+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_decode.c
- *
+ *
* Copyright 1994, 2003 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
asn1_error_code retval;\
taginfo tinfo
-#define asn1class (tinfo.asn1class)
-#define construction (tinfo.construction)
-#define tagnum (tinfo.tagnum)
-#define length (tinfo.length)
+#define asn1class (tinfo.asn1class)
+#define construction (tinfo.construction)
+#define tagnum (tinfo.tagnum)
+#define length (tinfo.length)
#define tag(type)\
retval = asn1_get_tag_2(buf,&tinfo);\
if (retval) return retval;\
if (asn1class != UNIVERSAL || construction != PRIMITIVE || tagnum != type)\
return ASN1_BAD_ID
-
+
#define cleanup()\
return 0
tag(ASN1_INTEGER);
for (i = 0; i < length; i++) {
- retval = asn1buf_remove_octet(buf, &o);
- if (retval) return retval;
- if (!i) {
- n = (0x80 & o) ? -1 : 0; /* grab sign bit */
- if (n < 0 && length > sizeof (long))
- return ASN1_OVERFLOW;
- else if (length > sizeof (long) + 1) /* allow extra octet for positive */
- return ASN1_OVERFLOW;
- }
- n = (n << 8) | o;
+ retval = asn1buf_remove_octet(buf, &o);
+ if (retval) return retval;
+ if (!i) {
+ n = (0x80 & o) ? -1 : 0; /* grab sign bit */
+ if (n < 0 && length > sizeof (long))
+ return ASN1_OVERFLOW;
+ else if (length > sizeof (long) + 1) /* allow extra octet for positive */
+ return ASN1_OVERFLOW;
+ }
+ n = (n << 8) | o;
}
*val = n;
cleanup();
tag(ASN1_INTEGER);
for (i = 0, n = 0; i < length; i++) {
- retval = asn1buf_remove_octet(buf, &o);
- if (retval) return retval;
- if (!i) {
- if (0x80 & o)
- return ASN1_OVERFLOW;
- else if (length > sizeof (long) + 1)
- return ASN1_OVERFLOW;
- }
- n = (n << 8) | o;
+ retval = asn1buf_remove_octet(buf, &o);
+ if (retval) return retval;
+ if (!i) {
+ if (0x80 & o)
+ return ASN1_OVERFLOW;
+ else if (length > sizeof (long) + 1)
+ return ASN1_OVERFLOW;
+ }
+ n = (n << 8) | o;
}
*val = n;
cleanup();
n = 0;
bitsremain = ~0UL;
for (i = 0; i < length; i++) {
- /* Accounts for u_long width not being a multiple of 8. */
- if (bitsremain < 0xff) return ASN1_OVERFLOW;
- retval = asn1buf_remove_octet(buf, &o);
- if (retval) return retval;
- if (bitsremain == ~0UL) {
- if (i == 0)
- n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
- /*
- * Skip leading zero or 0xFF octets to humor non-compliant encoders.
- */
- if (n == 0 && o == 0)
- continue;
- if (n == ~0UL && o == 0xff)
- continue;
- }
- n = (n << 8) | o;
- bitsremain >>= 8;
+ /* Accounts for u_long width not being a multiple of 8. */
+ if (bitsremain < 0xff) return ASN1_OVERFLOW;
+ retval = asn1buf_remove_octet(buf, &o);
+ if (retval) return retval;
+ if (bitsremain == ~0UL) {
+ if (i == 0)
+ n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
+ /*
+ * Skip leading zero or 0xFF octets to humor non-compliant encoders.
+ */
+ if (n == 0 && o == 0)
+ continue;
+ if (n == ~0UL && o == 0xff)
+ continue;
+ }
+ n = (n << 8) | o;
+ bitsremain >>= 8;
}
*val = n;
cleanup();
retval = asn1buf_remove_charstring(buf,15,&s);
/* Time encoding: YYYYMMDDhhmmssZ */
if (s[14] != 'Z') {
- free(s);
- return ASN1_BAD_FORMAT;
+ free(s);
+ return ASN1_BAD_FORMAT;
}
if (s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
- t = 0;
- free(s);
- goto done;
+ t = 0;
+ free(s);
+ goto done;
}
#define c2i(c) ((c)-'0')
ts.tm_year = 1000*c2i(s[0]) + 100*c2i(s[1]) + 10*c2i(s[2]) + c2i(s[3])
- - 1900;
+ - 1900;
ts.tm_mon = 10*c2i(s[4]) + c2i(s[5]) - 1;
ts.tm_mday = 10*c2i(s[6]) + c2i(s[7]);
ts.tm_hour = 10*c2i(s[8]) + c2i(s[9]);
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_decode.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
modifies *buf, *len
effects Decodes the octet string in *buf into *val.
Returns ENOMEM if memory is exhausted.
- Returns asn1 errors. */
+ Returns asn1 errors. */
asn1_error_code asn1_decode_integer
- (asn1buf *buf, long *val);
+ (asn1buf *buf, long *val);
asn1_error_code asn1_decode_unsigned_integer
- (asn1buf *buf, unsigned long *val);
+ (asn1buf *buf, unsigned long *val);
asn1_error_code asn1_decode_maybe_unsigned
- (asn1buf *buf, unsigned long *val);
+ (asn1buf *buf, unsigned long *val);
asn1_error_code asn1_decode_null
- (asn1buf *buf);
+ (asn1buf *buf);
asn1_error_code asn1_decode_oid
- (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
+ (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
asn1_error_code asn1_decode_octetstring
- (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
+ (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
asn1_error_code asn1_decode_generalstring
- (asn1buf *buf, unsigned int *retlen, char **val);
+ (asn1buf *buf, unsigned int *retlen, char **val);
asn1_error_code asn1_decode_charstring
- (asn1buf *buf, unsigned int *retlen, char **val);
+ (asn1buf *buf, unsigned int *retlen, char **val);
/* Note: A charstring is a special hack to account for the fact that
krb5 structures store some OCTET STRING values in krb5_octet
- arrays and others in krb5_data structures
- (which use char arrays).
- From the ASN.1 point of view, the two string types are the same,
- only the receptacles differ. */
+ arrays and others in krb5_data structures
+ (which use char arrays).
+ From the ASN.1 point of view, the two string types are the same,
+ only the receptacles differ. */
asn1_error_code asn1_decode_printablestring
- (asn1buf *buf, int *retlen, char **val);
+ (asn1buf *buf, int *retlen, char **val);
asn1_error_code asn1_decode_ia5string
- (asn1buf *buf, int *retlen, char **val);
+ (asn1buf *buf, int *retlen, char **val);
asn1_error_code asn1_decode_generaltime
- (asn1buf *buf, time_t *val);
+ (asn1buf *buf, time_t *val);
#endif
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_encode.c
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
#include "asn1_make.h"
static asn1_error_code asn1_encode_integer_internal(asn1buf *buf, long val,
- unsigned int *retlen)
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length = 0;
long valcopy;
int digit;
-
+
valcopy = val;
do {
- digit = (int) (valcopy&0xFF);
- retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
- if (retval) return retval;
- length++;
- valcopy = valcopy >> 8;
+ digit = (int) (valcopy&0xFF);
+ retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+ if (retval) return retval;
+ length++;
+ valcopy = valcopy >> 8;
} while (valcopy != 0 && valcopy != ~0);
if ((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
- retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
- if (retval) return retval;
- length++;
+ retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+ if (retval) return retval;
+ length++;
} else if ((val < 0) && ((digit&0x80) != 0x80)) {
- retval = asn1buf_insert_octet(buf,0xFF);
- if (retval) return retval;
- length++;
+ retval = asn1buf_insert_octet(buf,0xFF);
+ if (retval) return retval;
+ length++;
}
}
asn1_error_code asn1_encode_integer(asn1buf * buf, long val,
- unsigned int *retlen)
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length = 0;
if (retval) return retval;
length = partlen;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
if (retval) return retval;
length += partlen;
asn1_error_code
asn1_encode_enumerated(asn1buf * buf, long val,
- unsigned int *retlen)
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length = 0;
if (retval) return retval;
length = partlen;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_ENUMERATED,length, &partlen);
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_ENUMERATED,length, &partlen);
if (retval) return retval;
length += partlen;
}
asn1_error_code asn1_encode_unsigned_integer(asn1buf *buf, unsigned long val,
- unsigned int *retlen)
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length = 0;
unsigned int partlen;
unsigned long valcopy;
int digit;
-
+
valcopy = val;
do {
- digit = (int) (valcopy&0xFF);
- retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
- if (retval) return retval;
- length++;
- valcopy = valcopy >> 8;
+ digit = (int) (valcopy&0xFF);
+ retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+ if (retval) return retval;
+ length++;
+ valcopy = valcopy >> 8;
} while (valcopy != 0 && valcopy != ~0);
- if (digit&0x80) { /* make sure the high bit is */
- retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
- if (retval) return retval;
- length++;
+ if (digit&0x80) { /* make sure the high bit is */
+ retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+ if (retval) return retval;
+ length++;
}
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
if (retval) return retval;
length += partlen;
}
asn1_error_code asn1_encode_oid(asn1buf *buf, unsigned int len,
- const asn1_octet *val,
- unsigned int *retlen)
+ const asn1_octet *val,
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length;
retval = asn1buf_insert_octetstring(buf, len, val);
if (retval) return retval;
retval = asn1_make_tag(buf, UNIVERSAL, PRIMITIVE, ASN1_OBJECTIDENTIFIER,
- len, &length);
+ len, &length);
if (retval) return retval;
*retlen = len + length;
}
asn1_error_code asn1_encode_octetstring(asn1buf *buf, unsigned int len,
- const asn1_octet *val,
- unsigned int *retlen)
+ const asn1_octet *val,
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length;
}
asn1_error_code asn1_encode_charstring(asn1buf *buf, unsigned int len,
- const char *val, unsigned int *retlen)
+ const char *val, unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length;
asn1_error_code asn1_encode_null(asn1buf *buf, int *retlen)
{
asn1_error_code retval;
-
+
retval = asn1buf_insert_octet(buf,0x00);
if (retval) return retval;
retval = asn1buf_insert_octet(buf,0x05);
}
asn1_error_code asn1_encode_printablestring(asn1buf *buf, unsigned int len,
- const char *val, int *retlen)
+ const char *val, int *retlen)
{
asn1_error_code retval;
unsigned int length;
retval = asn1buf_insert_charstring(buf,len,val);
if (retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len, &length);
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len, &length);
if (retval) return retval;
*retlen = len + length;
}
asn1_error_code asn1_encode_ia5string(asn1buf *buf, unsigned int len,
- const char *val, int *retlen)
+ const char *val, int *retlen)
{
asn1_error_code retval;
unsigned int length;
retval = asn1buf_insert_charstring(buf,len,val);
if (retval) return retval;
- retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len, &length);
+ retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len, &length);
if (retval) return retval;
*retlen = len + length;
}
asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
- unsigned int *retlen)
+ unsigned int *retlen)
{
asn1_error_code retval;
struct tm *gtime, gtimebuf;
* Time encoding: YYYYMMDDhhmmssZ
*/
if (gmt_time == 0) {
- sp = "19700101000000Z";
+ sp = "19700101000000Z";
} else {
- /*
- * Sanity check this just to be paranoid, as gmtime can return NULL,
- * and some bogus implementations might overrun on the sprintf.
- */
+ /*
+ * Sanity check this just to be paranoid, as gmtime can return NULL,
+ * and some bogus implementations might overrun on the sprintf.
+ */
#ifdef HAVE_GMTIME_R
# ifdef GMTIME_R_RETURNS_INT
- if (gmtime_r(&gmt_time, >imebuf) != 0)
- return ASN1_BAD_GMTIME;
+ if (gmtime_r(&gmt_time, >imebuf) != 0)
+ return ASN1_BAD_GMTIME;
# else
- if (gmtime_r(&gmt_time, >imebuf) == NULL)
- return ASN1_BAD_GMTIME;
+ if (gmtime_r(&gmt_time, >imebuf) == NULL)
+ return ASN1_BAD_GMTIME;
# endif
#else
- gtime = gmtime(&gmt_time);
- if (gtime == NULL)
- return ASN1_BAD_GMTIME;
- memcpy(>imebuf, gtime, sizeof(gtimebuf));
+ gtime = gmtime(&gmt_time);
+ if (gtime == NULL)
+ return ASN1_BAD_GMTIME;
+ memcpy(>imebuf, gtime, sizeof(gtimebuf));
#endif
- gtime = >imebuf;
-
- if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
- gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
- gtime->tm_min > 59 || gtime->tm_sec > 59)
- return ASN1_BAD_GMTIME;
- if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
- 1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
- gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
- >= sizeof(s))
- /* Shouldn't be possible given above tests. */
- return ASN1_BAD_GMTIME;
- sp = s;
+ gtime = >imebuf;
+
+ if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
+ gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
+ gtime->tm_min > 59 || gtime->tm_sec > 59)
+ return ASN1_BAD_GMTIME;
+ if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
+ 1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
+ gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
+ >= sizeof(s))
+ /* Shouldn't be possible given above tests. */
+ return ASN1_BAD_GMTIME;
+ sp = s;
}
retval = asn1buf_insert_charstring(buf,15,sp);
}
asn1_error_code asn1_encode_generalstring(asn1buf *buf, unsigned int len,
- const char *val,
- unsigned int *retlen)
+ const char *val,
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int length;
retval = asn1buf_insert_charstring(buf,len,val);
if (retval) return retval;
retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALSTRING,len,
- &length);
+ &length);
if (retval) return retval;
*retlen = len + length;
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_encode.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
*/
asn1_error_code asn1_encode_integer
- (asn1buf *buf, long val, unsigned int *retlen);
+ (asn1buf *buf, long val, unsigned int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
(asn1buf *buf, long val, unsigned int *retlen);
asn1_error_code asn1_encode_unsigned_integer
- (asn1buf *buf, unsigned long val,
- unsigned int *retlen);
+ (asn1buf *buf, unsigned long val,
+ unsigned int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_octetstring
- (asn1buf *buf,
- unsigned int len, const asn1_octet *val,
- unsigned int *retlen);
+ (asn1buf *buf,
+ unsigned int len, const asn1_octet *val,
+ unsigned int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_oid
- (asn1buf *buf,
- unsigned int len, const asn1_octet *val,
- unsigned int *retlen);
+ (asn1buf *buf,
+ unsigned int len, const asn1_octet *val,
+ unsigned int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_charstring
- (asn1buf *buf,
- unsigned int len, const char *val,
- unsigned int *retlen);
+ (asn1buf *buf,
+ unsigned int len, const char *val,
+ unsigned int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_null
- (asn1buf *buf, int *retlen);
+ (asn1buf *buf, int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of NULL into *buf and returns
+ effects Inserts the encoding of NULL into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_printablestring
- (asn1buf *buf,
- unsigned int len, const char *val,
- int *retlen);
+ (asn1buf *buf,
+ unsigned int len, const char *val,
+ int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_ia5string
- (asn1buf *buf,
- unsigned int len, const char *val,
- int *retlen);
+ (asn1buf *buf,
+ unsigned int len, const char *val,
+ int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
asn1_error_code asn1_encode_generaltime
- (asn1buf *buf, time_t val, unsigned int *retlen);
+ (asn1buf *buf, time_t val, unsigned int *retlen);
/* requires *buf is allocated
modifies *buf, *retlen
effects Inserts the encoding of val into *buf and returns
Note: The encoding of GeneralizedTime is YYYYMMDDhhmmZ */
asn1_error_code asn1_encode_generalstring
- (asn1buf *buf,
- unsigned int len, const char *val,
- unsigned int *retlen);
+ (asn1buf *buf,
+ unsigned int len, const char *val,
+ unsigned int *retlen);
/* requires *buf is allocated, val has a length of len characters
modifies *buf, *retlen
- effects Inserts the encoding of val into *buf and returns
+ effects Inserts the encoding of val into *buf and returns
the length of the encoding in *retlen.
