#define tag(type)\
retval = asn1_get_tag_2(buf,&tinfo);\
-if(retval) return retval;\
-if(asn1class != UNIVERSAL || construction != PRIMITIVE || tagnum != type)\
+if (retval) return retval;\
+if (asn1class != UNIVERSAL || construction != PRIMITIVE || tagnum != type)\
return ASN1_BAD_ID
#define cleanup()\
asn1_error_code asn1_decode_integer(asn1buf *buf, long int *val)
{
- setup();
- asn1_octet o;
- long n = 0; /* initialize to keep gcc happy */
- unsigned int i;
+ setup();
+ asn1_octet o;
+ long n = 0; /* initialize to keep gcc happy */
+ unsigned int i;
- tag(ASN1_INTEGER);
+ tag(ASN1_INTEGER);
- for (i = 0; i < length; i++) {
- retval = asn1buf_remove_octet(buf, &o);
- if (retval) return retval;
- if (!i) {
- n = (0x80 & o) ? -1 : 0; /* grab sign bit */
- if (n < 0 && length > sizeof (long))
- return ASN1_OVERFLOW;
- else if (length > sizeof (long) + 1) /* allow extra octet for positive */
- return ASN1_OVERFLOW;
+ for (i = 0; i < length; i++) {
+ retval = asn1buf_remove_octet(buf, &o);
+ if (retval) return retval;
+ if (!i) {
+ n = (0x80 & o) ? -1 : 0; /* grab sign bit */
+ if (n < 0 && length > sizeof (long))
+ return ASN1_OVERFLOW;
+ else if (length > sizeof (long) + 1) /* allow extra octet for positive */
+ return ASN1_OVERFLOW;
+ }
+ n = (n << 8) | o;
}
- n = (n << 8) | o;
- }
- *val = n;
- cleanup();
+ *val = n;
+ cleanup();
}
asn1_error_code asn1_decode_unsigned_integer(asn1buf *buf, long unsigned int *val)
{
- setup();
- asn1_octet o;
- unsigned long n;
- unsigned int i;
+ setup();
+ asn1_octet o;
+ unsigned long n;
+ unsigned int i;
- tag(ASN1_INTEGER);
+ tag(ASN1_INTEGER);
- for (i = 0, n = 0; i < length; i++) {
- retval = asn1buf_remove_octet(buf, &o);
- if(retval) return retval;
- if (!i) {
- if (0x80 & o)
- return ASN1_OVERFLOW;
- else if (length > sizeof (long) + 1)
- return ASN1_OVERFLOW;
+ for (i = 0, n = 0; i < length; i++) {
+ retval = asn1buf_remove_octet(buf, &o);
+ if (retval) return retval;
+ if (!i) {
+ if (0x80 & o)
+ return ASN1_OVERFLOW;
+ else if (length > sizeof (long) + 1)
+ return ASN1_OVERFLOW;
+ }
+ n = (n << 8) | o;
}
- n = (n << 8) | o;
- }
- *val = n;
- cleanup();
+ *val = n;
+ cleanup();
}
/*
*/
asn1_error_code asn1_decode_maybe_unsigned(asn1buf *buf, unsigned long *val)
{
- setup();
- asn1_octet o;
- unsigned long n, bitsremain;
- unsigned int i;
+ setup();
+ asn1_octet o;
+ unsigned long n, bitsremain;
+ unsigned int i;
- tag(ASN1_INTEGER);
- o = 0;
- n = 0;
- bitsremain = ~0UL;
- for (i = 0; i < length; i++) {
- /* Accounts for u_long width not being a multiple of 8. */
- if (bitsremain < 0xff) return ASN1_OVERFLOW;
- retval = asn1buf_remove_octet(buf, &o);
- if (retval) return retval;
- if (bitsremain == ~0UL) {
- if (i == 0)
- n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
- /*
- * Skip leading zero or 0xFF octets to humor non-compliant encoders.
- */
- if (n == 0 && o == 0)
- continue;
- if (n == ~0UL && o == 0xff)
- continue;
+ tag(ASN1_INTEGER);
+ o = 0;
+ n = 0;
+ bitsremain = ~0UL;
+ for (i = 0; i < length; i++) {
+ /* Accounts for u_long width not being a multiple of 8. */
+ if (bitsremain < 0xff) return ASN1_OVERFLOW;
+ retval = asn1buf_remove_octet(buf, &o);
+ if (retval) return retval;
+ if (bitsremain == ~0UL) {
+ if (i == 0)
+ n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
+ /*
+ * Skip leading zero or 0xFF octets to humor non-compliant encoders.
+ */
+ if (n == 0 && o == 0)
+ continue;
+ if (n == ~0UL && o == 0xff)
+ continue;
+ }
+ n = (n << 8) | o;
+ bitsremain >>= 8;
}
- n = (n << 8) | o;
- bitsremain >>= 8;
- }
- *val = n;
- cleanup();
+ *val = n;
+ cleanup();
}
asn1_error_code asn1_decode_oid(asn1buf *buf, unsigned int *retlen, asn1_octet **val)
{
- setup();
- tag(ASN1_OBJECTIDENTIFIER);
- retval = asn1buf_remove_octetstring(buf, length, val);
- if (retval) return retval;
- *retlen = length;
- cleanup();
+ setup();
+ tag(ASN1_OBJECTIDENTIFIER);
+ retval = asn1buf_remove_octetstring(buf, length, val);
+ if (retval) return retval;
+ *retlen = length;
+ cleanup();
}
asn1_error_code asn1_decode_octetstring(asn1buf *buf, unsigned int *retlen, asn1_octet **val)
{
- setup();
- tag(ASN1_OCTETSTRING);
- retval = asn1buf_remove_octetstring(buf,length,val);
- if(retval) return retval;
- *retlen = length;
- cleanup();
+ setup();
+ tag(ASN1_OCTETSTRING);
+ retval = asn1buf_remove_octetstring(buf,length,val);
+ if (retval) return retval;
+ *retlen = length;
+ cleanup();
}
asn1_error_code asn1_decode_charstring(asn1buf *buf, unsigned int *retlen, char **val)
{
- setup();
- tag(ASN1_OCTETSTRING);
- retval = asn1buf_remove_charstring(buf,length,val);
- if(retval) return retval;
- *retlen = length;
- cleanup();
+ setup();
+ tag(ASN1_OCTETSTRING);
+ retval = asn1buf_remove_charstring(buf,length,val);
+ if (retval) return retval;
+ *retlen = length;
+ cleanup();
}
asn1_error_code asn1_decode_generalstring(asn1buf *buf, unsigned int *retlen, char **val)
{
- setup();
- tag(ASN1_GENERALSTRING);
- retval = asn1buf_remove_charstring(buf,length,val);
- if(retval) return retval;
- *retlen = length;
- cleanup();
+ setup();
+ tag(ASN1_GENERALSTRING);
+ retval = asn1buf_remove_charstring(buf,length,val);
+ if (retval) return retval;
+ *retlen = length;
+ cleanup();
}
asn1_error_code asn1_decode_null(asn1buf *buf)
{
- setup();
- tag(ASN1_NULL);
- if(length != 0) return ASN1_BAD_LENGTH;
- cleanup();
+ setup();
+ tag(ASN1_NULL);
+ if (length != 0) return ASN1_BAD_LENGTH;
+ cleanup();
}
asn1_error_code asn1_decode_printablestring(asn1buf *buf, int *retlen, char **val)
{
- setup();
- tag(ASN1_PRINTABLESTRING);
- retval = asn1buf_remove_charstring(buf,length,val);
- if(retval) return retval;
- *retlen = length;
- cleanup();
+ setup();
+ tag(ASN1_PRINTABLESTRING);
+ retval = asn1buf_remove_charstring(buf,length,val);
+ if (retval) return retval;
+ *retlen = length;
+ cleanup();
}
asn1_error_code asn1_decode_ia5string(asn1buf *buf, int *retlen, char **val)
{
- setup();
- tag(ASN1_IA5STRING);
- retval = asn1buf_remove_charstring(buf,length,val);
- if(retval) return retval;
- *retlen = length;
- cleanup();
+ setup();
+ tag(ASN1_IA5STRING);
+ retval = asn1buf_remove_charstring(buf,length,val);
+ if (retval) return retval;
+ *retlen = length;
+ cleanup();
}
asn1_error_code asn1_decode_generaltime(asn1buf *buf, time_t *val)
{
- setup();
- char *s;
- struct tm ts;
- time_t t;
+ setup();
+ char *s;
+ struct tm ts;
+ time_t t;
- tag(ASN1_GENERALTIME);
+ tag(ASN1_GENERALTIME);
- if(length != 15) return ASN1_BAD_LENGTH;
- retval = asn1buf_remove_charstring(buf,15,&s);
- /* Time encoding: YYYYMMDDhhmmssZ */
- if(s[14] != 'Z') {
- free(s);
- return ASN1_BAD_FORMAT;
- }
- if(s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
- t = 0;
- free(s);
- goto done;
- }
+ if (length != 15) return ASN1_BAD_LENGTH;
+ retval = asn1buf_remove_charstring(buf,15,&s);
+ /* Time encoding: YYYYMMDDhhmmssZ */
+ if (s[14] != 'Z') {
+ free(s);
+ return ASN1_BAD_FORMAT;
+ }
+ if (s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
+ t = 0;
+ free(s);
+ goto done;
+ }
#define c2i(c) ((c)-'0')
- ts.tm_year = 1000*c2i(s[0]) + 100*c2i(s[1]) + 10*c2i(s[2]) + c2i(s[3])
- - 1900;
- ts.tm_mon = 10*c2i(s[4]) + c2i(s[5]) - 1;
- ts.tm_mday = 10*c2i(s[6]) + c2i(s[7]);
- ts.tm_hour = 10*c2i(s[8]) + c2i(s[9]);
- ts.tm_min = 10*c2i(s[10]) + c2i(s[11]);
- ts.tm_sec = 10*c2i(s[12]) + c2i(s[13]);
- ts.tm_isdst = -1;
- t = krb5int_gmt_mktime(&ts);
- free(s);
+ ts.tm_year = 1000*c2i(s[0]) + 100*c2i(s[1]) + 10*c2i(s[2]) + c2i(s[3])
+ - 1900;
+ ts.tm_mon = 10*c2i(s[4]) + c2i(s[5]) - 1;
+ ts.tm_mday = 10*c2i(s[6]) + c2i(s[7]);
+ ts.tm_hour = 10*c2i(s[8]) + c2i(s[9]);
+ ts.tm_min = 10*c2i(s[10]) + c2i(s[11]);
+ ts.tm_sec = 10*c2i(s[12]) + c2i(s[13]);
+ ts.tm_isdst = -1;
+ t = krb5int_gmt_mktime(&ts);
+ free(s);
- if(t == -1) return ASN1_BAD_TIMEFORMAT;
+ if (t == -1) return ASN1_BAD_TIMEFORMAT;
done:
- *val = t;
- cleanup();
+ *val = t;
+ cleanup();
}
static asn1_error_code asn1_encode_integer_internal(asn1buf *buf, long val,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length = 0;
- long valcopy;
- int digit;
+ asn1_error_code retval;
+ unsigned int length = 0;
+ long valcopy;
+ int digit;
- valcopy = val;
- do {
- digit = (int) (valcopy&0xFF);
- retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
- if(retval) return retval;
- length++;
- valcopy = valcopy >> 8;
- } while (valcopy != 0 && valcopy != ~0);
-
- if((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
- retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
- if(retval) return retval;
- length++;
- }else if((val < 0) && ((digit&0x80) != 0x80)){
- retval = asn1buf_insert_octet(buf,0xFF);
- if(retval) return retval;
- length++;
- }
-
-
- *retlen = length;
- return 0;
+ valcopy = val;
+ do {
+ digit = (int) (valcopy&0xFF);
+ retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+ if (retval) return retval;
+ length++;
+ valcopy = valcopy >> 8;
+ } while (valcopy != 0 && valcopy != ~0);
+
+ if ((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
+ retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+ if (retval) return retval;
+ length++;
+ } else if ((val < 0) && ((digit&0x80) != 0x80)) {
+ retval = asn1buf_insert_octet(buf,0xFF);
+ if (retval) return retval;
+ length++;
+ }
+
+
+ *retlen = length;
+ return 0;
}
asn1_error_code asn1_encode_integer(asn1buf * buf, long val,
- unsigned int *retlen)
+ unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length = 0;
- unsigned int partlen;
- retval = asn1_encode_integer_internal(buf, val, &partlen);
- if (retval) return retval;
+ asn1_error_code retval;
+ unsigned int length = 0;
+ unsigned int partlen;
+ retval = asn1_encode_integer_internal(buf, val, &partlen);
+ if (retval) return retval;
- length = partlen;
+ length = partlen;
retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
- if(retval) return retval;
- length += partlen;
+ if (retval) return retval;
+ length += partlen;
- *retlen = length;
- return 0;
+ *retlen = length;
+ return 0;
}
asn1_error_code
asn1_encode_enumerated(asn1buf * buf, long val,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length = 0;
- unsigned int partlen;
- retval = asn1_encode_integer_internal(buf, val, &partlen);
- if (retval) return retval;
+ asn1_error_code retval;
+ unsigned int length = 0;
+ unsigned int partlen;
+ retval = asn1_encode_integer_internal(buf, val, &partlen);
+ if (retval) return retval;
- length = partlen;
+ length = partlen;
retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_ENUMERATED,length, &partlen);
- if(retval) return retval;
- length += partlen;
+ if (retval) return retval;
+ length += partlen;
- *retlen = length;
- return 0;
+ *retlen = length;
+ return 0;
}
asn1_error_code asn1_encode_unsigned_integer(asn1buf *buf, unsigned long val,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length = 0;
- unsigned int partlen;
- unsigned long valcopy;
- int digit;
+ asn1_error_code retval;
+ unsigned int length = 0;
+ unsigned int partlen;
+ unsigned long valcopy;
+ int digit;
- valcopy = val;
- do {
- digit = (int) (valcopy&0xFF);
- retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
- if(retval) return retval;
- length++;
- valcopy = valcopy >> 8;
- } while (valcopy != 0 && valcopy != ~0);
-
- if(digit&0x80) { /* make sure the high bit is */
- retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
- if(retval) return retval;
- length++;
- }
-
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
- if(retval) return retval;
- length += partlen;
-
- *retlen = length;
- return 0;
+ valcopy = val;
+ do {
+ digit = (int) (valcopy&0xFF);
+ retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+ if (retval) return retval;
+ length++;
+ valcopy = valcopy >> 8;
+ } while (valcopy != 0 && valcopy != ~0);
+
+ if (digit&0x80) { /* make sure the high bit is */
+ retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+ if (retval) return retval;
+ length++;
+ }
+
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
+ if (retval) return retval;
+ length += partlen;
+
+ *retlen = length;
+ return 0;
}
asn1_error_code asn1_encode_oid(asn1buf *buf, unsigned int len,
const asn1_octet *val,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length;
+ asn1_error_code retval;
+ unsigned int length;
- retval = asn1buf_insert_octetstring(buf, len, val);
- if (retval) return retval;
- retval = asn1_make_tag(buf, UNIVERSAL, PRIMITIVE, ASN1_OBJECTIDENTIFIER,
- len, &length);
- if (retval) return retval;
+ retval = asn1buf_insert_octetstring(buf, len, val);
+ if (retval) return retval;
+ retval = asn1_make_tag(buf, UNIVERSAL, PRIMITIVE, ASN1_OBJECTIDENTIFIER,
+ len, &length);
+ if (retval) return retval;
- *retlen = len + length;
- return 0;
+ *retlen = len + length;
+ return 0;
}
asn1_error_code asn1_encode_octetstring(asn1buf *buf, unsigned int len,
const asn1_octet *val,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length;
+ asn1_error_code retval;
+ unsigned int length;
- retval = asn1buf_insert_octetstring(buf,len,val);
- if(retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
- if(retval) return retval;
+ retval = asn1buf_insert_octetstring(buf,len,val);
+ if (retval) return retval;
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
+ if (retval) return retval;
- *retlen = len + length;
- return 0;
+ *retlen = len + length;
+ return 0;
}
asn1_error_code asn1_encode_charstring(asn1buf *buf, unsigned int len,
const char *val, unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length;
+ asn1_error_code retval;
+ unsigned int length;
- retval = asn1buf_insert_charstring(buf,len,val);
- if(retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
- if(retval) return retval;
+ retval = asn1buf_insert_charstring(buf,len,val);
+ if (retval) return retval;
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
+ if (retval) return retval;
- *retlen = len + length;
- return 0;
+ *retlen = len + length;
+ return 0;
}
asn1_error_code asn1_encode_null(asn1buf *buf, int *retlen)
{
- asn1_error_code retval;
+ asn1_error_code retval;
- retval = asn1buf_insert_octet(buf,0x00);
- if(retval) return retval;
- retval = asn1buf_insert_octet(buf,0x05);
- if(retval) return retval;
+ retval = asn1buf_insert_octet(buf,0x00);
+ if (retval) return retval;
+ retval = asn1buf_insert_octet(buf,0x05);
+ if (retval) return retval;
- *retlen = 2;
- return 0;
+ *retlen = 2;
+ return 0;
}
asn1_error_code asn1_encode_printablestring(asn1buf *buf, unsigned int len,
const char *val, int *retlen)
{
- asn1_error_code retval;
- unsigned int length;
+ asn1_error_code retval;
+ unsigned int length;
- retval = asn1buf_insert_charstring(buf,len,val);
- if(retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len, &length);
- if(retval) return retval;
+ retval = asn1buf_insert_charstring(buf,len,val);
+ if (retval) return retval;
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len, &length);
+ if (retval) return retval;
- *retlen = len + length;
- return 0;
+ *retlen = len + length;
+ return 0;
}
asn1_error_code asn1_encode_ia5string(asn1buf *buf, unsigned int len,
const char *val, int *retlen)
{
- asn1_error_code retval;
- unsigned int length;
+ asn1_error_code retval;
+ unsigned int length;
- retval = asn1buf_insert_charstring(buf,len,val);
- if(retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len, &length);
- if(retval) return retval;
+ retval = asn1buf_insert_charstring(buf,len,val);
+ if (retval) return retval;
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len, &length);
+ if (retval) return retval;
- *retlen = len + length;
- return 0;
+ *retlen = len + length;
+ return 0;
}
asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
unsigned int *retlen)
{
- asn1_error_code retval;
- struct tm *gtime, gtimebuf;
- char s[16], *sp;
- unsigned int length, sum=0;
- time_t gmt_time = val;
-
- /*
- * Time encoding: YYYYMMDDhhmmssZ
- */
- if (gmt_time == 0) {
- sp = "19700101000000Z";
- } else {
-
- /*
- * Sanity check this just to be paranoid, as gmtime can return NULL,
- * and some bogus implementations might overrun on the sprintf.
- */
+ asn1_error_code retval;
+ struct tm *gtime, gtimebuf;
+ char s[16], *sp;
+ unsigned int length, sum=0;
+ time_t gmt_time = val;
+
+ /*
+ * Time encoding: YYYYMMDDhhmmssZ
+ */
+ if (gmt_time == 0) {
+ sp = "19700101000000Z";
+ } else {
+
+ /*
+ * Sanity check this just to be paranoid, as gmtime can return NULL,
+ * and some bogus implementations might overrun on the sprintf.
