Implement encoders for etype_info2 and add support to s2kparams for

decoders.

Ticket: 1454
Status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15393 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/include/ChangeLog b/src/include/ChangeLog
index e3b83e8252a3c99186e9bdac9f5a76c4be578460..8ae6cd1785a8449b0f0c6a48de95acd52163d4a8 100644 (file)
--- a/src/include/ChangeLog
+++ b/src/include/ChangeLog
@@ -1,3 +1,9 @@
+2003-05-06  Sam Hartman  <hartmans@mit.edu>
+
+       * k5-int.h: Add s2kparams to 
+       krb5_etype_info_entry
+       Add encode_etype_info2 and decode_etype_info2
+
 2003-05-02  Ken Raeburn  <raeburn@mit.edu>
 
        * port-sockets.h (inet_ntop) [!_WIN32 && !HAVE_MACSOCK_H]: Define

diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 35d924bc3e4d2bf7dba00bf19a61a62cb0cb2b11..ccbd1689994a628d32dbff67a194589bb9dafe4f 100644 (file)
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -282,12 +282,15 @@ typedef struct _krb5_alt_method {
  * A null-terminated array of this structure is returned by the KDC as
  * the data part of the ETYPE_INFO preauth type.  It informs the
  * client which encryption types are supported.
+ * The  same data structure is used by both etype-info and etype-info2
+ * but s2kparams must be null when encoding etype-info.
  */
 typedef struct _krb5_etype_info_entry {
        krb5_magic      magic;
        krb5_enctype    etype;
        unsigned int    length;
        krb5_octet      *salt;
+    krb5_data s2kparams;
 } krb5_etype_info_entry;
 
 /* 
@@ -1230,6 +1233,8 @@ krb5_error_code encode_krb5_alt_method
 
 krb5_error_code encode_krb5_etype_info
        (const krb5_etype_info_entry **, krb5_data **code);
+krb5_error_code encode_krb5_etype_info2
+       (const krb5_etype_info_entry **, krb5_data **code);
 
 krb5_error_code encode_krb5_enc_data
        (const krb5_enc_data *, krb5_data **);
@@ -1408,6 +1413,9 @@ krb5_error_code decode_krb5_alt_method
 krb5_error_code decode_krb5_etype_info
        (const krb5_data *output, krb5_etype_info_entry ***rep);
 
+krb5_error_code decode_krb5_etype_info2
+       (const krb5_data *output, krb5_etype_info_entry ***rep);
+
 krb5_error_code decode_krb5_enc_data
        (const krb5_data *output, krb5_enc_data **rep);
 

diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog
index 4eaa5fe61afc90c140e4765b5a41d474b747aaec..c4bd9bc08d6369faf275df87f93025730de176a1 100644 (file)
--- a/src/lib/krb5/asn.1/ChangeLog
+++ b/src/lib/krb5/asn.1/ChangeLog
@@ -1,3 +1,18 @@
+2003-05-06  Sam Hartman  <hartmans@mit.edu>
+
+       * krb5_decode.c (decode_krb5_etype_info2): New function; currently
+       the same code as decode_krb5_etype_info.  This means that we can
+       manage to accept s2kparams in etype_info which is wrong but
+       probably harmless.
+
+       * asn1_k_decode.c (asn1_decode_etype_info_entry): Add etype_info2
+       support 
+
+       * asn1_k_encode.c (asn1_encode_etype_info_entry):  Add support for
+       etype-info2 
+
+       * krb5_encode.c (encode_krb5_etype_info2): New function
+
 2003-04-15  Sam Hartman  <hartmans@mit.edu>
 
        * krb5_encode.c (encode_krb5_setpw_req): new function

diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c
index a19dda2a33515d82f0895cab955c059a5eaaee49..e56832a7b635e11c4f9e6fff0460eca1873a6e7d 100644 (file)
--- a/src/lib/krb5/asn.1/asn1_k_decode.c
+++ b/src/lib/krb5/asn.1/asn1_k_decode.c
@@ -796,7 +796,7 @@ asn1_error_code asn1_decode_sequence_of_checksum(asn1buf *buf, krb5_checksum ***
   decode_array_body(krb5_checksum, asn1_decode_checksum);
 }
 
-asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_info_entry *val)
+asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_info_entry *val )
 {
   setup();
   { begin_structure();
@@ -807,13 +807,21 @@ asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_info_entry
            val->length = KRB5_ETYPE_NO_SALT;
            val->salt = 0;
     }
+    if ( tagnum ==2) {
+      krb5_octet *params = (krb5_octet *) val->s2kparams.data;
+      get_lenfield( val->s2kparams.length, params,
+                     2, asn1_decode_octetstring);
+    } else {
+       val->s2kparams.data = NULL;
+       val->s2kparams.length = 0;
+    }
     end_structure();
     val->magic = KV5M_ETYPE_INFO_ENTRY;
   }
   cleanup();
 }
 
-asn1_error_code asn1_decode_etype_info(asn1buf *buf, krb5_etype_info_entry ***val)
+asn1_error_code asn1_decode_etype_info(asn1buf *buf, krb5_etype_info_entry ***val )
 {
   decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry);
 }

diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c
index 9226f7ca2493ee0ea5c4efefb09d2b232100d1ba..703214dd26ac3809fcf4c27be75306faa1521c77 100644 (file)
--- a/src/lib/krb5/asn.1/asn1_k_encode.c
+++ b/src/lib/krb5/asn.1/asn1_k_encode.c
@@ -27,6 +27,7 @@
 #include "asn1_k_encode.h"
 #include "asn1_make.h"
 #include "asn1_encode.h"
+#include <assert.h>
 
 /**** asn1 macros ****/
 #if 0
@@ -708,14 +709,18 @@ asn1_error_code asn1_encode_krb_cred_info(asn1buf *buf, const krb5_cred_info *va
   asn1_cleanup();
 }
 
-asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info_entry *val, unsigned int *retlen)
+asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info_entry *val,
+                                            unsigned int *retlen, int etype_info2)
 {
   asn1_setup();
 
+  assert(val->s2kparams.data == NULL || etype_info2);
   if(val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
                     val->salt == NULL))
      return ASN1_MISSING_FIELD;
-
+  if(val->s2kparams.data != NULL)
+      asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
+                      asn1_encode_octetstring);
   if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT)
          asn1_addlenfield(val->length,val->salt,1,
                           asn1_encode_octetstring);
@@ -725,7 +730,8 @@ asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info
   asn1_cleanup();
 }
 
-asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry **val, unsigned int *retlen)
+asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry **val,
+                                      unsigned int *retlen, int etype_info2)
 {
     asn1_setup();
     int i;
@@ -734,7 +740,7 @@ asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry
   
     for(i=0; val[i] != NULL; i++); /* get to the end of the array */
     for(i--; i>=0; i--){
-       retval = asn1_encode_etype_info_entry(buf,val[i],&length);
+       retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
        if(retval) return retval;
        sum += length;
     }

diff --git a/src/lib/krb5/asn.1/asn1_k_encode.h b/src/lib/krb5/asn.1/asn1_k_encode.h
index 5914e0981795815b4b1f0fc90560d8c2d4b2ecee..a2429a77886e815634ab29dd64df908999656f8e 100644 (file)
--- a/src/lib/krb5/asn.1/asn1_k_encode.h
+++ b/src/lib/krb5/asn.1/asn1_k_encode.h
@@ -219,11 +219,11 @@ asn1_error_code asn1_encode_alt_method
 
 asn1_error_code asn1_encode_etype_info_entry
        (asn1buf *buf, const krb5_etype_info_entry *val,
-                  unsigned int *retlen);
+                  unsigned int *retlen, int etype_info2);
 
 asn1_error_code asn1_encode_etype_info
        (asn1buf *buf, const krb5_etype_info_entry **val,
-                  unsigned int *retlen);
+                  unsigned int *retlen, int etype_info2);
 
 asn1_error_code asn1_encode_passwdsequence
        (asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen);

diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c
index 03a30295b82ddfa7ccbaa0b3f9e2c4d949640c21..b39bae5c41495e51056145242d828300cb5e6157 100644 (file)
--- a/src/lib/krb5/asn.1/krb5_decode.c
+++ b/src/lib/krb5/asn.1/krb5_decode.c
@@ -744,6 +744,16 @@ krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_en
   cleanup_none();              /* we're not allocating anything here */
 }
 
+krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
+{
+  setup_buf_only();
+  *rep = 0;
+  retval = asn1_decode_etype_info(&buf,rep);
+  if(retval) clean_return(retval);
+  cleanup_none();              /* we're not allocating anything here */
+}
+
+
 krb5_error_code decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **rep)
 {
   setup_buf_only();

diff --git a/src/lib/krb5/asn.1/krb5_encode.c b/src/lib/krb5/asn.1/krb5_encode.c
index 04deef0d24d23d081c460b710119b160fe92c3a9..7412209f696e171effef3859c3581a1641206df6 100644 (file)
--- a/src/lib/krb5/asn.1/krb5_encode.c
+++ b/src/lib/krb5/asn.1/krb5_encode.c
@@ -678,12 +678,22 @@ krb5_error_code encode_krb5_alt_method(const krb5_alt_method *rep, krb5_data **c
 krb5_error_code encode_krb5_etype_info(const krb5_etype_info_entry **rep, krb5_data **code)
 {
   krb5_setup();
-  retval = asn1_encode_etype_info(buf,rep,&length);
+  retval = asn1_encode_etype_info(buf,rep,&length, 0);
   if(retval) return retval;
   sum += length;
   krb5_cleanup();
 }
 
+krb5_error_code encode_krb5_etype_info2(const krb5_etype_info_entry **rep, krb5_data **code)
+{
+  krb5_setup();
+  retval = asn1_encode_etype_info(buf,rep,&length, 1);
+  if(retval) return retval;
+  sum += length;
+  krb5_cleanup();
+}
+  
+
 krb5_error_code encode_krb5_enc_data(const krb5_enc_data *rep, krb5_data **code)
 {
   krb5_setup();

diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index 6d60e232adaa1e6c95411bed286d9916b7906586..0d46e8eca1c8b1926cc3aa9614558c0b1cfe404e 100644 (file)
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,7 @@
+2003-05-06  Sam Hartman  <hartmans@mit.edu>
+
+       * kfree.c (krb5_free_etype_info): Free s2kparams
+
 2003-04-27  Sam Hartman  <hartmans@mit.edu>
 
        * chpw.c (krb5int_setpw_result_code_string): Make internal 

diff --git a/src/lib/krb5/krb/kfree.c b/src/lib/krb5/krb/kfree.c
index 0313a912a223c734f6822f3562baf077cb8f7a17..9fc8ed4edbbac4d70ae854613a556adea57699b4 100644 (file)
--- a/src/lib/krb5/krb/kfree.c
+++ b/src/lib/krb5/krb/kfree.c
@@ -246,6 +246,7 @@ void krb5_free_etype_info(krb5_context context, krb5_etype_info info)
   for(i=0; info[i] != NULL; i++) {
       if (info[i]->salt)
          free(info[i]->salt);
+      krb5_free_data_contents( context, &info[2]->s2kparams);
       free(info[i]);
   }
   free(info);

diff --git a/src/tests/asn.1/ChangeLog b/src/tests/asn.1/ChangeLog
index d4c54302510c89faedf626145d6d95085bfe59bf..2cfc096d716f37e5334d2ee180110eb0702bc906 100644 (file)
--- a/src/tests/asn.1/ChangeLog
+++ b/src/tests/asn.1/ChangeLog
@@ -1,3 +1,10 @@
+2003-05-06  Sam Hartman  <hartmans@mit.edu>
+
+       * krb5_encode_test.c (main): Add etype_info2 support
+
+       * ktest.c (ktest_make_sample_etype_info): Initialize s2kparams to be null.
+       (ktest_make_sample_etype_info2): New function
+
 2002-11-07  Ezra Peisach  <epeisach@bu.edu>
 