Returns ENOMEM to signal an unsuccesful attempt
to expand the buffer. */
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_get.c
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
asn1_error_code retval;
if (buf == NULL || buf->base == NULL ||
- buf->bound - buf->next + 1 <= 0) {
- t->tagnum = ASN1_TAGNUM_CEILING; /* emphatically not an EOC tag */
- t->asn1class = UNIVERSAL;
- t->construction = PRIMITIVE;
- t->length = 0;
- t->indef = 0;
- return 0;
+ buf->bound - buf->next + 1 <= 0) {
+ t->tagnum = ASN1_TAGNUM_CEILING; /* emphatically not an EOC tag */
+ t->asn1class = UNIVERSAL;
+ t->construction = PRIMITIVE;
+ t->length = 0;
+ t->indef = 0;
+ return 0;
}
{
- /* asn1_get_id(buf, t) */
- asn1_tagnum tn=0;
- asn1_octet o;
+ /* asn1_get_id(buf, t) */
+ asn1_tagnum tn=0;
+ asn1_octet o;
#define ASN1_CLASS_MASK 0xC0
#define ASN1_CONSTRUCTION_MASK 0x20
#define ASN1_TAG_NUMBER_MASK 0x1F
- retval = asn1buf_remove_octet(buf,&o);
- if (retval)
- return retval;
+ retval = asn1buf_remove_octet(buf,&o);
+ if (retval)
+ return retval;
- t->asn1class = (asn1_class)(o&ASN1_CLASS_MASK);
- t->construction = (asn1_construction)(o&ASN1_CONSTRUCTION_MASK);
- if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK) {
- /* low-tag-number form */
- t->tagnum = (asn1_tagnum)(o&ASN1_TAG_NUMBER_MASK);
- } else {
- /* high-tag-number form */
- do {
- retval = asn1buf_remove_octet(buf,&o);
- if (retval) return retval;
- tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
- } while (o&0x80);
- t->tagnum = tn;
- }
+ t->asn1class = (asn1_class)(o&ASN1_CLASS_MASK);
+ t->construction = (asn1_construction)(o&ASN1_CONSTRUCTION_MASK);
+ if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK) {
+ /* low-tag-number form */
+ t->tagnum = (asn1_tagnum)(o&ASN1_TAG_NUMBER_MASK);
+ } else {
+ /* high-tag-number form */
+ do {
+ retval = asn1buf_remove_octet(buf,&o);
+ if (retval) return retval;
+ tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
+ } while (o&0x80);
+ t->tagnum = tn;
+ }
}
{
- /* asn1_get_length(buf, t) */
- asn1_octet o;
+ /* asn1_get_length(buf, t) */
+ asn1_octet o;
+
+ t->indef = 0;
+ retval = asn1buf_remove_octet(buf,&o);
+ if (retval) return retval;
+ if ((o&0x80) == 0) {
+ t->length = (int)(o&0x7F);
+ } else {
+ int num;
+ int len=0;
- t->indef = 0;
- retval = asn1buf_remove_octet(buf,&o);
- if (retval) return retval;
- if ((o&0x80) == 0) {
- t->length = (int)(o&0x7F);
- } else {
- int num;
- int len=0;
-
- for (num = (int)(o&0x7F); num>0; num--) {
- retval = asn1buf_remove_octet(buf,&o);
- if (retval) return retval;
- len = (len<<8) + (int)o;
- }
- if (len < 0)
- return ASN1_OVERRUN;
- if (!len)
- t->indef = 1;
- t->length = len;
- }
+ for (num = (int)(o&0x7F); num>0; num--) {
+ retval = asn1buf_remove_octet(buf,&o);
+ if (retval) return retval;
+ len = (len<<8) + (int)o;
+ }
+ if (len < 0)
+ return ASN1_OVERRUN;
+ if (!len)
+ t->indef = 1;
+ t->length = len;
+ }
}
if (t->indef && t->construction != CONSTRUCTED)
- return ASN1_MISMATCH_INDEF;
+ return ASN1_MISMATCH_INDEF;
return 0;
}
retval = asn1_get_tag_2(buf, &t);
if (retval)
- return retval;
+ return retval;
if (t.asn1class != UNIVERSAL || t.construction != CONSTRUCTED ||
- t.tagnum != ASN1_SEQUENCE)
- return ASN1_BAD_ID;
+ t.tagnum != ASN1_SEQUENCE)
+ return ASN1_BAD_ID;
if (retlen)
- *retlen = t.length;
+ *retlen = t.length;
if (indef)
- *indef = t.indef;
+ *indef = t.indef;
return 0;
}
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_get.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
typedef struct {
#if 1 /* Smaller run-time storage, and on x86 the compiler can use
- byte loads, stores, and compares, but on other platforms the
- compiler may need to load and widen before comparing... see
- how this works out. */
+ byte loads, stores, and compares, but on other platforms the
+ compiler may need to load and widen before comparing... see
+ how this works out. */
unsigned int asn1class : 8, construction : 8;
#else
asn1_class asn1class;
#if 0
asn1_error_code asn1_get_tag_indef
- (asn1buf *buf,
- asn1_class *Class,
- asn1_construction *construction,
- asn1_tagnum *tagnum,
- unsigned int *retlen, int *indef);
+ (asn1buf *buf,
+ asn1_class *Class,
+ asn1_construction *construction,
+ asn1_tagnum *tagnum,
+ unsigned int *retlen, int *indef);
asn1_error_code asn1_get_tag
- (asn1buf *buf,
- asn1_class *Class,
- asn1_construction *construction,
- asn1_tagnum *tagnum,
- unsigned int *retlen);
+ (asn1buf *buf,
+ asn1_class *Class,
+ asn1_construction *construction,
+ asn1_tagnum *tagnum,
+ unsigned int *retlen);
/* requires *buf is allocated
effects Decodes the tag in *buf. If class != NULL, returns
the class in *Class. Similarly, the construction,
- tag number, and length are returned in *construction,
- *tagnum, and *retlen, respectively.
- If *buf is empty to begin with,
- *tagnum is set to ASN1_TAGNUM_CEILING.
- Returns ASN1_OVERRUN if *buf is exhausted during the parse. */
+ tag number, and length are returned in *construction,
+ *tagnum, and *retlen, respectively.
+ If *buf is empty to begin with,
+ *tagnum is set to ASN1_TAGNUM_CEILING.
+ Returns ASN1_OVERRUN if *buf is exhausted during the parse. */
#endif
asn1_error_code asn1_get_sequence
- (asn1buf *buf, unsigned int *retlen, int *indef);
+ (asn1buf *buf, unsigned int *retlen, int *indef);
/* requires *buf is allocated
effects Decodes a tag from *buf and returns ASN1_BAD_ID if it
doesn't have a sequence ID. If retlen != NULL, the
- associated length is returned in *retlen. */
+ associated length is returned in *retlen. */
#endif
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_k_decode.c
- *
+ *
* Copyright 1994, 2007, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
#include "asn1_misc.h"
/* Declare useful decoder variables. */
-#define setup() \
- asn1_error_code retval; \
- asn1_class asn1class; \
- asn1_construction construction; \
- asn1_tagnum tagnum; \
+#define setup() \
+ asn1_error_code retval; \
+ asn1_class asn1class; \
+ asn1_construction construction; \
+ asn1_tagnum tagnum; \
unsigned int length, taglen
#define unused_var(x) if (0) { x = 0; x = x - x; }
/* This is used for prefetch of next tag in sequence. */
-#define next_tag() \
-{ taginfo t2; \
- retval = asn1_get_tag_2(&subbuf, &t2); \
- if (retval) return retval; \
- /* Copy out to match previous functionality, until better integrated. */ \
- asn1class = t2.asn1class; \
- construction = t2.construction; \
- tagnum = t2.tagnum; \
- taglen = t2.length; \
- indef = t2.indef; \
+#define next_tag() \
+{ taginfo t2; \
+ retval = asn1_get_tag_2(&subbuf, &t2); \
+ if (retval) return retval; \
+ /* Copy out to match previous functionality, until better integrated. */ \
+ asn1class = t2.asn1class; \
+ construction = t2.construction; \
+ tagnum = t2.tagnum; \
+ taglen = t2.length; \
+ indef = t2.indef; \
}
static asn1_error_code
retval = asn1_get_tag_2(buf, &t);
if (retval)
- return retval;
+ return retval;
if (t.asn1class != UNIVERSAL || t.tagnum || t.indef)
- return ASN1_MISSING_EOC;
+ return ASN1_MISSING_EOC;
return 0;
}
/* Force check for EOC tag. */
-#define get_eoc() \
- { \
- retval = asn1_get_eoc_tag(&subbuf); \
- if (retval) return retval; \
+#define get_eoc() \
+ { \
+ retval = asn1_get_eoc_tag(&subbuf); \
+ if (retval) return retval; \
}
-#define alloc_field(var, type) \
- var = (type*)calloc(1, sizeof(type)); \
+#define alloc_field(var, type) \
+ var = (type*)calloc(1, sizeof(type)); \
if ((var) == NULL) return ENOMEM
/* Fetch an expected APPLICATION class tag and verify. */
-#define apptag(tagexpect) \
- { \
- taginfo t1; \
- retval = asn1_get_tag_2(buf, &t1); \
- if (retval) return retval; \
- if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED || \
- t1.tagnum != (tagexpect)) return ASN1_BAD_ID; \
- /* Copy out to match previous functionality, until better integrated. */ \
- asn1class = t1.asn1class; \
- construction = t1.construction; \
- tagnum = t1.tagnum; \
- applen = t1.length; \
+#define apptag(tagexpect) \
+ { \
+ taginfo t1; \
+ retval = asn1_get_tag_2(buf, &t1); \
+ if (retval) return retval; \
+ if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED || \
+ t1.tagnum != (tagexpect)) return ASN1_BAD_ID; \
+ /* Copy out to match previous functionality, until better integrated. */ \
+ asn1class = t1.asn1class; \
+ construction = t1.construction; \
+ tagnum = t1.tagnum; \
+ applen = t1.length; \
}
/**** normal fields ****/
* get_eoc() assumes that any values fetched by this macro are
* enclosed in a context-specific tag.
*/
-#define get_field_body(var, decoder) \
- retval = decoder(&subbuf, &(var)); \
- if (retval) return retval; \
- if (!taglen && indef) { get_eoc(); } \
+#define get_field_body(var, decoder) \
+ retval = decoder(&subbuf, &(var)); \
+ if (retval) return retval; \
+ if (!taglen && indef) { get_eoc(); } \
next_tag()
/*
* that context-specific tags are monotonically increasing in its
* verification of tag numbers.
*/
-#define get_field(var, tagexpect, decoder) \
- error_if_bad_tag(tagexpect); \
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
- && (tagnum || taglen || asn1class != UNIVERSAL)) \
- return ASN1_BAD_ID; \
+#define get_field(var, tagexpect, decoder) \
+ error_if_bad_tag(tagexpect); \
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
+ && (tagnum || taglen || asn1class != UNIVERSAL)) \
+ return ASN1_BAD_ID; \
get_field_body(var,decoder)
/*
* distinguish between absent optional values and present optional
* values that happen to have the value of OPTVAL.
*/
-#define opt_field(var, tagexpect, decoder, optvalue) \
- if (asn1buf_remains(&subbuf, seqindef)) { \
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
- && (tagnum || taglen || asn1class != UNIVERSAL)) \
- return ASN1_BAD_ID; \
- if (tagnum == (tagexpect)) { \
- get_field_body(var, decoder); \
- } else var = optvalue; \
+#define opt_field(var, tagexpect, decoder, optvalue) \
+ if (asn1buf_remains(&subbuf, seqindef)) { \
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
+ && (tagnum || taglen || asn1class != UNIVERSAL)) \
+ return ASN1_BAD_ID; \
+ if (tagnum == (tagexpect)) { \
+ get_field_body(var, decoder); \
+ } else var = optvalue; \
}
-
+
/**** fields w/ length ****/
/* similar to get_field_body */
-#define get_lenfield_body(len, var, decoder) \
- retval = decoder(&subbuf, &(len), &(var)); \
- if (retval) return retval; \
- if (!taglen && indef) { get_eoc(); } \
+#define get_lenfield_body(len, var, decoder) \
+ retval = decoder(&subbuf, &(len), &(var)); \
+ if (retval) return retval; \
+ if (!taglen && indef) { get_eoc(); } \
next_tag()
/* similar to get_field_body */
-#define get_lenfield(len, var, tagexpect, decoder) \
- error_if_bad_tag(tagexpect); \
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
- && (tagnum || taglen || asn1class != UNIVERSAL)) \
- return ASN1_BAD_ID; \
+#define get_lenfield(len, var, tagexpect, decoder) \
+ error_if_bad_tag(tagexpect); \
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
+ && (tagnum || taglen || asn1class != UNIVERSAL)) \
+ return ASN1_BAD_ID; \
get_lenfield_body(len, var, decoder)
/* similar to opt_field */
-#define opt_lenfield(len, var, tagexpect, decoder) \
- if (tagnum == (tagexpect)) { \
- get_lenfield_body(len, var, decoder); \
+#define opt_lenfield(len, var, tagexpect, decoder) \
+ if (tagnum == (tagexpect)) { \
+ get_lenfield_body(len, var, decoder); \
} else { len = 0; var = 0; }
/*
* Deal with implicitly tagged fields
*/
-#define get_implicit_octet_string(len, var, tagexpect) \
- if (tagnum != (tagexpect)) return ASN1_MISSING_FIELD; \
+#define get_implicit_octet_string(len, var, tagexpect) \
+ if (tagnum != (tagexpect)) return ASN1_MISSING_FIELD; \
if (asn1class != CONTEXT_SPECIFIC || construction != PRIMITIVE) \
- return ASN1_BAD_ID; \
- retval = asn1buf_remove_octetstring(&subbuf, taglen, &(var)); \
- if (retval) return retval; \
- (len) = taglen; \
+ return ASN1_BAD_ID; \
+ retval = asn1buf_remove_octetstring(&subbuf, taglen, &(var)); \
+ if (retval) return retval; \
+ (len) = taglen; \
next_tag()
-#define opt_implicit_octet_string(len, var, tagexpect) \
- if (tagnum == (tagexpect)) { \
+#define opt_implicit_octet_string(len, var, tagexpect) \
+ if (tagnum == (tagexpect)) { \
if (asn1class != CONTEXT_SPECIFIC || construction != PRIMITIVE) \
- return ASN1_BAD_ID; \
+ return ASN1_BAD_ID; \
retval = asn1buf_remove_octetstring(&subbuf, taglen, &(var)); \
- if (retval) return retval; \
- (len) = taglen; \
- next_tag(); \
+ if (retval) return retval; \
+ (len) = taglen; \
+ next_tag(); \
} else { (len) = 0; (var) = NULL; }
/*
* to be called in an inner block that ends with a call to
* end_structure().
*/
-#define begin_structure() \
- asn1buf subbuf; \
- int seqindef; \
- int indef; \
- retval = asn1_get_sequence(buf, &length, &seqindef); \
- if (retval) return retval; \
- retval = asn1buf_imbed(&subbuf, buf, length, seqindef); \
- if (retval) return retval; \
+#define begin_structure() \
+ asn1buf subbuf; \
+ int seqindef; \
+ int indef; \
+ retval = asn1_get_sequence(buf, &length, &seqindef); \
+ if (retval) return retval; \
+ retval = asn1buf_imbed(&subbuf, buf, length, seqindef); \
+ if (retval) return retval; \
next_tag()
/*
* It is the same as begin_structure() except next_tag()
* is not called.
*/
-#define begin_structure_no_tag() \
- asn1buf subbuf; \
- int seqindef; \
- int indef; \
- retval = asn1_get_sequence(buf, &length, &seqindef); \
- if (retval) return retval; \
- retval = asn1buf_imbed(&subbuf, buf, length, seqindef); \
+#define begin_structure_no_tag() \
+ asn1buf subbuf; \
+ int seqindef; \
+ int indef; \
+ retval = asn1_get_sequence(buf, &length, &seqindef); \
+ if (retval) return retval; \
+ retval = asn1buf_imbed(&subbuf, buf, length, seqindef); \
if (retval) return retval
/* skip trailing garbage */
-#define end_structure() \
- retval = asn1buf_sync(buf, &subbuf, asn1class, tagnum, \
- length, indef, seqindef); \
+#define end_structure() \
+ retval = asn1buf_sync(buf, &subbuf, asn1class, tagnum, \
+ length, indef, seqindef); \
if (retval) return retval
/*
* to be called in an inner block that ends with a call to
* end_choice().