+ */
#ifdef HAVE_GMTIME_R
# ifdef GMTIME_R_RETURNS_INT
- if (gmtime_r(&gmt_time, >imebuf) != 0)
- return ASN1_BAD_GMTIME;
+ if (gmtime_r(&gmt_time, >imebuf) != 0)
+ return ASN1_BAD_GMTIME;
# else
- if (gmtime_r(&gmt_time, >imebuf) == NULL)
- return ASN1_BAD_GMTIME;
+ if (gmtime_r(&gmt_time, >imebuf) == NULL)
+ return ASN1_BAD_GMTIME;
# endif
#else
- gtime = gmtime(&gmt_time);
- if (gtime == NULL)
- return ASN1_BAD_GMTIME;
- memcpy(>imebuf, gtime, sizeof(gtimebuf));
+ gtime = gmtime(&gmt_time);
+ if (gtime == NULL)
+ return ASN1_BAD_GMTIME;
+ memcpy(>imebuf, gtime, sizeof(gtimebuf));
#endif
- gtime = >imebuf;
-
- if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
- gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
- gtime->tm_min > 59 || gtime->tm_sec > 59)
- return ASN1_BAD_GMTIME;
- if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
- 1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
- gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
- >= sizeof(s))
- /* Shouldn't be possible given above tests. */
- return ASN1_BAD_GMTIME;
- sp = s;
- }
-
- retval = asn1buf_insert_charstring(buf,15,sp);
- if(retval) return retval;
- sum = 15;
-
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALTIME,sum,&length);
- if(retval) return retval;
- sum += length;
-
- *retlen = sum;
- return 0;
+ gtime = >imebuf;
+
+ if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
+ gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
+ gtime->tm_min > 59 || gtime->tm_sec > 59)
+ return ASN1_BAD_GMTIME;
+ if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
+ 1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
+ gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
+ >= sizeof(s))
+ /* Shouldn't be possible given above tests. */
+ return ASN1_BAD_GMTIME;
+ sp = s;
+ }
+
+ retval = asn1buf_insert_charstring(buf,15,sp);
+ if (retval) return retval;
+ sum = 15;
+
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALTIME,sum,&length);
+ if (retval) return retval;
+ sum += length;
+
+ *retlen = sum;
+ return 0;
}
asn1_error_code asn1_encode_generalstring(asn1buf *buf, unsigned int len,
const char *val,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int length;
+ asn1_error_code retval;
+ unsigned int length;
- retval = asn1buf_insert_charstring(buf,len,val);
- if(retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALSTRING,len,
- &length);
- if(retval) return retval;
+ retval = asn1buf_insert_charstring(buf,len,val);
+ if (retval) return retval;
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALSTRING,len,
+ &length);
+ if (retval) return retval;
- *retlen = len + length;
- return 0;
+ *retlen = len + length;
+ return 0;
}
t->asn1class = (asn1_class)(o&ASN1_CLASS_MASK);
t->construction = (asn1_construction)(o&ASN1_CONSTRUCTION_MASK);
- if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK){
+ if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK) {
/* low-tag-number form */
t->tagnum = (asn1_tagnum)(o&ASN1_TAG_NUMBER_MASK);
} else {
retval = asn1buf_remove_octet(buf,&o);
if (retval) return retval;
tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
- }while(o&0x80);
+ } while (o&0x80);
t->tagnum = tn;
}
}
for (num = (int)(o&0x7F); num>0; num--) {
retval = asn1buf_remove_octet(buf,&o);
- if(retval) return retval;
+ if (retval) return retval;
len = (len<<8) + (int)o;
}
if (len < 0)
#define get_eoc() \
{ \
retval = asn1_get_eoc_tag(&subbuf); \
- if(retval) return retval; \
+ if (retval) return retval; \
}
#define alloc_field(var, type) \
asn1_error_code retval;\
long n;\
retval = asn1_decode_integer(buf,&n);\
- if(retval) return retval;\
+ if (retval) return retval;\
*val = (ktype)n;\
return 0;\
}
asn1_error_code retval;\
unsigned long n;\
retval = asn1_decode_unsigned_integer(buf,&n);\
- if(retval) return retval;\
+ if (retval) return retval;\
*val = (ktype)n;\
return 0;\
}
asn1_error_code asn1_decode_seqnum(asn1buf *buf, krb5_ui_4 *val)
{
- asn1_error_code retval;
- unsigned long n;
+ asn1_error_code retval;
+ unsigned long n;
- retval = asn1_decode_maybe_unsigned(buf, &n);
- if (retval) return retval;
- *val = (krb5_ui_4)n & 0xffffffff;
- return 0;
+ retval = asn1_decode_maybe_unsigned(buf, &n);
+ if (retval) return retval;
+ *val = (krb5_ui_4)n & 0xffffffff;
+ return 0;
}
asn1_error_code asn1_decode_msgtype(asn1buf *buf, krb5_msgtype *val)
{
- asn1_error_code retval;
- unsigned long n;
+ asn1_error_code retval;
+ unsigned long n;
- retval = asn1_decode_unsigned_integer(buf,&n);
- if(retval) return retval;
+ retval = asn1_decode_unsigned_integer(buf,&n);
+ if (retval) return retval;
- *val = (krb5_msgtype) n;
- return 0;
+ *val = (krb5_msgtype) n;
+ return 0;
}
/* structures */
asn1_error_code asn1_decode_realm(asn1buf *buf, krb5_principal *val)
{
- return asn1_decode_generalstring(buf,
- &((*val)->realm.length),
- &((*val)->realm.data));
+ return asn1_decode_generalstring(buf,
+ &((*val)->realm.length),
+ &((*val)->realm.data));
}
asn1_error_code asn1_decode_principal_name(asn1buf *buf, krb5_principal *val)
{
- setup();
- { begin_structure();
- get_field((*val)->type,0,asn1_decode_int32);
+ setup();
+ { begin_structure();
+ get_field((*val)->type,0,asn1_decode_int32);
- { sequence_of_no_tagvars(&subbuf);
- while(asn1buf_remains(&seqbuf,seqofindef) > 0){
- size++;
- if ((*val)->data == NULL)
- (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
- else
- (*val)->data = (krb5_data*)realloc((*val)->data,
- size*sizeof(krb5_data));
- if((*val)->data == NULL) return ENOMEM;
- retval = asn1_decode_generalstring(&seqbuf,
- &((*val)->data[size-1].length),
- &((*val)->data[size-1].data));
- if(retval) return retval;
- }
- (*val)->length = size;
- end_sequence_of_no_tagvars(&subbuf);
- }
- if (indef) {
- get_eoc();
+ { sequence_of_no_tagvars(&subbuf);
+ while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+ size++;
+ if ((*val)->data == NULL)
+ (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
+ else
+ (*val)->data = (krb5_data*)realloc((*val)->data,
+ size*sizeof(krb5_data));
+ if ((*val)->data == NULL) return ENOMEM;
+ retval = asn1_decode_generalstring(&seqbuf,
+ &((*val)->data[size-1].length),
+ &((*val)->data[size-1].data));
+ if (retval) return retval;
+ }
+ (*val)->length = size;
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ if (indef) {
+ get_eoc();
+ }
+ next_tag();
+ end_structure();
+ (*val)->magic = KV5M_PRINCIPAL;
}
- next_tag();
- end_structure();
- (*val)->magic = KV5M_PRINCIPAL;
- }
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_checksum(asn1buf *buf, krb5_checksum *val)
{
- setup();
- { begin_structure();
- get_field(val->checksum_type,0,asn1_decode_cksumtype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_CHECKSUM;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->checksum_type,0,asn1_decode_cksumtype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_CHECKSUM;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_encryption_key(asn1buf *buf, krb5_keyblock *val)
{
- setup();
- { begin_structure();
- get_field(val->enctype,0,asn1_decode_enctype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_KEYBLOCK;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->enctype,0,asn1_decode_enctype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_KEYBLOCK;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_encrypted_data(asn1buf *buf, krb5_enc_data *val)
{
- setup();
- { begin_structure();
- get_field(val->enctype,0,asn1_decode_enctype);
- opt_field(val->kvno,1,asn1_decode_kvno,0);
- get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_ENC_DATA;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->enctype,0,asn1_decode_enctype);
+ opt_field(val->kvno,1,asn1_decode_kvno,0);
+ get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_ENC_DATA;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_krb5_flags(asn1buf *buf, krb5_flags *val)
{
- asn1_error_code retval;
- asn1_octet unused, o;
- taginfo t;
- unsigned int i;
- krb5_flags f=0;
- unsigned int length;
+ asn1_error_code retval;
+ asn1_octet unused, o;
+ taginfo t;
+ unsigned int i;
+ krb5_flags f=0;
+ unsigned int length;
- retval = asn1_get_tag_2(buf, &t);
- if (retval) return retval;
- if (t.asn1class != UNIVERSAL || t.construction != PRIMITIVE ||
- t.tagnum != ASN1_BITSTRING)
- return ASN1_BAD_ID;
- length = t.length;
-
- retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
- if(retval) return retval;
-
- /* Number of unused bits must be between 0 and 7. */
- if (unused > 7) return ASN1_BAD_FORMAT;
- length--;
-
- for(i = 0; i < length; i++) {
- retval = asn1buf_remove_octet(buf,&o);
- if(retval) return retval;
- /* ignore bits past number 31 */
- if (i < 4)
- f = (f<<8) | ((krb5_flags)o&0xFF);
- }
- if (length <= 4) {
- /* Mask out unused bits, but only if necessary. */
- f &= ~(krb5_flags)0 << unused;
- }
- /* left-justify */
- if (length < 4)
- f <<= (4 - length) * 8;
- *val = f;
- return 0;
+ retval = asn1_get_tag_2(buf, &t);
+ if (retval) return retval;
+ if (t.asn1class != UNIVERSAL || t.construction != PRIMITIVE ||
+ t.tagnum != ASN1_BITSTRING)
+ return ASN1_BAD_ID;
+ length = t.length;
+
+ retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
+ if (retval) return retval;
+
+ /* Number of unused bits must be between 0 and 7. */
+ if (unused > 7) return ASN1_BAD_FORMAT;
+ length--;
+
+ for (i = 0; i < length; i++) {
+ retval = asn1buf_remove_octet(buf,&o);
+ if (retval) return retval;
+ /* ignore bits past number 31 */
+ if (i < 4)
+ f = (f<<8) | ((krb5_flags)o&0xFF);
+ }
+ if (length <= 4) {
+ /* Mask out unused bits, but only if necessary. */
+ f &= ~(krb5_flags)0 << unused;
+ }
+ /* left-justify */
+ if (length < 4)
+ f <<= (4 - length) * 8;
+ *val = f;
+ return 0;
}
asn1_error_code asn1_decode_ticket_flags(asn1buf *buf, krb5_flags *val)
asn1_error_code asn1_decode_transited_encoding(asn1buf *buf, krb5_transited *val)
{
- setup();
- { begin_structure();
- get_field(val->tr_type,0,asn1_decode_octet);
- get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_TRANSITED;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->tr_type,0,asn1_decode_octet);
+ get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_TRANSITED;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_enc_kdc_rep_part(asn1buf *buf, krb5_enc_kdc_rep_part *val)
{
- setup();
- { begin_structure();
- alloc_field(val->session,krb5_keyblock);
- get_field(*(val->session),0,asn1_decode_encryption_key);
- get_field(val->last_req,1,asn1_decode_last_req);
- get_field(val->nonce,2,asn1_decode_int32);
- opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
- get_field(val->flags,4,asn1_decode_ticket_flags);
- get_field(val->times.authtime,5,asn1_decode_kerberos_time);
- /* Set to authtime if missing */
- opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
- get_field(val->times.endtime,7,asn1_decode_kerberos_time);
- opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
- alloc_field(val->server,krb5_principal_data);
- get_field(val->server,9,asn1_decode_realm);
- get_field(val->server,10,asn1_decode_principal_name);
- opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
- end_structure();
- val->magic = KV5M_ENC_KDC_REP_PART;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ alloc_field(val->session,krb5_keyblock);
+ get_field(*(val->session),0,asn1_decode_encryption_key);
+ get_field(val->last_req,1,asn1_decode_last_req);
+ get_field(val->nonce,2,asn1_decode_int32);
+ opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
+ get_field(val->flags,4,asn1_decode_ticket_flags);
+ get_field(val->times.authtime,5,asn1_decode_kerberos_time);
+ /* Set to authtime if missing */
+ opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
+ get_field(val->times.endtime,7,asn1_decode_kerberos_time);
+ opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
+ alloc_field(val->server,krb5_principal_data);
+ get_field(val->server,9,asn1_decode_realm);
+ get_field(val->server,10,asn1_decode_principal_name);
+ opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
+ end_structure();
+ val->magic = KV5M_ENC_KDC_REP_PART;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_ticket(asn1buf *buf, krb5_ticket *val)
{
- setup();
- unsigned int applen;
- apptag(1);
- { begin_structure();
- { krb5_kvno vno;
- get_field(vno,0,asn1_decode_kvno);
- if(vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
- alloc_field(val->server,krb5_principal_data);
- get_field(val->server,1,asn1_decode_realm);
- get_field(val->server,2,asn1_decode_principal_name);
- get_field(val->enc_part,3,asn1_decode_encrypted_data);
- end_structure();
- val->magic = KV5M_TICKET;
- }
- if (!applen) {
- taginfo t;
- retval = asn1_get_tag_2(buf, &t);
- if (retval) return retval;
- }
- cleanup();
+ setup();
+ unsigned int applen;
+ apptag(1);
+ { begin_structure();
+ { krb5_kvno vno;
+ get_field(vno,0,asn1_decode_kvno);
+ if (vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+ alloc_field(val->server,krb5_principal_data);
+ get_field(val->server,1,asn1_decode_realm);
+ get_field(val->server,2,asn1_decode_principal_name);
+ get_field(val->enc_part,3,asn1_decode_encrypted_data);
+ end_structure();
+ val->magic = KV5M_TICKET;
+ }
+ if (!applen) {
+ taginfo t;
+ retval = asn1_get_tag_2(buf, &t);
+ if (retval) return retval;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_kdc_req(asn1buf *buf, krb5_kdc_req *val)
{
- setup();
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,1,asn1_decode_kvno);
- if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
- get_field(val->msg_type,2,asn1_decode_msgtype);
- opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
- get_field(*val,4,asn1_decode_kdc_req_body);
- end_structure();
- val->magic = KV5M_KDC_REQ;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,1,asn1_decode_kvno);
+ if (kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+ get_field(val->msg_type,2,asn1_decode_msgtype);
+ opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
+ get_field(*val,4,asn1_decode_kdc_req_body);
+ end_structure();
+ val->magic = KV5M_KDC_REQ;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_kdc_req_body(asn1buf *buf, krb5_kdc_req *val)
{
- setup();
- {
- krb5_principal psave;
- begin_structure();
- get_field(val->kdc_options,0,asn1_decode_kdc_options);
- if(tagnum == 1){ alloc_field(val->client,krb5_principal_data); }
- opt_field(val->client,1,asn1_decode_principal_name,NULL);
- alloc_field(val->server,krb5_principal_data);
- get_field(val->server,2,asn1_decode_realm);
- if(val->client != NULL){
- retval = asn1_krb5_realm_copy(val->client,val->server);
- if(retval) return retval; }
-
- /* If opt_field server is missing, memory reference to server is
- lost and results in memory leak */
- psave = val->server;
- opt_field(val->server,3,asn1_decode_principal_name,NULL);
- if(val->server == NULL){
- if(psave->realm.data) {
- free(psave->realm.data);
- psave->realm.data = NULL;
- psave->realm.length=0;
- }
- free(psave);
- }
- opt_field(val->from,4,asn1_decode_kerberos_time,0);
- get_field(val->till,5,asn1_decode_kerberos_time);
- opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
- get_field(val->nonce,7,asn1_decode_int32);
- get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
- opt_field(val->addresses,9,asn1_decode_host_addresses,0);
- if(tagnum == 10){
- get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
- else{
- val->authorization_data.magic = KV5M_ENC_DATA;
- val->authorization_data.enctype = 0;
- val->authorization_data.kvno = 0;
- val->authorization_data.ciphertext.data = NULL;
- val->authorization_data.ciphertext.length = 0;
+ setup();
+ {
+ krb5_principal psave;
+ begin_structure();
+ get_field(val->kdc_options,0,asn1_decode_kdc_options);
+ if (tagnum == 1) { alloc_field(val->client,krb5_principal_data); }
+ opt_field(val->client,1,asn1_decode_principal_name,NULL);
+ alloc_field(val->server,krb5_principal_data);
+ get_field(val->server,2,asn1_decode_realm);
+ if (val->client != NULL) {
+ retval = asn1_krb5_realm_copy(val->client,val->server);
+ if (retval) return retval; }
+
+ /* If opt_field server is missing, memory reference to server is
+ lost and results in memory leak */
+ psave = val->server;
+ opt_field(val->server,3,asn1_decode_principal_name,NULL);
+ if (val->server == NULL) {
+ if (psave->realm.data) {
+ free(psave->realm.data);
+ psave->realm.data = NULL;
+ psave->realm.length=0;
+ }
+ free(psave);
+ }
+ opt_field(val->from,4,asn1_decode_kerberos_time,0);
+ get_field(val->till,5,asn1_decode_kerberos_time);
+ opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
+ get_field(val->nonce,7,asn1_decode_int32);
+ get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
+ opt_field(val->addresses,9,asn1_decode_host_addresses,0);
+ if (tagnum == 10) {
+ get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
+ else {
+ val->authorization_data.magic = KV5M_ENC_DATA;
+ val->authorization_data.enctype = 0;
+ val->authorization_data.kvno = 0;
+ val->authorization_data.ciphertext.data = NULL;
+ val->authorization_data.ciphertext.length = 0;
+ }
+ opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
+ end_structure();
+ val->magic = KV5M_KDC_REQ;
}
- opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
- end_structure();
- val->magic = KV5M_KDC_REQ;
- }
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_krb_safe_body(asn1buf *buf, krb5_safe *val)
{
- setup();
- { begin_structure();
- get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
- opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
- opt_field(val->usec,2,asn1_decode_int32,0);
- opt_field(val->seq_number,3,asn1_decode_seqnum,0);
- alloc_field(val->s_address,krb5_address);
- get_field(*(val->s_address),4,asn1_decode_host_address);
- if(tagnum == 5){
- alloc_field(val->r_address,krb5_address);
- get_field(*(val->r_address),5,asn1_decode_host_address);
- } else val->r_address = NULL;
- end_structure();
- val->magic = KV5M_SAFE;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
+ opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
+ opt_field(val->usec,2,asn1_decode_int32,0);
+ opt_field(val->seq_number,3,asn1_decode_seqnum,0);
+ alloc_field(val->s_address,krb5_address);
+ get_field(*(val->s_address),4,asn1_decode_host_address);
+ if (tagnum == 5) {
+ alloc_field(val->r_address,krb5_address);
+ get_field(*(val->r_address),5,asn1_decode_host_address);
+ } else val->r_address = NULL;
+ end_structure();
+ val->magic = KV5M_SAFE;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_host_address(asn1buf *buf, krb5_address *val)
{
- setup();
- { begin_structure();
- get_field(val->addrtype,0,asn1_decode_addrtype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_ADDRESS;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->addrtype,0,asn1_decode_addrtype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_ADDRESS;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_kdc_rep(asn1buf *buf, krb5_kdc_rep *val)
{
- setup();
- { begin_structure();
- { krb5_kvno pvno;
- get_field(pvno,0,asn1_decode_kvno);
- if(pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
- get_field(val->msg_type,1,asn1_decode_msgtype);
- opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
- alloc_field(val->client,krb5_principal_data);
- get_field(val->client,3,asn1_decode_realm);
- get_field(val->client,4,asn1_decode_principal_name);
- alloc_field(val->ticket,krb5_ticket);
- get_field(*(val->ticket),5,asn1_decode_ticket);
- get_field(val->enc_part,6,asn1_decode_encrypted_data);
- end_structure();
- val->magic = KV5M_KDC_REP;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ { krb5_kvno pvno;
+ get_field(pvno,0,asn1_decode_kvno);
+ if (pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+ get_field(val->msg_type,1,asn1_decode_msgtype);
+ opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
+ alloc_field(val->client,krb5_principal_data);
+ get_field(val->client,3,asn1_decode_realm);
+ get_field(val->client,4,asn1_decode_principal_name);
+ alloc_field(val->ticket,krb5_ticket);
+ get_field(*(val->ticket),5,asn1_decode_ticket);
+ get_field(val->enc_part,6,asn1_decode_encrypted_data);
+ end_structure();
+ val->magic = KV5M_KDC_REP;
+ }
+ cleanup();
}
/* arrays */
#define get_element(element,decoder)\
retval = decoder(&seqbuf,element);\
-if(retval) return retval
+if (retval) return retval
static void *
array_expand (void *array, int n_elts, size_t elt_size)
#define array_append(array,size,element,type)\
size++;\
*(array) = array_expand(*(array), (size+1), sizeof(type*));\
-if(*(array) == NULL) return ENOMEM;\
+if (*(array) == NULL) return ENOMEM;\
(*(array))[(size)-1] = elt
#define decode_array_body(type,decoder)\
type *elt;\
\
{ sequence_of(buf);\
- while(asn1buf_remains(&seqbuf,seqofindef) > 0){\
+ while (asn1buf_remains(&seqbuf,seqofindef) > 0) {\
alloc_field(elt,type);\
get_element(elt,decoder);\
array_append(val,size,elt,type);\
asn1_error_code asn1_decode_authorization_data(asn1buf *buf, krb5_authdata ***val)
{
- decode_array_body(krb5_authdata,asn1_decode_authdata_elt);
+ decode_array_body(krb5_authdata,asn1_decode_authdata_elt);
}
asn1_error_code asn1_decode_authdata_elt(asn1buf *buf, krb5_authdata *val)
{
- setup();
- { begin_structure();
- get_field(val->ad_type,0,asn1_decode_authdatatype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_AUTHDATA;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->ad_type,0,asn1_decode_authdatatype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_AUTHDATA;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_host_addresses(asn1buf *buf, krb5_address ***val)
{
- decode_array_body(krb5_address,asn1_decode_host_address);
+ decode_array_body(krb5_address,asn1_decode_host_address);
}
asn1_error_code asn1_decode_sequence_of_ticket(asn1buf *buf, krb5_ticket ***val)
{
- decode_array_body(krb5_ticket,asn1_decode_ticket);
+ decode_array_body(krb5_ticket,asn1_decode_ticket);
}
asn1_error_code asn1_decode_sequence_of_krb_cred_info(asn1buf *buf, krb5_cred_info ***val)
{
- decode_array_body(krb5_cred_info,asn1_decode_krb_cred_info);
+ decode_array_body(krb5_cred_info,asn1_decode_krb_cred_info);
}
asn1_error_code asn1_decode_krb_cred_info(asn1buf *buf, krb5_cred_info *val)
{
- setup();
- { begin_structure();
- alloc_field(val->session,krb5_keyblock);
- get_field(*(val->session),0,asn1_decode_encryption_key);
- if(tagnum == 1){
- alloc_field(val->client,krb5_principal_data);
- opt_field(val->client,1,asn1_decode_realm,NULL);
- opt_field(val->client,2,asn1_decode_principal_name,NULL); }
- opt_field(val->flags,3,asn1_decode_ticket_flags,0);
- opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
- opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
- opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
- opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
- if(tagnum == 8){
- alloc_field(val->server,krb5_principal_data);
- opt_field(val->server,8,asn1_decode_realm,NULL);
- opt_field(val->server,9,asn1_decode_principal_name,NULL); }
- opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
- end_structure();
- val->magic = KV5M_CRED_INFO;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ alloc_field(val->session,krb5_keyblock);
+ get_field(*(val->session),0,asn1_decode_encryption_key);
+ if (tagnum == 1) {
+ alloc_field(val->client,krb5_principal_data);
+ opt_field(val->client,1,asn1_decode_realm,NULL);
+ opt_field(val->client,2,asn1_decode_principal_name,NULL); }
+ opt_field(val->flags,3,asn1_decode_ticket_flags,0);
+ opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
+ opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
+ opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
+ opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
+ if (tagnum == 8) {
+ alloc_field(val->server,krb5_principal_data);
+ opt_field(val->server,8,asn1_decode_realm,NULL);
+ opt_field(val->server,9,asn1_decode_principal_name,NULL); }
+ opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
+ end_structure();
+ val->magic = KV5M_CRED_INFO;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_sequence_of_pa_data(asn1buf *buf, krb5_pa_data ***val)
{
- decode_array_body(krb5_pa_data,asn1_decode_pa_data);
+ decode_array_body(krb5_pa_data,asn1_decode_pa_data);
}
asn1_error_code asn1_decode_pa_data(asn1buf *buf, krb5_pa_data *val)
{
- setup();
- { begin_structure();
- get_field(val->pa_type,1,asn1_decode_int32);
- get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_PA_DATA;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->pa_type,1,asn1_decode_int32);
+ get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_PA_DATA;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_last_req(asn1buf *buf, krb5_last_req_entry ***val)
{
- decode_array_body(krb5_last_req_entry,asn1_decode_last_req_entry);
+ decode_array_body(krb5_last_req_entry,asn1_decode_last_req_entry);
}
asn1_error_code asn1_decode_last_req_entry(asn1buf *buf, krb5_last_req_entry *val)
{
- setup();
- { begin_structure();
- get_field(val->lr_type,0,asn1_decode_int32);
- get_field(val->value,1,asn1_decode_kerberos_time);
- end_structure();
- val->magic = KV5M_LAST_REQ_ENTRY;
+ setup();
+ { begin_structure();
+ get_field(val->lr_type,0,asn1_decode_int32);
+ get_field(val->value,1,asn1_decode_kerberos_time);
+ end_structure();
+ val->magic = KV5M_LAST_REQ_ENTRY;
#ifdef KRB5_GENEROUS_LR_TYPE
- /* If we are only a single byte wide and negative - fill in the
- other bits */
- if((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
+ /* If we are only a single byte wide and negative - fill in the
+ other bits */
+ if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
#endif
- }
- cleanup();
+ }
+ cleanup();
}
asn1_error_code asn1_decode_sequence_of_enctype(asn1buf *buf, int *num, krb5_enctype **val)
{
- asn1_error_code retval;
- { sequence_of(buf);
- while(asn1buf_remains(&seqbuf,seqofindef) > 0){
- size++;
- if (*val == NULL)
- *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
- else
- *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
- if(*val == NULL) return ENOMEM;
- retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
- if(retval) return retval;
+ asn1_error_code retval;
+ { sequence_of(buf);
+ while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+ size++;
+ if (*val == NULL)
+ *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
+ else
+ *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
+ if (*val == NULL) return ENOMEM;
+ retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
+ if (retval) return retval;
+ }
+ *num = size;
+ end_sequence_of(buf);
}
- *num = size;
- end_sequence_of(buf);
- }
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_sequence_of_checksum(asn1buf *buf, krb5_checksum ***val)
{
- decode_array_body(krb5_checksum, asn1_decode_checksum);
+ decode_array_body(krb5_checksum, asn1_decode_checksum);
}
static asn1_error_code asn1_decode_etype_info2_entry(asn1buf *buf, krb5_etype_info_entry *val )
{
- setup();
- { begin_structure();
- get_field(val->etype,0,asn1_decode_enctype);
- if (tagnum == 1) {
- char *salt;
- get_lenfield(val->length,salt,1,asn1_decode_generalstring);
- val->salt = (krb5_octet *) salt;
- } else {
+ setup();
+ { begin_structure();
+ get_field(val->etype,0,asn1_decode_enctype);
+ if (tagnum == 1) {
+ char *salt;
+ get_lenfield(val->length,salt,1,asn1_decode_generalstring);
+ val->salt = (krb5_octet *) salt;
+ } else {
val->length = KRB5_ETYPE_NO_SALT;
val->salt = 0;
+ }
+ if ( tagnum ==2) {
+ krb5_octet *params ;
+ get_lenfield( val->s2kparams.length, params,
+ 2, asn1_decode_octetstring);
+ val->s2kparams.data = ( char *) params;
+ } else {
+ val->s2kparams.data = NULL;
+ val->s2kparams.length = 0;
+ }
+ end_structure();
+ val->magic = KV5M_ETYPE_INFO_ENTRY;
}
- if ( tagnum ==2) {
- krb5_octet *params ;
- get_lenfield( val->s2kparams.length, params,
- 2, asn1_decode_octetstring);
- val->s2kparams.data = ( char *) params;
- } else {
- val->s2kparams.data = NULL;
- val->s2kparams.length = 0;
- }
- end_structure();
- val->magic = KV5M_ETYPE_INFO_ENTRY;
- }
- cleanup();
+ cleanup();
}
static asn1_error_code asn1_decode_etype_info2_entry_1_3(asn1buf *buf, krb5_etype_info_entry *val )
{
- setup();
- { begin_structure();
- get_field(val->etype,0,asn1_decode_enctype);
- if (tagnum == 1) {
+ setup();
+ { begin_structure();
+ get_field(val->etype,0,asn1_decode_enctype);
+ if (tagnum == 1) {
get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
- } else {
+ } else {
val->length = KRB5_ETYPE_NO_SALT;
val->salt = 0;
+ }
+ if ( tagnum ==2) {
+ krb5_octet *params ;
+ get_lenfield( val->s2kparams.length, params,
+ 2, asn1_decode_octetstring);
+ val->s2kparams.data = ( char *) params;
+ } else {
+ val->s2kparams.data = NULL;
+ val->s2kparams.length = 0;
+ }
+ end_structure();
+ val->magic = KV5M_ETYPE_INFO_ENTRY;
}
- if ( tagnum ==2) {
- krb5_octet *params ;
- get_lenfield( val->s2kparams.length, params,
- 2, asn1_decode_octetstring);
- val->s2kparams.data = ( char *) params;
- } else {
