam_challenge_2, sam_challenge_2);
+MAKE_ENCODER(encode_krb5_sam_challenge_2_body, sam_challenge_2_body);
+MAKE_ENCODER(encode_krb5_enc_sam_response_enc_2, enc_sam_response_enc_2);
+MAKE_ENCODER(encode_krb5_sam_response_2, sam_response_2);
+MAKE_ENCODER(encode_krb5_setpw_req, setpw_req);
+MAKE_ENCODER(encode_krb5_pa_for_user, pa_for_user);
+MAKE_ENCODER(encode_krb5_s4u_userid, s4u_userid);
+MAKE_ENCODER(encode_krb5_pa_s4u_x509_user, pa_s4u_x509_user);
+MAKE_ENCODER(encode_krb5_etype_list, etype_list);
+
+MAKE_ENCODER(encode_krb5_pa_fx_fast_request, pa_fx_fast_request);
+MAKE_ENCODER(encode_krb5_fast_req, fast_req);
+MAKE_ENCODER(encode_krb5_pa_fx_fast_reply, pa_fx_fast_reply);
+MAKE_ENCODER(encode_krb5_fast_response, fast_response);
+
+MAKE_ENCODER(encode_krb5_ad_kdcissued, ad_kdc_issued);
+MAKE_ENCODER(encode_krb5_ad_signedpath_data, ad_signedpath_data);
+MAKE_ENCODER(encode_krb5_ad_signedpath, ad_signedpath);
+MAKE_ENCODER(encode_krb5_iakerb_header, iakerb_header);
+MAKE_ENCODER(encode_krb5_iakerb_finished, iakerb_finished);
/*
* PKINIT
#ifndef DISABLE_PKINIT
DEFCOUNTEDSTRINGTYPE(object_identifier, char *, unsigned int,
- asn1_encode_bytestring, ASN1_OBJECTIDENTIFIER);
+ k5_asn1_encode_bytestring, ASN1_OBJECTIDENTIFIER);
DEFCOUNTEDTYPE(oid_data, krb5_data, data, length, object_identifier);
DEFPTRTYPE(oid_data_ptr, oid_data);
DEFSEQTYPE(pkinit_supp_pub_info, krb5_pkinit_supp_pub_info,
pkinit_supp_pub_info_fields, NULL);
-MAKE_FULL_ENCODER(encode_krb5_pkinit_supp_pub_info, pkinit_supp_pub_info);
-MAKE_FULL_ENCODER(encode_krb5_sp80056a_other_info, sp80056a_other_info);
+MAKE_ENCODER(encode_krb5_pkinit_supp_pub_info, pkinit_supp_pub_info);
+MAKE_ENCODER(encode_krb5_sp80056a_other_info, sp80056a_other_info);
/* A krb5_checksum encoded as an OCTET STRING, for PKAuthenticator. */
DEFCOUNTEDTYPE(ostring_checksum, krb5_checksum, contents, length, octetstring);
DEFSEQTYPE(pk_authenticator_draft9, krb5_pk_authenticator_draft9,
pk_authenticator_draft9_fields, NULL);
-DEFCOUNTEDSTRINGTYPE(s_bitstring, char *, unsigned int, asn1_encode_bitstring,
- ASN1_BITSTRING);
+DEFCOUNTEDSTRINGTYPE(s_bitstring, char *, unsigned int,
+ k5_asn1_encode_bitstring, ASN1_BITSTRING);
DEFCOUNTEDTYPE(bitstring_data, krb5_data, data, length, s_bitstring);
/* RFC 3280. No context tags. */
DEFCOUNTEDTYPE_SIGNED(pa_pk_as_rep_draft9, krb5_pa_pk_as_rep_draft9, u, choice,
pa_pk_as_rep_draft9_choice);
-MAKE_FULL_ENCODER(encode_krb5_pa_pk_as_req, pa_pk_as_req);
-MAKE_FULL_ENCODER(encode_krb5_pa_pk_as_req_draft9, pa_pk_as_req_draft9);
-MAKE_FULL_ENCODER(encode_krb5_pa_pk_as_rep, pa_pk_as_rep);
-MAKE_FULL_ENCODER(encode_krb5_pa_pk_as_rep_draft9, pa_pk_as_rep_draft9);
-MAKE_FULL_ENCODER(encode_krb5_auth_pack, auth_pack);
-MAKE_FULL_ENCODER(encode_krb5_auth_pack_draft9, auth_pack_draft9);
-MAKE_FULL_ENCODER(encode_krb5_kdc_dh_key_info, kdc_dh_key_info);
-MAKE_FULL_ENCODER(encode_krb5_reply_key_pack, reply_key_pack);
-MAKE_FULL_ENCODER(encode_krb5_reply_key_pack_draft9, reply_key_pack_draft9);
-MAKE_FULL_ENCODER(encode_krb5_td_trusted_certifiers,
- seqof_external_principal_identifier);
-MAKE_FULL_ENCODER(encode_krb5_td_dh_parameters, seqof_algorithm_identifier);
+MAKE_ENCODER(encode_krb5_pa_pk_as_req, pa_pk_as_req);
+MAKE_ENCODER(encode_krb5_pa_pk_as_req_draft9, pa_pk_as_req_draft9);
+MAKE_ENCODER(encode_krb5_pa_pk_as_rep, pa_pk_as_rep);
+MAKE_ENCODER(encode_krb5_pa_pk_as_rep_draft9, pa_pk_as_rep_draft9);
+MAKE_ENCODER(encode_krb5_auth_pack, auth_pack);
+MAKE_ENCODER(encode_krb5_auth_pack_draft9, auth_pack_draft9);
+MAKE_ENCODER(encode_krb5_kdc_dh_key_info, kdc_dh_key_info);
+MAKE_ENCODER(encode_krb5_reply_key_pack, reply_key_pack);
+MAKE_ENCODER(encode_krb5_reply_key_pack_draft9, reply_key_pack_draft9);
+MAKE_ENCODER(encode_krb5_td_trusted_certifiers,
+ seqof_external_principal_identifier);
+MAKE_ENCODER(encode_krb5_td_dh_parameters, seqof_algorithm_identifier);
#else /* DISABLE_PKINIT */
DEFPTRTYPE(typed_data_ptr, typed_data);
DEFNULLTERMSEQOFTYPE(seqof_typed_data, typed_data_ptr);
-MAKE_FULL_ENCODER(encode_krb5_typed_data, seqof_typed_data);
+MAKE_ENCODER(encode_krb5_typed_data, seqof_typed_data);
DEFINTTYPE(int16, krb5_int16);
DEFCOUNTEDSTRINGTYPE(ui2_octetstring, unsigned char *, krb5_ui_2,
- asn1_encode_bytestring, ASN1_OCTETSTRING);
+ k5_asn1_encode_bytestring, ASN1_OCTETSTRING);
DEFFIELD(krbsalt_0, krb5_key_data, key_data_type[1], 0, int16);
DEFCNFIELD(krbsalt_1, krb5_key_data, key_data_contents[1], key_data_length[1],
DEFSEQTYPE(ldap_key_seq, ldap_seqof_key_data, ldap_key_seq_fields, NULL);
/* Export a function to do the whole encoding. */
-MAKE_FULL_ENCODER(krb5int_ldap_encode_sequence_of_keys, ldap_key_seq);
+MAKE_ENCODER(krb5int_ldap_encode_sequence_of_keys, ldap_key_seq);
/************************************************************************/
/* Decode the Principal's keys */