*/
-#define begin_choice() \
- asn1buf subbuf; \
- int seqindef; \
- int indef; \
- taginfo t; \
- retval = asn1_get_tag_2(buf, &t); \
- if (retval) return retval; \
+#define begin_choice() \
+ asn1buf subbuf; \
+ int seqindef; \
+ int indef; \
+ taginfo t; \
+ retval = asn1_get_tag_2(buf, &t); \
+ if (retval) return retval; \
tagnum = t.tagnum; \
taglen = t.length; \
indef = t.indef; \
length = t.length; \
seqindef = t.indef; \
- asn1class = t.asn1class; \
- construction = t.construction; \
- retval = asn1buf_imbed(&subbuf, buf, length, seqindef); \
+ asn1class = t.asn1class; \
+ construction = t.construction; \
+ retval = asn1buf_imbed(&subbuf, buf, length, seqindef); \
if (retval) return retval
/* skip trailing garbage */
-#define end_choice() \
- length -= t.length; \
- retval = asn1buf_sync(buf, &subbuf, t.asn1class, t.tagnum, \
- length, t.indef, seqindef); \
+#define end_choice() \
+ length -= t.length; \
+ retval = asn1buf_sync(buf, &subbuf, t.asn1class, t.tagnum, \
+ length, t.indef, seqindef); \
if (retval) return retval
/*
* meant to be called in an inner block that ends with a call to
* end_sequence_of().
*/
-#define sequence_of(buf) \
- unsigned int length, taglen; \
- asn1_class asn1class; \
- asn1_construction construction; \
- asn1_tagnum tagnum; \
- int indef; \
+#define sequence_of(buf) \
+ unsigned int length, taglen; \
+ asn1_class asn1class; \
+ asn1_construction construction; \
+ asn1_tagnum tagnum; \
+ int indef; \
sequence_of_common(buf)
/*
* sequence structure and thus declares variables of different names
* than does sequence_of() to avoid shadowing.
*/
-#define sequence_of_no_tagvars(buf) \
+#define sequence_of_no_tagvars(buf) \
sequence_of_common(buf)
/*
* and imbeds an inner buffer seqbuf. Unlike begin_structure(), it
* does not prefetch the next tag.
*/
-#define sequence_of_common(buf) \
- int size = 0; \
- asn1buf seqbuf; \
- int seqofindef; \
- retval = asn1_get_sequence(buf, &length, &seqofindef); \
- if (retval) return retval; \
- retval = asn1buf_imbed(&seqbuf, buf, length, seqofindef); \
+#define sequence_of_common(buf) \
+ int size = 0; \
+ asn1buf seqbuf; \
+ int seqofindef; \
+ retval = asn1_get_sequence(buf, &length, &seqofindef); \
+ if (retval) return retval; \
+ retval = asn1buf_imbed(&seqbuf, buf, length, seqofindef); \
if (retval) return retval
/*
* Attempts to fetch an EOC tag, if any, and to sync over trailing
* garbage, if any.
*/
-#define end_sequence_of(buf) \
- { \
- taginfo t4; \
- retval = asn1_get_tag_2(&seqbuf, &t4); \
- if (retval) return retval; \
- /* Copy out to match previous functionality, until better integrated. */ \
- asn1class = t4.asn1class; \
- construction = t4.construction; \
- tagnum = t4.tagnum; \
- taglen = t4.length; \
- indef = t4.indef; \
- } \
- retval = asn1buf_sync(buf, &seqbuf, asn1class, tagnum, \
- length, indef, seqofindef); \
+#define end_sequence_of(buf) \
+ { \
+ taginfo t4; \
+ retval = asn1_get_tag_2(&seqbuf, &t4); \
+ if (retval) return retval; \
+ /* Copy out to match previous functionality, until better integrated. */ \
+ asn1class = t4.asn1class; \
+ construction = t4.construction; \
+ tagnum = t4.tagnum; \
+ taglen = t4.length; \
+ indef = t4.indef; \
+ } \
+ retval = asn1buf_sync(buf, &seqbuf, asn1class, tagnum, \
+ length, indef, seqofindef); \
if (retval) return retval;
/*
*/
static asn1_error_code
end_sequence_of_no_tagvars_helper(asn1buf *buf, asn1buf *seqbufp,
- int seqofindef)
+ int seqofindef)
{
taginfo t;
asn1_error_code retval;
retval = asn1_get_tag_2(seqbufp, &t);
if (retval)
- return retval;
+ return retval;
retval = asn1buf_sync(buf, seqbufp, t.asn1class, t.tagnum,
- t.length, t.indef, seqofindef);
+ t.length, t.indef, seqofindef);
return retval;
}
#define end_sequence_of_no_tagvars(buf) \
end_sequence_of_no_tagvars_helper(buf, &seqbuf, seqofindef)
-#define cleanup() \
+#define cleanup() \
return 0
/* scalars */
asn1_error_code asn1_decode_kerberos_time(asn1buf *buf, krb5_timestamp *val)
{
- time_t t;
+ time_t t;
asn1_error_code retval;
-
+
retval = asn1_decode_generaltime(buf,&t);
if (retval)
- return retval;
+ return retval;
*val = t;
return 0;
{
asn1_error_code retval;
unsigned long n;
-
+
retval = asn1_decode_unsigned_integer(buf,&n);
if (retval) return retval;
-
+
*val = (krb5_msgtype) n;
return 0;
}
asn1_error_code asn1_decode_realm(asn1buf *buf, krb5_principal *val)
{
return asn1_decode_generalstring(buf,
- &((*val)->realm.length),
- &((*val)->realm.data));
+ &((*val)->realm.length),
+ &((*val)->realm.data));
}
asn1_error_code asn1_decode_principal_name(asn1buf *buf, krb5_principal *val)
{
setup();
{ begin_structure();
- get_field((*val)->type,0,asn1_decode_int32);
-
- { sequence_of_no_tagvars(&subbuf);
- while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
- size++;
- if ((*val)->data == NULL)
- (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
- else
- (*val)->data = (krb5_data*)realloc((*val)->data,
- size*sizeof(krb5_data));
- if ((*val)->data == NULL) return ENOMEM;
- retval = asn1_decode_generalstring(&seqbuf,
- &((*val)->data[size-1].length),
- &((*val)->data[size-1].data));
- if (retval) return retval;
- }
- (*val)->length = size;
- end_sequence_of_no_tagvars(&subbuf);
- }
- if (indef) {
- get_eoc();
- }
- next_tag();
- end_structure();
- (*val)->magic = KV5M_PRINCIPAL;
+ get_field((*val)->type,0,asn1_decode_int32);
+
+ { sequence_of_no_tagvars(&subbuf);
+ while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+ size++;
+ if ((*val)->data == NULL)
+ (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
+ else
+ (*val)->data = (krb5_data*)realloc((*val)->data,
+ size*sizeof(krb5_data));
+ if ((*val)->data == NULL) return ENOMEM;
+ retval = asn1_decode_generalstring(&seqbuf,
+ &((*val)->data[size-1].length),
+ &((*val)->data[size-1].data));
+ if (retval) return retval;
+ }
+ (*val)->length = size;
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ if (indef) {
+ get_eoc();
+ }
+ next_tag();
+ end_structure();
+ (*val)->magic = KV5M_PRINCIPAL;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->checksum_type,0,asn1_decode_cksumtype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_CHECKSUM;
+ get_field(val->checksum_type,0,asn1_decode_cksumtype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_CHECKSUM;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->enctype,0,asn1_decode_enctype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_KEYBLOCK;
+ get_field(val->enctype,0,asn1_decode_enctype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_KEYBLOCK;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->enctype,0,asn1_decode_enctype);
- opt_field(val->kvno,1,asn1_decode_kvno,0);
- get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_ENC_DATA;
+ get_field(val->enctype,0,asn1_decode_enctype);
+ opt_field(val->kvno,1,asn1_decode_kvno,0);
+ get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_ENC_DATA;
}
cleanup();
}
retval = asn1_get_tag_2(buf, &t);
if (retval) return retval;
if (t.asn1class != UNIVERSAL || t.construction != PRIMITIVE ||
- t.tagnum != ASN1_BITSTRING)
- return ASN1_BAD_ID;
+ t.tagnum != ASN1_BITSTRING)
+ return ASN1_BAD_ID;
length = t.length;
retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
length--;
for (i = 0; i < length; i++) {
- retval = asn1buf_remove_octet(buf,&o);
- if (retval) return retval;
- /* ignore bits past number 31 */
- if (i < 4)
- f = (f<<8) | ((krb5_flags)o&0xFF);
+ retval = asn1buf_remove_octet(buf,&o);
+ if (retval) return retval;
+ /* ignore bits past number 31 */
+ if (i < 4)
+ f = (f<<8) | ((krb5_flags)o&0xFF);
}
if (length <= 4) {
- /* Mask out unused bits, but only if necessary. */
- f &= ~(krb5_flags)0 << unused;
+ /* Mask out unused bits, but only if necessary. */
+ f &= ~(krb5_flags)0 << unused;
}
/* left-justify */
if (length < 4)
- f <<= (4 - length) * 8;
+ f <<= (4 - length) * 8;
*val = f;
return 0;
}
{
setup();
{ begin_structure();
- get_field(val->tr_type,0,asn1_decode_octet);
- get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_TRANSITED;
+ get_field(val->tr_type,0,asn1_decode_octet);
+ get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_TRANSITED;
}
cleanup();
}
{
setup();
{ begin_structure();
- alloc_field(val->session,krb5_keyblock);
- get_field(*(val->session),0,asn1_decode_encryption_key);
- get_field(val->last_req,1,asn1_decode_last_req);
- get_field(val->nonce,2,asn1_decode_int32);
- opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
- get_field(val->flags,4,asn1_decode_ticket_flags);
- get_field(val->times.authtime,5,asn1_decode_kerberos_time);
- /* Set to authtime if missing */
- opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
- get_field(val->times.endtime,7,asn1_decode_kerberos_time);
- opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
- alloc_field(val->server,krb5_principal_data);
- get_field(val->server,9,asn1_decode_realm);
- get_field(val->server,10,asn1_decode_principal_name);
- opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
- end_structure();
- val->magic = KV5M_ENC_KDC_REP_PART;
+ alloc_field(val->session,krb5_keyblock);
+ get_field(*(val->session),0,asn1_decode_encryption_key);
+ get_field(val->last_req,1,asn1_decode_last_req);
+ get_field(val->nonce,2,asn1_decode_int32);
+ opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
+ get_field(val->flags,4,asn1_decode_ticket_flags);
+ get_field(val->times.authtime,5,asn1_decode_kerberos_time);
+ /* Set to authtime if missing */
+ opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
+ get_field(val->times.endtime,7,asn1_decode_kerberos_time);
+ opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
+ alloc_field(val->server,krb5_principal_data);
+ get_field(val->server,9,asn1_decode_realm);
+ get_field(val->server,10,asn1_decode_principal_name);
+ opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
+ end_structure();
+ val->magic = KV5M_ENC_KDC_REP_PART;
}
cleanup();
}
unsigned int applen;
apptag(1);
{ begin_structure();
- { krb5_kvno vno;
- get_field(vno,0,asn1_decode_kvno);
- if (vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
- alloc_field(val->server,krb5_principal_data);
- get_field(val->server,1,asn1_decode_realm);
- get_field(val->server,2,asn1_decode_principal_name);
- get_field(val->enc_part,3,asn1_decode_encrypted_data);
- end_structure();
- val->magic = KV5M_TICKET;
+ { krb5_kvno vno;
+ get_field(vno,0,asn1_decode_kvno);
+ if (vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+ alloc_field(val->server,krb5_principal_data);
+ get_field(val->server,1,asn1_decode_realm);
+ get_field(val->server,2,asn1_decode_principal_name);
+ get_field(val->enc_part,3,asn1_decode_encrypted_data);
+ end_structure();
+ val->magic = KV5M_TICKET;
}
if (!applen) {
- taginfo t;
- retval = asn1_get_tag_2(buf, &t);
- if (retval) return retval;
+ taginfo t;
+ retval = asn1_get_tag_2(buf, &t);
+ if (retval) return retval;
}
cleanup();
}
{
setup();
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,1,asn1_decode_kvno);
- if (kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
- get_field(val->msg_type,2,asn1_decode_msgtype);
- opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
- get_field(*val,4,asn1_decode_kdc_req_body);
- end_structure();
- val->magic = KV5M_KDC_REQ;
+ { krb5_kvno kvno;
+ get_field(kvno,1,asn1_decode_kvno);
+ if (kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+ get_field(val->msg_type,2,asn1_decode_msgtype);
+ opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
+ get_field(*val,4,asn1_decode_kdc_req_body);
+ end_structure();
+ val->magic = KV5M_KDC_REQ;
}
cleanup();
}
asn1_error_code asn1_decode_kdc_req_body(asn1buf *buf, krb5_kdc_req *val)
{
setup();
- {
- krb5_principal psave;
- begin_structure();
- get_field(val->kdc_options,0,asn1_decode_kdc_options);
- if (tagnum == 1) { alloc_field(val->client,krb5_principal_data); }
- opt_field(val->client,1,asn1_decode_principal_name,NULL);
- alloc_field(val->server,krb5_principal_data);
- get_field(val->server,2,asn1_decode_realm);
- if (val->client != NULL) {
- retval = asn1_krb5_realm_copy(val->client,val->server);
- if (retval) return retval; }
-
- /* If opt_field server is missing, memory reference to server is
- lost and results in memory leak */
- psave = val->server;
- opt_field(val->server,3,asn1_decode_principal_name,NULL);
- if (val->server == NULL) {
- if (psave->realm.data) {
- free(psave->realm.data);
- psave->realm.data = NULL;
- psave->realm.length=0;
- }
- free(psave);
- }
- opt_field(val->from,4,asn1_decode_kerberos_time,0);
- get_field(val->till,5,asn1_decode_kerberos_time);
- opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
- get_field(val->nonce,7,asn1_decode_int32);
- get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
- opt_field(val->addresses,9,asn1_decode_host_addresses,0);
- if (tagnum == 10) {
- get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
- else {
- val->authorization_data.magic = KV5M_ENC_DATA;
- val->authorization_data.enctype = 0;
- val->authorization_data.kvno = 0;
- val->authorization_data.ciphertext.data = NULL;
- val->authorization_data.ciphertext.length = 0;
- }
- opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
- end_structure();
- val->magic = KV5M_KDC_REQ;
+ {
+ krb5_principal psave;
+ begin_structure();
+ get_field(val->kdc_options,0,asn1_decode_kdc_options);
+ if (tagnum == 1) { alloc_field(val->client,krb5_principal_data); }
+ opt_field(val->client,1,asn1_decode_principal_name,NULL);
+ alloc_field(val->server,krb5_principal_data);
+ get_field(val->server,2,asn1_decode_realm);
+ if (val->client != NULL) {
+ retval = asn1_krb5_realm_copy(val->client,val->server);
+ if (retval) return retval; }
+
+ /* If opt_field server is missing, memory reference to server is
+ lost and results in memory leak */
+ psave = val->server;
+ opt_field(val->server,3,asn1_decode_principal_name,NULL);
+ if (val->server == NULL) {
+ if (psave->realm.data) {
+ free(psave->realm.data);
+ psave->realm.data = NULL;
+ psave->realm.length=0;
+ }
+ free(psave);
+ }
+ opt_field(val->from,4,asn1_decode_kerberos_time,0);
+ get_field(val->till,5,asn1_decode_kerberos_time);
+ opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
+ get_field(val->nonce,7,asn1_decode_int32);
+ get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
+ opt_field(val->addresses,9,asn1_decode_host_addresses,0);
+ if (tagnum == 10) {
+ get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
+ else {
+ val->authorization_data.magic = KV5M_ENC_DATA;
+ val->authorization_data.enctype = 0;
+ val->authorization_data.kvno = 0;
+ val->authorization_data.ciphertext.data = NULL;
+ val->authorization_data.ciphertext.length = 0;
+ }
+ opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
+ end_structure();
+ val->magic = KV5M_KDC_REQ;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
- opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
- opt_field(val->usec,2,asn1_decode_int32,0);
- opt_field(val->seq_number,3,asn1_decode_seqnum,0);
- alloc_field(val->s_address,krb5_address);
- get_field(*(val->s_address),4,asn1_decode_host_address);
- if (tagnum == 5) {
- alloc_field(val->r_address,krb5_address);
- get_field(*(val->r_address),5,asn1_decode_host_address);
- } else val->r_address = NULL;
- end_structure();
- val->magic = KV5M_SAFE;
+ get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
+ opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
+ opt_field(val->usec,2,asn1_decode_int32,0);
+ opt_field(val->seq_number,3,asn1_decode_seqnum,0);
+ alloc_field(val->s_address,krb5_address);
+ get_field(*(val->s_address),4,asn1_decode_host_address);
+ if (tagnum == 5) {
+ alloc_field(val->r_address,krb5_address);
+ get_field(*(val->r_address),5,asn1_decode_host_address);
+ } else val->r_address = NULL;
+ end_structure();
+ val->magic = KV5M_SAFE;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->addrtype,0,asn1_decode_addrtype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_ADDRESS;
+ get_field(val->addrtype,0,asn1_decode_addrtype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_ADDRESS;
}
cleanup();
}
{
setup();
{ begin_structure();
- { krb5_kvno pvno;
- get_field(pvno,0,asn1_decode_kvno);
- if (pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
- get_field(val->msg_type,1,asn1_decode_msgtype);
- opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
- alloc_field(val->client,krb5_principal_data);
- get_field(val->client,3,asn1_decode_realm);
- get_field(val->client,4,asn1_decode_principal_name);
- alloc_field(val->ticket,krb5_ticket);
- get_field(*(val->ticket),5,asn1_decode_ticket);
- get_field(val->enc_part,6,asn1_decode_encrypted_data);
- end_structure();
- val->magic = KV5M_KDC_REP;
+ { krb5_kvno pvno;
+ get_field(pvno,0,asn1_decode_kvno);