- val->s2kparams.data = NULL;
- val->s2kparams.length = 0;
- }
- end_structure();
- val->magic = KV5M_ETYPE_INFO_ENTRY;
- }
- cleanup();
+ cleanup();
}
static asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_info_entry *val )
{
- setup();
- { begin_structure();
- get_field(val->etype,0,asn1_decode_enctype);
- if (tagnum == 1) {
+ setup();
+ { begin_structure();
+ get_field(val->etype,0,asn1_decode_enctype);
+ if (tagnum == 1) {
get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
- } else {
+ } else {
val->length = KRB5_ETYPE_NO_SALT;
val->salt = 0;
- }
- val->s2kparams.data = NULL;
- val->s2kparams.length = 0;
+ }
+ val->s2kparams.data = NULL;
+ val->s2kparams.length = 0;
- end_structure();
- val->magic = KV5M_ETYPE_INFO_ENTRY;
- }
- cleanup();
+ end_structure();
+ val->magic = KV5M_ETYPE_INFO_ENTRY;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_etype_info(asn1buf *buf, krb5_etype_info_entry ***val )
{
- decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry);
+ decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry);
}
asn1_error_code asn1_decode_etype_info2(asn1buf *buf, krb5_etype_info_entry ***val ,
asn1_error_code asn1_decode_passwdsequence(asn1buf *buf, passwd_phrase_element *val)
{
- setup();
- { begin_structure();
- alloc_field(val->passwd,krb5_data);
- get_lenfield(val->passwd->length,val->passwd->data,
- 0,asn1_decode_charstring);
- val->passwd->magic = KV5M_DATA;
- alloc_field(val->phrase,krb5_data);
- get_lenfield(val->phrase->length,val->phrase->data,
- 1,asn1_decode_charstring);
- val->phrase->magic = KV5M_DATA;
- end_structure();
- val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ alloc_field(val->passwd,krb5_data);
+ get_lenfield(val->passwd->length,val->passwd->data,
+ 0,asn1_decode_charstring);
+ val->passwd->magic = KV5M_DATA;
+ alloc_field(val->phrase,krb5_data);
+ get_lenfield(val->phrase->length,val->phrase->data,
+ 1,asn1_decode_charstring);
+ val->phrase->magic = KV5M_DATA;
+ end_structure();
+ val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_sequence_of_passwdsequence(asn1buf *buf, passwd_phrase_element ***val)
{
- decode_array_body(passwd_phrase_element,asn1_decode_passwdsequence);
+ decode_array_body(passwd_phrase_element,asn1_decode_passwdsequence);
}
asn1_error_code asn1_decode_sam_flags(asn1buf *buf, krb5_flags *val)
#define opt_string(val,n,fn) opt_lenfield((val).length,(val).data,n,fn)
#define opt_cksum(var,tagexpect,decoder)\
-if(tagnum == (tagexpect)){\
+if (tagnum == (tagexpect)) {\
get_field_body(var,decoder); }\
else var.length = 0
asn1_error_code asn1_decode_sam_challenge(asn1buf *buf, krb5_sam_challenge *val)
{
- setup();
- { begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_type_name,2,asn1_decode_charstring);
- opt_string(val->sam_track_id,3,asn1_decode_charstring);
- opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
- opt_string(val->sam_challenge,5,asn1_decode_charstring);
- opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
- opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
- opt_field(val->sam_nonce,8,asn1_decode_int32,0);
- opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
- end_structure();
- val->magic = KV5M_SAM_CHALLENGE;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_type_name,2,asn1_decode_charstring);
+ opt_string(val->sam_track_id,3,asn1_decode_charstring);
+ opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+ opt_string(val->sam_challenge,5,asn1_decode_charstring);
+ opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+ opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+ opt_field(val->sam_nonce,8,asn1_decode_int32,0);
+ opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
+ end_structure();
+ val->magic = KV5M_SAM_CHALLENGE;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_sam_challenge_2(asn1buf *buf, krb5_sam_challenge_2 *val)
{
- setup();
- { char *save, *end;
- size_t alloclen;
- begin_structure();
- if (tagnum != 0) return ASN1_MISSING_FIELD;
- if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
- return ASN1_BAD_ID;
- save = subbuf.next;
- { sequence_of_no_tagvars(&subbuf);
- unused_var(size);
- end_sequence_of_no_tagvars(&subbuf);
+ setup();
+ { char *save, *end;
+ size_t alloclen;
+ begin_structure();
+ if (tagnum != 0) return ASN1_MISSING_FIELD;
+ if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+ return ASN1_BAD_ID;
+ save = subbuf.next;
+ { sequence_of_no_tagvars(&subbuf);
+ unused_var(size);
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ end = subbuf.next;
+ alloclen = end - save;
+ if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
+ return ENOMEM;
+ val->sam_challenge_2_body.length = alloclen;
+ memcpy(val->sam_challenge_2_body.data, save, alloclen);
+ next_tag();
+ get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
+ end_structure();
}
- end = subbuf.next;
- alloclen = end - save;
- if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
- return ENOMEM;
- val->sam_challenge_2_body.length = alloclen;
- memcpy(val->sam_challenge_2_body.data, save, alloclen);
- next_tag();
- get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
- end_structure();
- }
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_sam_challenge_2_body(asn1buf *buf, krb5_sam_challenge_2_body *val)
{
- setup();
- { begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_type_name,2,asn1_decode_charstring);
- opt_string(val->sam_track_id,3,asn1_decode_charstring);
- opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
- opt_string(val->sam_challenge,5,asn1_decode_charstring);
- opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
- opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
- get_field(val->sam_nonce,8,asn1_decode_int32);
- get_field(val->sam_etype, 9, asn1_decode_int32);
- end_structure();
- val->magic = KV5M_SAM_CHALLENGE;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_type_name,2,asn1_decode_charstring);
+ opt_string(val->sam_track_id,3,asn1_decode_charstring);
+ opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+ opt_string(val->sam_challenge,5,asn1_decode_charstring);
+ opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+ opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+ get_field(val->sam_nonce,8,asn1_decode_int32);
+ get_field(val->sam_etype, 9, asn1_decode_int32);
+ end_structure();
+ val->magic = KV5M_SAM_CHALLENGE;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_enc_sam_key(asn1buf *buf, krb5_sam_key *val)
{
- setup();
- { begin_structure();
- /* alloc_field(val->sam_key,krb5_keyblock); */
- get_field(val->sam_key,0,asn1_decode_encryption_key);
- end_structure();
- val->magic = KV5M_SAM_KEY;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ /* alloc_field(val->sam_key,krb5_keyblock); */
+ get_field(val->sam_key,0,asn1_decode_encryption_key);
+ end_structure();
+ val->magic = KV5M_SAM_KEY;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_enc_sam_response_enc(asn1buf *buf, krb5_enc_sam_response_enc *val)
{
- setup();
- { begin_structure();
- opt_field(val->sam_nonce,0,asn1_decode_int32,0);
- opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
- opt_field(val->sam_usec,2,asn1_decode_int32,0);
- opt_string(val->sam_sad,3,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ opt_field(val->sam_nonce,0,asn1_decode_int32,0);
+ opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
+ opt_field(val->sam_usec,2,asn1_decode_int32,0);
+ opt_string(val->sam_sad,3,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_enc_sam_response_enc_2(asn1buf *buf, krb5_enc_sam_response_enc_2 *val)
{
- setup();
- { begin_structure();
- get_field(val->sam_nonce,0,asn1_decode_int32);
- opt_string(val->sam_sad,1,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->sam_nonce,0,asn1_decode_int32);
+ opt_string(val->sam_sad,1,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
+ }
+ cleanup();
}
#define opt_encfield(fld,tag,fn) \
- if(tagnum == tag){ \
+ if (tagnum == tag) { \
get_field(fld,tag,fn); } \
- else{\
+ else {\
fld.magic = 0;\
fld.enctype = 0;\
fld.kvno = 0;\
asn1_error_code asn1_decode_sam_response(asn1buf *buf, krb5_sam_response *val)
{
- setup();
- { begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_track_id,2,asn1_decode_charstring);
- opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
- get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
- opt_field(val->sam_nonce,5,asn1_decode_int32,0);
- opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
- end_structure();
- val->magic = KV5M_SAM_RESPONSE;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_track_id,2,asn1_decode_charstring);
+ opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
+ get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
+ opt_field(val->sam_nonce,5,asn1_decode_int32,0);
+ opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
+ end_structure();
+ val->magic = KV5M_SAM_RESPONSE;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_sam_response_2(asn1buf *buf, krb5_sam_response_2 *val)
{
- setup();
- { begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_track_id,2,asn1_decode_charstring);
- get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
- get_field(val->sam_nonce,4,asn1_decode_int32);
- end_structure();
- val->magic = KV5M_SAM_RESPONSE;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_track_id,2,asn1_decode_charstring);
+ get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
+ get_field(val->sam_nonce,4,asn1_decode_int32);
+ end_structure();
+ val->magic = KV5M_SAM_RESPONSE;
+ }
+ cleanup();
}
asn1_error_code asn1_decode_predicted_sam_response(asn1buf *buf, krb5_predicted_sam_response *val)
{
- setup();
- { begin_structure();
- get_field(val->sam_key,0,asn1_decode_encryption_key);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- get_field(val->stime,2,asn1_decode_kerberos_time);
- get_field(val->susec,3,asn1_decode_int32);
- alloc_field(val->client,krb5_principal_data);
- get_field(val->client,4,asn1_decode_realm);
- get_field(val->client,5,asn1_decode_principal_name);
- opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
- end_structure();
- val->magic = KV5M_PREDICTED_SAM_RESPONSE;
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->sam_key,0,asn1_decode_encryption_key);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ get_field(val->stime,2,asn1_decode_kerberos_time);
+ get_field(val->susec,3,asn1_decode_int32);
+ alloc_field(val->client,krb5_principal_data);
+ get_field(val->client,4,asn1_decode_realm);
+ get_field(val->client,5,asn1_decode_principal_name);
+ opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
+ end_structure();
+ val->magic = KV5M_PREDICTED_SAM_RESPONSE;
+ }
+ cleanup();
}
#ifndef DISABLE_PKINIT
{
setup();
{
- begin_structure();
- opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
- opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
- opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
- end_structure();
+ begin_structure();
+ opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
+ opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
+ opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
+ end_structure();
}
cleanup();
}
asn1_error_code asn1_decode_pa_pk_as_req(asn1buf *buf, krb5_pa_pk_as_req *val)
{
- setup();
- {
- begin_structure();
- get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
- opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
- opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
- end_structure();
- }
- cleanup();
+ setup();
+ {
+ begin_structure();
+ get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+ opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
+ opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
+ end_structure();
+ }
+ cleanup();
}
#if 0 /* XXX This needs to be tested!!! XXX */
{
setup();
{
- char *start, *end;
- size_t alloclen;
-
- begin_explicit_choice();
- if (t.tagnum == choice_trusted_cas_principalName) {
- val->choice = choice_trusted_cas_principalName;
- } else if (t.tagnum == choice_trusted_cas_caName) {
- val->choice = choice_trusted_cas_caName;
- start = subbuf.next;
- {
- sequence_of_no_tagvars(&subbuf);
- unused_var(size);
- end_sequence_of_no_tagvars(&subbuf);
- }
- end = subbuf.next;
- alloclen = end - start;
- val->u.caName.data = malloc(alloclen);
- if (val->u.caName.data == NULL)
- return ENOMEM;
- memcpy(val->u.caName.data, start, alloclen);
- val->u.caName.length = alloclen;
- next_tag();
- } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
- val->choice = choice_trusted_cas_issuerAndSerial;
- start = subbuf.next;
- {
- sequence_of_no_tagvars(&subbuf);
- unused_var(size);
- end_sequence_of_no_tagvars(&subbuf);
- }
- end = subbuf.next;
- alloclen = end - start;
- val->u.issuerAndSerial.data = malloc(alloclen);
- if (val->u.issuerAndSerial.data == NULL)
- return ENOMEM;
- memcpy(val->u.issuerAndSerial.data, start, alloclen);
- val->u.issuerAndSerial.length = alloclen;
- next_tag();
- } else return ASN1_BAD_ID;
- end_explicit_choice();
+ char *start, *end;
+ size_t alloclen;
+
+ begin_explicit_choice();
+ if (t.tagnum == choice_trusted_cas_principalName) {
+ val->choice = choice_trusted_cas_principalName;
+ } else if (t.tagnum == choice_trusted_cas_caName) {
+ val->choice = choice_trusted_cas_caName;
+ start = subbuf.next;
+ {
+ sequence_of_no_tagvars(&subbuf);
+ unused_var(size);
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ end = subbuf.next;
+ alloclen = end - start;
+ val->u.caName.data = malloc(alloclen);
+ if (val->u.caName.data == NULL)
+ return ENOMEM;
+ memcpy(val->u.caName.data, start, alloclen);
+ val->u.caName.length = alloclen;
+ next_tag();
+ } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
+ val->choice = choice_trusted_cas_issuerAndSerial;
+ start = subbuf.next;
+ {
+ sequence_of_no_tagvars(&subbuf);
+ unused_var(size);
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ end = subbuf.next;
+ alloclen = end - start;
+ val->u.issuerAndSerial.data = malloc(alloclen);
+ if (val->u.issuerAndSerial.data == NULL)
+ return ENOMEM;
+ memcpy(val->u.issuerAndSerial.data, start, alloclen);
+ val->u.issuerAndSerial.length = alloclen;
+ next_tag();
+ } else return ASN1_BAD_ID;
+ end_explicit_choice();
}
cleanup();
}
{
setup();
{ begin_choice();
- if (tagnum == choice_trusted_cas_principalName) {
- val->choice = choice_trusted_cas_principalName;
- asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
- } else if (tagnum == choice_trusted_cas_caName) {
- val->choice = choice_trusted_cas_caName;
- get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
- } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
- val->choice = choice_trusted_cas_issuerAndSerial;
- get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
- choice_trusted_cas_issuerAndSerial);
- } else return ASN1_BAD_ID;
- end_choice();
+ if (tagnum == choice_trusted_cas_principalName) {
+ val->choice = choice_trusted_cas_principalName;
+ asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
+ } else if (tagnum == choice_trusted_cas_caName) {
+ val->choice = choice_trusted_cas_caName;
+ get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
+ } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
+ val->choice = choice_trusted_cas_issuerAndSerial;
+ get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
+ choice_trusted_cas_issuerAndSerial);
+ } else return ASN1_BAD_ID;
+ end_choice();
}
cleanup();
}
asn1_error_code asn1_decode_pa_pk_as_req_draft9(asn1buf *buf, krb5_pa_pk_as_req_draft9 *val)
{
- setup();
- { begin_structure();
- get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
- opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
- opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
- opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
- end_structure();
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+ opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
+ opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
+ opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
+ end_structure();
+ }
+ cleanup();
}
asn1_error_code asn1_decode_dh_rep_info(asn1buf *buf, krb5_dh_rep_info *val)
{
setup();
{ begin_structure();
- get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
+ get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
- opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
- end_structure();
+ opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->cusec, 0, asn1_decode_int32);
- get_field(val->ctime, 1, asn1_decode_kerberos_time);
- get_field(val->nonce, 2, asn1_decode_int32);
- opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
- end_structure();
+ get_field(val->cusec, 0, asn1_decode_int32);
+ get_field(val->ctime, 1, asn1_decode_kerberos_time);
+ get_field(val->nonce, 2, asn1_decode_int32);
+ opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- alloc_field(val->kdcName,krb5_principal_data);
- get_field(val->kdcName, 0, asn1_decode_principal_name);
- get_field(val->kdcName, 1, asn1_decode_realm);
- get_field(val->cusec, 2, asn1_decode_int32);
- get_field(val->ctime, 3, asn1_decode_kerberos_time);
- get_field(val->nonce, 4, asn1_decode_int32);
- end_structure();
+ alloc_field(val->kdcName,krb5_principal_data);
+ get_field(val->kdcName, 0, asn1_decode_principal_name);
+ get_field(val->kdcName, 1, asn1_decode_realm);
+ get_field(val->cusec, 2, asn1_decode_int32);
+ get_field(val->ctime, 3, asn1_decode_kerberos_time);
+ get_field(val->nonce, 4, asn1_decode_int32);
+ end_structure();
}
cleanup();
}
asn1_error_code asn1_decode_algorithm_identifier(asn1buf *buf, krb5_algorithm_identifier *val) {
- setup();
- { begin_structure_no_tag();
- /*
- * Forbid indefinite encoding because we don't read enough tag
- * information from the trailing octets ("ANY DEFINED BY") to
- * synchronize EOC tags, etc.
- */
- if (seqindef) return ASN1_BAD_FORMAT;
- /*
- * Set up tag variables because we don't actually call anything
- * that fetches tag info for us; it's all buried in the decoder
- * primitives.
- */
- tagnum = ASN1_TAGNUM_CEILING;
- asn1class = UNIVERSAL;
- construction = PRIMITIVE;
- taglen = 0;
- indef = 0;
- retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
- &val->algorithm.data);
- if(retval) return retval;
- val->parameters.length = 0;
- val->parameters.data = NULL;
-
- if(length > subbuf.next - subbuf.base) {
- unsigned int size = length - (subbuf.next - subbuf.base);
- retval = asn1buf_remove_octetstring(&subbuf, size,
- &val->parameters.data);
- if(retval) return retval;
- val->parameters.length = size;
- }
+ setup();
+ { begin_structure_no_tag();
+ /*
+ * Forbid indefinite encoding because we don't read enough tag
+ * information from the trailing octets ("ANY DEFINED BY") to
+ * synchronize EOC tags, etc.
+ */
+ if (seqindef) return ASN1_BAD_FORMAT;
+ /*
+ * Set up tag variables because we don't actually call anything
+ * that fetches tag info for us; it's all buried in the decoder
+ * primitives.
+ */
+ tagnum = ASN1_TAGNUM_CEILING;
+ asn1class = UNIVERSAL;
+ construction = PRIMITIVE;
+ taglen = 0;
+ indef = 0;
+ retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
+ &val->algorithm.data);
+ if (retval) return retval;
+ val->parameters.length = 0;
+ val->parameters.data = NULL;
+
+ if (length > subbuf.next - subbuf.base) {
+ unsigned int size = length - (subbuf.next - subbuf.base);
+ retval = asn1buf_remove_octetstring(&subbuf, size,
+ &val->parameters.data);
+ if (retval) return retval;
+ val->parameters.length = size;
+ }
- end_structure();
- }
- cleanup();
+ end_structure();
+ }
+ cleanup();
}
asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *val)
setup();
{ begin_structure_no_tag();
- retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
- if (retval) return retval;
-
- /* SubjectPublicKey encoded as a BIT STRING */
- next_tag();
- if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
- tagnum != ASN1_BITSTRING)
- return ASN1_BAD_ID;
-
- retval = asn1buf_remove_octet(&subbuf, &unused);
- if(retval) return retval;
-
- /* Number of unused bits must be between 0 and 7. */
- /* What to do if unused is not zero? */
- if (unused > 7) return ASN1_BAD_FORMAT;
- taglen--;
-
- val->subjectPublicKey.length = 0;
- val->subjectPublicKey.data = NULL;
- retval = asn1buf_remove_octetstring(&subbuf, taglen,
- &val->subjectPublicKey.data);
- if(retval) return retval;
- val->subjectPublicKey.length = taglen;
- /*
- * We didn't call any macro that does next_tag(); do so now to
- * preload tag of any trailing encodings.
- */
- next_tag();
- end_structure();
+ retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
+ if (retval) return retval;
+
+ /* SubjectPublicKey encoded as a BIT STRING */
+ next_tag();
+ if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
+ tagnum != ASN1_BITSTRING)
+ return ASN1_BAD_ID;
+
+ retval = asn1buf_remove_octet(&subbuf, &unused);
+ if (retval) return retval;
+
+ /* Number of unused bits must be between 0 and 7. */
+ /* What to do if unused is not zero? */
+ if (unused > 7) return ASN1_BAD_FORMAT;
+ taglen--;
+
+ val->subjectPublicKey.length = 0;
+ val->subjectPublicKey.data = NULL;
+ retval = asn1buf_remove_octetstring(&subbuf, taglen,
+ &val->subjectPublicKey.data);
+ if (retval) return retval;
+ val->subjectPublicKey.length = taglen;
+ /*
+ * We didn't call any macro that does next_tag(); do so now to
+ * preload tag of any trailing encodings.
+ */
+ next_tag();
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
- if(retval) return retval;
- val->subjectPublicKey.length = taglen;
- next_tag();
- get_field(val->nonce, 1, asn1_decode_int32);
- opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
- end_structure();
+ retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
+ if (retval) return retval;
+ val->subjectPublicKey.length = taglen;
+ next_tag();
+ get_field(val->nonce, 1, asn1_decode_int32);
+ opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->replyKey, 0, asn1_decode_encryption_key);
- get_field(val->asChecksum, 1, asn1_decode_checksum);
- end_structure();
+ get_field(val->replyKey, 0, asn1_decode_encryption_key);
+ get_field(val->asChecksum, 1, asn1_decode_checksum);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->replyKey, 0, asn1_decode_encryption_key);
- get_field(val->nonce, 1, asn1_decode_int32);
- end_structure();
+ get_field(val->replyKey, 0, asn1_decode_encryption_key);
+ get_field(val->nonce, 1, asn1_decode_int32);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(*val, 0, asn1_decode_realm);
- get_field(*val, 1, asn1_decode_principal_name);
- end_structure();
+ get_field(*val, 0, asn1_decode_realm);
+ get_field(*val, 1, asn1_decode_principal_name);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
- if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }
- /* can't call opt_field because it does decoder(&subbuf, &(val)); */
- if (asn1buf_remains(&subbuf, seqindef)) {
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
- && (tagnum || taglen || asn1class != UNIVERSAL))
- return ASN1_BAD_ID;
- if (tagnum == 1) {
- retval = asn1_decode_subject_pk_info(&subbuf,
- val->clientPublicValue);
- if (!taglen && indef) { get_eoc(); }
- next_tag();
- } else val->clientPublicValue = NULL;
- }
- /* can't call opt_field because it does decoder(&subbuf, &(val)); */
- if (asn1buf_remains(&subbuf, seqindef)) {
- if (tagnum == 2) {
- asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
- if (!taglen && indef) { get_eoc(); }
- next_tag();
- } else val->supportedCMSTypes = NULL;
- }
- opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
- end_structure();
+ get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
+ if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }
+ /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+ if (asn1buf_remains(&subbuf, seqindef)) {
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+ && (tagnum || taglen || asn1class != UNIVERSAL))
+ return ASN1_BAD_ID;
+ if (tagnum == 1) {
+ retval = asn1_decode_subject_pk_info(&subbuf,
+ val->clientPublicValue);
+ if (!taglen && indef) { get_eoc(); }
+ next_tag();
+ } else val->clientPublicValue = NULL;
+ }
+ /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+ if (asn1buf_remains(&subbuf, seqindef)) {
+ if (tagnum == 2) {
+ asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
+ if (!taglen && indef) { get_eoc(); }
+ next_tag();
+ } else val->supportedCMSTypes = NULL;
+ }
+ opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
- if (tagnum == 1) {
- alloc_field(val->clientPublicValue, krb5_subject_pk_info);
- /* can't call opt_field because it does decoder(&subbuf, &(val)); */
- if (asn1buf_remains(&subbuf, seqindef)) {
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
- && (tagnum || taglen || asn1class != UNIVERSAL))
- return ASN1_BAD_ID;
- if (tagnum == 1) {
- retval = asn1_decode_subject_pk_info(&subbuf,
- val->clientPublicValue);
- if (!taglen && indef) { get_eoc(); }
- next_tag();
- } else val->clientPublicValue = NULL;
+ get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
+ if (tagnum == 1) {
+ alloc_field(val->clientPublicValue, krb5_subject_pk_info);
+ /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+ if (asn1buf_remains(&subbuf, seqindef)) {
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+ && (tagnum || taglen || asn1class != UNIVERSAL))
+ return ASN1_BAD_ID;
+ if (tagnum == 1) {
+ retval = asn1_decode_subject_pk_info(&subbuf,
+ val->clientPublicValue);
+ if (!taglen && indef) { get_eoc(); }
+ next_tag();
+ } else val->clientPublicValue = NULL;
+ }
}
- }
- end_structure();
+ end_structure();
}
cleanup();
}
asn1_error_code asn1_decode_pa_pk_as_rep(asn1buf *buf, krb5_pa_pk_as_rep *val)
{
- setup();
- { begin_choice();
- if (tagnum == choice_pa_pk_as_rep_dhInfo) {
- val->choice = choice_pa_pk_as_rep_dhInfo;
- get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
- } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
- val->choice = choice_pa_pk_as_rep_encKeyPack;
- get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
- choice_pa_pk_as_rep_encKeyPack);
- } else {
- val->choice = choice_pa_pk_as_rep_UNKNOWN;
+ setup();
+ { begin_choice();
+ if (tagnum == choice_pa_pk_as_rep_dhInfo) {
+ val->choice = choice_pa_pk_as_rep_dhInfo;
+ get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
+ } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
+ val->choice = choice_pa_pk_as_rep_encKeyPack;
+ get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
+ choice_pa_pk_as_rep_encKeyPack);
+ } else {
+ val->choice = choice_pa_pk_as_rep_UNKNOWN;
+ }
+ end_choice();
}
- end_choice();
- }
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_pa_pk_as_rep_draft9(asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val)
{
- setup();
- { begin_structure();
- if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
- val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
- get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
- choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
- } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
- val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
- get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
- choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
- } else {
- val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
+ setup();
+ { begin_structure();
+ if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
+ val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
+ get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
+ choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
+ } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
+ val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
+ get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
+ choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
+ } else {
+ val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
+ }
+ end_structure();
}
- end_structure();
- }
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data ***val)
asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val)
{
- setup();
- { begin_structure();
- get_field(val->type,0,asn1_decode_int32);
- get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
- end_structure();
- }
- cleanup();
+ setup();
+ { begin_structure();
+ get_field(val->type,0,asn1_decode_int32);
+ get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
+ end_structure();
+ }
+ cleanup();
}
#endif /* DISABLE_PKINIT */
...
/* for OPTIONAL fields */
- if(rep->field_i == should_not_be_omitted)
+ if (rep->field_i == should_not_be_omitted)
asn1_addfield(rep->field_i, i, asn1_type);
/* for string fields (these encoders take an additional argument,
/* if you really have to do things yourself... */
retval = asn1_encode_asn1_type(buf,rep->field,&length);
- if(retval) return retval;
+ if (retval) return retval;
sum += length;
retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, tag_number, length,
&length);
- if(retval) return retval;
+ if (retval) return retval;
sum += length;
...