        * krb5_decode_test.c: Test for sam_challenege without empty

diff --git a/src/tests/asn.1/krb5_encode_test.c b/src/tests/asn.1/krb5_encode_test.c
index 012be90b44e792293016d1d16338a95ab754e2e2..1cbeccd665cf4907a711f924fe4fd04bcdb5d640 100644 (file)
--- a/src/tests/asn.1/krb5_encode_test.c
+++ b/src/tests/asn.1/krb5_encode_test.c
@@ -531,6 +531,32 @@ main(argc, argv)
 
     free(info);
   }
+  /* encode_etype_info 2*/
+  {
+    krb5_etype_info_entry **info;
+    
+    setup(info,krb5_etype_info_entry **,"etype_info2",
+         ktest_make_sample_etype_info2);
+    retval = encode_krb5_etype_info2((const krb5_etype_info_entry **)info,&(code));
+    if(retval) {
+       com_err("encoding etype_info",retval,"");
+       exit(1);
+    }
+    encoder_print_results(code, "etype_info2", "");
+    ktest_destroy_etype_info_entry(info[2]);      info[2] = 0;
+    ktest_destroy_etype_info_entry(info[1]);      info[1] = 0;
+
+    retval = encode_krb5_etype_info2((const krb5_etype_info_entry **)info,&(code));
+    if(retval) {
+       com_err("encoding etype_info (only 1)",retval,"");
+       exit(1);
+    }
+    encoder_print_results(code, "etype_info2 (only 1)", "");
+
+    ktest_destroy_etype_info_entry(info[0]);      info[0] = 0;
+    
+    free(info);
+  }
 
   /****************************************************************/
   /* encode_pa_enc_ts */

diff --git a/src/tests/asn.1/ktest.c b/src/tests/asn.1/ktest.c
index af02d1ad7331d94135f3f7e953f816c19868bb0e..e0820362250389a843d23fa6fd117da20b6d2641 100644 (file)
--- a/src/tests/asn.1/ktest.c
+++ b/src/tests/asn.1/ktest.c
@@ -656,6 +656,8 @@ krb5_error_code ktest_make_sample_etype_info(p)
        if (info[i]->salt == 0)
            goto memfail;
        strcpy((char *) info[i]->salt, buf);
+       info[i]->s2kparams.data = NULL;
+       info[i]->s2kparams.length = 0;
        info[i]->magic = KV5M_ETYPE_INFO_ENTRY;
     }
     free(info[1]->salt);
@@ -668,6 +670,49 @@ memfail:
     return ENOMEM;
 }
 
+
+krb5_error_code ktest_make_sample_etype_info2(p)
+     krb5_etype_info_entry *** p;
+{
+    krb5_etype_info_entry **info;
+    int        i;
+    char buf[80];
+
+    info = malloc(sizeof(krb5_etype_info_entry *) * 4);
+    if (!info)
+       return ENOMEM;
+    memset(info, 0, sizeof(krb5_etype_info_entry *) * 4);
+
+    for (i=0; i < 3; i++) {
+       info[i] = malloc(sizeof(krb5_etype_info_entry));
+       if (info[i] == 0)
+           goto memfail;
+       info[i]->etype = i;
+       sprintf(buf, "Morton's #%d", i);
+       info[i]->length = strlen(buf);
+       info[i]->salt = malloc((size_t) (info[i]->length+1));
+       if (info[i]->salt == 0)
+           goto memfail;
+       strcpy((char *) info[i]->salt, buf);
+       sprintf(buf, "s2k: %d", i);
+       info[i]->s2kparams.data = malloc(strlen(buf)+1);
+       if (info[i]->s2kparams.data == NULL)
+           goto memfail;
+       strcpy( info[i]->s2kparams.data, buf);
+       info[i]->s2kparams.length = strlen(buf);
+       info[i]->magic = KV5M_ETYPE_INFO_ENTRY;
+    }
+    free(info[1]->salt);
+    info[1]->length = KRB5_ETYPE_NO_SALT;
+    info[1]->salt = 0;
+    *p = info;
+    return 0;
+memfail:
+    ktest_destroy_etype_info(info);
+    return ENOMEM;
+}
+
+
 krb5_error_code ktest_make_sample_pa_enc_ts(pa_enc)
      krb5_pa_enc_ts * pa_enc;
 {

diff --git a/src/tests/asn.1/ktest.h b/src/tests/asn.1/ktest.h
index 59e87047c6dacbde129ec8c7b022a5a44a1153d5..5c8175c656e53336b3e19eafd9ee1fff5bc0b41d 100644 (file)
--- a/src/tests/asn.1/ktest.h
+++ b/src/tests/asn.1/ktest.h
@@ -89,6 +89,8 @@ krb5_error_code ktest_make_sample_alt_method
 