+ if (pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+ get_field(val->msg_type,1,asn1_decode_msgtype);
+ opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
+ alloc_field(val->client,krb5_principal_data);
+ get_field(val->client,3,asn1_decode_realm);
+ get_field(val->client,4,asn1_decode_principal_name);
+ alloc_field(val->ticket,krb5_ticket);
+ get_field(*(val->ticket),5,asn1_decode_ticket);
+ get_field(val->enc_part,6,asn1_decode_encrypted_data);
+ end_structure();
+ val->magic = KV5M_KDC_REP;
}
cleanup();
}
#define get_element(element,decoder)\
retval = decoder(&seqbuf,element);\
if (retval) return retval
-
+
static void *
array_expand (void *array, int n_elts, size_t elt_size)
{
size_t new_size;
if (n_elts <= 0)
- return NULL;
+ return NULL;
if (n_elts > SIZE_MAX / elt_size)
- return NULL;
+ return NULL;
new_size = n_elts * elt_size;
if (new_size == 0)
- return NULL;
+ return NULL;
if (new_size / elt_size != n_elts)
- return NULL;
+ return NULL;
new_array = realloc(array, new_size);
return new_array;
}
array_append(val,size,elt,type);\
}\
if (*val == NULL)\
- *val = (type **)malloc(sizeof(type*));\
+ *val = (type **)malloc(sizeof(type*));\
(*val)[size] = NULL;\
end_sequence_of(buf);\
}\
{
setup();
{ begin_structure();
- get_field(val->ad_type,0,asn1_decode_authdatatype);
- get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_AUTHDATA;
+ get_field(val->ad_type,0,asn1_decode_authdatatype);
+ get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_AUTHDATA;
}
cleanup();
}
{
setup();
{ begin_structure();
- alloc_field(val->session,krb5_keyblock);
- get_field(*(val->session),0,asn1_decode_encryption_key);
- if (tagnum == 1) {
- alloc_field(val->client,krb5_principal_data);
- opt_field(val->client,1,asn1_decode_realm,NULL);
- opt_field(val->client,2,asn1_decode_principal_name,NULL); }
- opt_field(val->flags,3,asn1_decode_ticket_flags,0);
- opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
- opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
- opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
- opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
- if (tagnum == 8) {
- alloc_field(val->server,krb5_principal_data);
- opt_field(val->server,8,asn1_decode_realm,NULL);
- opt_field(val->server,9,asn1_decode_principal_name,NULL); }
- opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
- end_structure();
- val->magic = KV5M_CRED_INFO;
+ alloc_field(val->session,krb5_keyblock);
+ get_field(*(val->session),0,asn1_decode_encryption_key);
+ if (tagnum == 1) {
+ alloc_field(val->client,krb5_principal_data);
+ opt_field(val->client,1,asn1_decode_realm,NULL);
+ opt_field(val->client,2,asn1_decode_principal_name,NULL); }
+ opt_field(val->flags,3,asn1_decode_ticket_flags,0);
+ opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
+ opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
+ opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
+ opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
+ if (tagnum == 8) {
+ alloc_field(val->server,krb5_principal_data);
+ opt_field(val->server,8,asn1_decode_realm,NULL);
+ opt_field(val->server,9,asn1_decode_principal_name,NULL); }
+ opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
+ end_structure();
+ val->magic = KV5M_CRED_INFO;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->pa_type,1,asn1_decode_int32);
- get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
- end_structure();
- val->magic = KV5M_PA_DATA;
+ get_field(val->pa_type,1,asn1_decode_int32);
+ get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
+ end_structure();
+ val->magic = KV5M_PA_DATA;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->lr_type,0,asn1_decode_int32);
- get_field(val->value,1,asn1_decode_kerberos_time);
- end_structure();
- val->magic = KV5M_LAST_REQ_ENTRY;
+ get_field(val->lr_type,0,asn1_decode_int32);
+ get_field(val->value,1,asn1_decode_kerberos_time);
+ end_structure();
+ val->magic = KV5M_LAST_REQ_ENTRY;
#ifdef KRB5_GENEROUS_LR_TYPE
- /* If we are only a single byte wide and negative - fill in the
- other bits */
- if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
+ /* If we are only a single byte wide and negative - fill in the
+ other bits */
+ if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
#endif
}
cleanup();
{
asn1_error_code retval;
{ sequence_of(buf);
- while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
- size++;
- if (*val == NULL)
- *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
- else
- *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
- if (*val == NULL) return ENOMEM;
- retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
- if (retval) return retval;
- }
- *num = size;
- end_sequence_of(buf);
+ while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+ size++;
+ if (*val == NULL)
+ *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
+ else
+ *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
+ if (*val == NULL) return ENOMEM;
+ retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
+ if (retval) return retval;
+ }
+ *num = size;
+ end_sequence_of(buf);
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->etype,0,asn1_decode_enctype);
- if (tagnum == 1) {
- char *salt;
- get_lenfield(val->length,salt,1,asn1_decode_generalstring);
- val->salt = (krb5_octet *) salt;
- } else {
- val->length = KRB5_ETYPE_NO_SALT;
- val->salt = 0;
- }
- if ( tagnum ==2) {
- krb5_octet *params ;
- get_lenfield( val->s2kparams.length, params,
- 2, asn1_decode_octetstring);
- val->s2kparams.data = ( char *) params;
- } else {
- val->s2kparams.data = NULL;
- val->s2kparams.length = 0;
- }
- end_structure();
- val->magic = KV5M_ETYPE_INFO_ENTRY;
+ get_field(val->etype,0,asn1_decode_enctype);
+ if (tagnum == 1) {
+ char *salt;
+ get_lenfield(val->length,salt,1,asn1_decode_generalstring);
+ val->salt = (krb5_octet *) salt;
+ } else {
+ val->length = KRB5_ETYPE_NO_SALT;
+ val->salt = 0;
+ }
+ if ( tagnum ==2) {
+ krb5_octet *params ;
+ get_lenfield( val->s2kparams.length, params,
+ 2, asn1_decode_octetstring);
+ val->s2kparams.data = ( char *) params;
+ } else {
+ val->s2kparams.data = NULL;
+ val->s2kparams.length = 0;
+ }
+ end_structure();
+ val->magic = KV5M_ETYPE_INFO_ENTRY;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->etype,0,asn1_decode_enctype);
- if (tagnum == 1) {
- get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
- } else {
- val->length = KRB5_ETYPE_NO_SALT;
- val->salt = 0;
- }
- if ( tagnum ==2) {
- krb5_octet *params ;
- get_lenfield( val->s2kparams.length, params,
- 2, asn1_decode_octetstring);
- val->s2kparams.data = ( char *) params;
- } else {
- val->s2kparams.data = NULL;
- val->s2kparams.length = 0;
- }
- end_structure();
- val->magic = KV5M_ETYPE_INFO_ENTRY;
+ get_field(val->etype,0,asn1_decode_enctype);
+ if (tagnum == 1) {
+ get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
+ } else {
+ val->length = KRB5_ETYPE_NO_SALT;
+ val->salt = 0;
+ }
+ if ( tagnum ==2) {
+ krb5_octet *params ;
+ get_lenfield( val->s2kparams.length, params,
+ 2, asn1_decode_octetstring);
+ val->s2kparams.data = ( char *) params;
+ } else {
+ val->s2kparams.data = NULL;
+ val->s2kparams.length = 0;
+ }
+ end_structure();
+ val->magic = KV5M_ETYPE_INFO_ENTRY;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->etype,0,asn1_decode_enctype);
- if (tagnum == 1) {
- get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
- } else {
- val->length = KRB5_ETYPE_NO_SALT;
- val->salt = 0;
- }
- val->s2kparams.data = NULL;
- val->s2kparams.length = 0;
-
- end_structure();
- val->magic = KV5M_ETYPE_INFO_ENTRY;
+ get_field(val->etype,0,asn1_decode_enctype);
+ if (tagnum == 1) {
+ get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
+ } else {
+ val->length = KRB5_ETYPE_NO_SALT;
+ val->salt = 0;
+ }
+ val->s2kparams.data = NULL;
+ val->s2kparams.length = 0;
+
+ end_structure();
+ val->magic = KV5M_ETYPE_INFO_ENTRY;
}
cleanup();
}
}
asn1_error_code asn1_decode_etype_info2(asn1buf *buf, krb5_etype_info_entry ***val ,
- krb5_boolean v1_3_behavior)
+ krb5_boolean v1_3_behavior)
{
if (v1_3_behavior) {
- decode_array_body(krb5_etype_info_entry,
- asn1_decode_etype_info2_entry_1_3);
+ decode_array_body(krb5_etype_info_entry,
+ asn1_decode_etype_info2_entry_1_3);
} else {
- decode_array_body(krb5_etype_info_entry,
- asn1_decode_etype_info2_entry);
+ decode_array_body(krb5_etype_info_entry,
+ asn1_decode_etype_info2_entry);
}
}
{
setup();
{ begin_structure();
- alloc_field(val->passwd,krb5_data);
- get_lenfield(val->passwd->length,val->passwd->data,
- 0,asn1_decode_charstring);
- val->passwd->magic = KV5M_DATA;
- alloc_field(val->phrase,krb5_data);
- get_lenfield(val->phrase->length,val->phrase->data,
- 1,asn1_decode_charstring);
- val->phrase->magic = KV5M_DATA;
- end_structure();
- val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
+ alloc_field(val->passwd,krb5_data);
+ get_lenfield(val->passwd->length,val->passwd->data,
+ 0,asn1_decode_charstring);
+ val->passwd->magic = KV5M_DATA;
+ alloc_field(val->phrase,krb5_data);
+ get_lenfield(val->phrase->length,val->phrase->data,
+ 1,asn1_decode_charstring);
+ val->phrase->magic = KV5M_DATA;
+ end_structure();
+ val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_type_name,2,asn1_decode_charstring);
- opt_string(val->sam_track_id,3,asn1_decode_charstring);
- opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
- opt_string(val->sam_challenge,5,asn1_decode_charstring);
- opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
- opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
- opt_field(val->sam_nonce,8,asn1_decode_int32,0);
- opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
- end_structure();
- val->magic = KV5M_SAM_CHALLENGE;
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_type_name,2,asn1_decode_charstring);
+ opt_string(val->sam_track_id,3,asn1_decode_charstring);
+ opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+ opt_string(val->sam_challenge,5,asn1_decode_charstring);
+ opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+ opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+ opt_field(val->sam_nonce,8,asn1_decode_int32,0);
+ opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
+ end_structure();
+ val->magic = KV5M_SAM_CHALLENGE;
}
cleanup();
}
{
setup();
{ char *save, *end;
- size_t alloclen;
- begin_structure();
- if (tagnum != 0) return ASN1_MISSING_FIELD;
- if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
- return ASN1_BAD_ID;
- save = subbuf.next;
- { sequence_of_no_tagvars(&subbuf);
- unused_var(size);
- end_sequence_of_no_tagvars(&subbuf);
- }
- end = subbuf.next;
- alloclen = end - save;
- if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
- return ENOMEM;
- val->sam_challenge_2_body.length = alloclen;
- memcpy(val->sam_challenge_2_body.data, save, alloclen);
- next_tag();
- get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
- end_structure();
+ size_t alloclen;
+ begin_structure();
+ if (tagnum != 0) return ASN1_MISSING_FIELD;
+ if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+ return ASN1_BAD_ID;
+ save = subbuf.next;
+ { sequence_of_no_tagvars(&subbuf);
+ unused_var(size);
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ end = subbuf.next;
+ alloclen = end - save;
+ if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
+ return ENOMEM;
+ val->sam_challenge_2_body.length = alloclen;
+ memcpy(val->sam_challenge_2_body.data, save, alloclen);
+ next_tag();
+ get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_type_name,2,asn1_decode_charstring);
- opt_string(val->sam_track_id,3,asn1_decode_charstring);
- opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
- opt_string(val->sam_challenge,5,asn1_decode_charstring);
- opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
- opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
- get_field(val->sam_nonce,8,asn1_decode_int32);
- get_field(val->sam_etype, 9, asn1_decode_int32);
- end_structure();
- val->magic = KV5M_SAM_CHALLENGE;
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_type_name,2,asn1_decode_charstring);
+ opt_string(val->sam_track_id,3,asn1_decode_charstring);
+ opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+ opt_string(val->sam_challenge,5,asn1_decode_charstring);
+ opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+ opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+ get_field(val->sam_nonce,8,asn1_decode_int32);
+ get_field(val->sam_etype, 9, asn1_decode_int32);
+ end_structure();
+ val->magic = KV5M_SAM_CHALLENGE;
}
cleanup();
}
{
setup();
{ begin_structure();
- /* alloc_field(val->sam_key,krb5_keyblock); */
- get_field(val->sam_key,0,asn1_decode_encryption_key);
- end_structure();
- val->magic = KV5M_SAM_KEY;
+ /* alloc_field(val->sam_key,krb5_keyblock); */
+ get_field(val->sam_key,0,asn1_decode_encryption_key);
+ end_structure();
+ val->magic = KV5M_SAM_KEY;
}
cleanup();
}
{
setup();
{ begin_structure();
- opt_field(val->sam_nonce,0,asn1_decode_int32,0);
- opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
- opt_field(val->sam_usec,2,asn1_decode_int32,0);
- opt_string(val->sam_sad,3,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
+ opt_field(val->sam_nonce,0,asn1_decode_int32,0);
+ opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
+ opt_field(val->sam_usec,2,asn1_decode_int32,0);
+ opt_string(val->sam_sad,3,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->sam_nonce,0,asn1_decode_int32);
- opt_string(val->sam_sad,1,asn1_decode_charstring);
- end_structure();
- val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
+ get_field(val->sam_nonce,0,asn1_decode_int32);
+ opt_string(val->sam_sad,1,asn1_decode_charstring);
+ end_structure();
+ val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_track_id,2,asn1_decode_charstring);
- opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
- get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
- opt_field(val->sam_nonce,5,asn1_decode_int32,0);
- opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
- end_structure();
- val->magic = KV5M_SAM_RESPONSE;
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_track_id,2,asn1_decode_charstring);
+ opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
+ get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
+ opt_field(val->sam_nonce,5,asn1_decode_int32,0);
+ opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
+ end_structure();
+ val->magic = KV5M_SAM_RESPONSE;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->sam_type,0,asn1_decode_int32);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- opt_string(val->sam_track_id,2,asn1_decode_charstring);
- get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
- get_field(val->sam_nonce,4,asn1_decode_int32);
- end_structure();
- val->magic = KV5M_SAM_RESPONSE;
+ get_field(val->sam_type,0,asn1_decode_int32);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ opt_string(val->sam_track_id,2,asn1_decode_charstring);
+ get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
+ get_field(val->sam_nonce,4,asn1_decode_int32);
+ end_structure();
+ val->magic = KV5M_SAM_RESPONSE;
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->sam_key,0,asn1_decode_encryption_key);
- get_field(val->sam_flags,1,asn1_decode_sam_flags);
- get_field(val->stime,2,asn1_decode_kerberos_time);
- get_field(val->susec,3,asn1_decode_int32);
- alloc_field(val->client,krb5_principal_data);
- get_field(val->client,4,asn1_decode_realm);
- get_field(val->client,5,asn1_decode_principal_name);
- opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
- end_structure();
- val->magic = KV5M_PREDICTED_SAM_RESPONSE;
+ get_field(val->sam_key,0,asn1_decode_encryption_key);
+ get_field(val->sam_flags,1,asn1_decode_sam_flags);
+ get_field(val->stime,2,asn1_decode_kerberos_time);
+ get_field(val->susec,3,asn1_decode_int32);
+ alloc_field(val->client,krb5_principal_data);
+ get_field(val->client,4,asn1_decode_realm);
+ get_field(val->client,5,asn1_decode_principal_name);
+ opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
+ end_structure();
+ val->magic = KV5M_PREDICTED_SAM_RESPONSE;
}
cleanup();
}
{
setup();
{
- begin_structure();
- opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
- opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
- opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
- end_structure();
+ begin_structure();
+ opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
+ opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
+ opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
+ end_structure();
}
cleanup();
}
{
setup();
{
- begin_structure();
- get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
- opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
- opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