/* asn1_addfield -- add a field, or component, to the encoding */
#define asn1_addfield(value,tag,encoder)\
{ retval = encoder(buf,value,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length;\
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* asn1_addlenfield -- add a field whose length must be separately specified */
#define asn1_addlenfield(len,value,tag,encoder)\
{ retval = encoder(buf,len,value,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length;\
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* asn1_addfield_implicit -- add an implicitly tagged field, or component, to the encoding */
#define asn1_addfield_implicit(value,tag,encoder)\
{ retval = encoder(buf,value,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length;\
retval = asn1_make_tag(buf,CONTEXT_SPECIFIC,PRIMITIVE,tag,length,&length); \
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* asn1_insert_implicit_octetstring -- add an octet string with implicit tagging */
#define asn1_insert_implicit_octetstring(len,value,tag)\
{ retval = asn1buf_insert_octetstring(buf,len,value);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += len;\
retval = asn1_make_tag(buf,CONTEXT_SPECIFIC,PRIMITIVE,tag,len,&length); \
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* asn1_insert_implicit_bitstring -- add a bitstring with implicit tagging */
#define asn1_insert_implicit_bitstring(len,value,tag)\
{ retval = asn1buf_insert_octetstring(buf,len,value);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += len;\
retval = asn1buf_insert_octet(buf, 0);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum++;\
retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,tag,len+1,&length); \
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* form a sequence (by adding a sequence header to the current encoding) */
#define asn1_makeseq()\
retval = asn1_make_sequence(buf,sum,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length
/* add an APPLICATION class tag to the current encoding */
#define asn1_apptag(num)\
retval = asn1_make_etag(buf,APPLICATION,num,sum,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length
asn1_error_code asn1_encode_ui_4(asn1buf *buf, const krb5_ui_4 val, unsigned int *retlen)
{
- return asn1_encode_unsigned_integer(buf,val,retlen);
+ return asn1_encode_unsigned_integer(buf,val,retlen);
}
asn1_error_code asn1_encode_realm(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
{
- if (val == NULL ||
- (val->realm.length && val->realm.data == NULL))
- return ASN1_MISSING_FIELD;
- return asn1_encode_generalstring(buf,val->realm.length,val->realm.data,
- retlen);
+ if (val == NULL ||
+ (val->realm.length && val->realm.data == NULL))
+ return ASN1_MISSING_FIELD;
+ return asn1_encode_generalstring(buf,val->realm.length,val->realm.data,
+ retlen);
}
asn1_error_code asn1_encode_principal_name(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
{
- asn1_setup();
- int n;
+ asn1_setup();
+ int n;
- if (val == NULL || val->data == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val->data == NULL) return ASN1_MISSING_FIELD;
- for(n = (int) ((val->length)-1); n >= 0; n--){
- if (val->data[n].length &&
- val->data[n].data == NULL)
+ for (n = (int) ((val->length)-1); n >= 0; n--) {
+ if (val->data[n].length &&
+ val->data[n].data == NULL)
return ASN1_MISSING_FIELD;
- retval = asn1_encode_generalstring(buf,
- (val->data)[n].length,
- (val->data)[n].data,
- &length);
- if(retval) return retval;
+ retval = asn1_encode_generalstring(buf,
+ (val->data)[n].length,
+ (val->data)[n].data,
+ &length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
+ retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,1,sum,&length);
+ if (retval) return retval;
sum += length;
- }
- asn1_makeseq();
- retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,1,sum,&length);
- if(retval) return retval;
- sum += length;
- asn1_addfield(val->type,0,asn1_encode_integer);
+ asn1_addfield(val->type,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_kerberos_time(asn1buf *buf, const krb5_timestamp val, unsigned int *retlen)
{
- return asn1_encode_generaltime(buf,val,retlen);
+ return asn1_encode_generaltime(buf,val,retlen);
}
asn1_error_code asn1_encode_host_address(asn1buf *buf, const krb5_address *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val == NULL || val->contents == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val->contents == NULL) return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
- asn1_addfield(val->addrtype,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+ asn1_addfield(val->addrtype,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_host_addresses(asn1buf *buf, const krb5_address **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++); /* go to end of array */
- for(i--; i>=0; i--){
- retval = asn1_encode_host_address(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++); /* go to end of array */
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_host_address(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_encrypted_data(asn1buf *buf, const krb5_enc_data *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL ||
- (val->ciphertext.length && val->ciphertext.data == NULL))
- return ASN1_MISSING_FIELD;
+ if (val == NULL ||
+ (val->ciphertext.length && val->ciphertext.data == NULL))
+ return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
- /* krb5_kvno should be int */
- if(val->kvno)
- asn1_addfield((int) val->kvno,1,asn1_encode_integer);
- asn1_addfield(val->enctype,0,asn1_encode_integer);
+ asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
+ /* krb5_kvno should be int */
+ if (val->kvno)
+ asn1_addfield((int) val->kvno,1,asn1_encode_integer);
+ asn1_addfield(val->enctype,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_krb5_flags(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
{
- asn1_setup();
- krb5_flags valcopy = val;
- int i;
+ asn1_setup();
+ krb5_flags valcopy = val;
+ int i;
- for(i=0; i<4; i++){
- retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
- if(retval) return retval;
- valcopy >>= 8;
- }
- retval = asn1buf_insert_octet(buf,0); /* 0 padding bits */
- if(retval) return retval;
- sum = 5;
+ for (i=0; i<4; i++) {
+ retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
+ if (retval) return retval;
+ valcopy >>= 8;
+ }
+ retval = asn1buf_insert_octet(buf,0); /* 0 padding bits */
+ if (retval) return retval;
+ sum = 5;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_BITSTRING,sum,
- &length);
- if(retval) return retval;
- sum += length;
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_BITSTRING,sum,
+ &length);
+ if (retval) return retval;
+ sum += length;
- *retlen = sum;
- return 0;
+ *retlen = sum;
+ return 0;
}
asn1_error_code asn1_encode_ap_options(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
{
- return asn1_encode_krb5_flags(buf,val,retlen);
+ return asn1_encode_krb5_flags(buf,val,retlen);
}
asn1_error_code asn1_encode_ticket_flags(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
{
- return asn1_encode_krb5_flags(buf,val,retlen);
+ return asn1_encode_krb5_flags(buf,val,retlen);
}
asn1_error_code asn1_encode_kdc_options(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
{
- return asn1_encode_krb5_flags(buf,val,retlen);
+ return asn1_encode_krb5_flags(buf,val,retlen);
}
asn1_error_code asn1_encode_authorization_data(asn1buf *buf, const krb5_authdata **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++); /* get to the end of the array */
- for(i--; i>=0; i--){
- retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++); /* get to the end of the array */
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_krb5_authdata_elt(asn1buf *buf, const krb5_authdata *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val == NULL ||
- (val->length && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ if (val == NULL ||
+ (val->length && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
- /* ad-data[1] OCTET STRING */
- asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
- /* ad-type[0] INTEGER */
- asn1_addfield(val->ad_type,0,asn1_encode_integer);
- /* SEQUENCE */
- asn1_makeseq();
+ /* ad-data[1] OCTET STRING */
+ asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+ /* ad-type[0] INTEGER */
+ asn1_addfield(val->ad_type,0,asn1_encode_integer);
+ /* SEQUENCE */
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_kdc_rep(int msg_type, asn1buf *buf, const krb5_kdc_rep *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- asn1_addfield(&(val->enc_part),6,asn1_encode_encrypted_data);
- asn1_addfield(val->ticket,5,asn1_encode_ticket);
- asn1_addfield(val->client,4,asn1_encode_principal_name);
- asn1_addfield(val->client,3,asn1_encode_realm);
- if(val->padata != NULL && val->padata[0] != NULL)
- asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
- if (msg_type != KRB5_AS_REP && msg_type != KRB5_TGS_REP)
- return KRB5_BADMSGTYPE;
- asn1_addfield(msg_type,1,asn1_encode_integer);
- asn1_addfield(KVNO,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addfield(&(val->enc_part),6,asn1_encode_encrypted_data);
+ asn1_addfield(val->ticket,5,asn1_encode_ticket);
+ asn1_addfield(val->client,4,asn1_encode_principal_name);
+ asn1_addfield(val->client,3,asn1_encode_realm);
+ if (val->padata != NULL && val->padata[0] != NULL)
+ asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
+ if (msg_type != KRB5_AS_REP && msg_type != KRB5_TGS_REP)
+ return KRB5_BADMSGTYPE;
+ asn1_addfield(msg_type,1,asn1_encode_integer);
+ asn1_addfield(KVNO,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_enc_kdc_rep_part(asn1buf *buf, const krb5_enc_kdc_rep_part *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- /* caddr[11] HostAddresses OPTIONAL */
- if(val->caddrs != NULL && val->caddrs[0] != NULL)
- asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
+ /* caddr[11] HostAddresses OPTIONAL */
+ if (val->caddrs != NULL && val->caddrs[0] != NULL)
+ asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
- /* sname[10] PrincipalName */
- asn1_addfield(val->server,10,asn1_encode_principal_name);
+ /* sname[10] PrincipalName */
+ asn1_addfield(val->server,10,asn1_encode_principal_name);
- /* srealm[9] Realm */
- asn1_addfield(val->server,9,asn1_encode_realm);
+ /* srealm[9] Realm */
+ asn1_addfield(val->server,9,asn1_encode_realm);
- /* renew-till[8] KerberosTime OPTIONAL */
- if(val->flags & TKT_FLG_RENEWABLE)
- asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
+ /* renew-till[8] KerberosTime OPTIONAL */
+ if (val->flags & TKT_FLG_RENEWABLE)
+ asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
- /* endtime[7] KerberosTime */
- asn1_addfield(val->times.endtime,7,asn1_encode_kerberos_time);
+ /* endtime[7] KerberosTime */
+ asn1_addfield(val->times.endtime,7,asn1_encode_kerberos_time);
- /* starttime[6] KerberosTime OPTIONAL */
- if(val->times.starttime)
- asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
+ /* starttime[6] KerberosTime OPTIONAL */
+ if (val->times.starttime)
+ asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
- /* authtime[5] KerberosTime */
- asn1_addfield(val->times.authtime,5,asn1_encode_kerberos_time);
+ /* authtime[5] KerberosTime */
+ asn1_addfield(val->times.authtime,5,asn1_encode_kerberos_time);
- /* flags[4] TicketFlags */
- asn1_addfield(val->flags,4,asn1_encode_ticket_flags);
+ /* flags[4] TicketFlags */
+ asn1_addfield(val->flags,4,asn1_encode_ticket_flags);
- /* key-expiration[3] KerberosTime OPTIONAL */
- if(val->key_exp)
- asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
+ /* key-expiration[3] KerberosTime OPTIONAL */
+ if (val->key_exp)
+ asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
- /* nonce[2] INTEGER */
- asn1_addfield(val->nonce,2,asn1_encode_integer);
+ /* nonce[2] INTEGER */
+ asn1_addfield(val->nonce,2,asn1_encode_integer);
- /* last-req[1] LastReq */
- asn1_addfield((const krb5_last_req_entry**)val->last_req,1,asn1_encode_last_req);
+ /* last-req[1] LastReq */
+ asn1_addfield((const krb5_last_req_entry**)val->last_req,1,asn1_encode_last_req);
- /* key[0] EncryptionKey */
- asn1_addfield(val->session,0,asn1_encode_encryption_key);
+ /* key[0] EncryptionKey */
+ asn1_addfield(val->session,0,asn1_encode_encryption_key);
- /* EncKDCRepPart ::= SEQUENCE */
- asn1_makeseq();
+ /* EncKDCRepPart ::= SEQUENCE */
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_checksum(asn1buf *buf, const krb5_checksum ** val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- for (i=0; val[i] != NULL; i++);
- for (i--; i>=0; i--){
- retval = asn1_encode_checksum(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_checksum(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_kdc_req_body(asn1buf *buf, const krb5_kdc_req *rep, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(rep == NULL) return ASN1_MISSING_FIELD;
-
- /* additional-tickets[11] SEQUENCE OF Ticket OPTIONAL */
- if(rep->second_ticket != NULL && rep->second_ticket[0] != NULL)
- asn1_addfield((const krb5_ticket**)rep->second_ticket,
- 11,asn1_encode_sequence_of_ticket);
-
- /* enc-authorization-data[10] EncryptedData OPTIONAL, */
- /* -- Encrypted AuthorizationData encoding */
- if(rep->authorization_data.ciphertext.data != NULL)
- asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
-
- /* addresses[9] HostAddresses OPTIONAL, */
- if(rep->addresses != NULL && rep->addresses[0] != NULL)
- asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
-
- /* etype[8] SEQUENCE OF INTEGER, -- EncryptionType, */
- /* -- in preference order */
- asn1_addlenfield(rep->nktypes,rep->ktype,8,asn1_encode_sequence_of_enctype);
-
- /* nonce[7] INTEGER, */
- asn1_addfield(rep->nonce,7,asn1_encode_integer);
-
- /* rtime[6] KerberosTime OPTIONAL, */
- if(rep->rtime)
- asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
-
- /* till[5] KerberosTime, */
- asn1_addfield(rep->till,5,asn1_encode_kerberos_time);
-
- /* from[4] KerberosTime OPTIONAL, */
- if(rep->from)
- asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
-
- /* sname[3] PrincipalName OPTIONAL, */
- if(rep->server != NULL)
- asn1_addfield(rep->server,3,asn1_encode_principal_name);
-
- /* realm[2] Realm, -- Server's realm */
- /* -- Also client's in AS-REQ */
- if(rep->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY){
- if(rep->second_ticket != NULL && rep->second_ticket[0] != NULL){
- asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
+ if (rep == NULL) return ASN1_MISSING_FIELD;
+
+ /* additional-tickets[11] SEQUENCE OF Ticket OPTIONAL */
+ if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL)
+ asn1_addfield((const krb5_ticket**)rep->second_ticket,
+ 11,asn1_encode_sequence_of_ticket);
+
+ /* enc-authorization-data[10] EncryptedData OPTIONAL, */
+ /* -- Encrypted AuthorizationData encoding */
+ if (rep->authorization_data.ciphertext.data != NULL)
+ asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
+
+ /* addresses[9] HostAddresses OPTIONAL, */
+ if (rep->addresses != NULL && rep->addresses[0] != NULL)
+ asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
+
+ /* etype[8] SEQUENCE OF INTEGER, -- EncryptionType, */
+ /* -- in preference order */
+ asn1_addlenfield(rep->nktypes,rep->ktype,8,asn1_encode_sequence_of_enctype);
+
+ /* nonce[7] INTEGER, */
+ asn1_addfield(rep->nonce,7,asn1_encode_integer);
+
+ /* rtime[6] KerberosTime OPTIONAL, */
+ if (rep->rtime)
+ asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
+
+ /* till[5] KerberosTime, */
+ asn1_addfield(rep->till,5,asn1_encode_kerberos_time);
+
+ /* from[4] KerberosTime OPTIONAL, */
+ if (rep->from)
+ asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
+
+ /* sname[3] PrincipalName OPTIONAL, */
+ if (rep->server != NULL)
+ asn1_addfield(rep->server,3,asn1_encode_principal_name);
+
+ /* realm[2] Realm, -- Server's realm */
+ /* -- Also client's in AS-REQ */
+ if (rep->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY) {
+ if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL) {
+ asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
+ } else return ASN1_MISSING_FIELD;
+ } else if (rep->server != NULL) {
+ asn1_addfield(rep->server,2,asn1_encode_realm);
} else return ASN1_MISSING_FIELD;
- }else if(rep->server != NULL){
- asn1_addfield(rep->server,2,asn1_encode_realm);
- }else return ASN1_MISSING_FIELD;
- /* cname[1] PrincipalName OPTIONAL, */
- /* -- Used only in AS-REQ */
- if(rep->client != NULL)
- asn1_addfield(rep->client,1,asn1_encode_principal_name);
+ /* cname[1] PrincipalName OPTIONAL, */
+ /* -- Used only in AS-REQ */
+ if (rep->client != NULL)
+ asn1_addfield(rep->client,1,asn1_encode_principal_name);
- /* kdc-options[0] KDCOptions, */
- asn1_addfield(rep->kdc_options,0,asn1_encode_kdc_options);
+ /* kdc-options[0] KDCOptions, */
+ asn1_addfield(rep->kdc_options,0,asn1_encode_kdc_options);
- /* KDC-REQ-BODY ::= SEQUENCE */
- asn1_makeseq();
+ /* KDC-REQ-BODY ::= SEQUENCE */
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_encryption_key(asn1buf *buf, const krb5_keyblock *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val == NULL ||
- (val->length && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ if (val == NULL ||
+ (val->length && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
- asn1_addfield(val->enctype,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+ asn1_addfield(val->enctype,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_checksum(asn1buf *buf, const krb5_checksum *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val == NULL ||
- (val->length && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ if (val == NULL ||
+ (val->length && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
- asn1_addfield(val->checksum_type,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+ asn1_addfield(val->checksum_type,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_transited_encoding(asn1buf *buf, const krb5_transited *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL ||
- (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
- return ASN1_MISSING_FIELD;
+ if (val == NULL ||
+ (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
+ return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->tr_contents.length,val->tr_contents.data,
- 1,asn1_encode_charstring);
- asn1_addfield(val->tr_type,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addlenfield(val->tr_contents.length,val->tr_contents.data,
+ 1,asn1_encode_charstring);
+ asn1_addfield(val->tr_type,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_last_req(asn1buf *buf, const krb5_last_req_entry **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++); /* go to end of array */
- for(i--; i>=0; i--){
- retval = asn1_encode_last_req_entry(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++); /* go to end of array */
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_last_req_entry(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_last_req_entry(asn1buf *buf, const krb5_last_req_entry *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- asn1_addfield(val->value,1,asn1_encode_kerberos_time);
- asn1_addfield(val->lr_type,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addfield(val->value,1,asn1_encode_kerberos_time);
+ asn1_addfield(val->lr_type,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_pa_data(asn1buf *buf, const krb5_pa_data **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if (val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_pa_data(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_pa_data(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_pa_data(asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL || (val->length != 0 && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ if (val == NULL || (val->length != 0 && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->length,val->contents,2,asn1_encode_octetstring);
- asn1_addfield(val->pa_type,1,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addlenfield(val->length,val->contents,2,asn1_encode_octetstring);
+ asn1_addfield(val->pa_type,1,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_ticket(asn1buf *buf, const krb5_ticket **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_ticket(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_ticket(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_ticket(asn1buf *buf, const krb5_ticket *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- asn1_addfield(&(val->enc_part),3,asn1_encode_encrypted_data);
- asn1_addfield(val->server,2,asn1_encode_principal_name);
- asn1_addfield(val->server,1,asn1_encode_realm);
- asn1_addfield(KVNO,0,asn1_encode_integer);
- asn1_makeseq();
- asn1_apptag(1);
+ asn1_addfield(&(val->enc_part),3,asn1_encode_encrypted_data);
+ asn1_addfield(val->server,2,asn1_encode_principal_name);
+ asn1_addfield(val->server,1,asn1_encode_realm);
+ asn1_addfield(KVNO,0,asn1_encode_integer);
+ asn1_makeseq();
+ asn1_apptag(1);
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_enctype(asn1buf *buf, const int len, const krb5_enctype *val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- for(i=len-1; i>=0; i--){
- retval = asn1_encode_integer(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=len-1; i>=0; i--) {
+ retval = asn1_encode_integer(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_kdc_req(int msg_type, asn1buf *buf, const krb5_kdc_req *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- asn1_addfield(val,4,asn1_encode_kdc_req_body);
- if(val->padata != NULL && val->padata[0] != NULL)
- asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
- if (msg_type != KRB5_AS_REQ && msg_type != KRB5_TGS_REQ)
- return KRB5_BADMSGTYPE;
- asn1_addfield(msg_type,2,asn1_encode_integer);
- asn1_addfield(KVNO,1,asn1_encode_integer);
- asn1_makeseq();
+ asn1_addfield(val,4,asn1_encode_kdc_req_body);
+ if (val->padata != NULL && val->padata[0] != NULL)
+ asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
+ if (msg_type != KRB5_AS_REQ && msg_type != KRB5_TGS_REQ)
+ return KRB5_BADMSGTYPE;
+ asn1_addfield(msg_type,2,asn1_encode_integer);
+ asn1_addfield(KVNO,1,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_krb_safe_body(asn1buf *buf, const krb5_safe *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- if(val->r_address != NULL)
- asn1_addfield(val->r_address,5,asn1_encode_host_address);
- asn1_addfield(val->s_address,4,asn1_encode_host_address);
- if(val->seq_number)
- asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
- if(val->timestamp){
- asn1_addfield(val->usec,2,asn1_encode_integer);
- asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
- }
- if (val->user_data.length && val->user_data.data == NULL)
- return ASN1_MISSING_FIELD;
- asn1_addlenfield(val->user_data.length,val->user_data.data,0,asn1_encode_charstring)
-;
+ if (val->r_address != NULL)
+ asn1_addfield(val->r_address,5,asn1_encode_host_address);
+ asn1_addfield(val->s_address,4,asn1_encode_host_address);
+ if (val->seq_number)
+ asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
+ if (val->timestamp) {
+ asn1_addfield(val->usec,2,asn1_encode_integer);
+ asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
+ }
+ if (val->user_data.length && val->user_data.data == NULL)
+ return ASN1_MISSING_FIELD;
+ asn1_addlenfield(val->user_data.length,val->user_data.data,0,asn1_encode_charstring)
+ ;
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_krb_cred_info(asn1buf *buf, const krb5_cred_info **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_krb_cred_info(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_krb_cred_info(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_krb_cred_info(asn1buf *buf, const krb5_cred_info *val, unsigned int *retlen)
{
- asn1_setup();
-
- if(val == NULL) return ASN1_MISSING_FIELD;
-
- if(val->caddrs != NULL && val->caddrs[0] != NULL)
- asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
- if(val->server != NULL){
- asn1_addfield(val->server,9,asn1_encode_principal_name);
- asn1_addfield(val->server,8,asn1_encode_realm);
- }
- if(val->times.renew_till)
- asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
- if(val->times.endtime)
- asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
- if(val->times.starttime)
- asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
- if(val->times.authtime)
- asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
- if(val->flags)
- asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
- if(val->client != NULL){
- asn1_addfield(val->client,2,asn1_encode_principal_name);
- asn1_addfield(val->client,1,asn1_encode_realm);
- }
- asn1_addfield(val->session,0,asn1_encode_encryption_key);
-
- asn1_makeseq();
-
- asn1_cleanup();
+ asn1_setup();
+
+ if (val == NULL) return ASN1_MISSING_FIELD;
+
+ if (val->caddrs != NULL && val->caddrs[0] != NULL)
+ asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
+ if (val->server != NULL) {
+ asn1_addfield(val->server,9,asn1_encode_principal_name);
+ asn1_addfield(val->server,8,asn1_encode_realm);
+ }
+ if (val->times.renew_till)
+ asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
+ if (val->times.endtime)
+ asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
+ if (val->times.starttime)
+ asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
+ if (val->times.authtime)
+ asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
+ if (val->flags)
+ asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
+ if (val->client != NULL) {
+ asn1_addfield(val->client,2,asn1_encode_principal_name);
+ asn1_addfield(val->client,1,asn1_encode_realm);
+ }
+ asn1_addfield(val->session,0,asn1_encode_encryption_key);
+
+ asn1_makeseq();
+
+ asn1_cleanup();
}
asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info_entry *val,
unsigned int *retlen, int etype_info2)
{
- asn1_setup();
+ asn1_setup();
- assert(val->s2kparams.data == NULL || etype_info2);
- if(val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
- val->salt == NULL))
- return ASN1_MISSING_FIELD;
- if(val->s2kparams.data != NULL)
- asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
- asn1_encode_octetstring);
- if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT){
- if (etype_info2)
- asn1_addlenfield(val->length,val->salt,1,
- asn1_encode_generalstring)
- else asn1_addlenfield(val->length,val->salt,1,
- asn1_encode_octetstring);
- }
-asn1_addfield(val->etype,0,asn1_encode_integer);
- asn1_makeseq();
+ assert(val->s2kparams.data == NULL || etype_info2);
+ if (val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
+ val->salt == NULL))
+ return ASN1_MISSING_FIELD;
+ if (val->s2kparams.data != NULL)
+ asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
+ asn1_encode_octetstring);
+ if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT) {
+ if (etype_info2)
+ asn1_addlenfield(val->length,val->salt,1,
+ asn1_encode_generalstring)
+ else asn1_addlenfield(val->length,val->salt,1,
+ asn1_encode_octetstring);
+ }
+ asn1_addfield(val->etype,0,asn1_encode_integer);
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry **val,
if (val == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++); /* get to the end of the array */
- for(i--; i>=0; i--){
+ for (i=0; val[i] != NULL; i++); /* get to the end of the array */
+ for (i--; i>=0; i--) {
retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
- if(retval) return retval;
+ if (retval) return retval;
sum += length;
}
asn1_makeseq();
asn1_error_code asn1_encode_sequence_of_passwdsequence(asn1buf *buf, const passwd_phrase_element **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++); /* get to the end of the array */
- for(i--; i>=0; i--){
- retval = asn1_encode_passwdsequence(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
- asn1_cleanup();
+ for (i=0; val[i] != NULL; i++); /* get to the end of the array */
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_passwdsequence(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_passwdsequence(asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen)
{
- asn1_setup();
- asn1_addlenfield(val->phrase->length,val->phrase->data,1,asn1_encode_charstring);
- asn1_addlenfield(val->passwd->length,val->passwd->data,0,asn1_encode_charstring);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_setup();
+ asn1_addlenfield(val->phrase->length,val->phrase->data,1,asn1_encode_charstring);
+ asn1_addlenfield(val->passwd->length,val->passwd->data,0,asn1_encode_charstring);
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sam_flags(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
{
- return asn1_encode_krb5_flags(buf,val,retlen);
+ return asn1_encode_krb5_flags(buf,val,retlen);
}
-#define add_optstring(val,n,fn) \
- if ((val).length > 0) {asn1_addlenfield((val).length,(val).data,n,fn);}
+#define add_optstring(val,n,fn) \
+ if ((val).length > 0) {asn1_addlenfield((val).length,(val).data,n,fn);}
asn1_error_code asn1_encode_sam_challenge(asn1buf *buf, const krb5_sam_challenge *val, unsigned int *retlen)
{
- asn1_setup();
- /* possibly wrong */
- if (val->sam_cksum.length)
- asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
+ asn1_setup();
+ /* possibly wrong */
+ if (val->sam_cksum.length)
+ asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
- if (val->sam_nonce)
- asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
+ if (val->sam_nonce)
+ asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
- add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
- add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
- add_optstring(val->sam_challenge,5,asn1_encode_charstring);
- add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
- add_optstring(val->sam_track_id,3,asn1_encode_charstring);
- add_optstring(val->sam_type_name,2,asn1_encode_charstring);
+ add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
+ add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
+ add_optstring(val->sam_challenge,5,asn1_encode_charstring);
+ add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
+ add_optstring(val->sam_track_id,3,asn1_encode_charstring);
+ add_optstring(val->sam_type_name,2,asn1_encode_charstring);
- asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
- asn1_addfield(val->sam_type,0,asn1_encode_integer);
+ asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+ asn1_addfield(val->sam_type,0,asn1_encode_integer);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sam_challenge_2(asn1buf *buf, const krb5_sam_challenge_2 *val, unsigned int *retlen)
{
- asn1_setup();
- if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
- return ASN1_MISSING_FIELD;
-
- asn1_addfield((const krb5_checksum **) val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
- retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
- (unsigned char *)val->sam_challenge_2_body.data);
- if(retval){
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += val->sam_challenge_2_body.length;
- retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
- val->sam_challenge_2_body.length, &length);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += length;
+ asn1_setup();
+ if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
+ return ASN1_MISSING_FIELD;
+
+ asn1_addfield((const krb5_checksum **) val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
+ retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
+ (unsigned char *)val->sam_challenge_2_body.data);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += val->sam_challenge_2_body.length;
+ retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
+ val->sam_challenge_2_body.length, &length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += length;
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sam_challenge_2_body(asn1buf *buf, const krb5_sam_challenge_2_body *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- asn1_addfield(val->sam_etype, 9, asn1_encode_integer);
- asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
- add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
- add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
- add_optstring(val->sam_challenge,5,asn1_encode_charstring);
- add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
- add_optstring(val->sam_track_id,3,asn1_encode_charstring);
- add_optstring(val->sam_type_name,2,asn1_encode_charstring);
+ asn1_addfield(val->sam_etype, 9, asn1_encode_integer);
+ asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
+ add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
+ add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
+ add_optstring(val->sam_challenge,5,asn1_encode_charstring);
+ add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
+ add_optstring(val->sam_track_id,3,asn1_encode_charstring);
+ add_optstring(val->sam_type_name,2,asn1_encode_charstring);
- asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
- asn1_addfield(val->sam_type,0,asn1_encode_integer);
+ asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+ asn1_addfield(val->sam_type,0,asn1_encode_integer);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sam_key(asn1buf *buf, const krb5_sam_key *val, unsigned int *retlen)
{
- asn1_setup();
- asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
+ asn1_setup();
+ asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_enc_sam_response_enc(asn1buf *buf, const krb5_enc_sam_response_enc *val, unsigned int *retlen)
{
- asn1_setup();
- add_optstring(val->sam_sad,3,asn1_encode_charstring);
- asn1_addfield(val->sam_usec,2,asn1_encode_integer);
- asn1_addfield(val->sam_timestamp,1,asn1_encode_kerberos_time);
- asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
+ asn1_setup();
+ add_optstring(val->sam_sad,3,asn1_encode_charstring);
+ asn1_addfield(val->sam_usec,2,asn1_encode_integer);
+ asn1_addfield(val->sam_timestamp,1,asn1_encode_kerberos_time);
+ asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_enc_sam_response_enc_2(asn1buf *buf, const krb5_enc_sam_response_enc_2 *val, unsigned int *retlen)
{
- asn1_setup();
- add_optstring(val->sam_sad,1,asn1_encode_charstring);
- asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
+ asn1_setup();
+ add_optstring(val->sam_sad,1,asn1_encode_charstring);
+ asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sam_response(asn1buf *buf, const krb5_sam_response *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->sam_patimestamp)
- asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
- if (val->sam_nonce)
- asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
- asn1_addfield(&(val->sam_enc_nonce_or_ts),4,asn1_encode_encrypted_data);
- if (val->sam_enc_key.ciphertext.length)
- asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
- add_optstring(val->sam_track_id,2,asn1_encode_charstring);
- asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
- asn1_addfield(val->sam_type,0,asn1_encode_integer);
+ if (val->sam_patimestamp)
+ asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
+ if (val->sam_nonce)
+ asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
+ asn1_addfield(&(val->sam_enc_nonce_or_ts),4,asn1_encode_encrypted_data);
+ if (val->sam_enc_key.ciphertext.length)
+ asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
+ add_optstring(val->sam_track_id,2,asn1_encode_charstring);
+ asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+ asn1_addfield(val->sam_type,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sam_response_2(asn1buf *buf, const krb5_sam_response_2 *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- asn1_addfield(val->sam_nonce,4,asn1_encode_integer);
- asn1_addfield(&(val->sam_enc_nonce_or_sad),3,asn1_encode_encrypted_data);
- add_optstring(val->sam_track_id,2,asn1_encode_charstring);
- asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
- asn1_addfield(val->sam_type,0,asn1_encode_integer);
+ asn1_addfield(val->sam_nonce,4,asn1_encode_integer);
+ asn1_addfield(&(val->sam_enc_nonce_or_sad),3,asn1_encode_encrypted_data);
+ add_optstring(val->sam_track_id,2,asn1_encode_charstring);
+ asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+ asn1_addfield(val->sam_type,0,asn1_encode_integer);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_predicted_sam_response(asn1buf *buf, const krb5_predicted_sam_response *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- add_optstring(val->msd,6,asn1_encode_charstring);
- asn1_addfield(val->client,5,asn1_encode_principal_name);
- asn1_addfield(val->client,4,asn1_encode_realm);
- asn1_addfield(val->susec,3,asn1_encode_integer);
- asn1_addfield(val->stime,2,asn1_encode_kerberos_time);
- asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
- asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
+ add_optstring(val->msd,6,asn1_encode_charstring);
+ asn1_addfield(val->client,5,asn1_encode_principal_name);
+ asn1_addfield(val->client,4,asn1_encode_realm);
+ asn1_addfield(val->susec,3,asn1_encode_integer);
+ asn1_addfield(val->stime,2,asn1_encode_kerberos_time);
+ asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+ asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
- asn1_makeseq();
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
/*
*/
asn1_error_code asn1_encode_krb_saved_safe_body(asn1buf *buf, const krb5_data *body, unsigned int *retlen)
{
- asn1_error_code retval;
+ asn1_error_code retval;
- retval = asn1buf_insert_octetstring(buf, body->length,
- (krb5_octet *)body->data);
- if (retval){
- asn1buf_destroy(&buf);
- return retval;
- }
- *retlen = body->length;
- return 0;
+ retval = asn1buf_insert_octetstring(buf, body->length,
+ (krb5_octet *)body->data);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ *retlen = body->length;
+ return 0;
}
#ifndef DISABLE_PKINIT
asn1_error_code asn1_encode_pk_authenticator(asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen)
{
- asn1_setup();
- asn1_addlenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_encode_octetstring);
- asn1_addfield(val->nonce, 2, asn1_encode_integer);
- asn1_addfield(val->ctime, 1, asn1_encode_kerberos_time);
- asn1_addfield(val->cusec, 0, asn1_encode_integer);
+ asn1_setup();
+ asn1_addlenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_encode_octetstring);
+ asn1_addfield(val->nonce, 2, asn1_encode_integer);
+ asn1_addfield(val->ctime, 1, asn1_encode_kerberos_time);
+ asn1_addfield(val->cusec, 0, asn1_encode_integer);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_pk_authenticator_draft9(asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- asn1_addfield(val->nonce, 4, asn1_encode_integer);
- asn1_addfield(val->ctime, 3, asn1_encode_kerberos_time);
- asn1_addfield(val->cusec, 2, asn1_encode_integer);
- asn1_addfield(val->kdcName, 1, asn1_encode_realm);
- asn1_addfield(val->kdcName, 0, asn1_encode_principal_name);
+ asn1_addfield(val->nonce, 4, asn1_encode_integer);
+ asn1_addfield(val->ctime, 3, asn1_encode_kerberos_time);
+ asn1_addfield(val->cusec, 2, asn1_encode_integer);
+ asn1_addfield(val->kdcName, 1, asn1_encode_realm);
+ asn1_addfield(val->kdcName, 0, asn1_encode_principal_name);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_algorithm_identifier(asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->parameters.length != 0) {
- retval = asn1buf_insert_octetstring(buf, val->parameters.length,
- val->parameters.data);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
+ if (val->parameters.length != 0) {
+ retval = asn1buf_insert_octetstring(buf, val->parameters.length,
+ val->parameters.data);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += val->parameters.length;
}
- sum += val->parameters.length;
- }
- retval = asn1_encode_oid(buf, val->algorithm.length,
- val->algorithm.data,
- &length);
+ retval = asn1_encode_oid(buf, val->algorithm.length,
+ val->algorithm.data,
+ &length);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += length;
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += length;
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_subject_pk_info(asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
+ asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
- if (val->algorithm.parameters.length != 0) {
- retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length,
- val->algorithm.parameters.data);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
+ if (val->algorithm.parameters.length != 0) {
+ retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length,
+ val->algorithm.parameters.data);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += val->algorithm.parameters.length;
}
- sum += val->algorithm.parameters.length;
- }
- retval = asn1_encode_oid(buf, val->algorithm.algorithm.length,
- val->algorithm.algorithm.data,
- &length);
+ retval = asn1_encode_oid(buf, val->algorithm.algorithm.length,
+ val->algorithm.algorithm.data,
+ &length);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += length;
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += length;
- retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE,
- val->algorithm.parameters.length + length,
- &length);
+ retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE,
+ val->algorithm.parameters.length + length,
+ &length);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += length;
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += length;
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_algorithm_identifier(asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_auth_pack(asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->clientDHNonce.length != 0)
- asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
- if (val->supportedCMSTypes != NULL)
- asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
- if (val->clientPublicValue != NULL)
- asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
- asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
+ if (val->clientDHNonce.length != 0)
+ asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
+ if (val->supportedCMSTypes != NULL)
+ asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
+ if (val->clientPublicValue != NULL)
+ asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
+ asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_auth_pack_draft9(asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->clientPublicValue != NULL)
- asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
- asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
+ if (val->clientPublicValue != NULL)
+ asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
+ asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_external_principal_identifier(asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- /* Verify there is something to encode */
- if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
- return ASN1_MISSING_FIELD;
+ /* Verify there is something to encode */
+ if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
+ return ASN1_MISSING_FIELD;
- if (val->subjectKeyIdentifier.length != 0)
- asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
+ if (val->subjectKeyIdentifier.length != 0)
+ asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
- if (val->issuerAndSerialNumber.length != 0)
- asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
+ if (val->issuerAndSerialNumber.length != 0)
+ asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
- if (val->subjectName.length != 0)
- asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
+ if (val->subjectName.length != 0)
+ asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_external_principal_identifier(asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_req(asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->kdcPkId.length != 0)
- asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
+ if (val->kdcPkId.length != 0)
+ asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
- if (val->trustedCertifiers != NULL)
- asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
+ if (val->trustedCertifiers != NULL)
+ asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
- asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
+ asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_trusted_ca(asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- switch (val->choice) {
+ switch (val->choice) {
case choice_trusted_cas_issuerAndSerial:
- asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
- break;
+ asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
+ break;
case choice_trusted_cas_caName:
- asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
- break;
+ asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
+ break;
case choice_trusted_cas_principalName:
- asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
- break;
+ asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
+ break;
default:
- return ASN1_MISSING_FIELD;
- }
+ return ASN1_MISSING_FIELD;
+ }
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_trusted_ca(asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_trusted_ca(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
- asn1_cleanup();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_trusted_ca(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_req_draft9(asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->encryptionCert.length != 0)
- asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
+ if (val->encryptionCert.length != 0)
+ asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
- if (val->kdcCert.length != 0)
- asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
+ if (val->kdcCert.length != 0)
+ asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
- if (val->trustedCertifiers != NULL)
- asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
+ if (val->trustedCertifiers != NULL)
+ asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
- asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
+ asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_dh_rep_info(asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- if (val->serverDHNonce.length != 0)
- asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
+ if (val->serverDHNonce.length != 0)
+ asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
- asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
+ asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_kdc_dh_key_info(asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen)
{
- asn1_setup();
-
- if (val->dhKeyExpiration != 0)
- asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
- asn1_addfield(val->nonce, 1, asn1_encode_integer);
+ asn1_setup();
- asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
- retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
- val->subjectPublicKey.length + 1 + length,
- &length);
- if(retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += length;
+ if (val->dhKeyExpiration != 0)
+ asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
+ asn1_addfield(val->nonce, 1, asn1_encode_integer);
+
+ asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
+ retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
+ val->subjectPublicKey.length + 1 + length,
+ &length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += length;
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_reply_key_pack(asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- asn1_addfield(&(val->asChecksum), 1, asn1_encode_checksum);
- asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
+ asn1_addfield(&(val->asChecksum), 1, asn1_encode_checksum);
+ asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_reply_key_pack_draft9(asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- asn1_addfield(val->nonce, 1, asn1_encode_integer);
- asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
+ asn1_addfield(val->nonce, 1, asn1_encode_integer);
+ asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_makeseq();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_rep(asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- switch (val->choice)
- {
+ switch (val->choice)
+ {
case choice_pa_pk_as_rep_dhInfo:
- asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
- break;
+ asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
+ break;
case choice_pa_pk_as_rep_encKeyPack:
- asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
- break;
+ asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+ break;
default:
- return ASN1_MISSING_FIELD;
- }
+ return ASN1_MISSING_FIELD;
+ }
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_rep_draft9(asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen)
{
- asn1_setup();
+ asn1_setup();
- switch (val->choice)
- {
+ switch (val->choice)
+ {
case choice_pa_pk_as_rep_draft9_dhSignedData:
- asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
- break;
+ asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
+ break;
case choice_pa_pk_as_rep_encKeyPack:
- asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
- break;
+ asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+ break;
default:
- return ASN1_MISSING_FIELD;
- }
+ return ASN1_MISSING_FIELD;
+ }
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_td_trusted_certifiers(asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen)
{
- asn1_setup();
- retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
- if (retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- asn1_cleanup();
+ asn1_setup();
+ retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_typed_data(asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen)
{
- asn1_setup();
- int i;
+ asn1_setup();
+ int i;
- if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+ if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
- for(i=0; val[i] != NULL; i++);
- for(i--; i>=0; i--){
- retval = asn1_encode_typed_data(buf,val[i],&length);
- if(retval) return retval;
- sum += length;
- }
- asn1_makeseq();
+ for (i=0; val[i] != NULL; i++);
+ for (i--; i>=0; i--) {
+ retval = asn1_encode_typed_data(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
+ }
+ asn1_makeseq();
- asn1_cleanup();
+ asn1_cleanup();
}
asn1_error_code asn1_encode_typed_data(asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen)
{
- asn1_setup();
- asn1_addlenfield(val->length, val->data, 1, asn1_encode_octetstring);
- asn1_addfield(val->type, 0, asn1_encode_integer);
- asn1_makeseq();
- asn1_cleanup();
+ asn1_setup();
+ asn1_addlenfield(val->length, val->data, 1, asn1_encode_octetstring);
+ asn1_addfield(val->type, 0, asn1_encode_integer);
+ asn1_makeseq();
+ asn1_cleanup();
}
#endif /* DISABLE_PKINIT */
asn1_tagnum tagnum, unsigned int in_len,
unsigned int *retlen)
{
- return asn1_make_tag(buf,asn1class,CONSTRUCTED,tagnum,in_len,retlen);
+ return asn1_make_tag(buf,asn1class,CONSTRUCTED,tagnum,in_len,retlen);
}
asn1_tagnum tagnum, unsigned int in_len,
unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int sumlen=0, length;
+ asn1_error_code retval;
+ unsigned int sumlen=0, length;
- if(tagnum > ASN1_TAGNUM_MAX) return ASN1_OVERFLOW;
+ if (tagnum > ASN1_TAGNUM_MAX) return ASN1_OVERFLOW;
- retval = asn1_make_length(buf,in_len, &length);
- if(retval) return retval;
- sumlen += length;
- retval = asn1_make_id(buf,asn1class,construction,tagnum,&length);
- if(retval) return retval;
- sumlen += length;
+ retval = asn1_make_length(buf,in_len, &length);
+ if (retval) return retval;
+ sumlen += length;
+ retval = asn1_make_id(buf,asn1class,construction,tagnum,&length);
+ if (retval) return retval;
+ sumlen += length;
- *retlen = sumlen;
- return 0;
+ *retlen = sumlen;
+ return 0;
}
asn1_error_code asn1_make_length(asn1buf *buf, const unsigned int in_len, unsigned int *retlen)
{
- asn1_error_code retval;
-
- if(in_len < 128){
- retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
- if(retval) return retval;
- *retlen = 1;
- }else{
- int in_copy=in_len, length=0;
-
- while(in_copy != 0){
- retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
- if(retval) return retval;
- in_copy = in_copy >> 8;
- length++;
+ asn1_error_code retval;
+
+ if (in_len < 128) {
+ retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
+ if (retval) return retval;
+ *retlen = 1;
+ } else {
+ int in_copy=in_len, length=0;
+
+ while (in_copy != 0) {
+ retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
+ if (retval) return retval;
+ in_copy = in_copy >> 8;
+ length++;
+ }
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
+ if (retval) return retval;
+ length++;
+ *retlen = length;
}
- retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
- if(retval) return retval;
- length++;
- *retlen = length;
- }
- return 0;
+ return 0;
}
asn1_error_code asn1_make_id(asn1buf *buf, asn1_class asn1class,
asn1_construction construction,
asn1_tagnum tagnum, unsigned int *retlen)
{
- asn1_error_code retval;
-
- if(tagnum < 31) {
- retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
- (asn1_octet)tagnum));
- if(retval) return retval;
- *retlen = 1;
- }else{
- asn1_tagnum tagcopy = tagnum;
- int length = 0;
-
- retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
- if(retval) return retval;
- tagcopy >>= 7;
- length++;
-
- for(; tagcopy != 0; tagcopy >>= 7){
- retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
- if(retval) return retval;
- length++;
+ asn1_error_code retval;
+
+ if (tagnum < 31) {
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
+ (asn1_octet)tagnum));
+ if (retval) return retval;
+ *retlen = 1;
+ } else {
+ asn1_tagnum tagcopy = tagnum;
+ int length = 0;
+
+ retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
+ if (retval) return retval;
+ tagcopy >>= 7;
+ length++;
+
+ for (; tagcopy != 0; tagcopy >>= 7) {
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
+ if (retval) return retval;
+ length++;
+ }
+
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
+ if (retval) return retval;
+ length++;
+ *retlen = length;
}
- retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
- if(retval) return retval;
- length++;
- *retlen = length;
- }
-
- return 0;
+ return 0;
}
asn1_error_code asn1_make_sequence(asn1buf *buf, const unsigned int seq_len, unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int len, sum=0;
-
- retval = asn1_make_length(buf,seq_len,&len);
- if(retval) return retval;
- sum += len;
- retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SEQUENCE,&len);
- if(retval) return retval;
- sum += len;
-
- *retlen = sum;
- return 0;
+ asn1_error_code retval;
+ unsigned int len, sum=0;
+
+ retval = asn1_make_length(buf,seq_len,&len);
+ if (retval) return retval;
+ sum += len;
+ retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SEQUENCE,&len);
+ if (retval) return retval;
+ sum += len;
+
+ *retlen = sum;
+ return 0;
}
asn1_error_code asn1_make_set(asn1buf *buf, const unsigned int set_len, unsigned int *retlen)
{
- asn1_error_code retval;
- unsigned int len, sum=0;
-
- retval = asn1_make_length(buf,set_len,&len);
- if(retval) return retval;
- sum += len;
- retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SET,&len);
- if(retval) return retval;
- sum += len;
-
- *retlen = sum;
- return 0;
+ asn1_error_code retval;
+ unsigned int len, sum=0;
+
+ retval = asn1_make_length(buf,set_len,&len);
+ if (retval) return retval;
+ sum += len;
+ retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SET,&len);
+ if (retval) return retval;
+ sum += len;
+
+ *retlen = sum;
+ return 0;
}
asn1_error_code asn1_make_string(asn1buf *buf, const unsigned int length, const char *string, int *retlen)
{
- asn1_error_code retval;
+ asn1_error_code retval;
- retval = asn1buf_insert_charstring(buf,length,string);
- if(retval) return retval;
+ retval = asn1buf_insert_charstring(buf,length,string);
+ if (retval) return retval;
- *retlen = length;
- return 0;
+ *retlen = length;
+ return 0;
}
asn1_error_code asn1_krb5_realm_copy(krb5_principal target, krb5_principal source)
{
- target->realm.length = source->realm.length;
- target->realm.data = (char*)malloc(target->realm.length); /* copy realm */
- if (target->realm.data == NULL) return ENOMEM;
- memcpy(target->realm.data,source->realm.data, /* to client */
- target->realm.length);
- return 0;
+ target->realm.length = source->realm.length;
+ target->realm.data = (char*)malloc(target->realm.length); /* copy realm */
+ if (target->realm.data == NULL) return ENOMEM;
+ memcpy(target->realm.data,source->realm.data, /* to client */
+ target->realm.length);
+ return 0;
}
asn1_error_code asn1buf_create(asn1buf **buf)
{
- *buf = (asn1buf*)malloc(sizeof(asn1buf));
- if (*buf == NULL) return ENOMEM;
- (*buf)->base = NULL;
- (*buf)->bound = NULL;
- (*buf)->next = NULL;
- return 0;
+ *buf = (asn1buf*)malloc(sizeof(asn1buf));
+ if (*buf == NULL) return ENOMEM;
+ (*buf)->base = NULL;
+ (*buf)->bound = NULL;
+ (*buf)->next = NULL;
+ return 0;
}
asn1_error_code asn1buf_wrap_data(asn1buf *buf, const krb5_data *code)
{
- if(code == NULL || code->data == NULL) return ASN1_MISSING_FIELD;
- buf->next = buf->base = code->data;
- buf->bound = code->data + code->length - 1;
- return 0;
+ if (code == NULL || code->data == NULL) return ASN1_MISSING_FIELD;
+ buf->next = buf->base = code->data;
+ buf->bound = code->data + code->length - 1;
+ return 0;
}
asn1_error_code asn1buf_imbed(asn1buf *subbuf, const asn1buf *buf, const unsigned int length, const int indef)
{
- subbuf->base = subbuf->next = buf->next;
- if (!indef) {
- subbuf->bound = subbuf->base + length - 1;
- if (subbuf->bound > buf->bound)
- return ASN1_OVERRUN;
- } else /* constructed indefinite */
- subbuf->bound = buf->bound;
- return 0;
+ subbuf->base = subbuf->next = buf->next;
+ if (!indef) {
+ subbuf->bound = subbuf->base + length - 1;
+ if (subbuf->bound > buf->bound)
+ return ASN1_OVERRUN;
+ } else /* constructed indefinite */
+ subbuf->bound = buf->bound;
+ return 0;
}
asn1_error_code asn1buf_sync(asn1buf *buf, asn1buf *subbuf,
asn1_class asn1class, asn1_tagnum lasttag,
unsigned int length, int indef, int seqindef)
{
- asn1_error_code retval;
-
- if (!seqindef) {
- /* sequence was encoded as definite length */
- buf->next = subbuf->bound + 1;
- } else if (!asn1_is_eoc(asn1class, lasttag, indef)) {
- retval = asn1buf_skiptail(subbuf, length, indef);
- if (retval)
- return retval;
- } else {
- /* We have just read the EOC octets. */
- buf->next = subbuf->next;
- }
- return 0;
+ asn1_error_code retval;
+
+ if (!seqindef) {
+ /* sequence was encoded as definite length */
+ buf->next = subbuf->bound + 1;
+ } else if (!asn1_is_eoc(asn1class, lasttag, indef)) {
+ retval = asn1buf_skiptail(subbuf, length, indef);
+ if (retval)
+ return retval;
+ } else {
+ /* We have just read the EOC octets. */
+ buf->next = subbuf->next;
+ }
+ return 0;
}
asn1_error_code asn1buf_skiptail(asn1buf *buf, const unsigned int length, const int indef)
{
- asn1_error_code retval;
- taginfo t;
- int nestlevel;
-
- nestlevel = 1 + indef;
- if (!indef) {
- if (length <= buf->bound - buf->next + 1)
- buf->next += length;
- else
- return ASN1_OVERRUN;
- }
- while (nestlevel > 0) {
- if (buf->bound - buf->next + 1 <= 0)
- return ASN1_OVERRUN;
- retval = asn1_get_tag_2(buf, &t);
- if (retval) return retval;
- if (!t.indef) {
- if (t.length <= buf->bound - buf->next + 1)
- buf->next += t.length;
- else
- return ASN1_OVERRUN;
+ asn1_error_code retval;
+ taginfo t;
+ int nestlevel;
+
+ nestlevel = 1 + indef;
+ if (!indef) {
+ if (length <= buf->bound - buf->next + 1)
+ buf->next += length;
+ else
+ return ASN1_OVERRUN;
+ }
+ while (nestlevel > 0) {
+ if (buf->bound - buf->next + 1 <= 0)
+ return ASN1_OVERRUN;
+ retval = asn1_get_tag_2(buf, &t);
+ if (retval) return retval;
+ if (!t.indef) {
+ if (t.length <= buf->bound - buf->next + 1)
+ buf->next += t.length;
+ else
+ return ASN1_OVERRUN;
+ }
+ if (t.indef)
+ nestlevel++;
+ if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
+ nestlevel--; /* got an EOC encoding */
}
- if (t.indef)
- nestlevel++;
- if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
- nestlevel--; /* got an EOC encoding */
- }
- return 0;
+ return 0;
}
asn1_error_code asn1buf_destroy(asn1buf **buf)
{
- if (*buf != NULL) {
- free((*buf)->base);
- free(*buf);
- *buf = NULL;
- }
- return 0;
+ if (*buf != NULL) {
+ free((*buf)->base);
+ free(*buf);
+ *buf = NULL;
+ }
+ return 0;
}
#ifdef asn1buf_insert_octet
#endif
asn1_error_code asn1buf_insert_octet(asn1buf *buf, const int o)
{
- asn1_error_code retval;
+ asn1_error_code retval;
- retval = asn1buf_ensure_space(buf,1U);
- if(retval) return retval;
- *(buf->next) = (char)o;
- (buf->next)++;
- return 0;
+ retval = asn1buf_ensure_space(buf,1U);
+ if (retval) return retval;
+ *(buf->next) = (char)o;
+ (buf->next)++;
+ return 0;
}
asn1_error_code asn1buf_insert_octetstring(asn1buf *buf, const unsigned int len, const krb5_octet *s)
{
- asn1_error_code retval;
- unsigned int length;
-
- retval = asn1buf_ensure_space(buf,len);
- if(retval) return retval;
- for(length=1; length<=len; length++,(buf->next)++)
- *(buf->next) = (char)(s[len-length]);
- return 0;
+ asn1_error_code retval;
+ unsigned int length;
+
+ retval = asn1buf_ensure_space(buf,len);
+ if (retval) return retval;
+ for (length=1; length<=len; length++,(buf->next)++)
+ *(buf->next) = (char)(s[len-length]);
+ return 0;
}
asn1_error_code asn1buf_insert_charstring(asn1buf *buf, const unsigned int len, const char *s)
{
- asn1_error_code retval;
- unsigned int length;
-
- retval = asn1buf_ensure_space(buf,len);
- if(retval) return retval;
- for(length=1; length<=len; length++,(buf->next)++)
- *(buf->next) = (char)(s[len-length]);
- return 0;
+ asn1_error_code retval;
+ unsigned int length;
+
+ retval = asn1buf_ensure_space(buf,len);
+ if (retval) return retval;
+ for (length=1; length<=len; length++,(buf->next)++)
+ *(buf->next) = (char)(s[len-length]);
+ return 0;
}
#undef asn1buf_remove_octet
asn1_error_code asn1buf_remove_octet(asn1buf *buf, asn1_octet *o)
{
- if(buf->next > buf->bound) return ASN1_OVERRUN;
- *o = (asn1_octet)(*((buf->next)++));
- return 0;
+ if (buf->next > buf->bound) return ASN1_OVERRUN;
+ *o = (asn1_octet)(*((buf->next)++));
+ return 0;
}
asn1_error_code asn1buf_remove_octetstring(asn1buf *buf, const unsigned int len, asn1_octet **s)
{
- unsigned int i;
-
- if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
- if (len == 0) {
- *s = 0;
- return 0;
- }
- *s = (asn1_octet*)malloc(len*sizeof(asn1_octet));
- if (*s == NULL)
- return ENOMEM;
- for(i=0; i<len; i++)
- (*s)[i] = (asn1_octet)(buf->next)[i];
- buf->next += len;
- return 0;
+ unsigned int i;
+
+ if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
+ if (len == 0) {
+ *s = 0;
+ return 0;
+ }
+ *s = (asn1_octet*)malloc(len*sizeof(asn1_octet));
+ if (*s == NULL)
+ return ENOMEM;
+ for (i=0; i<len; i++)
+ (*s)[i] = (asn1_octet)(buf->next)[i];
+ buf->next += len;
+ return 0;
}
asn1_error_code asn1buf_remove_charstring(asn1buf *buf, const unsigned int len, char **s)
{
- unsigned int i;
-
- if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
- if (len == 0) {
- *s = 0;
- return 0;
- }
- *s = (char*)malloc(len*sizeof(char));
- if (*s == NULL) return ENOMEM;
- for(i=0; i<len; i++)
- (*s)[i] = (char)(buf->next)[i];
- buf->next += len;
- return 0;
+ unsigned int i;
+
+ if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
+ if (len == 0) {
+ *s = 0;
+ return 0;
+ }
+ *s = (char*)malloc(len*sizeof(char));
+ if (*s == NULL) return ENOMEM;
+ for (i=0; i<len; i++)
+ (*s)[i] = (char)(buf->next)[i];
+ buf->next += len;
+ return 0;
}
int asn1buf_remains(asn1buf *buf, int indef)
{
- int remain;
- if(buf == NULL || buf->base == NULL) return 0;
- remain = buf->bound - buf->next +1;
- if (remain <= 0) return remain;
- /*
- * Two 0 octets means the end of an indefinite encoding.