 krb5_error_code ktest_make_sample_etype_info
     (krb5_etype_info_entry *** p);
+krb5_error_code ktest_make_sample_etype_info2
+    (krb5_etype_info_entry *** p);
 krb5_error_code ktest_make_sample_pa_enc_ts
        (krb5_pa_enc_ts *am);
 krb5_error_code ktest_make_sample_sam_challenge

diff --git a/src/tests/asn.1/reference_encode.out b/src/tests/asn.1/reference_encode.out
index 0dbfc8d77fa3aefa0611849d7c71b4a26fafdd41..0d449d23266fecb54b8a7ccf013353ebadeb5a97 100644 (file)
--- a/src/tests/asn.1/reference_encode.out
+++ b/src/tests/asn.1/reference_encode.out
@@ -44,6 +44,8 @@ encode_krb5_alt_method (no data): 30 05 A0 03 02 01 2A
 encode_krb5_etype_info: 30 33 30 14 A0 03 02 01 00 A1 0D 04 0B 4D 6F 72 74 6F 6E 27 73 20 23 30 30 05 A0 03 02 01 01 30 14 A0 03 02 01 02 A1 0D 04 0B 4D 6F 72 74 6F 6E 27 73 20 23 32
 encode_krb5_etype_info (only 1): 30 16 30 14 A0 03 02 01 00 A1 0D 04 0B 4D 6F 72 74 6F 6E 27 73 20 23 30
 encode_krb5_etype_info (no info): 30 00
+encode_krb5_etype_info2: 30 51 30 1E A0 03 02 01 00 A1 0D 04 0B 4D 6F 72 74 6F 6E 27 73 20 23 30 A2 08 04 06 73 32 6B 3A 20 30 30 0F A0 03 02 01 01 A2 08 04 06 73 32 6B 3A 20 31 30 1E A0 03 02 01 02 A1 0D 04 0B 4D 6F 72 74 6F 6E 27 73 20 23 32 A2 08 04 06 73 32 6B 3A 20 32
+encode_krb5_etype_info2 (only 1): 30 20 30 1E A0 03 02 01 00 A1 0D 04 0B 4D 6F 72 74 6F 6E 27 73 20 23 30 A2 08 04 06 73 32 6B 3A 20 30
 encode_krb5_pa_enc_ts: 30 1A A0 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A1 05 02 03 01 E2 40
 encode_krb5_pa_enc_ts (no usec): 30 13 A0 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A
 encode_krb5_enc_data: 30 23 A0 03 02 01 00 A1 03 02 01 05 A2 17 04 15 6B 72 62 41 53 4E 2E 31 20 74 65 73 74 20 6D 65 73 73 61 67 65

diff --git a/src/tests/asn.1/trval_reference.out b/src/tests/asn.1/trval_reference.out
index 2287d5facd4a3f43dfc4d0ab9477b4bef3910b98..4422ad4cbf023b1ba185bc787fd9c3259c229296 100644 (file)
--- a/src/tests/asn.1/trval_reference.out
+++ b/src/tests/asn.1/trval_reference.out
@@ -1124,6 +1124,29 @@ encode_krb5_etype_info (no info):
 
 [Sequence/Sequence Of] 
 
+encode_krb5_etype_info2:
+
+[Sequence/Sequence Of] 
+.  [Sequence/Sequence Of] 
+.  .  [0] [Integer] 0
+.  .  [1] [Octet String] "Morton's #0"
+.  .  [2] [Octet String] "s2k: 0"
+.  [Sequence/Sequence Of] 
+.  .  [0] [Integer] 1
+.  .  [2] [Octet String] "s2k: 1"
+.  [Sequence/Sequence Of] 
+.  .  [0] [Integer] 2
+.  .  [1] [Octet String] "Morton's #2"
+.  .  [2] [Octet String] "s2k: 2"
+
+encode_krb5_etype_info2 (only 1):
+
+[Sequence/Sequence Of] 
+.  [Sequence/Sequence Of] 
+.  .  [0] [Integer] 0
+.  .  [1] [Octet String] "Morton's #0"
+.  .  [2] [Octet String] "s2k: 0"
+
 encode_krb5_pa_enc_ts:
 
 [Sequence/Sequence Of]