- end_structure();
+ begin_structure();
+ get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+ opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
+ opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
+ end_structure();
}
cleanup();
}
-#if 0 /* XXX This needs to be tested!!! XXX */
+#if 0 /* XXX This needs to be tested!!! XXX */
asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
{
setup();
- {
- char *start, *end;
- size_t alloclen;
-
- begin_explicit_choice();
- if (t.tagnum == choice_trusted_cas_principalName) {
- val->choice = choice_trusted_cas_principalName;
- } else if (t.tagnum == choice_trusted_cas_caName) {
- val->choice = choice_trusted_cas_caName;
- start = subbuf.next;
- {
- sequence_of_no_tagvars(&subbuf);
- unused_var(size);
- end_sequence_of_no_tagvars(&subbuf);
- }
- end = subbuf.next;
- alloclen = end - start;
- val->u.caName.data = malloc(alloclen);
- if (val->u.caName.data == NULL)
- return ENOMEM;
- memcpy(val->u.caName.data, start, alloclen);
- val->u.caName.length = alloclen;
- next_tag();
- } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
- val->choice = choice_trusted_cas_issuerAndSerial;
- start = subbuf.next;
- {
- sequence_of_no_tagvars(&subbuf);
- unused_var(size);
- end_sequence_of_no_tagvars(&subbuf);
- }
- end = subbuf.next;
- alloclen = end - start;
- val->u.issuerAndSerial.data = malloc(alloclen);
- if (val->u.issuerAndSerial.data == NULL)
- return ENOMEM;
- memcpy(val->u.issuerAndSerial.data, start, alloclen);
- val->u.issuerAndSerial.length = alloclen;
- next_tag();
- } else return ASN1_BAD_ID;
- end_explicit_choice();
+ {
+ char *start, *end;
+ size_t alloclen;
+
+ begin_explicit_choice();
+ if (t.tagnum == choice_trusted_cas_principalName) {
+ val->choice = choice_trusted_cas_principalName;
+ } else if (t.tagnum == choice_trusted_cas_caName) {
+ val->choice = choice_trusted_cas_caName;
+ start = subbuf.next;
+ {
+ sequence_of_no_tagvars(&subbuf);
+ unused_var(size);
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ end = subbuf.next;
+ alloclen = end - start;
+ val->u.caName.data = malloc(alloclen);
+ if (val->u.caName.data == NULL)
+ return ENOMEM;
+ memcpy(val->u.caName.data, start, alloclen);
+ val->u.caName.length = alloclen;
+ next_tag();
+ } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
+ val->choice = choice_trusted_cas_issuerAndSerial;
+ start = subbuf.next;
+ {
+ sequence_of_no_tagvars(&subbuf);
+ unused_var(size);
+ end_sequence_of_no_tagvars(&subbuf);
+ }
+ end = subbuf.next;
+ alloclen = end - start;
+ val->u.issuerAndSerial.data = malloc(alloclen);
+ if (val->u.issuerAndSerial.data == NULL)
+ return ENOMEM;
+ memcpy(val->u.issuerAndSerial.data, start, alloclen);
+ val->u.issuerAndSerial.length = alloclen;
+ next_tag();
+ } else return ASN1_BAD_ID;
+ end_explicit_choice();
}
cleanup();
}
{
setup();
{ begin_choice();
- if (tagnum == choice_trusted_cas_principalName) {
- val->choice = choice_trusted_cas_principalName;
- asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
- } else if (tagnum == choice_trusted_cas_caName) {
- val->choice = choice_trusted_cas_caName;
- get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
- } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
- val->choice = choice_trusted_cas_issuerAndSerial;
- get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
- choice_trusted_cas_issuerAndSerial);
- } else return ASN1_BAD_ID;
- end_choice();
+ if (tagnum == choice_trusted_cas_principalName) {
+ val->choice = choice_trusted_cas_principalName;
+ asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
+ } else if (tagnum == choice_trusted_cas_caName) {
+ val->choice = choice_trusted_cas_caName;
+ get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
+ } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
+ val->choice = choice_trusted_cas_issuerAndSerial;
+ get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
+ choice_trusted_cas_issuerAndSerial);
+ } else return ASN1_BAD_ID;
+ end_choice();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
- opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
- opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
- opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
- end_structure();
+ get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+ opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
+ opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
+ opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
+ get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
- opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
- end_structure();
+ opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->cusec, 0, asn1_decode_int32);
- get_field(val->ctime, 1, asn1_decode_kerberos_time);
- get_field(val->nonce, 2, asn1_decode_int32);
- opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
- end_structure();
+ get_field(val->cusec, 0, asn1_decode_int32);
+ get_field(val->ctime, 1, asn1_decode_kerberos_time);
+ get_field(val->nonce, 2, asn1_decode_int32);
+ opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- alloc_field(val->kdcName,krb5_principal_data);
- get_field(val->kdcName, 0, asn1_decode_principal_name);
- get_field(val->kdcName, 1, asn1_decode_realm);
- get_field(val->cusec, 2, asn1_decode_int32);
- get_field(val->ctime, 3, asn1_decode_kerberos_time);
- get_field(val->nonce, 4, asn1_decode_int32);
- end_structure();
+ alloc_field(val->kdcName,krb5_principal_data);
+ get_field(val->kdcName, 0, asn1_decode_principal_name);
+ get_field(val->kdcName, 1, asn1_decode_realm);
+ get_field(val->cusec, 2, asn1_decode_int32);
+ get_field(val->ctime, 3, asn1_decode_kerberos_time);
+ get_field(val->nonce, 4, asn1_decode_int32);
+ end_structure();
}
cleanup();
}
setup();
{ begin_structure_no_tag();
- /*
- * Forbid indefinite encoding because we don't read enough tag
- * information from the trailing octets ("ANY DEFINED BY") to
- * synchronize EOC tags, etc.
- */
- if (seqindef) return ASN1_BAD_FORMAT;
- /*
- * Set up tag variables because we don't actually call anything
- * that fetches tag info for us; it's all buried in the decoder
- * primitives.
- */
- tagnum = ASN1_TAGNUM_CEILING;
- asn1class = UNIVERSAL;
- construction = PRIMITIVE;
- taglen = 0;
- indef = 0;
- retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
- &val->algorithm.data);
- if (retval) return retval;
- val->parameters.length = 0;
- val->parameters.data = NULL;
-
- if (length > subbuf.next - subbuf.base) {
- unsigned int size = length - (subbuf.next - subbuf.base);
- retval = asn1buf_remove_octetstring(&subbuf, size,
- &val->parameters.data);
- if (retval) return retval;
- val->parameters.length = size;
- }
-
- end_structure();
+ /*
+ * Forbid indefinite encoding because we don't read enough tag
+ * information from the trailing octets ("ANY DEFINED BY") to
+ * synchronize EOC tags, etc.
+ */
+ if (seqindef) return ASN1_BAD_FORMAT;
+ /*
+ * Set up tag variables because we don't actually call anything
+ * that fetches tag info for us; it's all buried in the decoder
+ * primitives.
+ */
+ tagnum = ASN1_TAGNUM_CEILING;
+ asn1class = UNIVERSAL;
+ construction = PRIMITIVE;
+ taglen = 0;
+ indef = 0;
+ retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
+ &val->algorithm.data);
+ if (retval) return retval;
+ val->parameters.length = 0;
+ val->parameters.data = NULL;
+
+ if (length > subbuf.next - subbuf.base) {
+ unsigned int size = length - (subbuf.next - subbuf.base);
+ retval = asn1buf_remove_octetstring(&subbuf, size,
+ &val->parameters.data);
+ if (retval) return retval;
+ val->parameters.length = size;
+ }
+
+ end_structure();
}
- cleanup();
+ cleanup();
}
asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *val)
setup();
{ begin_structure_no_tag();
- retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
- if (retval) return retval;
-
- /* SubjectPublicKey encoded as a BIT STRING */
- next_tag();
- if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
- tagnum != ASN1_BITSTRING)
- return ASN1_BAD_ID;
-
- retval = asn1buf_remove_octet(&subbuf, &unused);
- if (retval) return retval;
-
- /* Number of unused bits must be between 0 and 7. */
- /* What to do if unused is not zero? */
- if (unused > 7) return ASN1_BAD_FORMAT;
- taglen--;
-
- val->subjectPublicKey.length = 0;
- val->subjectPublicKey.data = NULL;
- retval = asn1buf_remove_octetstring(&subbuf, taglen,
- &val->subjectPublicKey.data);
- if (retval) return retval;
- val->subjectPublicKey.length = taglen;
- /*
- * We didn't call any macro that does next_tag(); do so now to
- * preload tag of any trailing encodings.
- */
- next_tag();
- end_structure();
+ retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
+ if (retval) return retval;
+
+ /* SubjectPublicKey encoded as a BIT STRING */
+ next_tag();
+ if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
+ tagnum != ASN1_BITSTRING)
+ return ASN1_BAD_ID;
+
+ retval = asn1buf_remove_octet(&subbuf, &unused);
+ if (retval) return retval;
+
+ /* Number of unused bits must be between 0 and 7. */
+ /* What to do if unused is not zero? */
+ if (unused > 7) return ASN1_BAD_FORMAT;
+ taglen--;
+
+ val->subjectPublicKey.length = 0;
+ val->subjectPublicKey.data = NULL;
+ retval = asn1buf_remove_octetstring(&subbuf, taglen,
+ &val->subjectPublicKey.data);
+ if (retval) return retval;
+ val->subjectPublicKey.length = taglen;
+ /*
+ * We didn't call any macro that does next_tag(); do so now to
+ * preload tag of any trailing encodings.
+ */
+ next_tag();
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
- if (retval) return retval;
- val->subjectPublicKey.length = taglen;
- next_tag();
- get_field(val->nonce, 1, asn1_decode_int32);
- opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
- end_structure();
+ retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
+ if (retval) return retval;
+ val->subjectPublicKey.length = taglen;
+ next_tag();
+ get_field(val->nonce, 1, asn1_decode_int32);
+ opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->replyKey, 0, asn1_decode_encryption_key);
- get_field(val->asChecksum, 1, asn1_decode_checksum);
- end_structure();
+ get_field(val->replyKey, 0, asn1_decode_encryption_key);
+ get_field(val->asChecksum, 1, asn1_decode_checksum);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->replyKey, 0, asn1_decode_encryption_key);
- get_field(val->nonce, 1, asn1_decode_int32);
- end_structure();
+ get_field(val->replyKey, 0, asn1_decode_encryption_key);
+ get_field(val->nonce, 1, asn1_decode_int32);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(*val, 0, asn1_decode_realm);
- get_field(*val, 1, asn1_decode_principal_name);
- end_structure();
+ get_field(*val, 0, asn1_decode_realm);
+ get_field(*val, 1, asn1_decode_principal_name);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
- if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }
- /* can't call opt_field because it does decoder(&subbuf, &(val)); */
- if (asn1buf_remains(&subbuf, seqindef)) {
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
- && (tagnum || taglen || asn1class != UNIVERSAL))
- return ASN1_BAD_ID;
- if (tagnum == 1) {
- retval = asn1_decode_subject_pk_info(&subbuf,
- val->clientPublicValue);
- if (!taglen && indef) { get_eoc(); }
- next_tag();
- } else val->clientPublicValue = NULL;
- }
- /* can't call opt_field because it does decoder(&subbuf, &(val)); */
- if (asn1buf_remains(&subbuf, seqindef)) {
- if (tagnum == 2) {
- asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
- if (!taglen && indef) { get_eoc(); }
- next_tag();
- } else val->supportedCMSTypes = NULL;
- }
- opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
- end_structure();
+ get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
+ if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }
+ /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+ if (asn1buf_remains(&subbuf, seqindef)) {
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+ && (tagnum || taglen || asn1class != UNIVERSAL))
+ return ASN1_BAD_ID;
+ if (tagnum == 1) {
+ retval = asn1_decode_subject_pk_info(&subbuf,
+ val->clientPublicValue);
+ if (!taglen && indef) { get_eoc(); }
+ next_tag();
+ } else val->clientPublicValue = NULL;
+ }
+ /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+ if (asn1buf_remains(&subbuf, seqindef)) {
+ if (tagnum == 2) {
+ asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
+ if (!taglen && indef) { get_eoc(); }
+ next_tag();
+ } else val->supportedCMSTypes = NULL;
+ }
+ opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_structure();
- get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
- if (tagnum == 1) {
- alloc_field(val->clientPublicValue, krb5_subject_pk_info);
- /* can't call opt_field because it does decoder(&subbuf, &(val)); */
- if (asn1buf_remains(&subbuf, seqindef)) {
- if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
- && (tagnum || taglen || asn1class != UNIVERSAL))
- return ASN1_BAD_ID;
- if (tagnum == 1) {
- retval = asn1_decode_subject_pk_info(&subbuf,
- val->clientPublicValue);
- if (!taglen && indef) { get_eoc(); }
- next_tag();
- } else val->clientPublicValue = NULL;
- }
- }
- end_structure();
+ get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
+ if (tagnum == 1) {
+ alloc_field(val->clientPublicValue, krb5_subject_pk_info);
+ /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+ if (asn1buf_remains(&subbuf, seqindef)) {
+ if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+ && (tagnum || taglen || asn1class != UNIVERSAL))
+ return ASN1_BAD_ID;
+ if (tagnum == 1) {
+ retval = asn1_decode_subject_pk_info(&subbuf,
+ val->clientPublicValue);
+ if (!taglen && indef) { get_eoc(); }
+ next_tag();
+ } else val->clientPublicValue = NULL;
+ }
+ }
+ end_structure();
}
cleanup();
}
{
setup();
{ begin_choice();
- if (tagnum == choice_pa_pk_as_rep_dhInfo) {
- val->choice = choice_pa_pk_as_rep_dhInfo;
- get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
- } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
- val->choice = choice_pa_pk_as_rep_encKeyPack;
- get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
- choice_pa_pk_as_rep_encKeyPack);
- } else {
- val->choice = choice_pa_pk_as_rep_UNKNOWN;
- }
- end_choice();
+ if (tagnum == choice_pa_pk_as_rep_dhInfo) {
+ val->choice = choice_pa_pk_as_rep_dhInfo;
+ get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
+ } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
+ val->choice = choice_pa_pk_as_rep_encKeyPack;
+ get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
+ choice_pa_pk_as_rep_encKeyPack);
+ } else {
+ val->choice = choice_pa_pk_as_rep_UNKNOWN;
+ }
+ end_choice();
}
cleanup();
}
{
setup();
{ begin_structure();
- if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
- val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
- get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
- choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
- } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
- val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
- get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
- choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
- } else {
- val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
- }
- end_structure();
+ if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
+ val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
+ get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
+ choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
+ } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
+ val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
+ get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
+ choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
+ } else {
+ val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
+ }
+ end_structure();
}
cleanup();
}
decode_array_body(krb5_typed_data,asn1_decode_typed_data);
}
-asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val)
+asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val)
{
setup();
{ begin_structure();
- get_field(val->type,0,asn1_decode_int32);
- get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
- end_structure();
+ get_field(val->type,0,asn1_decode_int32);
+ get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
+ end_structure();
}
cleanup();
}
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_k_decode.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
/* asn1_error_code asn1_decode_scalar_type(asn1buf *buf, krb5_scalar *val); */
/* requires *buf is allocated, *buf's current position points to the
beginning of an encoding (<id> <len> <contents>),
- *val is allocated
+ *val is allocated
effects Decodes the encoding in *buf, returning the result in *val.