- */
- if (indef && remain >= 2 && !*(buf->next) && !*(buf->next + 1))
- return 0;
- else return remain;
+ int remain;
+ if (buf == NULL || buf->base == NULL) return 0;
+ remain = buf->bound - buf->next +1;
+ if (remain <= 0) return remain;
+ /*
+ * Two 0 octets means the end of an indefinite encoding.
+ */
+ if (indef && remain >= 2 && !*(buf->next) && !*(buf->next + 1))
+ return 0;
+ else return remain;
}
asn1_error_code asn12krb5_buf(const asn1buf *buf, krb5_data **code)
{
- unsigned int i;
- *code = (krb5_data*)calloc(1,sizeof(krb5_data));
- if(*code == NULL) return ENOMEM;
- (*code)->magic = KV5M_DATA;
- (*code)->data = NULL;
- (*code)->length = 0;
- (*code)->length = asn1buf_len(buf);
- (*code)->data = (char*)malloc((((*code)->length)+1)*sizeof(char));
- if ((*code)->data == NULL) {
- free(*code);
- *code = NULL;
- return ENOMEM;
- }
- for(i=0; i < (*code)->length; i++)
- ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
- ((*code)->data)[(*code)->length] = '\0';
- return 0;
+ unsigned int i;
+ *code = (krb5_data*)calloc(1,sizeof(krb5_data));
+ if (*code == NULL) return ENOMEM;
+ (*code)->magic = KV5M_DATA;
+ (*code)->data = NULL;
+ (*code)->length = 0;
+ (*code)->length = asn1buf_len(buf);
+ (*code)->data = (char*)malloc((((*code)->length)+1)*sizeof(char));
+ if ((*code)->data == NULL) {
+ free(*code);
+ *code = NULL;
+ return ENOMEM;
+ }
+ for (i=0; i < (*code)->length; i++)
+ ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
+ ((*code)->data)[(*code)->length] = '\0';
+ return 0;
}
asn1_error_code asn1buf_unparse(const asn1buf *buf, char **s)
{
- free(*s);
- if(buf == NULL){
- *s = malloc(sizeof("<NULL>"));
- if(*s == NULL) return ENOMEM;
- strcpy(*s,"<NULL>");
- }else if(buf->base == NULL){
- *s = malloc(sizeof("<EMPTY>"));
- if(*s == NULL) return ENOMEM;
- strcpy(*s,"<EMPTY>");
- }else{
- unsigned int length = asn1buf_len(buf);
- unsigned int i;
-
- *s = calloc(length+1, sizeof(char));
- if(*s == NULL) return ENOMEM;
- (*s)[length] = '\0';
- for(i=0; i<length; i++) ;
+ free(*s);
+ if (buf == NULL) {
+ *s = malloc(sizeof("<NULL>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<NULL>");
+ } else if (buf->base == NULL) {
+ *s = malloc(sizeof("<EMPTY>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<EMPTY>");
+ } else {
+ unsigned int length = asn1buf_len(buf);
+ unsigned int i;
+
+ *s = calloc(length+1, sizeof(char));
+ if (*s == NULL) return ENOMEM;
+ (*s)[length] = '\0';
+ for (i=0; i<length; i++) ;
/* OLDDECLARG( (*s)[i] = , (buf->base)[length-i-1]) */
- }
- return 0;
+ }
+ return 0;
}
asn1_error_code asn1buf_hex_unparse(const asn1buf *buf, char **s)
{
-#define hexchar(d) ((d)<=9 ? ('0'+(d)) :\
- ((d)<=15 ? ('A'+(d)-10) :\
- 'X'))
-
- free(*s);
-
- if(buf == NULL){
- *s = malloc(sizeof("<NULL>"));
- if(*s == NULL) return ENOMEM;
- strcpy(*s,"<NULL>");
- }else if(buf->base == NULL){
- *s = malloc(sizeof("<EMPTY>"));
- if(*s == NULL) return ENOMEM;
- strcpy(*s,"<EMPTY>");
- }else{
- unsigned int length = asn1buf_len(buf);
- int i;
-
- *s = malloc(3*length);
- if(*s == NULL) return ENOMEM;
- for(i = length-1; i >= 0; i--){
- (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
- (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
- (*s)[3*(length-i-1)+2] = ' ';
+#define hexchar(d) ((d)<=9 ? ('0'+(d)) : \
+ ((d)<=15 ? ('A'+(d)-10) : \
+ 'X'))
+
+ free(*s);
+
+ if (buf == NULL) {
+ *s = malloc(sizeof("<NULL>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<NULL>");
+ } else if (buf->base == NULL) {
+ *s = malloc(sizeof("<EMPTY>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<EMPTY>");
+ } else {
+ unsigned int length = asn1buf_len(buf);
+ int i;
+
+ *s = malloc(3*length);
+ if (*s == NULL) return ENOMEM;
+ for (i = length-1; i >= 0; i--) {
+ (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
+ (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
+ (*s)[3*(length-i-1)+2] = ' ';
+ }
+ (*s)[3*length-1] = '\0';
}
- (*s)[3*length-1] = '\0';
- }
- return 0;
+ return 0;
}
/****************************************************************/
#undef asn1buf_size
int asn1buf_size(const asn1buf *buf)
{
- if(buf == NULL || buf->base == NULL) return 0;
- return buf->bound - buf->base + 1;
+ if (buf == NULL || buf->base == NULL) return 0;
+ return buf->bound - buf->base + 1;
}
#undef asn1buf_free
unsigned int asn1buf_free(const asn1buf *buf)
{
- if(buf == NULL || buf->base == NULL) return 0;
- else return buf->bound - buf->next + 1;
+ if (buf == NULL || buf->base == NULL) return 0;
+ else return buf->bound - buf->next + 1;
}
#undef asn1buf_ensure_space
asn1_error_code asn1buf_ensure_space(asn1buf *buf, const unsigned int amount)
{
- int avail = asn1buf_free(buf);
- if(avail < amount){
- asn1_error_code retval = asn1buf_expand(buf, amount-avail);
- if(retval) return retval;
- }
- return 0;
+ int avail = asn1buf_free(buf);
+ if (avail < amount) {
+ asn1_error_code retval = asn1buf_expand(buf, amount-avail);
+ if (retval) return retval;
+ }
+ return 0;
}
asn1_error_code asn1buf_expand(asn1buf *buf, unsigned int inc)
{
#define STANDARD_INCREMENT 200
- int next_offset = buf->next - buf->base;
- int bound_offset;
- if (buf->base == NULL) bound_offset = -1;
- else bound_offset = buf->bound - buf->base;
-
- if (inc < STANDARD_INCREMENT)
- inc = STANDARD_INCREMENT;
-
- if (buf->base == NULL)
- buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
- else
- buf->base = realloc(buf->base,
- (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
- if (buf->base == NULL) return ENOMEM;
- buf->bound = (buf->base) + bound_offset + inc;
- buf->next = (buf->base) + next_offset;
- return 0;
+ int next_offset = buf->next - buf->base;
+ int bound_offset;
+ if (buf->base == NULL) bound_offset = -1;
+ else bound_offset = buf->bound - buf->base;
+
+ if (inc < STANDARD_INCREMENT)
+ inc = STANDARD_INCREMENT;
+
+ if (buf->base == NULL)
+ buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+ else
+ buf->base = realloc(buf->base,
+ (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+ if (buf->base == NULL) return ENOMEM;
+ buf->bound = (buf->base) + bound_offset + inc;
+ buf->next = (buf->base) + next_offset;
+ return 0;
}
#undef asn1buf_len
int asn1buf_len(const asn1buf *buf)
{
- return buf->next - buf->base;
+ return buf->next - buf->base;
}
#if ((__GNUC__ >= 2) && !defined(ASN1BUF_OMIT_INLINE_FUNCS)) && !defined(CONFIG_SMALL)
extern __inline__ asn1_error_code asn1buf_insert_octet(asn1buf *buf, const int o)
{
- asn1_error_code retval;
+ asn1_error_code retval;
- retval = asn1buf_ensure_space(buf,1U);
- if(retval) return retval;
- *(buf->next) = (char)o;
- (buf->next)++;
- return 0;
+ retval = asn1buf_ensure_space(buf,1U);
+ if (retval) return retval;
+ *(buf->next) = (char)o;
+ (buf->next)++;
+ return 0;
}
#endif
asn1buf buf;\
\
retval = asn1buf_wrap_data(&buf,code);\
-if(retval) return retval
+if (retval) return retval
#define setup_no_tagnum()\
asn1_class asn1class;\
/* alloc_field is the first thing to allocate storage that may need cleanup */
#define alloc_field(var,type)\
var = (type*)calloc(1,sizeof(type));\
-if((var) == NULL) clean_return(ENOMEM)
+if ((var) == NULL) clean_return(ENOMEM)
/* process encoding header ***************************************/
/* decode tag and check that it == [APPLICATION tagnum] */
#define next_tag() \
{ taginfo t2; \
retval = asn1_get_tag_2(&subbuf, &t2); \
- if(retval) clean_return(retval); \
+ if (retval) clean_return(retval); \
asn1class = t2.asn1class; \
construction = t2.construction; \
tagnum = t2.tagnum; \
int seqindef;\
int indef;\
retval = asn1_get_sequence(&buf,&length,&seqindef);\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
retval = asn1buf_imbed(&subbuf,&buf,length,seqindef);\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
next_tag()
#define end_structure()\
/* normal fields ************************/
#define get_field_body(var,decoder)\
retval = decoder(&subbuf,&(var));\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
if (indef) { get_eoc(); }\
next_tag()
get the next tag */
#define get_field(var,tagexpect,decoder)\
error_if_bad_tag(tagexpect);\
-if(asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
+if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
clean_return(ASN1_BAD_ID);\
get_field_body(var,decoder)
/* field w/ accompanying length *********/
#define get_lenfield_body(len,var,decoder)\
retval = decoder(&subbuf,&(len),&(var));\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
if (indef) { get_eoc(); }\
next_tag()
/* decode a field w/ its length (for string types) */
#define get_lenfield(len,var,tagexpect,decoder)\
error_if_bad_tag(tagexpect);\
-if(asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
+if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
clean_return(ASN1_BAD_ID);\
get_lenfield_body(len,var,decoder)
krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authenticator **rep)
{
- setup();
- alloc_field(*rep,krb5_authenticator);
- clear_field(rep,subkey);
- clear_field(rep,checksum);
- clear_field(rep,client);
-
- check_apptag(2);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- alloc_field((*rep)->client,krb5_principal_data);
- get_field((*rep)->client,1,asn1_decode_realm);
- get_field((*rep)->client,2,asn1_decode_principal_name);
- if(tagnum == 3){
- alloc_field((*rep)->checksum,krb5_checksum);
- get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
- get_field((*rep)->cusec,4,asn1_decode_int32);
- get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
- if(tagnum == 6){ alloc_field((*rep)->subkey,krb5_keyblock); }
- opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
- opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
- opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
- (*rep)->magic = KV5M_AUTHENTICATOR;
- end_structure();
- }
- cleanup_manual();
+ setup();
+ alloc_field(*rep,krb5_authenticator);
+ clear_field(rep,subkey);
+ clear_field(rep,checksum);
+ clear_field(rep,client);
+
+ check_apptag(2);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ alloc_field((*rep)->client,krb5_principal_data);
+ get_field((*rep)->client,1,asn1_decode_realm);
+ get_field((*rep)->client,2,asn1_decode_principal_name);
+ if (tagnum == 3) {
+ alloc_field((*rep)->checksum,krb5_checksum);
+ get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
+ get_field((*rep)->cusec,4,asn1_decode_int32);
+ get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
+ if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); }
+ opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
+ opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
+ opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
+ (*rep)->magic = KV5M_AUTHENTICATOR;
+ end_structure();
+ }
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,subkey);
- free_field(*rep,checksum);
- free_field(*rep,client);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,subkey);
+ free_field(*rep,checksum);
+ free_field(*rep,client);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code
krb5_error_code decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep)
{
- setup();
- alloc_field(*rep,krb5_ticket);
- clear_field(rep,server);
+ setup();
+ alloc_field(*rep,krb5_ticket);
+ clear_field(rep,server);
- check_apptag(1);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
+ check_apptag(1);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
+ }
+ alloc_field((*rep)->server,krb5_principal_data);
+ get_field((*rep)->server,1,asn1_decode_realm);
+ get_field((*rep)->server,2,asn1_decode_principal_name);
+ get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+ (*rep)->magic = KV5M_TICKET;
+ end_structure();
}
- alloc_field((*rep)->server,krb5_principal_data);
- get_field((*rep)->server,1,asn1_decode_realm);
- get_field((*rep)->server,2,asn1_decode_principal_name);
- get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
- (*rep)->magic = KV5M_TICKET;
- end_structure();
- }
- cleanup_manual();
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,server);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,server);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_encryption_key(const krb5_data *code, krb5_keyblock **rep)
{
- setup();
- alloc_field(*rep,krb5_keyblock);
-
- { begin_structure();
- get_field((*rep)->enctype,0,asn1_decode_enctype);
- get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
- end_structure();
- (*rep)->magic = KV5M_KEYBLOCK;
- }
- cleanup(free);
+ setup();
+ alloc_field(*rep,krb5_keyblock);
+
+ { begin_structure();
+ get_field((*rep)->enctype,0,asn1_decode_enctype);
+ get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
+ end_structure();
+ (*rep)->magic = KV5M_KEYBLOCK;
+ }
+ cleanup(free);
}
krb5_error_code decode_krb5_enc_tkt_part(const krb5_data *code, krb5_enc_tkt_part **rep)
{
- setup();
- alloc_field(*rep,krb5_enc_tkt_part);
- clear_field(rep,session);
- clear_field(rep,client);
-
- check_apptag(3);
- { begin_structure();
- get_field((*rep)->flags,0,asn1_decode_ticket_flags);
- alloc_field((*rep)->session,krb5_keyblock);
- get_field(*((*rep)->session),1,asn1_decode_encryption_key);
- alloc_field((*rep)->client,krb5_principal_data);
- get_field((*rep)->client,2,asn1_decode_realm);
- get_field((*rep)->client,3,asn1_decode_principal_name);
- get_field((*rep)->transited,4,asn1_decode_transited_encoding);
- get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
- if (tagnum == 6)
- { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
- else
- (*rep)->times.starttime=(*rep)->times.authtime;
- get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
- opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
- opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
- opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
- (*rep)->magic = KV5M_ENC_TKT_PART;
- end_structure();
- }
- cleanup_manual();
+ setup();
+ alloc_field(*rep,krb5_enc_tkt_part);
+ clear_field(rep,session);
+ clear_field(rep,client);
+
+ check_apptag(3);
+ { begin_structure();
+ get_field((*rep)->flags,0,asn1_decode_ticket_flags);
+ alloc_field((*rep)->session,krb5_keyblock);
+ get_field(*((*rep)->session),1,asn1_decode_encryption_key);
+ alloc_field((*rep)->client,krb5_principal_data);
+ get_field((*rep)->client,2,asn1_decode_realm);
+ get_field((*rep)->client,3,asn1_decode_principal_name);
+ get_field((*rep)->transited,4,asn1_decode_transited_encoding);
+ get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
+ if (tagnum == 6)
+ { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
+ else
+ (*rep)->times.starttime=(*rep)->times.authtime;
+ get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
+ opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
+ opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
+ opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
+ (*rep)->magic = KV5M_ENC_TKT_PART;
+ end_structure();
+ }
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,session);
- free_field(*rep,client);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,session);
+ free_field(*rep,client);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_enc_kdc_rep_part(const krb5_data *code, krb5_enc_kdc_rep_part **rep)
{
- taginfo t4;
- setup_buf_only();
- alloc_field(*rep,krb5_enc_kdc_rep_part);
+ taginfo t4;
+ setup_buf_only();
+ alloc_field(*rep,krb5_enc_kdc_rep_part);
- retval = asn1_get_tag_2(&buf, &t4);
- if (retval) clean_return(retval);
- if (t4.asn1class != APPLICATION || t4.construction != CONSTRUCTED) clean_return(ASN1_BAD_ID);
- if (t4.tagnum == 25) (*rep)->msg_type = KRB5_AS_REP;
- else if(t4.tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP;
- else clean_return(KRB5_BADMSGTYPE);
+ retval = asn1_get_tag_2(&buf, &t4);
+ if (retval) clean_return(retval);
+ if (t4.asn1class != APPLICATION || t4.construction != CONSTRUCTED) clean_return(ASN1_BAD_ID);
+ if (t4.tagnum == 25) (*rep)->msg_type = KRB5_AS_REP;
+ else if (t4.tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP;
+ else clean_return(KRB5_BADMSGTYPE);
- retval = asn1_decode_enc_kdc_rep_part(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_enc_kdc_rep_part(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_as_rep(const krb5_data *code, krb5_kdc_rep **rep)
{
- setup_no_length();
- alloc_field(*rep,krb5_kdc_rep);
+ setup_no_length();
+ alloc_field(*rep,krb5_kdc_rep);
- check_apptag(11);
- retval = asn1_decode_kdc_rep(&buf,*rep);
- if(retval) clean_return(retval);
+ check_apptag(11);
+ retval = asn1_decode_kdc_rep(&buf,*rep);
+ if (retval) clean_return(retval);
#ifdef KRB5_MSGTYPE_STRICT
- if((*rep)->msg_type != KRB5_AS_REP)
- clean_return(KRB5_BADMSGTYPE);
+ if ((*rep)->msg_type != KRB5_AS_REP)
+ clean_return(KRB5_BADMSGTYPE);
#endif
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_tgs_rep(const krb5_data *code, krb5_kdc_rep **rep)
{
- setup_no_length();
- alloc_field(*rep,krb5_kdc_rep);
+ setup_no_length();
+ alloc_field(*rep,krb5_kdc_rep);
- check_apptag(13);
- retval = asn1_decode_kdc_rep(&buf,*rep);
- if(retval) clean_return(retval);
+ check_apptag(13);
+ retval = asn1_decode_kdc_rep(&buf,*rep);
+ if (retval) clean_return(retval);
#ifdef KRB5_MSGTYPE_STRICT
- if((*rep)->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE);
+ if ((*rep)->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE);
#endif
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **rep)
{
- setup();
- alloc_field(*rep,krb5_ap_req);
- clear_field(rep,ticket);
-
- check_apptag(14);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ setup();
+ alloc_field(*rep,krb5_ap_req);
+ clear_field(rep,ticket);
+
+ check_apptag(14);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if(msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
#endif
+ }
+ get_field((*rep)->ap_options,2,asn1_decode_ap_options);
+ alloc_field((*rep)->ticket,krb5_ticket);
+ get_field(*((*rep)->ticket),3,asn1_decode_ticket);
+ get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
+ end_structure();
+ (*rep)->magic = KV5M_AP_REQ;
}
- get_field((*rep)->ap_options,2,asn1_decode_ap_options);
- alloc_field((*rep)->ticket,krb5_ticket);
- get_field(*((*rep)->ticket),3,asn1_decode_ticket);
- get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
- end_structure();
- (*rep)->magic = KV5M_AP_REQ;
- }
- cleanup_manual();
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,ticket);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,ticket);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **rep)
{
- setup();
- alloc_field(*rep,krb5_ap_rep);
-
- check_apptag(15);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ setup();
+ alloc_field(*rep,krb5_ap_rep);
+
+ check_apptag(15);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if(msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
#endif
+ }
+ get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
+ end_structure();
+ (*rep)->magic = KV5M_AP_REP;
}
- get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
- end_structure();
- (*rep)->magic = KV5M_AP_REP;
- }
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_ap_rep_enc_part(const krb5_data *code, krb5_ap_rep_enc_part **rep)
{
- setup();
- alloc_field(*rep,krb5_ap_rep_enc_part);
- clear_field(rep,subkey);
-
- check_apptag(27);
- { begin_structure();
- get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
- get_field((*rep)->cusec,1,asn1_decode_int32);
- if(tagnum == 2){ alloc_field((*rep)->subkey,krb5_keyblock); }
- opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
- opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
- end_structure();
- (*rep)->magic = KV5M_AP_REP_ENC_PART;
- }
- cleanup_manual();
+ setup();
+ alloc_field(*rep,krb5_ap_rep_enc_part);
+ clear_field(rep,subkey);
+
+ check_apptag(27);
+ { begin_structure();
+ get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
+ get_field((*rep)->cusec,1,asn1_decode_int32);
+ if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); }
+ opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
+ opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+ end_structure();
+ (*rep)->magic = KV5M_AP_REP_ENC_PART;
+ }
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,subkey);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,subkey);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_as_req(const krb5_data *code, krb5_kdc_req **rep)
{
- setup_no_length();
- alloc_field(*rep,krb5_kdc_req);
+ setup_no_length();
+ alloc_field(*rep,krb5_kdc_req);
- check_apptag(10);
- retval = asn1_decode_kdc_req(&buf,*rep);
- if(retval) clean_return(retval);
+ check_apptag(10);
+ retval = asn1_decode_kdc_req(&buf,*rep);
+ if (retval) clean_return(retval);
#ifdef KRB5_MSGTYPE_STRICT
- if((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
+ if ((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
#endif
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_tgs_req(const krb5_data *code, krb5_kdc_req **rep)
{
- setup_no_length();
- alloc_field(*rep,krb5_kdc_req);
+ setup_no_length();
+ alloc_field(*rep,krb5_kdc_req);
- check_apptag(12);
- retval = asn1_decode_kdc_req(&buf,*rep);
- if(retval) clean_return(retval);
+ check_apptag(12);
+ retval = asn1_decode_kdc_req(&buf,*rep);
+ if (retval) clean_return(retval);
#ifdef KRB5_MSGTYPE_STRICT
- if((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
+ if ((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
#endif
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_kdc_req);
+ setup_buf_only();
+ alloc_field(*rep,krb5_kdc_req);
- retval = asn1_decode_kdc_req_body(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_kdc_req_body(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
/*
* encoded KRB-SAFE-BODY points into the input buffer.
*/
krb5_error_code decode_krb5_safe_with_body(
- const krb5_data *code,
- krb5_safe **rep,
- krb5_data *body)
+ const krb5_data *code,
+ krb5_safe **rep,
+ krb5_data *body)
{
- krb5_data tmpbody;
- setup();
- alloc_field(*rep,krb5_safe);
- clear_field(rep,checksum);
- tmpbody.magic = 0;
-
- check_apptag(20);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ krb5_data tmpbody;
+ setup();
+ alloc_field(*rep,krb5_safe);
+ clear_field(rep,checksum);
+ tmpbody.magic = 0;
+
+ check_apptag(20);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if(msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
#endif
+ }
+ /*
+ * Gross kludge to extract pointer to encoded safe-body. Relies
+ * on tag prefetch done by next_tag(). Don't handle indefinite
+ * encoding, as it's too much work.
+ */
+ if (!indef) {
+ tmpbody.length = taglen;
+ tmpbody.data = subbuf.next;
+ } else {
+ tmpbody.length = 0;
+ tmpbody.data = NULL;
+ }
+ get_field(**rep,2,asn1_decode_krb_safe_body);
+ alloc_field((*rep)->checksum,krb5_checksum);
+ get_field(*((*rep)->checksum),3,asn1_decode_checksum);
+ (*rep)->magic = KV5M_SAFE;
+ end_structure();
}
- /*
- * Gross kludge to extract pointer to encoded safe-body. Relies
- * on tag prefetch done by next_tag(). Don't handle indefinite
- * encoding, as it's too much work.