Returns ASN1_BAD_ID if the encoded id does not
- indicate the proper type.
+ indicate the proper type.
Returns ASN1_OVERRUN if the encoded length exceeds
- the bounds of *buf */
+ the bounds of *buf */
/* asn1_error_code asn1_decode_structure_type(asn1buf *buf,
krb5_structure *val); */
/* requires *buf is allocated, *buf's current position points to the
beginning of an encoding (<id> <len> <contents>),
- *val is allocated
- Assumes that *val is a freshly-allocated structure (i.e.
- does not attempt to clean up or free *val).
+ *val is allocated
+ Assumes that *val is a freshly-allocated structure (i.e.
+ does not attempt to clean up or free *val).
effects Decodes the encoding in *buf, returning the result in *val.
Returns ASN1_BAD_ID if the encoded id does not
- indicate the proper type.
+ indicate the proper type.
Returns ASN1_OVERRUN if the encoded length exceeds
- the bounds of *buf */
+ the bounds of *buf */
/* asn1_error_code asn1_decode_array_type(asn1buf *buf, krb5_scalar ***val); */
/* requires *buf is allocated, *buf's current position points to the
beginning of an encoding (<id> <len> <contents>)
- Assumes that *val is empty (i.e. does not attempt to
- clean up or free *val).
+ Assumes that *val is empty (i.e. does not attempt to
+ clean up or free *val).
effects Decodes the encoding in *buf, returning the result in *val.
Returns ASN1_BAD_ID if the encoded id does not
- indicate the proper type.
+ indicate the proper type.
Returns ASN1_OVERRUN if the encoded length exceeds
- the bounds of *buf */
+ the bounds of *buf */
/* scalars */
asn1_error_code asn1_decode_int
- (asn1buf *buf, int *val);
+ (asn1buf *buf, int *val);
asn1_error_code asn1_decode_int32
- (asn1buf *buf, krb5_int32 *val);
+ (asn1buf *buf, krb5_int32 *val);
asn1_error_code asn1_decode_kvno
- (asn1buf *buf, krb5_kvno *val);
+ (asn1buf *buf, krb5_kvno *val);
asn1_error_code asn1_decode_enctype
- (asn1buf *buf, krb5_enctype *val);
+ (asn1buf *buf, krb5_enctype *val);
asn1_error_code asn1_decode_msgtype
- (asn1buf *buf, krb5_msgtype *val);
+ (asn1buf *buf, krb5_msgtype *val);
asn1_error_code asn1_decode_cksumtype
- (asn1buf *buf, krb5_cksumtype *val);
+ (asn1buf *buf, krb5_cksumtype *val);
asn1_error_code asn1_decode_octet
- (asn1buf *buf, krb5_octet *val);
+ (asn1buf *buf, krb5_octet *val);
asn1_error_code asn1_decode_addrtype
- (asn1buf *buf, krb5_addrtype *val);
+ (asn1buf *buf, krb5_addrtype *val);
asn1_error_code asn1_decode_authdatatype
- (asn1buf *buf, krb5_authdatatype *val);
+ (asn1buf *buf, krb5_authdatatype *val);
asn1_error_code asn1_decode_ui_2
- (asn1buf *buf, krb5_ui_2 *val);
+ (asn1buf *buf, krb5_ui_2 *val);
asn1_error_code asn1_decode_ui_4
- (asn1buf *buf, krb5_ui_4 *val);
+ (asn1buf *buf, krb5_ui_4 *val);
asn1_error_code asn1_decode_seqnum
- (asn1buf *buf, krb5_ui_4 *val);
+ (asn1buf *buf, krb5_ui_4 *val);
asn1_error_code asn1_decode_kerberos_time
- (asn1buf *buf, krb5_timestamp *val);
+ (asn1buf *buf, krb5_timestamp *val);
asn1_error_code asn1_decode_sam_flags
- (asn1buf *buf, krb5_flags *val);
+ (asn1buf *buf, krb5_flags *val);
/* structures */
asn1_error_code asn1_decode_realm
- (asn1buf *buf, krb5_principal *val);
+ (asn1buf *buf, krb5_principal *val);
asn1_error_code asn1_decode_principal_name
- (asn1buf *buf, krb5_principal *val);
+ (asn1buf *buf, krb5_principal *val);
asn1_error_code asn1_decode_checksum
- (asn1buf *buf, krb5_checksum *val);
+ (asn1buf *buf, krb5_checksum *val);
asn1_error_code asn1_decode_encryption_key
- (asn1buf *buf, krb5_keyblock *val);
+ (asn1buf *buf, krb5_keyblock *val);
asn1_error_code asn1_decode_encrypted_data
- (asn1buf *buf, krb5_enc_data *val);
+ (asn1buf *buf, krb5_enc_data *val);
asn1_error_code asn1_decode_ticket_flags
- (asn1buf *buf, krb5_flags *val);
+ (asn1buf *buf, krb5_flags *val);
asn1_error_code asn1_decode_transited_encoding
- (asn1buf *buf, krb5_transited *val);
+ (asn1buf *buf, krb5_transited *val);
asn1_error_code asn1_decode_enc_kdc_rep_part
- (asn1buf *buf, krb5_enc_kdc_rep_part *val);
+ (asn1buf *buf, krb5_enc_kdc_rep_part *val);
asn1_error_code asn1_decode_krb5_flags
- (asn1buf *buf, krb5_flags *val);
+ (asn1buf *buf, krb5_flags *val);
asn1_error_code asn1_decode_ap_options
- (asn1buf *buf, krb5_flags *val);
+ (asn1buf *buf, krb5_flags *val);
asn1_error_code asn1_decode_kdc_options
- (asn1buf *buf, krb5_flags *val);
+ (asn1buf *buf, krb5_flags *val);
asn1_error_code asn1_decode_ticket
- (asn1buf *buf, krb5_ticket *val);
+ (asn1buf *buf, krb5_ticket *val);
asn1_error_code asn1_decode_kdc_req
- (asn1buf *buf, krb5_kdc_req *val);
+ (asn1buf *buf, krb5_kdc_req *val);
asn1_error_code asn1_decode_kdc_req_body
- (asn1buf *buf, krb5_kdc_req *val);
+ (asn1buf *buf, krb5_kdc_req *val);
asn1_error_code asn1_decode_krb_safe_body
- (asn1buf *buf, krb5_safe *val);
+ (asn1buf *buf, krb5_safe *val);
asn1_error_code asn1_decode_host_address
- (asn1buf *buf, krb5_address *val);
+ (asn1buf *buf, krb5_address *val);
asn1_error_code asn1_decode_kdc_rep
- (asn1buf *buf, krb5_kdc_rep *val);
+ (asn1buf *buf, krb5_kdc_rep *val);
asn1_error_code asn1_decode_last_req_entry
- (asn1buf *buf, krb5_last_req_entry *val);
+ (asn1buf *buf, krb5_last_req_entry *val);
asn1_error_code asn1_decode_authdata_elt
- (asn1buf *buf, krb5_authdata *val);
+ (asn1buf *buf, krb5_authdata *val);
asn1_error_code asn1_decode_krb_cred_info
- (asn1buf *buf, krb5_cred_info *val);
+ (asn1buf *buf, krb5_cred_info *val);
asn1_error_code asn1_decode_pa_data
- (asn1buf *buf, krb5_pa_data *val);
+ (asn1buf *buf, krb5_pa_data *val);
asn1_error_code asn1_decode_passwdsequence
- (asn1buf *buf, passwd_phrase_element *val);
+ (asn1buf *buf, passwd_phrase_element *val);
asn1_error_code asn1_decode_sam_challenge
- (asn1buf *buf, krb5_sam_challenge *val);
+ (asn1buf *buf, krb5_sam_challenge *val);
asn1_error_code asn1_decode_sam_challenge_2
- (asn1buf *buf, krb5_sam_challenge_2 *val);
+ (asn1buf *buf, krb5_sam_challenge_2 *val);
asn1_error_code asn1_decode_sam_challenge_2_body
- (asn1buf *buf, krb5_sam_challenge_2_body *val);
+ (asn1buf *buf, krb5_sam_challenge_2_body *val);
asn1_error_code asn1_decode_enc_sam_key
- (asn1buf *buf, krb5_sam_key *val);
+ (asn1buf *buf, krb5_sam_key *val);
asn1_error_code asn1_decode_enc_sam_response_enc
- (asn1buf *buf, krb5_enc_sam_response_enc *val);
+ (asn1buf *buf, krb5_enc_sam_response_enc *val);
asn1_error_code asn1_decode_enc_sam_response_enc_2
- (asn1buf *buf, krb5_enc_sam_response_enc_2 *val);
+ (asn1buf *buf, krb5_enc_sam_response_enc_2 *val);
asn1_error_code asn1_decode_sam_response
- (asn1buf *buf, krb5_sam_response *val);
+ (asn1buf *buf, krb5_sam_response *val);
asn1_error_code asn1_decode_sam_response_2
- (asn1buf *buf, krb5_sam_response_2 *val);
+ (asn1buf *buf, krb5_sam_response_2 *val);
asn1_error_code asn1_decode_predicted_sam_response
- (asn1buf *buf, krb5_predicted_sam_response *val);
+ (asn1buf *buf, krb5_predicted_sam_response *val);
asn1_error_code asn1_decode_external_principal_identifier
- (asn1buf *buf, krb5_external_principal_identifier *val);
+ (asn1buf *buf, krb5_external_principal_identifier *val);
asn1_error_code asn1_decode_pa_pk_as_req
- (asn1buf *buf, krb5_pa_pk_as_req *val);
+ (asn1buf *buf, krb5_pa_pk_as_req *val);
asn1_error_code asn1_decode_trusted_ca
- (asn1buf *buf, krb5_trusted_ca *val);
+ (asn1buf *buf, krb5_trusted_ca *val);
asn1_error_code asn1_decode_pa_pk_as_req_draft9
- (asn1buf *buf, krb5_pa_pk_as_req_draft9 *val);
+ (asn1buf *buf, krb5_pa_pk_as_req_draft9 *val);
asn1_error_code asn1_decode_dh_rep_info
- (asn1buf *buf, krb5_dh_rep_info *val);
+ (asn1buf *buf, krb5_dh_rep_info *val);
asn1_error_code asn1_decode_pk_authenticator
- (asn1buf *buf, krb5_pk_authenticator *val);
+ (asn1buf *buf, krb5_pk_authenticator *val);
asn1_error_code asn1_decode_pk_authenticator_draft9
- (asn1buf *buf, krb5_pk_authenticator_draft9 *val);
+ (asn1buf *buf, krb5_pk_authenticator_draft9 *val);
asn1_error_code asn1_decode_subject_pk_info
- (asn1buf *buf, krb5_subject_pk_info *val);
+ (asn1buf *buf, krb5_subject_pk_info *val);
asn1_error_code asn1_decode_algorithm_identifier
- (asn1buf *buf, krb5_algorithm_identifier *val);
+ (asn1buf *buf, krb5_algorithm_identifier *val);
asn1_error_code asn1_decode_auth_pack
- (asn1buf *buf, krb5_auth_pack *val);
+ (asn1buf *buf, krb5_auth_pack *val);
asn1_error_code asn1_decode_auth_pack_draft9
- (asn1buf *buf, krb5_auth_pack_draft9 *val);
+ (asn1buf *buf, krb5_auth_pack_draft9 *val);
asn1_error_code asn1_decode_pa_pk_as_rep
- (asn1buf *buf, krb5_pa_pk_as_rep *val);
+ (asn1buf *buf, krb5_pa_pk_as_rep *val);
asn1_error_code asn1_decode_pa_pk_as_rep_draft9
- (asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val);
+ (asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val);
asn1_error_code asn1_decode_kdc_dh_key_info
(asn1buf *buf, krb5_kdc_dh_key_info *val);
asn1_error_code asn1_decode_krb5_principal_name
- (asn1buf *buf, krb5_principal *val);
+ (asn1buf *buf, krb5_principal *val);
asn1_error_code asn1_decode_reply_key_pack
(asn1buf *buf, krb5_reply_key_pack *val);
asn1_error_code asn1_decode_reply_key_pack_draft9
/* arrays */
asn1_error_code asn1_decode_authorization_data
- (asn1buf *buf, krb5_authdata ***val);
+ (asn1buf *buf, krb5_authdata ***val);
asn1_error_code asn1_decode_host_addresses
- (asn1buf *buf, krb5_address ***val);
+ (asn1buf *buf, krb5_address ***val);
asn1_error_code asn1_decode_sequence_of_ticket
- (asn1buf *buf, krb5_ticket ***val);
+ (asn1buf *buf, krb5_ticket ***val);
asn1_error_code asn1_decode_sequence_of_krb_cred_info
- (asn1buf *buf, krb5_cred_info ***val);
+ (asn1buf *buf, krb5_cred_info ***val);
asn1_error_code asn1_decode_sequence_of_pa_data
- (asn1buf *buf, krb5_pa_data ***val);
+ (asn1buf *buf, krb5_pa_data ***val);
asn1_error_code asn1_decode_last_req
- (asn1buf *buf, krb5_last_req_entry ***val);
+ (asn1buf *buf, krb5_last_req_entry ***val);
asn1_error_code asn1_decode_sequence_of_enctype
- (asn1buf *buf, int *num, krb5_enctype **val);
+ (asn1buf *buf, int *num, krb5_enctype **val);
asn1_error_code asn1_decode_sequence_of_checksum
- (asn1buf *buf, krb5_checksum ***val);
+ (asn1buf *buf, krb5_checksum ***val);
asn1_error_code asn1_decode_sequence_of_passwdsequence
- (asn1buf *buf, passwd_phrase_element ***val);
+ (asn1buf *buf, passwd_phrase_element ***val);
asn1_error_code asn1_decode_etype_info
- (asn1buf *buf, krb5_etype_info_entry ***val);
+ (asn1buf *buf, krb5_etype_info_entry ***val);
asn1_error_code asn1_decode_etype_info2
- (asn1buf *buf, krb5_etype_info_entry ***val, krb5_boolean v1_3_behavior);
+ (asn1buf *buf, krb5_etype_info_entry ***val, krb5_boolean v1_3_behavior);
asn1_error_code asn1_decode_sequence_of_external_principal_identifier
- (asn1buf *buf, krb5_external_principal_identifier ***val);
+ (asn1buf *buf, krb5_external_principal_identifier ***val);
asn1_error_code asn1_decode_sequence_of_trusted_ca
- (asn1buf *buf, krb5_trusted_ca ***val);
+ (asn1buf *buf, krb5_trusted_ca ***val);
asn1_error_code asn1_decode_sequence_of_algorithm_identifier
- (asn1buf *buf, krb5_algorithm_identifier ***val);
+ (asn1buf *buf, krb5_algorithm_identifier ***val);
#endif
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_k_encode.c
- *
+ *
* Copyright 1994, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
asn1_addfield(rep->field_i, i, asn1_type);
/* for string fields (these encoders take an additional argument,
- the length of the string) */
+ the length of the string) */
addlenfield(rep->field_length, rep->field, i-1, asn1_type);
/* if you really have to do things yourself... */
if (retval) return retval;
sum += length;
retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, tag_number, length,
- &length);
+ &length);
if (retval) return retval;
sum += length;
#define asn1_setup()\
asn1_error_code retval;\
unsigned int length, sum=0
-
+
/* asn1_addfield -- add a field, or component, to the encoding */
#define asn1_addfield(value,tag,encoder)\
{ retval = encoder(buf,value,&length);\
asn1_error_code asn1_encode_realm(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
{
if (val == NULL ||
- (val->realm.length && val->realm.data == NULL))
- return ASN1_MISSING_FIELD;
+ (val->realm.length && val->realm.data == NULL))
+ return ASN1_MISSING_FIELD;
return asn1_encode_generalstring(buf,val->realm.length,val->realm.data,
- retlen);
+ retlen);
}
asn1_error_code asn1_encode_principal_name(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
if (val == NULL || val->data == NULL) return ASN1_MISSING_FIELD;
for (n = (int) ((val->length)-1); n >= 0; n--) {
- if (val->data[n].length &&
- val->data[n].data == NULL)
- return ASN1_MISSING_FIELD;
- retval = asn1_encode_generalstring(buf,
- (val->data)[n].length,
- (val->data)[n].data,
- &length);
- if (retval) return retval;
- sum += length;
+ if (val->data[n].length &&
+ val->data[n].data == NULL)
+ return ASN1_MISSING_FIELD;
+ retval = asn1_encode_generalstring(buf,
+ (val->data)[n].length,
+ (val->data)[n].data,
+ &length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,1,sum,&length);
for (i=0; val[i] != NULL; i++); /* go to end of array */
for (i--; i>=0; i--) {
- retval = asn1_encode_host_address(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_host_address(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_setup();
if (val == NULL ||
- (val->ciphertext.length && val->ciphertext.data == NULL))
- return ASN1_MISSING_FIELD;
+ (val->ciphertext.length && val->ciphertext.data == NULL))
+ return ASN1_MISSING_FIELD;
asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
/* krb5_kvno should be int */
if (val->kvno)
- asn1_addfield((int) val->kvno,1,asn1_encode_integer);
+ asn1_addfield((int) val->kvno,1,asn1_encode_integer);
asn1_addfield(val->enctype,0,asn1_encode_integer);
asn1_makeseq();
int i;
for (i=0; i<4; i++) {
- retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
- if (retval) return retval;
- valcopy >>= 8;
+ retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
+ if (retval) return retval;
+ valcopy >>= 8;
}
- retval = asn1buf_insert_octet(buf,0); /* 0 padding bits */
+ retval = asn1buf_insert_octet(buf,0); /* 0 padding bits */
if (retval) return retval;
sum = 5;
retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_BITSTRING,sum,
- &length);
+ &length);
if (retval) return retval;
sum += length;
{
asn1_setup();
int i;
-
+
if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
-
+
for (i=0; val[i] != NULL; i++); /* get to the end of the array */
for (i--; i>=0; i--) {
- retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_setup();
if (val == NULL ||
- (val->length && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ (val->length && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
- /* ad-data[1] OCTET STRING */
+ /* ad-data[1] OCTET STRING */
asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
- /* ad-type[0] INTEGER */
+ /* ad-type[0] INTEGER */
asn1_addfield(val->ad_type,0,asn1_encode_integer);
/* SEQUENCE */
asn1_makeseq();
asn1_addfield(val->client,4,asn1_encode_principal_name);
asn1_addfield(val->client,3,asn1_encode_realm);
if (val->padata != NULL && val->padata[0] != NULL)
- asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
+ asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
if (msg_type != KRB5_AS_REP && msg_type != KRB5_TGS_REP)
- return KRB5_BADMSGTYPE;
+ return KRB5_BADMSGTYPE;
asn1_addfield(msg_type,1,asn1_encode_integer);
asn1_addfield(KVNO,0,asn1_encode_integer);
asn1_makeseq();
if (val == NULL) return ASN1_MISSING_FIELD;
- /* caddr[11] HostAddresses OPTIONAL */
+ /* caddr[11] HostAddresses OPTIONAL */
if (val->caddrs != NULL && val->caddrs[0] != NULL)
- asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
+ asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
- /* sname[10] PrincipalName */
+ /* sname[10] PrincipalName */
asn1_addfield(val->server,10,asn1_encode_principal_name);
- /* srealm[9] Realm */
+ /* srealm[9] Realm */
asn1_addfield(val->server,9,asn1_encode_realm);
- /* renew-till[8] KerberosTime OPTIONAL */
+ /* renew-till[8] KerberosTime OPTIONAL */
if (val->flags & TKT_FLG_RENEWABLE)
- asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
+ asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
- /* endtime[7] KerberosTime */
+ /* endtime[7] KerberosTime */