- */
- if (!indef) {
- tmpbody.length = taglen;
- tmpbody.data = subbuf.next;
- } else {
- tmpbody.length = 0;
- tmpbody.data = NULL;
- }
- get_field(**rep,2,asn1_decode_krb_safe_body);
- alloc_field((*rep)->checksum,krb5_checksum);
- get_field(*((*rep)->checksum),3,asn1_decode_checksum);
- (*rep)->magic = KV5M_SAFE;
- end_structure();
- }
- if (body != NULL)
- *body = tmpbody;
- cleanup_manual();
+ if (body != NULL)
+ *body = tmpbody;
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,checksum);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,checksum);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep)
{
- return decode_krb5_safe_with_body(code, rep, NULL);
+ return decode_krb5_safe_with_body(code, rep, NULL);
}
krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep)
{
- setup();
- alloc_field(*rep,krb5_priv);
-
- check_apptag(21);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ setup();
+ alloc_field(*rep,krb5_priv);
+
+ check_apptag(21);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if(msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
#endif
+ }
+ get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+ (*rep)->magic = KV5M_PRIV;
+ end_structure();
}
- get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
- (*rep)->magic = KV5M_PRIV;
- end_structure();
- }
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_part **rep)
{
- setup();
- alloc_field(*rep,krb5_priv_enc_part);
- clear_field(rep,r_address);
- clear_field(rep,s_address);
-
- check_apptag(28);
- { begin_structure();
- get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
- opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
- opt_field((*rep)->usec,2,asn1_decode_int32);
- opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
- alloc_field((*rep)->s_address,krb5_address);
- get_field(*((*rep)->s_address),4,asn1_decode_host_address);
- if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
- opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
- (*rep)->magic = KV5M_PRIV_ENC_PART;
- end_structure();
- }
- cleanup_manual();
+ setup();
+ alloc_field(*rep,krb5_priv_enc_part);
+ clear_field(rep,r_address);
+ clear_field(rep,s_address);
+
+ check_apptag(28);
+ { begin_structure();
+ get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
+ opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
+ opt_field((*rep)->usec,2,asn1_decode_int32);
+ opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+ alloc_field((*rep)->s_address,krb5_address);
+ get_field(*((*rep)->s_address),4,asn1_decode_host_address);
+ if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+ opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+ (*rep)->magic = KV5M_PRIV_ENC_PART;
+ end_structure();
+ }
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,r_address);
- free_field(*rep,s_address);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,r_address);
+ free_field(*rep,s_address);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **rep)
{
- setup();
- alloc_field(*rep,krb5_cred);
-
- check_apptag(22);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ setup();
+ alloc_field(*rep,krb5_cred);
+
+ check_apptag(22);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if(msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
#endif
+ }
+ get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
+ get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+ (*rep)->magic = KV5M_CRED;
+ end_structure();
}
- get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
- get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
- (*rep)->magic = KV5M_CRED;
- end_structure();
- }
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_enc_cred_part(const krb5_data *code, krb5_cred_enc_part **rep)
{
- setup();
- alloc_field(*rep,krb5_cred_enc_part);
- clear_field(rep,r_address);
- clear_field(rep,s_address);
-
- check_apptag(29);
- { begin_structure();
- get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
- opt_field((*rep)->nonce,1,asn1_decode_int32);
- opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
- opt_field((*rep)->usec,3,asn1_decode_int32);
- if(tagnum == 4){ alloc_field((*rep)->s_address,krb5_address); }
- opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
- if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
- opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
- (*rep)->magic = KV5M_CRED_ENC_PART;
- end_structure();
- }
- cleanup_manual();
+ setup();
+ alloc_field(*rep,krb5_cred_enc_part);
+ clear_field(rep,r_address);
+ clear_field(rep,s_address);
+
+ check_apptag(29);
+ { begin_structure();
+ get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
+ opt_field((*rep)->nonce,1,asn1_decode_int32);
+ opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
+ opt_field((*rep)->usec,3,asn1_decode_int32);
+ if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); }
+ opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
+ if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+ opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+ (*rep)->magic = KV5M_CRED_ENC_PART;
+ end_structure();
+ }
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,r_address);
- free_field(*rep,s_address);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,r_address);
+ free_field(*rep,s_address);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_error(const krb5_data *code, krb5_error **rep)
{
- setup();
- alloc_field(*rep,krb5_error);
- clear_field(rep,server);
- clear_field(rep,client);
+ setup();
+ alloc_field(*rep,krb5_error);
+ clear_field(rep,server);
+ clear_field(rep,client);
- check_apptag(30);
- { begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ check_apptag(30);
+ { begin_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if(msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
#endif
+ }
+ opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
+ opt_field((*rep)->cusec,3,asn1_decode_int32);
+ get_field((*rep)->stime,4,asn1_decode_kerberos_time);
+ get_field((*rep)->susec,5,asn1_decode_int32);
+ get_field((*rep)->error,6,asn1_decode_ui_4);
+ if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); }
+ opt_field((*rep)->client,7,asn1_decode_realm);
+ opt_field((*rep)->client,8,asn1_decode_principal_name);
+ alloc_field((*rep)->server,krb5_principal_data);
+ get_field((*rep)->server,9,asn1_decode_realm);
+ get_field((*rep)->server,10,asn1_decode_principal_name);
+ opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
+ opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
+ (*rep)->magic = KV5M_ERROR;
+ end_structure();
}
- opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
- opt_field((*rep)->cusec,3,asn1_decode_int32);
- get_field((*rep)->stime,4,asn1_decode_kerberos_time);
- get_field((*rep)->susec,5,asn1_decode_int32);
- get_field((*rep)->error,6,asn1_decode_ui_4);
- if(tagnum == 7){ alloc_field((*rep)->client,krb5_principal_data); }
- opt_field((*rep)->client,7,asn1_decode_realm);
- opt_field((*rep)->client,8,asn1_decode_principal_name);
- alloc_field((*rep)->server,krb5_principal_data);
- get_field((*rep)->server,9,asn1_decode_realm);
- get_field((*rep)->server,10,asn1_decode_principal_name);
- opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
- opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
- (*rep)->magic = KV5M_ERROR;
- end_structure();
- }
- cleanup_manual();
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free_field(*rep,server);
- free_field(*rep,client);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free_field(*rep,server);
+ free_field(*rep,client);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_authdata(const krb5_data *code, krb5_authdata ***rep)
{
- setup_buf_only();
- *rep = 0;
- retval = asn1_decode_authorization_data(&buf,rep);
- if(retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here... */
+ setup_buf_only();
+ *rep = 0;
+ retval = asn1_decode_authorization_data(&buf,rep);
+ if (retval) clean_return(retval);
+ cleanup_none(); /* we're not allocating anything here... */
}
krb5_error_code decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **rep)
{
- setup_buf_only();
- alloc_field(*rep,passwd_phrase_element);
- retval = asn1_decode_passwdsequence(&buf,*rep);
- if(retval) clean_return(retval);
- cleanup(free);
+ setup_buf_only();
+ alloc_field(*rep,passwd_phrase_element);
+ retval = asn1_decode_passwdsequence(&buf,*rep);
+ if (retval) clean_return(retval);
+ cleanup(free);
}
krb5_error_code decode_krb5_pwd_data(const krb5_data *code, krb5_pwd_data **rep)
{
- setup();
- alloc_field(*rep,krb5_pwd_data);
- { begin_structure();
- get_field((*rep)->sequence_count,0,asn1_decode_int);
- get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
- (*rep)->magic = KV5M_PWD_DATA;
- end_structure (); }
- cleanup(free);
+ setup();
+ alloc_field(*rep,krb5_pwd_data);
+ { begin_structure();
+ get_field((*rep)->sequence_count,0,asn1_decode_int);
+ get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
+ (*rep)->magic = KV5M_PWD_DATA;
+ end_structure (); }
+ cleanup(free);
}
krb5_error_code decode_krb5_padata_sequence(const krb5_data *code, krb5_pa_data ***rep)
{
- setup_buf_only();
- *rep = 0;
- retval = asn1_decode_sequence_of_pa_data(&buf,rep);
- if(retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here */
+ setup_buf_only();
+ *rep = 0;
+ retval = asn1_decode_sequence_of_pa_data(&buf,rep);
+ if (retval) clean_return(retval);
+ cleanup_none(); /* we're not allocating anything here */
}
krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **rep)
{
- setup();
- alloc_field(*rep,krb5_alt_method);
- { begin_structure();
- get_field((*rep)->method,0,asn1_decode_int32);
- if (tagnum == 1) {
- get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
- } else {
- (*rep)->length = 0;
- (*rep)->data = 0;
+ setup();
+ alloc_field(*rep,krb5_alt_method);
+ { begin_structure();
+ get_field((*rep)->method,0,asn1_decode_int32);
+ if (tagnum == 1) {
+ get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
+ } else {
+ (*rep)->length = 0;
+ (*rep)->data = 0;
+ }
+ (*rep)->magic = KV5M_ALT_METHOD;
+ end_structure();
}
- (*rep)->magic = KV5M_ALT_METHOD;
- end_structure();
- }
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_entry ***rep)
{
- setup_buf_only();
- *rep = 0;
- retval = asn1_decode_etype_info(&buf,rep);
- if(retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here */
+ setup_buf_only();
+ *rep = 0;
+ retval = asn1_decode_etype_info(&buf,rep);
+ if (retval) clean_return(retval);
+ cleanup_none(); /* we're not allocating anything here */
}
krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
retval = asn1_decode_etype_info2(&buf,rep, 0);
if (retval == ASN1_BAD_ID) {
retval = asn1buf_wrap_data(&buf,code);
- if(retval) clean_return(retval);
+ if (retval) clean_return(retval);
retval = asn1_decode_etype_info2(&buf, rep, 1);
}
- if(retval) clean_return(retval);
+ if (retval) clean_return(retval);
cleanup_none(); /* we're not allocating anything here */
}
krb5_error_code decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_enc_data);
+ setup_buf_only();
+ alloc_field(*rep,krb5_enc_data);
- retval = asn1_decode_encrypted_data(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_encrypted_data(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_pa_enc_ts(const krb5_data *code, krb5_pa_enc_ts **rep)
{
- setup();
- alloc_field(*rep,krb5_pa_enc_ts);
- { begin_structure();
- get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
- if (tagnum == 1) {
- get_field((*rep)->pausec,1,asn1_decode_int32);
- } else
- (*rep)->pausec = 0;
- end_structure (); }
- cleanup(free);
+ setup();
+ alloc_field(*rep,krb5_pa_enc_ts);
+ { begin_structure();
+ get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
+ if (tagnum == 1) {
+ get_field((*rep)->pausec,1,asn1_decode_int32);
+ } else
+ (*rep)->pausec = 0;
+ end_structure (); }
+ cleanup(free);
}
krb5_error_code decode_krb5_sam_challenge(const krb5_data *code, krb5_sam_challenge **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_sam_challenge);
+ setup_buf_only();
+ alloc_field(*rep,krb5_sam_challenge);
- retval = asn1_decode_sam_challenge(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_sam_challenge(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_sam_challenge_2(const krb5_data *code, krb5_sam_challenge_2 **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_sam_challenge_2);
+ setup_buf_only();
+ alloc_field(*rep,krb5_sam_challenge_2);
- retval = asn1_decode_sam_challenge_2(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_sam_challenge_2(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_sam_challenge_2_body(const krb5_data *code, krb5_sam_challenge_2_body **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_sam_challenge_2_body);
+ setup_buf_only();
+ alloc_field(*rep, krb5_sam_challenge_2_body);
- retval = asn1_decode_sam_challenge_2_body(&buf, *rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_sam_challenge_2_body(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_enc_sam_key(const krb5_data *code, krb5_sam_key **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_sam_key);
+ setup_buf_only();
+ alloc_field(*rep,krb5_sam_key);
- retval = asn1_decode_enc_sam_key(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_enc_sam_key(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_enc_sam_response_enc(const krb5_data *code, krb5_enc_sam_response_enc **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_enc_sam_response_enc);
+ setup_buf_only();
+ alloc_field(*rep,krb5_enc_sam_response_enc);
- retval = asn1_decode_enc_sam_response_enc(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_enc_sam_response_enc(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_enc_sam_response_enc_2(const krb5_data *code, krb5_enc_sam_response_enc_2 **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_enc_sam_response_enc_2);
+ setup_buf_only();
+ alloc_field(*rep,krb5_enc_sam_response_enc_2);
- retval = asn1_decode_enc_sam_response_enc_2(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_enc_sam_response_enc_2(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_sam_response(const krb5_data *code, krb5_sam_response **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_sam_response);
+ setup_buf_only();
+ alloc_field(*rep,krb5_sam_response);
- retval = asn1_decode_sam_response(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_sam_response(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_sam_response_2(const krb5_data *code, krb5_sam_response_2 **rep)
{
- setup_buf_only();
- alloc_field(*rep,krb5_sam_response_2);
+ setup_buf_only();
+ alloc_field(*rep,krb5_sam_response_2);
- retval = asn1_decode_sam_response_2(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_sam_response_2(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_predicted_sam_response **rep)
{
- setup_buf_only(); /* preallocated */
- alloc_field(*rep,krb5_predicted_sam_response);
+ setup_buf_only(); /* preallocated */
+ alloc_field(*rep,krb5_predicted_sam_response);
- retval = asn1_decode_predicted_sam_response(&buf,*rep);
- if(retval) clean_return(retval);
+ retval = asn1_decode_predicted_sam_response(&buf,*rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
#ifndef DISABLE_PKINIT
krb5_error_code decode_krb5_pa_pk_as_req(const krb5_data *code, krb5_pa_pk_as_req **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_pa_pk_as_req);
+ setup_buf_only();
+ alloc_field(*rep, krb5_pa_pk_as_req);
- retval = asn1_decode_pa_pk_as_req(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_pa_pk_as_req(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_pa_pk_as_req_draft9(const krb5_data *code, krb5_pa_pk_as_req_draft9 **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_pa_pk_as_req_draft9);
+ setup_buf_only();
+ alloc_field(*rep, krb5_pa_pk_as_req_draft9);
- retval = asn1_decode_pa_pk_as_req_draft9(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_pa_pk_as_req_draft9(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_pa_pk_as_rep(const krb5_data *code, krb5_pa_pk_as_rep **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_pa_pk_as_rep);
+ setup_buf_only();
+ alloc_field(*rep, krb5_pa_pk_as_rep);
- retval = asn1_decode_pa_pk_as_rep(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_pa_pk_as_rep(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_pa_pk_as_rep_draft9(const krb5_data *code, krb5_pa_pk_as_rep_draft9 **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_pa_pk_as_rep_draft9);
+ setup_buf_only();
+ alloc_field(*rep, krb5_pa_pk_as_rep_draft9);
- retval = asn1_decode_pa_pk_as_rep_draft9(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_pa_pk_as_rep_draft9(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_auth_pack(const krb5_data *code, krb5_auth_pack **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_auth_pack);
+ setup_buf_only();
+ alloc_field(*rep, krb5_auth_pack);
- retval = asn1_decode_auth_pack(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_auth_pack(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_auth_pack_draft9(const krb5_data *code, krb5_auth_pack_draft9 **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_auth_pack_draft9);
+ setup_buf_only();
+ alloc_field(*rep, krb5_auth_pack_draft9);
- retval = asn1_decode_auth_pack_draft9(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_auth_pack_draft9(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_kdc_dh_key_info(const krb5_data *code, krb5_kdc_dh_key_info **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_kdc_dh_key_info);
+ setup_buf_only();
+ alloc_field(*rep, krb5_kdc_dh_key_info);
- retval = asn1_decode_kdc_dh_key_info(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_kdc_dh_key_info(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_principal_data);
+ setup_buf_only();
+ alloc_field(*rep, krb5_principal_data);
- retval = asn1_decode_krb5_principal_name(&buf, rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_krb5_principal_name(&buf, rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_reply_key_pack(const krb5_data *code, krb5_reply_key_pack **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_reply_key_pack);
+ setup_buf_only();
+ alloc_field(*rep, krb5_reply_key_pack);
- retval = asn1_decode_reply_key_pack(&buf, *rep);
- if (retval)
- goto error_out;
+ retval = asn1_decode_reply_key_pack(&buf, *rep);
+ if (retval)
+ goto error_out;
- cleanup_manual();
+ cleanup_manual();
error_out:
- if (rep && *rep) {
- free((*rep)->replyKey.contents);
- free((*rep)->asChecksum.contents);
- free(*rep);
- *rep = NULL;
- }
- return retval;
+ if (rep && *rep) {
+ free((*rep)->replyKey.contents);
+ free((*rep)->asChecksum.contents);
+ free(*rep);
+ *rep = NULL;
+ }
+ return retval;
}
krb5_error_code decode_krb5_reply_key_pack_draft9(const krb5_data *code, krb5_reply_key_pack_draft9 **rep)
{
- setup_buf_only();
- alloc_field(*rep, krb5_reply_key_pack_draft9);
+ setup_buf_only();
+ alloc_field(*rep, krb5_reply_key_pack_draft9);
- retval = asn1_decode_reply_key_pack_draft9(&buf, *rep);
- if (retval) clean_return(retval);
+ retval = asn1_decode_reply_key_pack_draft9(&buf, *rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_typed_data(const krb5_data *code, krb5_typed_data ***rep)
{
- setup_buf_only();
- retval = asn1_decode_sequence_of_typed_data(&buf, rep);
- if (retval) clean_return(retval);
+ setup_buf_only();
+ retval = asn1_decode_sequence_of_typed_data(&buf, rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_td_trusted_certifiers(const krb5_data *code, krb5_external_principal_identifier ***rep)
{
- setup_buf_only();
- retval = asn1_decode_sequence_of_external_principal_identifier(&buf, rep);
- if (retval) clean_return(retval);
+ setup_buf_only();
+ retval = asn1_decode_sequence_of_external_principal_identifier(&buf, rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
krb5_error_code decode_krb5_td_dh_parameters(const krb5_data *code, krb5_algorithm_identifier ***rep)
{
- setup_buf_only();
- retval = asn1_decode_sequence_of_algorithm_identifier(&buf, rep);
- if (retval) clean_return(retval);
+ setup_buf_only();
+ retval = asn1_decode_sequence_of_algorithm_identifier(&buf, rep);
+ if (retval) clean_return(retval);
- cleanup(free);
+ cleanup(free);
}
#endif /* DISABLE_PKINIT */
...
/* for OPTIONAL fields */
- if(rep->field_i == should_not_be_omitted)
+ if (rep->field_i == should_not_be_omitted)
krb5_addfield(rep->field_i, i, asn1_type);
/* for string fields (these encoders take an additional argument,
/* if you really have to do things yourself... */
retval = asn1_encode_asn1_type(buf,rep->field,&length);
- if(retval) return retval;
+ if (retval) return retval;
sum += length;
retval = asn1_make_etag(buf,
[UNIVERSAL/APPLICATION/CONTEXT_SPECIFIC/PRIVATE],
tag_number, length, &length);
- if(retval) return retval;
+ if (retval) return retval;
sum += length;
...
asn1buf *buf=NULL;\
unsigned int length, sum=0;\
\
- if(rep == NULL) return ASN1_MISSING_FIELD;\
+ if (rep == NULL) return ASN1_MISSING_FIELD;\
\
retval = asn1buf_create(&buf);\
- if(retval) return retval
+ if (retval) return retval
/* krb5_addfield -- add a field, or component, to the encoding */
#define krb5_addfield(value,tag,encoder)\
{ retval = encoder(buf,value,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length;\
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* krb5_addlenfield -- add a field whose length must be separately specified */
#define krb5_addlenfield(len,value,tag,encoder)\
{ retval = encoder(buf,len,value,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length;\
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
/* form a sequence (by adding a sequence header to the current encoding) */
#define krb5_makeseq()\
retval = asn1_make_sequence(buf,sum,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length
/* add an APPLICATION class tag to the current encoding */
#define krb5_apptag(num)\
retval = asn1_make_etag(buf,APPLICATION,num,sum,&length);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length
/* produce the final output and clean up the workspace */
#define krb5_cleanup()\
retval = asn12krb5_buf(buf,code);\
- if(retval){\
+ if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
retval = asn1buf_destroy(&buf);\
- if(retval){\
+ if (retval) {\
return retval; }\
\
return 0
krb5_error_code encode_krb5_authenticator(const krb5_authenticator *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* authorization-data[8] AuthorizationData OPTIONAL */
- if(rep->authorization_data != NULL &&
- rep->authorization_data[0] != NULL){
- retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
- rep->authorization_data,
- &length);
- if(retval){
- asn1buf_destroy(&buf);
- return retval; }
- sum += length;
- retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
- if(retval){
- asn1buf_destroy(&buf);
- return retval; }
- sum += length;
- }
+ /* authorization-data[8] AuthorizationData OPTIONAL */
+ if (rep->authorization_data != NULL &&
+ rep->authorization_data[0] != NULL) {
+ retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
+ rep->authorization_data,
+ &length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval; }
+ sum += length;
+ retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval; }
+ sum += length;
+ }
- /* seq-number[7] INTEGER OPTIONAL */
- if(rep->seq_number != 0)
- krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
+ /* seq-number[7] INTEGER OPTIONAL */
+ if (rep->seq_number != 0)
+ krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
- /* subkey[6] EncryptionKey OPTIONAL */
- if(rep->subkey != NULL)
- krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
+ /* subkey[6] EncryptionKey OPTIONAL */
+ if (rep->subkey != NULL)
+ krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
- /* ctime[5] KerberosTime */
- krb5_addfield(rep->ctime,5,asn1_encode_kerberos_time);
+ /* ctime[5] KerberosTime */
+ krb5_addfield(rep->ctime,5,asn1_encode_kerberos_time);
- /* cusec[4] INTEGER */
- krb5_addfield(rep->cusec,4,asn1_encode_integer);
+ /* cusec[4] INTEGER */
+ krb5_addfield(rep->cusec,4,asn1_encode_integer);
- /* cksum[3] Checksum OPTIONAL */
- if(rep->checksum != NULL)
- krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+ /* cksum[3] Checksum OPTIONAL */
+ if (rep->checksum != NULL)
+ krb5_addfield(rep->checksum,3,asn1_encode_checksum);
- /* cname[2] PrincipalName */
- krb5_addfield(rep->client,2,asn1_encode_principal_name);
+ /* cname[2] PrincipalName */
+ krb5_addfield(rep->client,2,asn1_encode_principal_name);
- /* crealm[1] Realm */
- krb5_addfield(rep->client,1,asn1_encode_realm);
+ /* crealm[1] Realm */
+ krb5_addfield(rep->client,1,asn1_encode_realm);
- /* authenticator-vno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* authenticator-vno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* Authenticator ::= [APPLICATION 2] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(2);
+ /* Authenticator ::= [APPLICATION 2] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(2);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_ticket(const krb5_ticket *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* enc-part[3] EncryptedData */
- krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
+ /* enc-part[3] EncryptedData */
+ krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
- /* sname [2] PrincipalName */
- krb5_addfield(rep->server,2,asn1_encode_principal_name);
+ /* sname [2] PrincipalName */
+ krb5_addfield(rep->server,2,asn1_encode_principal_name);
- /* realm [1] Realm */
- krb5_addfield(rep->server,1,asn1_encode_realm);
+ /* realm [1] Realm */
+ krb5_addfield(rep->server,1,asn1_encode_realm);
- /* tkt-vno [0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* tkt-vno [0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* Ticket ::= [APPLICATION 1] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(1);
+ /* Ticket ::= [APPLICATION 1] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(1);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_encryption_key(const krb5_keyblock *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* keyvalue[1] OCTET STRING */
- krb5_addlenfield(rep->length,rep->contents,1,asn1_encode_octetstring);
+ /* keyvalue[1] OCTET STRING */
+ krb5_addlenfield(rep->length,rep->contents,1,asn1_encode_octetstring);
- /* enctype[0] INTEGER */
- krb5_addfield(rep->enctype,0,asn1_encode_integer);
+ /* enctype[0] INTEGER */
+ krb5_addfield(rep->enctype,0,asn1_encode_integer);
- /* EncryptionKey ::= SEQUENCE */
- krb5_makeseq();
+ /* EncryptionKey ::= SEQUENCE */
+ krb5_makeseq();
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_tkt_part(const krb5_enc_tkt_part *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* authorization-data[10] AuthorizationData OPTIONAL */
- if(rep->authorization_data != NULL &&
- rep->authorization_data[0] != NULL)
- krb5_addfield((const krb5_authdata**)rep->authorization_data,
- 10,asn1_encode_authorization_data);
+ /* authorization-data[10] AuthorizationData OPTIONAL */
+ if (rep->authorization_data != NULL &&
+ rep->authorization_data[0] != NULL)
+ krb5_addfield((const krb5_authdata**)rep->authorization_data,
+ 10,asn1_encode_authorization_data);
- /* caddr[9] HostAddresses OPTIONAL */
- if(rep->caddrs != NULL && rep->caddrs[0] != NULL)
- krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
+ /* caddr[9] HostAddresses OPTIONAL */
+ if (rep->caddrs != NULL && rep->caddrs[0] != NULL)
+ krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
- /* renew-till[8] KerberosTime OPTIONAL */
- if(rep->times.renew_till)
- krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
+ /* renew-till[8] KerberosTime OPTIONAL */
+ if (rep->times.renew_till)
+ krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
- /* endtime[7] KerberosTime */
- krb5_addfield(rep->times.endtime,7,asn1_encode_kerberos_time);
+ /* endtime[7] KerberosTime */
+ krb5_addfield(rep->times.endtime,7,asn1_encode_kerberos_time);
- /* starttime[6] KerberosTime OPTIONAL */
- if(rep->times.starttime)
- krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
+ /* starttime[6] KerberosTime OPTIONAL */
+ if (rep->times.starttime)
+ krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
- /* authtime[5] KerberosTime */
- krb5_addfield(rep->times.authtime,5,asn1_encode_kerberos_time);
+ /* authtime[5] KerberosTime */
+ krb5_addfield(rep->times.authtime,5,asn1_encode_kerberos_time);
- /* transited[4] TransitedEncoding */
- krb5_addfield(&(rep->transited),4,asn1_encode_transited_encoding);
+ /* transited[4] TransitedEncoding */
+ krb5_addfield(&(rep->transited),4,asn1_encode_transited_encoding);
- /* cname[3] PrincipalName */
- krb5_addfield(rep->client,3,asn1_encode_principal_name);
+ /* cname[3] PrincipalName */
+ krb5_addfield(rep->client,3,asn1_encode_principal_name);
- /* crealm[2] Realm */
- krb5_addfield(rep->client,2,asn1_encode_realm);
+ /* crealm[2] Realm */
+ krb5_addfield(rep->client,2,asn1_encode_realm);
- /* key[1] EncryptionKey */
- krb5_addfield(rep->session,1,asn1_encode_encryption_key);
+ /* key[1] EncryptionKey */
+ krb5_addfield(rep->session,1,asn1_encode_encryption_key);
- /* flags[0] TicketFlags */
- krb5_addfield(rep->flags,0,asn1_encode_ticket_flags);
+ /* flags[0] TicketFlags */
+ krb5_addfield(rep->flags,0,asn1_encode_ticket_flags);
- /* EncTicketPart ::= [APPLICATION 3] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(3);
+ /* EncTicketPart ::= [APPLICATION 3] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(3);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_kdc_rep_part(const krb5_enc_kdc_rep_part *rep, krb5_data **code)
{
- asn1_error_code retval;
- asn1buf *buf=NULL;
- unsigned int length, sum=0;
+ asn1_error_code retval;
+ asn1buf *buf=NULL;
+ unsigned int length, sum=0;
- if(rep == NULL) return ASN1_MISSING_FIELD;
+ if (rep == NULL) return ASN1_MISSING_FIELD;
- retval = asn1buf_create(&buf);
- if(retval) return retval;
+ retval = asn1buf_create(&buf);
+ if (retval) return retval;
- retval = asn1_encode_enc_kdc_rep_part(buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ retval = asn1_encode_enc_kdc_rep_part(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
#ifdef KRB5_ENCKRB5KDCREPPART_COMPAT
- krb5_apptag(26);
+ krb5_apptag(26);
#else
- /* XXX WRONG!!! Should use 25 || 26, not the outer KDC_REP tags! */
- if (rep->msg_type == KRB5_AS_REP) { krb5_apptag(ASN1_KRB_AS_REP); }
- else if (rep->msg_type == KRB5_TGS_REP) { krb5_apptag(ASN1_KRB_TGS_REP); }
- else return KRB5_BADMSGTYPE;
+ /* XXX WRONG!!! Should use 25 || 26, not the outer KDC_REP tags! */
+ if (rep->msg_type == KRB5_AS_REP) { krb5_apptag(ASN1_KRB_AS_REP); }
+ else if (rep->msg_type == KRB5_TGS_REP) { krb5_apptag(ASN1_KRB_TGS_REP); }
+ else return KRB5_BADMSGTYPE;
#endif
- krb5_cleanup();
+ krb5_cleanup();
}
/* yes, the translation is identical to that used for KDC__REP */
krb5_error_code encode_krb5_as_rep(const krb5_kdc_rep *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* AS-REP ::= [APPLICATION 11] KDC-REP */
- retval = asn1_encode_kdc_rep(KRB5_AS_REP,buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ /* AS-REP ::= [APPLICATION 11] KDC-REP */
+ retval = asn1_encode_kdc_rep(KRB5_AS_REP,buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_apptag(11);
+ krb5_apptag(11);
- krb5_cleanup();
+ krb5_cleanup();
}
/* yes, the translation is identical to that used for KDC__REP */
krb5_error_code encode_krb5_tgs_rep(const krb5_kdc_rep *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* TGS-REP ::= [APPLICATION 13] KDC-REP */
- retval = asn1_encode_kdc_rep(KRB5_TGS_REP,buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ /* TGS-REP ::= [APPLICATION 13] KDC-REP */
+ retval = asn1_encode_kdc_rep(KRB5_TGS_REP,buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_apptag(13);
+ krb5_apptag(13);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_ap_req(const krb5_ap_req *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* authenticator[4] EncryptedData */
- krb5_addfield(&(rep->authenticator),4,asn1_encode_encrypted_data);
+ /* authenticator[4] EncryptedData */
+ krb5_addfield(&(rep->authenticator),4,asn1_encode_encrypted_data);
- /* ticket[3] Ticket */
- krb5_addfield(rep->ticket,3,asn1_encode_ticket);
+ /* ticket[3] Ticket */
+ krb5_addfield(rep->ticket,3,asn1_encode_ticket);
- /* ap-options[2] APOptions */
- krb5_addfield(rep->ap_options,2,asn1_encode_ap_options);
+ /* ap-options[2] APOptions */
+ krb5_addfield(rep->ap_options,2,asn1_encode_ap_options);
- /* msg-type[1] INTEGER */
- krb5_addfield(ASN1_KRB_AP_REQ,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER */
+ krb5_addfield(ASN1_KRB_AP_REQ,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* AP-REQ ::= [APPLICATION 14] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(14);
+ /* AP-REQ ::= [APPLICATION 14] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(14);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_ap_rep(const krb5_ap_rep *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* enc-part[2] EncryptedData */
- krb5_addfield(&(rep->enc_part),2,asn1_encode_encrypted_data);
+ /* enc-part[2] EncryptedData */
+ krb5_addfield(&(rep->enc_part),2,asn1_encode_encrypted_data);
- /* msg-type[1] INTEGER */
- krb5_addfield(ASN1_KRB_AP_REP,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER */
+ krb5_addfield(ASN1_KRB_AP_REP,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* AP-REP ::= [APPLICATION 15] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(15);
+ /* AP-REP ::= [APPLICATION 15] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(15);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_ap_rep_enc_part(const krb5_ap_rep_enc_part *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* seq-number[3] INTEGER OPTIONAL */
- if(rep->seq_number)
- krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+ /* seq-number[3] INTEGER OPTIONAL */
+ if (rep->seq_number)
+ krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
- /* subkey[2] EncryptionKey OPTIONAL */
- if(rep->subkey != NULL)
- krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
+ /* subkey[2] EncryptionKey OPTIONAL */
+ if (rep->subkey != NULL)
+ krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
- /* cusec[1] INTEGER */
- krb5_addfield(rep->cusec,1,asn1_encode_integer);
+ /* cusec[1] INTEGER */
+ krb5_addfield(rep->cusec,1,asn1_encode_integer);
- /* ctime[0] KerberosTime */
- krb5_addfield(rep->ctime,0,asn1_encode_kerberos_time);
+ /* ctime[0] KerberosTime */
+ krb5_addfield(rep->ctime,0,asn1_encode_kerberos_time);
- /* EncAPRepPart ::= [APPLICATION 27] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(27);
+ /* EncAPRepPart ::= [APPLICATION 27] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(27);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_as_req(const krb5_kdc_req *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* AS-REQ ::= [APPLICATION 10] KDC-REQ */
- retval = asn1_encode_kdc_req(KRB5_AS_REQ,buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ /* AS-REQ ::= [APPLICATION 10] KDC-REQ */
+ retval = asn1_encode_kdc_req(KRB5_AS_REQ,buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_apptag(10);
+ krb5_apptag(10);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_tgs_req(const krb5_kdc_req *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* TGS-REQ ::= [APPLICATION 12] KDC-REQ */
- retval = asn1_encode_kdc_req(KRB5_TGS_REQ,buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ /* TGS-REQ ::= [APPLICATION 12] KDC-REQ */
+ retval = asn1_encode_kdc_req(KRB5_TGS_REQ,buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_apptag(12);
+ krb5_apptag(12);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_kdc_req_body(const krb5_kdc_req *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- retval = asn1_encode_kdc_req_body(buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ retval = asn1_encode_kdc_req_body(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_safe(const krb5_safe *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* cksum[3] Checksum */
- krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+ /* cksum[3] Checksum */
+ krb5_addfield(rep->checksum,3,asn1_encode_checksum);
- /* safe-body[2] KRB-SAFE-BODY */
- krb5_addfield(rep,2,asn1_encode_krb_safe_body);
+ /* safe-body[2] KRB-SAFE-BODY */
+ krb5_addfield(rep,2,asn1_encode_krb_safe_body);
- /* msg-type[1] INTEGER */
- krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER */
+ krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(20);
+ /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(20);
- krb5_cleanup();
+ krb5_cleanup();
}
/*
* encoding to avoid problems with re-encoding.
*/
krb5_error_code encode_krb5_safe_with_body(
- const krb5_safe *rep,
- const krb5_data *body,
- krb5_data **code)
+ const krb5_safe *rep,
+ const krb5_data *body,
+ krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- if (body == NULL) {
- asn1buf_destroy(&buf);
- return ASN1_MISSING_FIELD;
- }
+ if (body == NULL) {
+ asn1buf_destroy(&buf);
+ return ASN1_MISSING_FIELD;
+ }
- /* cksum[3] Checksum */
- krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+ /* cksum[3] Checksum */
+ krb5_addfield(rep->checksum,3,asn1_encode_checksum);
- /* safe-body[2] KRB-SAFE-BODY */
- krb5_addfield(body,2,asn1_encode_krb_saved_safe_body);
+ /* safe-body[2] KRB-SAFE-BODY */
+ krb5_addfield(body,2,asn1_encode_krb_saved_safe_body);
- /* msg-type[1] INTEGER */
- krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER */
+ krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(20);
+ /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(20);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_priv(const krb5_priv *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* enc-part[3] EncryptedData */
- krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
+ /* enc-part[3] EncryptedData */
+ krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
- /* msg-type[1] INTEGER */
- krb5_addfield(ASN1_KRB_PRIV,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER */
+ krb5_addfield(ASN1_KRB_PRIV,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* KRB-PRIV ::= [APPLICATION 21] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(21);
+ /* KRB-PRIV ::= [APPLICATION 21] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(21);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_priv_part(const krb5_priv_enc_part *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* r-address[5] HostAddress OPTIONAL -- recip's addr */
- if(rep->r_address)
- krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+ /* r-address[5] HostAddress OPTIONAL -- recip's addr */
+ if (rep->r_address)
+ krb5_addfield(rep->r_address,5,asn1_encode_host_address);
- /* s-address[4] HostAddress -- sender's addr */
- krb5_addfield(rep->s_address,4,asn1_encode_host_address);
+ /* s-address[4] HostAddress -- sender's addr */
+ krb5_addfield(rep->s_address,4,asn1_encode_host_address);
- /* seq-number[3] INTEGER OPTIONAL */
- if(rep->seq_number)
- krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+ /* seq-number[3] INTEGER OPTIONAL */
+ if (rep->seq_number)
+ krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
- /* usec[2] INTEGER OPTIONAL */
- if(rep->timestamp){
- krb5_addfield(rep->usec,2,asn1_encode_integer);
- /* timestamp[1] KerberosTime OPTIONAL */
- krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
- }
+ /* usec[2] INTEGER OPTIONAL */
+ if (rep->timestamp) {
+ krb5_addfield(rep->usec,2,asn1_encode_integer);
+ /* timestamp[1] KerberosTime OPTIONAL */
+ krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
+ }
- /* user-data[0] OCTET STRING */
- krb5_addlenfield(rep->user_data.length,rep->user_data.data,0,asn1_encode_charstring);
+ /* user-data[0] OCTET STRING */
+ krb5_addlenfield(rep->user_data.length,rep->user_data.data,0,asn1_encode_charstring);
- /* EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(28);
+ /* EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(28);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_cred(const krb5_cred *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* enc-part[3] EncryptedData */
- krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
+ /* enc-part[3] EncryptedData */
+ krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
- /* tickets[2] SEQUENCE OF Ticket */
- krb5_addfield((const krb5_ticket**)rep->tickets,2,asn1_encode_sequence_of_ticket);
+ /* tickets[2] SEQUENCE OF Ticket */
+ krb5_addfield((const krb5_ticket**)rep->tickets,2,asn1_encode_sequence_of_ticket);
- /* msg-type[1] INTEGER, -- KRB_CRED */
- krb5_addfield(ASN1_KRB_CRED,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER, -- KRB_CRED */
+ krb5_addfield(ASN1_KRB_CRED,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* KRB-CRED ::= [APPLICATION 22] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(22);
+ /* KRB-CRED ::= [APPLICATION 22] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(22);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_cred_part(const krb5_cred_enc_part *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* r-address[5] HostAddress OPTIONAL */
- if(rep->r_address != NULL)
- krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+ /* r-address[5] HostAddress OPTIONAL */
+ if (rep->r_address != NULL)
+ krb5_addfield(rep->r_address,5,asn1_encode_host_address);
- /* s-address[4] HostAddress OPTIONAL */
- if(rep->s_address != NULL)
- krb5_addfield(rep->s_address,4,asn1_encode_host_address);
+ /* s-address[4] HostAddress OPTIONAL */
+ if (rep->s_address != NULL)
+ krb5_addfield(rep->s_address,4,asn1_encode_host_address);
- /* usec[3] INTEGER OPTIONAL */
- if(rep->timestamp){
- krb5_addfield(rep->usec,3,asn1_encode_integer);
- /* timestamp[2] KerberosTime OPTIONAL */
- krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
- }
+ /* usec[3] INTEGER OPTIONAL */
+ if (rep->timestamp) {
+ krb5_addfield(rep->usec,3,asn1_encode_integer);
+ /* timestamp[2] KerberosTime OPTIONAL */
+ krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
+ }
- /* nonce[1] INTEGER OPTIONAL */
- if(rep->nonce)
- krb5_addfield(rep->nonce,1,asn1_encode_integer);
+ /* nonce[1] INTEGER OPTIONAL */
+ if (rep->nonce)
+ krb5_addfield(rep->nonce,1,asn1_encode_integer);
- /* ticket-info[0] SEQUENCE OF KrbCredInfo */
- krb5_addfield((const krb5_cred_info**)rep->ticket_info,
- 0,asn1_encode_sequence_of_krb_cred_info);
+ /* ticket-info[0] SEQUENCE OF KrbCredInfo */
+ krb5_addfield((const krb5_cred_info**)rep->ticket_info,
+ 0,asn1_encode_sequence_of_krb_cred_info);
- /* EncKrbCredPart ::= [APPLICATION 29] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(29);
+ /* EncKrbCredPart ::= [APPLICATION 29] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(29);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_error(const krb5_error *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* e-data[12] OCTET STRING OPTIONAL */
- if(rep->e_data.data != NULL && rep->e_data.length > 0)
- krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
+ /* e-data[12] OCTET STRING OPTIONAL */
+ if (rep->e_data.data != NULL && rep->e_data.length > 0)
+ krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
- /* e-text[11] GeneralString OPTIONAL */
- if(rep->text.data != NULL && rep->text.length > 0)
- krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
+ /* e-text[11] GeneralString OPTIONAL */
+ if (rep->text.data != NULL && rep->text.length > 0)
+ krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
- /* sname[10] PrincipalName -- Correct name */
- krb5_addfield(rep->server,10,asn1_encode_principal_name);
+ /* sname[10] PrincipalName -- Correct name */
+ krb5_addfield(rep->server,10,asn1_encode_principal_name);
- /* realm[9] Realm -- Correct realm */
- krb5_addfield(rep->server,9,asn1_encode_realm);
+ /* realm[9] Realm -- Correct realm */
+ krb5_addfield(rep->server,9,asn1_encode_realm);
- /* cname[8] PrincipalName OPTIONAL */
- if(rep->client != NULL){
- krb5_addfield(rep->client,8,asn1_encode_principal_name);
- /* crealm[7] Realm OPTIONAL */
- krb5_addfield(rep->client,7,asn1_encode_realm);
- }
+ /* cname[8] PrincipalName OPTIONAL */
+ if (rep->client != NULL) {
+ krb5_addfield(rep->client,8,asn1_encode_principal_name);
+ /* crealm[7] Realm OPTIONAL */
+ krb5_addfield(rep->client,7,asn1_encode_realm);
+ }
- /* error-code[6] INTEGER */
- krb5_addfield(rep->error,6,asn1_encode_ui_4);
+ /* error-code[6] INTEGER */
+ krb5_addfield(rep->error,6,asn1_encode_ui_4);
- /* susec[5] INTEGER */
- krb5_addfield(rep->susec,5,asn1_encode_integer);
+ /* susec[5] INTEGER */
+ krb5_addfield(rep->susec,5,asn1_encode_integer);
- /* stime[4] KerberosTime */
- krb5_addfield(rep->stime,4,asn1_encode_kerberos_time);
+ /* stime[4] KerberosTime */
+ krb5_addfield(rep->stime,4,asn1_encode_kerberos_time);
- /* cusec[3] INTEGER OPTIONAL */
- if(rep->cusec)
- krb5_addfield(rep->cusec,3,asn1_encode_integer);
+ /* cusec[3] INTEGER OPTIONAL */
+ if (rep->cusec)
+ krb5_addfield(rep->cusec,3,asn1_encode_integer);
- /* ctime[2] KerberosTime OPTIONAL */
- if(rep->ctime)
- krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
+ /* ctime[2] KerberosTime OPTIONAL */
+ if (rep->ctime)
+ krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
- /* msg-type[1] INTEGER */
- krb5_addfield(ASN1_KRB_ERROR,1,asn1_encode_integer);
+ /* msg-type[1] INTEGER */
+ krb5_addfield(ASN1_KRB_ERROR,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
- krb5_addfield(KVNO,0,asn1_encode_integer);
+ /* pvno[0] INTEGER */
+ krb5_addfield(KVNO,0,asn1_encode_integer);
- /* KRB-ERROR ::= [APPLICATION 30] SEQUENCE */
- krb5_makeseq();
- krb5_apptag(30);
+ /* KRB-ERROR ::= [APPLICATION 30] SEQUENCE */
+ krb5_makeseq();
+ krb5_apptag(30);
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_authdata(const krb5_authdata **rep, krb5_data **code)
{
- asn1_error_code retval;
- asn1buf *buf=NULL;
- unsigned int length;
+ asn1_error_code retval;
+ asn1buf *buf=NULL;
+ unsigned int length;
- if(rep == NULL) return ASN1_MISSING_FIELD;
+ if (rep == NULL) return ASN1_MISSING_FIELD;
- retval = asn1buf_create(&buf);
- if(retval) return retval;
+ retval = asn1buf_create(&buf);
+ if (retval) return retval;
- retval = asn1_encode_authorization_data(buf,(const krb5_authdata**)rep,
- &length);
- if(retval) return retval;
+ retval = asn1_encode_authorization_data(buf,(const krb5_authdata**)rep,
+ &length);
+ if (retval) return retval;
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_authdata_elt(const krb5_authdata *rep, krb5_data **code)
{
- asn1_error_code retval;
- asn1buf *buf=NULL;
- unsigned int length;
+ asn1_error_code retval;
+ asn1buf *buf=NULL;
+ unsigned int length;
- if(rep == NULL) return ASN1_MISSING_FIELD;
+ if (rep == NULL) return ASN1_MISSING_FIELD;
- retval = asn1buf_create(&buf);
- if(retval) return retval;
+ retval = asn1buf_create(&buf);
+ if (retval) return retval;
- retval = asn1_encode_krb5_authdata_elt(buf,rep, &length);
- if(retval) return retval;
+ retval = asn1_encode_krb5_authdata_elt(buf,rep, &length);
+ if (retval) return retval;
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_alt_method(const krb5_alt_method *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* method-data[1] OctetString OPTIONAL */
- if(rep->data != NULL && rep->length > 0)
- krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
+ /* method-data[1] OctetString OPTIONAL */
+ if (rep->data != NULL && rep->length > 0)
+ krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
- /* method-type[0] Integer */
- krb5_addfield(rep->method,0,asn1_encode_integer);
+ /* method-type[0] Integer */
+ krb5_addfield(rep->method,0,asn1_encode_integer);
- krb5_makeseq();
+ krb5_makeseq();
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_etype_info(const krb5_etype_info_entry **rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_etype_info(buf,rep,&length, 0);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_etype_info(buf,rep,&length, 0);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_etype_info2(const krb5_etype_info_entry **rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_etype_info(buf,rep,&length, 1);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_etype_info(buf,rep,&length, 1);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_data(const krb5_enc_data *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- retval = asn1_encode_encrypted_data(buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ retval = asn1_encode_encrypted_data(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_cleanup();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_pa_enc_ts(const krb5_pa_enc_ts *rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- /* pausec[1] INTEGER OPTIONAL */
- if (rep->pausec)
- krb5_addfield(rep->pausec,1,asn1_encode_integer);
+ /* pausec[1] INTEGER OPTIONAL */
+ if (rep->pausec)
+ krb5_addfield(rep->pausec,1,asn1_encode_integer);
- /* patimestamp[0] KerberosTime, -- client's time */
- krb5_addfield(rep->patimestamp,0,asn1_encode_kerberos_time);
+ /* patimestamp[0] KerberosTime, -- client's time */
+ krb5_addfield(rep->patimestamp,0,asn1_encode_kerberos_time);
- krb5_makeseq();
+ krb5_makeseq();
- krb5_cleanup();
+ krb5_cleanup();
}
/* Sandia Additions */
krb5_error_code encode_krb5_pwd_sequence(const passwd_phrase_element *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_passwdsequence(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_passwdsequence(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_pwd_data(const krb5_pwd_data *rep, krb5_data **code)
{
- krb5_setup();
- krb5_addfield((const passwd_phrase_element**)rep->element,1,asn1_encode_sequence_of_passwdsequence);
- krb5_addfield(rep->sequence_count,0,asn1_encode_integer);
- krb5_makeseq();
- krb5_cleanup();
+ krb5_setup();
+ krb5_addfield((const passwd_phrase_element**)rep->element,1,asn1_encode_sequence_of_passwdsequence);
+ krb5_addfield(rep->sequence_count,0,asn1_encode_integer);
+ krb5_makeseq();
+ krb5_cleanup();
}
krb5_error_code encode_krb5_padata_sequence(const krb5_pa_data **rep, krb5_data **code)
{
- krb5_setup();
+ krb5_setup();
- retval = asn1_encode_sequence_of_pa_data(buf,rep,&length);
- if(retval) return retval;
- sum += length;
+ retval = asn1_encode_sequence_of_pa_data(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
- krb5_cleanup();
+ krb5_cleanup();
}
/* sam preauth additions */
krb5_error_code encode_krb5_sam_challenge(const krb5_sam_challenge *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sam_challenge(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sam_challenge(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_sam_challenge_2(const krb5_sam_challenge_2 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sam_challenge_2(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sam_challenge_2(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_sam_challenge_2_body(const krb5_sam_challenge_2_body *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sam_challenge_2_body(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sam_challenge_2_body(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_sam_key(const krb5_sam_key *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sam_key(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sam_key(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_sam_response_enc(const krb5_enc_sam_response_enc *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_enc_sam_response_enc(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_enc_sam_response_enc(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_enc_sam_response_enc_2(const krb5_enc_sam_response_enc_2 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_enc_sam_response_enc_2(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_enc_sam_response_enc_2(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_sam_response(const krb5_sam_response *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sam_response(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sam_response(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_sam_response_2(const krb5_sam_response_2 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sam_response_2(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sam_response_2(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_predicted_sam_response(const krb5_predicted_sam_response *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_predicted_sam_response(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_predicted_sam_response(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_setpw_req(const krb5_principal target,
char *password, krb5_data **code)
{
- /* Macros really want us to have a variable called rep which we do not need*/
- const char *rep = "dummy string";
+ /* Macros really want us to have a variable called rep which we do not need*/
+ const char *rep = "dummy string";
- krb5_setup();
+ krb5_setup();
- krb5_addfield(target,2,asn1_encode_realm);
- krb5_addfield(target,1,asn1_encode_principal_name);
- krb5_addlenfield(strlen(password), password,0,asn1_encode_octetstring);
- krb5_makeseq();
+ krb5_addfield(target,2,asn1_encode_realm);
+ krb5_addfield(target,1,asn1_encode_principal_name);
+ krb5_addlenfield(strlen(password), password,0,asn1_encode_octetstring);
+ krb5_makeseq();
- krb5_cleanup();
+ krb5_cleanup();
}
#ifndef DISABLE_PKINIT
krb5_error_code encode_krb5_pa_pk_as_req(const krb5_pa_pk_as_req *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_pa_pk_as_req(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_pa_pk_as_req(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_pa_pk_as_req_draft9(const krb5_pa_pk_as_req_draft9 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_pa_pk_as_req_draft9(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_pa_pk_as_req_draft9(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_pa_pk_as_rep(const krb5_pa_pk_as_rep *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_pa_pk_as_rep(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_pa_pk_as_rep(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_pa_pk_as_rep_draft9(const krb5_pa_pk_as_rep_draft9 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_pa_pk_as_rep_draft9(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_pa_pk_as_rep_draft9(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_auth_pack(const krb5_auth_pack *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_auth_pack(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_auth_pack(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_auth_pack_draft9(const krb5_auth_pack_draft9 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_auth_pack_draft9(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_auth_pack_draft9(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_kdc_dh_key_info(const krb5_kdc_dh_key_info *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_kdc_dh_key_info(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_kdc_dh_key_info(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_reply_key_pack(const krb5_reply_key_pack *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_reply_key_pack(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_reply_key_pack(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_reply_key_pack_draft9(const krb5_reply_key_pack_draft9 *rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_reply_key_pack_draft9(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_reply_key_pack_draft9(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_td_trusted_certifiers(const krb5_external_principal_identifier **rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_td_trusted_certifiers(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_td_trusted_certifiers(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_typed_data(const krb5_typed_data **rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sequence_of_typed_data(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sequence_of_typed_data(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
krb5_error_code encode_krb5_td_dh_parameters(const krb5_algorithm_identifier **rep, krb5_data **code)
{
- krb5_setup();
- retval = asn1_encode_sequence_of_algorithm_identifier(buf,rep,&length);
- if(retval) return retval;
- sum += length;
- krb5_cleanup();
+ krb5_setup();
+ retval = asn1_encode_sequence_of_algorithm_identifier(buf,rep,&length);
+ if (retval) return retval;
+ sum += length;
+ krb5_cleanup();
}
#endif /* DISABLE_PKINIT */
if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
ret = decode_tagged_octetstring (&slt, 1, &keylen,
- &key->key_data_contents[1]); checkerr;
+ &key->key_data_contents[1]);
+ checkerr;
} else
keylen = 0;
safe_syncbuf (&subbuf, &slt, salt_buflen);