asn1_addfield(val->times.endtime,7,asn1_encode_kerberos_time);
- /* starttime[6] KerberosTime OPTIONAL */
+ /* starttime[6] KerberosTime OPTIONAL */
if (val->times.starttime)
- asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
+ asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
- /* authtime[5] KerberosTime */
+ /* authtime[5] KerberosTime */
asn1_addfield(val->times.authtime,5,asn1_encode_kerberos_time);
- /* flags[4] TicketFlags */
+ /* flags[4] TicketFlags */
asn1_addfield(val->flags,4,asn1_encode_ticket_flags);
- /* key-expiration[3] KerberosTime OPTIONAL */
+ /* key-expiration[3] KerberosTime OPTIONAL */
if (val->key_exp)
- asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
+ asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
- /* nonce[2] INTEGER */
+ /* nonce[2] INTEGER */
asn1_addfield(val->nonce,2,asn1_encode_integer);
- /* last-req[1] LastReq */
+ /* last-req[1] LastReq */
asn1_addfield((const krb5_last_req_entry**)val->last_req,1,asn1_encode_last_req);
- /* key[0] EncryptionKey */
+ /* key[0] EncryptionKey */
asn1_addfield(val->session,0,asn1_encode_encryption_key);
/* EncKDCRepPart ::= SEQUENCE */
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_checksum(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_checksum(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_error_code asn1_encode_kdc_req_body(asn1buf *buf, const krb5_kdc_req *rep, unsigned int *retlen)
{
asn1_setup();
-
+
if (rep == NULL) return ASN1_MISSING_FIELD;
- /* additional-tickets[11] SEQUENCE OF Ticket OPTIONAL */
+ /* additional-tickets[11] SEQUENCE OF Ticket OPTIONAL */
if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL)
- asn1_addfield((const krb5_ticket**)rep->second_ticket,
- 11,asn1_encode_sequence_of_ticket);
+ asn1_addfield((const krb5_ticket**)rep->second_ticket,
+ 11,asn1_encode_sequence_of_ticket);
- /* enc-authorization-data[10] EncryptedData OPTIONAL, */
- /* -- Encrypted AuthorizationData encoding */
+ /* enc-authorization-data[10] EncryptedData OPTIONAL, */
+ /* -- Encrypted AuthorizationData encoding */
if (rep->authorization_data.ciphertext.data != NULL)
- asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
+ asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
- /* addresses[9] HostAddresses OPTIONAL, */
+ /* addresses[9] HostAddresses OPTIONAL, */
if (rep->addresses != NULL && rep->addresses[0] != NULL)
- asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
+ asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
- /* etype[8] SEQUENCE OF INTEGER, -- EncryptionType, */
- /* -- in preference order */
+ /* etype[8] SEQUENCE OF INTEGER, -- EncryptionType, */
+ /* -- in preference order */
asn1_addlenfield(rep->nktypes,rep->ktype,8,asn1_encode_sequence_of_enctype);
- /* nonce[7] INTEGER, */
+ /* nonce[7] INTEGER, */
asn1_addfield(rep->nonce,7,asn1_encode_integer);
- /* rtime[6] KerberosTime OPTIONAL, */
+ /* rtime[6] KerberosTime OPTIONAL, */
if (rep->rtime)
- asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
+ asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
- /* till[5] KerberosTime, */
+ /* till[5] KerberosTime, */
asn1_addfield(rep->till,5,asn1_encode_kerberos_time);
- /* from[4] KerberosTime OPTIONAL, */
+ /* from[4] KerberosTime OPTIONAL, */
if (rep->from)
- asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
+ asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
- /* sname[3] PrincipalName OPTIONAL, */
+ /* sname[3] PrincipalName OPTIONAL, */
if (rep->server != NULL)
- asn1_addfield(rep->server,3,asn1_encode_principal_name);
+ asn1_addfield(rep->server,3,asn1_encode_principal_name);
- /* realm[2] Realm, -- Server's realm */
- /* -- Also client's in AS-REQ */
+ /* realm[2] Realm, -- Server's realm */
+ /* -- Also client's in AS-REQ */
if (rep->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY) {
- if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL) {
- asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
- } else return ASN1_MISSING_FIELD;
+ if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL) {
+ asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
+ } else return ASN1_MISSING_FIELD;
} else if (rep->server != NULL) {
- asn1_addfield(rep->server,2,asn1_encode_realm);
+ asn1_addfield(rep->server,2,asn1_encode_realm);
} else return ASN1_MISSING_FIELD;
- /* cname[1] PrincipalName OPTIONAL, */
- /* -- Used only in AS-REQ */
+ /* cname[1] PrincipalName OPTIONAL, */
+ /* -- Used only in AS-REQ */
if (rep->client != NULL)
- asn1_addfield(rep->client,1,asn1_encode_principal_name);
+ asn1_addfield(rep->client,1,asn1_encode_principal_name);
- /* kdc-options[0] KDCOptions, */
+ /* kdc-options[0] KDCOptions, */
asn1_addfield(rep->kdc_options,0,asn1_encode_kdc_options);
/* KDC-REQ-BODY ::= SEQUENCE */
asn1_setup();
if (val == NULL ||
- (val->length && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ (val->length && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
asn1_addfield(val->enctype,0,asn1_encode_integer);
asn1_setup();
if (val == NULL ||
- (val->length && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ (val->length && val->contents == NULL))
+ return ASN1_MISSING_FIELD;
asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
asn1_addfield(val->checksum_type,0,asn1_encode_integer);
asn1_setup();
if (val == NULL ||
- (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
- return ASN1_MISSING_FIELD;
+ (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
+ return ASN1_MISSING_FIELD;
asn1_addlenfield(val->tr_contents.length,val->tr_contents.data,
- 1,asn1_encode_charstring);
+ 1,asn1_encode_charstring);
asn1_addfield(val->tr_type,0,asn1_encode_integer);
asn1_makeseq();
for (i=0; val[i] != NULL; i++); /* go to end of array */
for (i--; i>=0; i--) {
- retval = asn1_encode_last_req_entry(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_last_req_entry(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_pa_data(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_pa_data(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_setup();
if (val == NULL || (val->length != 0 && val->contents == NULL))
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
asn1_addlenfield(val->length,val->contents,2,asn1_encode_octetstring);
asn1_addfield(val->pa_type,1,asn1_encode_integer);
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_ticket(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_ticket(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
if (val == NULL) return ASN1_MISSING_FIELD;
for (i=len-1; i>=0; i--) {
- retval = asn1_encode_integer(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_integer(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_addfield(val,4,asn1_encode_kdc_req_body);
if (val->padata != NULL && val->padata[0] != NULL)
- asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
+ asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
if (msg_type != KRB5_AS_REQ && msg_type != KRB5_TGS_REQ)
- return KRB5_BADMSGTYPE;
+ return KRB5_BADMSGTYPE;
asn1_addfield(msg_type,2,asn1_encode_integer);
asn1_addfield(KVNO,1,asn1_encode_integer);
asn1_makeseq();
if (val == NULL) return ASN1_MISSING_FIELD;
if (val->r_address != NULL)
- asn1_addfield(val->r_address,5,asn1_encode_host_address);
+ asn1_addfield(val->r_address,5,asn1_encode_host_address);
asn1_addfield(val->s_address,4,asn1_encode_host_address);
if (val->seq_number)
- asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
+ asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
if (val->timestamp) {
- asn1_addfield(val->usec,2,asn1_encode_integer);
- asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
+ asn1_addfield(val->usec,2,asn1_encode_integer);
+ asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
}
if (val->user_data.length && val->user_data.data == NULL)
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
asn1_addlenfield(val->user_data.length,val->user_data.data,0,asn1_encode_charstring)
- ;
+ ;
asn1_makeseq();
asn1_cleanup();
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_krb_cred_info(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_krb_cred_info(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
if (val == NULL) return ASN1_MISSING_FIELD;
if (val->caddrs != NULL && val->caddrs[0] != NULL)
- asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
+ asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
if (val->server != NULL) {
- asn1_addfield(val->server,9,asn1_encode_principal_name);
- asn1_addfield(val->server,8,asn1_encode_realm);
+ asn1_addfield(val->server,9,asn1_encode_principal_name);
+ asn1_addfield(val->server,8,asn1_encode_realm);
}
if (val->times.renew_till)
- asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
+ asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
if (val->times.endtime)
- asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
+ asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
if (val->times.starttime)
- asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
+ asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
if (val->times.authtime)
- asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
+ asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
if (val->flags)
- asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
+ asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
if (val->client != NULL) {
- asn1_addfield(val->client,2,asn1_encode_principal_name);
- asn1_addfield(val->client,1,asn1_encode_realm);
+ asn1_addfield(val->client,2,asn1_encode_principal_name);
+ asn1_addfield(val->client,1,asn1_encode_realm);
}
asn1_addfield(val->session,0,asn1_encode_encryption_key);
}
asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info_entry *val,
- unsigned int *retlen, int etype_info2)
+ unsigned int *retlen, int etype_info2)
{
asn1_setup();
assert(val->s2kparams.data == NULL || etype_info2);
if (val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
- val->salt == NULL))
- return ASN1_MISSING_FIELD;
+ val->salt == NULL))
+ return ASN1_MISSING_FIELD;
if (val->s2kparams.data != NULL)
- asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
- asn1_encode_octetstring);
+ asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
+ asn1_encode_octetstring);
if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT) {
- if (etype_info2) {
- asn1_addlenfield(val->length,val->salt,1,
- asn1_encode_generalstring);
- } else {
- asn1_addlenfield(val->length,val->salt,1,
- asn1_encode_octetstring);
- }
+ if (etype_info2) {
+ asn1_addlenfield(val->length,val->salt,1,
+ asn1_encode_generalstring);
+ } else {
+ asn1_addlenfield(val->length,val->salt,1,
+ asn1_encode_octetstring);
+ }
}
asn1_addfield(val->etype,0,asn1_encode_integer);
asn1_makeseq();
}
asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry **val,
- unsigned int *retlen, int etype_info2)
+ unsigned int *retlen, int etype_info2)
{
asn1_setup();
int i;
-
+
if (val == NULL) return ASN1_MISSING_FIELD;
-
+
for (i=0; val[i] != NULL; i++); /* get to the end of the array */
for (i--; i>=0; i--) {
- retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_cleanup();
{
asn1_setup();
int i;
-
+
if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
-
+
for (i=0; val[i] != NULL; i++); /* get to the end of the array */
for (i--; i>=0; i--) {
- retval = asn1_encode_passwdsequence(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_passwdsequence(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_cleanup();
return asn1_encode_krb5_flags(buf,val,retlen);
}
-#define add_optstring(val,n,fn) \
+#define add_optstring(val,n,fn) \
if ((val).length > 0) {asn1_addlenfield((val).length,(val).data,n,fn);}
asn1_error_code asn1_encode_sam_challenge(asn1buf *buf, const krb5_sam_challenge *val, unsigned int *retlen)
asn1_setup();
/* possibly wrong */
if (val->sam_cksum.length)
- asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
+ asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
if (val->sam_nonce)
- asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
+ asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
{
asn1_setup();
if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
asn1_addfield((const krb5_checksum **) val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
- (unsigned char *)val->sam_challenge_2_body.data);
+ (unsigned char *)val->sam_challenge_2_body.data);
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
sum += val->sam_challenge_2_body.length;
retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
- val->sam_challenge_2_body.length, &length);
+ val->sam_challenge_2_body.length, &length);
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
sum += length;
-
+
asn1_makeseq();
asn1_cleanup();
}
asn1_setup();
if (val->sam_patimestamp)
- asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
+ asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
if (val->sam_nonce)
- asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
+ asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
asn1_addfield(&(val->sam_enc_nonce_or_ts),4,asn1_encode_encrypted_data);
if (val->sam_enc_key.ciphertext.length)
- asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
+ asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
add_optstring(val->sam_track_id,2,asn1_encode_charstring);
asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
asn1_addfield(val->sam_type,0,asn1_encode_integer);
asn1_error_code retval;
retval = asn1buf_insert_octetstring(buf, body->length,
- (krb5_octet *)body->data);
+ (krb5_octet *)body->data);
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
*retlen = body->length;
return 0;
asn1_setup();
if (val->parameters.length != 0) {
- retval = asn1buf_insert_octetstring(buf, val->parameters.length,
- val->parameters.data);
- if (retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += val->parameters.length;
+ retval = asn1buf_insert_octetstring(buf, val->parameters.length,
+ val->parameters.data);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += val->parameters.length;
}
-
- retval = asn1_encode_oid(buf, val->algorithm.length,
- val->algorithm.data,
- &length);
-
+
+ retval = asn1_encode_oid(buf, val->algorithm.length,
+ val->algorithm.data,
+ &length);
+
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
- sum += length;
+ sum += length;
asn1_makeseq();
asn1_cleanup();
asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
if (val->algorithm.parameters.length != 0) {
- retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length,
- val->algorithm.parameters.data);
- if (retval) {
- asn1buf_destroy(&buf);
- return retval;
- }
- sum += val->algorithm.parameters.length;
+ retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length,
+ val->algorithm.parameters.data);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval;
+ }
+ sum += val->algorithm.parameters.length;
}
-
- retval = asn1_encode_oid(buf, val->algorithm.algorithm.length,
- val->algorithm.algorithm.data,
- &length);
-
+
+ retval = asn1_encode_oid(buf, val->algorithm.algorithm.length,
+ val->algorithm.algorithm.data,
+ &length);
+
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
- sum += length;
-
- retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE,
- val->algorithm.parameters.length + length,
- &length);
+ sum += length;
+
+ retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE,
+ val->algorithm.parameters.length + length,
+ &length);
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
- sum += length;
+ sum += length;
asn1_makeseq();
asn1_cleanup();
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_setup();
if (val->clientDHNonce.length != 0)
- asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
+ asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
if (val->supportedCMSTypes != NULL)
- asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
+ asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
if (val->clientPublicValue != NULL)
- asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
+ asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
asn1_makeseq();
asn1_setup();
if (val->clientPublicValue != NULL)
- asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
+ asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
asn1_makeseq();
/* Verify there is something to encode */
if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
- if (val->subjectKeyIdentifier.length != 0)
- asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
+ if (val->subjectKeyIdentifier.length != 0)
+ asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
- if (val->issuerAndSerialNumber.length != 0)
- asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
+ if (val->issuerAndSerialNumber.length != 0)
+ asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
- if (val->subjectName.length != 0)
- asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
+ if (val->subjectName.length != 0)
+ asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
asn1_makeseq();
asn1_cleanup();
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
{
asn1_setup();
- if (val->kdcPkId.length != 0)
- asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
+ if (val->kdcPkId.length != 0)
+ asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
if (val->trustedCertifiers != NULL)
- asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
+ asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
switch (val->choice) {
case choice_trusted_cas_issuerAndSerial:
- asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
- break;
+ asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
+ break;
case choice_trusted_cas_caName:
- asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
- break;
+ asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
+ break;
case choice_trusted_cas_principalName:
- asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
- break;
+ asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
+ break;
default:
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
}
asn1_cleanup();
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_trusted_ca(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_trusted_ca(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
asn1_cleanup();
asn1_setup();
if (val->encryptionCert.length != 0)
- asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
+ asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
- if (val->kdcCert.length != 0)
- asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
+ if (val->kdcCert.length != 0)
+ asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
if (val->trustedCertifiers != NULL)
- asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
+ asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
asn1_setup();
if (val->serverDHNonce.length != 0)
- asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
-
+ asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
+
asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
asn1_makeseq();
{
asn1_setup();
- if (val->dhKeyExpiration != 0)
- asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
+ if (val->dhKeyExpiration != 0)
+ asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
asn1_addfield(val->nonce, 1, asn1_encode_integer);
asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
- retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
- val->subjectPublicKey.length + 1 + length,
- &length);
+ retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
+ val->subjectPublicKey.length + 1 + length,
+ &length);
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
- sum += length;
+ sum += length;
asn1_makeseq();
asn1_cleanup();
switch (val->choice)
{
case choice_pa_pk_as_rep_dhInfo:
- asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
- break;
+ asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
+ break;
case choice_pa_pk_as_rep_encKeyPack:
- asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
- break;
+ asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+ break;
default:
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
}
asn1_cleanup();
switch (val->choice)
{
case choice_pa_pk_as_rep_draft9_dhSignedData:
- asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
- break;
+ asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
+ break;
case choice_pa_pk_as_rep_encKeyPack:
- asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
- break;
+ asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+ break;
default:
- return ASN1_MISSING_FIELD;
+ return ASN1_MISSING_FIELD;
}
asn1_cleanup();
asn1_setup();
retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
if (retval) {
- asn1buf_destroy(&buf);
- return retval;
+ asn1buf_destroy(&buf);
+ return retval;
}
asn1_cleanup();
}
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
- retval = asn1_encode_typed_data(buf,val[i],&length);
- if (retval) return retval;
- sum += length;
+ retval = asn1_encode_typed_data(buf,val[i],&length);
+ if (retval) return retval;
+ sum += length;
}
asn1_makeseq();
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_k_encode.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
**** for simple val's ****
asn1_error_code asn1_encode_asn1_type(asn1buf *buf,
const krb5_type val,
- int *retlen);
+ int *retlen);
requires *buf is allocated
effects Inserts the encoding of val into *buf and
returns the length of this encoding in *retlen.
- Returns ASN1_MISSING_FIELD if a required field is empty in val.
- Returns ENOMEM if memory runs out.
+ Returns ASN1_MISSING_FIELD if a required field is empty in val.
+ Returns ENOMEM if memory runs out.
**** for struct val's ****
asn1_error_code asn1_encode_asn1_type(asn1buf *buf,
const krb5_type *val,
- int *retlen);
+ int *retlen);
requires *buf is allocated
effects Inserts the encoding of *val into *buf and
returns the length of this encoding in *retlen.
- Returns ASN1_MISSING_FIELD if a required field is empty in val.
- Returns ENOMEM if memory runs out.
+ Returns ASN1_MISSING_FIELD if a required field is empty in val.
+ Returns ENOMEM if memory runs out.
**** for array val's ****
asn1_error_code asn1_encode_asn1_type(asn1buf *buf,
const krb5_type **val,
- int *retlen);
+ int *retlen);
requires *buf is allocated, **val != NULL, *val[0] != NULL,
**val is a NULL-terminated array of pointers to krb5_type
effects Inserts the encoding of **val into *buf and
returns the length of this encoding in *retlen.
- Returns ASN1_MISSING_FIELD if a required field is empty in val.
- Returns ENOMEM if memory runs out.
+ Returns ASN1_MISSING_FIELD if a required field is empty in val.
+ Returns ENOMEM if memory runs out.
*/
asn1_error_code asn1_encode_ui_4 (asn1buf *buf,
- const krb5_ui_4 val,
- unsigned int *retlen);
+ const krb5_ui_4 val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_msgtype (asn1buf *buf,
- const /*krb5_msgtype*/int val,
- unsigned int *retlen);
+ const /*krb5_msgtype*/int val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_realm
- (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
asn1_error_code asn1_encode_principal_name
- (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
asn1_error_code asn1_encode_encrypted_data
- (asn1buf *buf, const krb5_enc_data *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_enc_data *val, unsigned int *retlen);
asn1_error_code asn1_encode_krb5_flags
- (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
asn1_error_code asn1_encode_ap_options
- (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
asn1_error_code asn1_encode_ticket_flags
- (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
asn1_error_code asn1_encode_kdc_options
- (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
asn1_error_code asn1_encode_authorization_data
- (asn1buf *buf, const krb5_authdata **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_authdata **val, unsigned int *retlen);
asn1_error_code asn1_encode_krb5_authdata_elt
- (asn1buf *buf, const krb5_authdata *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_authdata *val, unsigned int *retlen);
asn1_error_code asn1_encode_kdc_rep
- (int msg_type, asn1buf *buf, const krb5_kdc_rep *val,
- unsigned int *retlen);
+ (int msg_type, asn1buf *buf, const krb5_kdc_rep *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_enc_kdc_rep_part
- (asn1buf *buf, const krb5_enc_kdc_rep_part *val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_enc_kdc_rep_part *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_ticket
- (asn1buf *buf, const krb5_ticket *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_ticket *val, unsigned int *retlen);
asn1_error_code asn1_encode_encryption_key
- (asn1buf *buf, const krb5_keyblock *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_keyblock *val, unsigned int *retlen);
asn1_error_code asn1_encode_kerberos_time
- (asn1buf *buf, const krb5_timestamp val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_timestamp val, unsigned int *retlen);
asn1_error_code asn1_encode_checksum
- (asn1buf *buf, const krb5_checksum *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_checksum *val, unsigned int *retlen);
asn1_error_code asn1_encode_host_address
- (asn1buf *buf, const krb5_address *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_address *val, unsigned int *retlen);
asn1_error_code asn1_encode_host_addresses
- (asn1buf *buf, const krb5_address **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_address **val, unsigned int *retlen);
asn1_error_code asn1_encode_transited_encoding
- (asn1buf *buf, const krb5_transited *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_transited *val, unsigned int *retlen);
asn1_error_code asn1_encode_last_req
- (asn1buf *buf, const krb5_last_req_entry **val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_last_req_entry **val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_pa_data
- (asn1buf *buf, const krb5_pa_data **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pa_data **val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_ticket
- (asn1buf *buf, const krb5_ticket **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_ticket **val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_enctype
- (asn1buf *buf,
- const int len, const krb5_enctype *val,
- unsigned int *retlen);
+ (asn1buf *buf,
+ const int len, const krb5_enctype *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_checksum
- (asn1buf *buf, const krb5_checksum **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_checksum **val, unsigned int *retlen);
asn1_error_code asn1_encode_kdc_req
- (int msg_type,
- asn1buf *buf,
- const krb5_kdc_req *val,
- unsigned int *retlen);
+ (int msg_type,
+ asn1buf *buf,
+ const krb5_kdc_req *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_kdc_req_body
- (asn1buf *buf, const krb5_kdc_req *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_kdc_req *val, unsigned int *retlen);
asn1_error_code asn1_encode_krb_safe_body
- (asn1buf *buf, const krb5_safe *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_safe *val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_krb_cred_info
- (asn1buf *buf, const krb5_cred_info **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_cred_info **val, unsigned int *retlen);
asn1_error_code asn1_encode_krb_cred_info
- (asn1buf *buf, const krb5_cred_info *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_cred_info *val, unsigned int *retlen);
asn1_error_code asn1_encode_last_req_entry
- (asn1buf *buf, const krb5_last_req_entry *val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_last_req_entry *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_pa_data
- (asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen);
asn1_error_code asn1_encode_alt_method
- (asn1buf *buf, const krb5_alt_method *val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_alt_method *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_etype_info_entry
- (asn1buf *buf, const krb5_etype_info_entry *val,
- unsigned int *retlen, int etype_info2);
+ (asn1buf *buf, const krb5_etype_info_entry *val,
+ unsigned int *retlen, int etype_info2);
asn1_error_code asn1_encode_etype_info
- (asn1buf *buf, const krb5_etype_info_entry **val,
- unsigned int *retlen, int etype_info2);
+ (asn1buf *buf, const krb5_etype_info_entry **val,
+ unsigned int *retlen, int etype_info2);
asn1_error_code asn1_encode_passwdsequence
- (asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen);
+ (asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_passwdsequence
- (asn1buf *buf, const passwd_phrase_element **val,
- unsigned int *retlen);
+ (asn1buf *buf, const passwd_phrase_element **val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_sam_flags
- (asn1buf * buf, const krb5_flags val, unsigned int *retlen);
+ (asn1buf * buf, const krb5_flags val, unsigned int *retlen);
asn1_error_code asn1_encode_sam_challenge
- (asn1buf *buf, const krb5_sam_challenge * val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_sam_challenge * val, unsigned int *retlen);
asn1_error_code asn1_encode_sam_challenge_2
- (asn1buf *buf, const krb5_sam_challenge_2 * val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_sam_challenge_2 * val, unsigned int *retlen);
asn1_error_code asn1_encode_sam_challenge_2_body
- (asn1buf *buf, const krb5_sam_challenge_2_body * val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_sam_challenge_2_body * val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_sam_key
- (asn1buf *buf, const krb5_sam_key *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_sam_key *val, unsigned int *retlen);
asn1_error_code asn1_encode_enc_sam_response_enc
- (asn1buf *buf, const krb5_enc_sam_response_enc *val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_enc_sam_response_enc *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_enc_sam_response_enc_2
- (asn1buf *buf, const krb5_enc_sam_response_enc_2 *val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_enc_sam_response_enc_2 *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_sam_response
- (asn1buf *buf, const krb5_sam_response *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_sam_response *val, unsigned int *retlen);
asn1_error_code asn1_encode_sam_response_2
- (asn1buf *buf, const krb5_sam_response_2 *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_sam_response_2 *val, unsigned int *retlen);
asn1_error_code asn1_encode_predicted_sam_response
- (asn1buf *buf, const krb5_predicted_sam_response *val,
- unsigned int *retlen);
+ (asn1buf *buf, const krb5_predicted_sam_response *val,
+ unsigned int *retlen);
asn1_error_code asn1_encode_krb_saved_safe_body
- (asn1buf *buf, const krb5_data *body, unsigned int *retlen);
+ (asn1buf *buf, const krb5_data *body, unsigned int *retlen);
/* PKINIT */
asn1_error_code asn1_encode_pk_authenticator
- (asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen);
asn1_error_code asn1_encode_pk_authenticator_draft9
- (asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen);
asn1_error_code asn1_encode_algorithm_identifier
- (asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen);
asn1_error_code asn1_encode_subject_pk_info
- (asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_algorithm_identifier
- (asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen);
asn1_error_code asn1_encode_auth_pack
- (asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen);
asn1_error_code asn1_encode_auth_pack_draft9
- (asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen);
asn1_error_code asn1_encode_external_principal_identifier
- (asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_external_principal_identifier
- (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
asn1_error_code asn1_encode_pa_pk_as_req
- (asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen);
asn1_error_code asn1_encode_trusted_ca
- (asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_trusted_ca
- (asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen);
asn1_error_code asn1_encode_pa_pk_as_req_draft9
- (asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen);
asn1_error_code asn1_encode_dh_rep_info
- (asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen);
asn1_error_code asn1_encode_kdc_dh_key_info
- (asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen);
asn1_error_code asn1_encode_reply_key_pack
- (asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen);
asn1_error_code asn1_encode_reply_key_pack_draft9
- (asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen);
asn1_error_code asn1_encode_pa_pk_as_rep
- (asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen);
asn1_error_code asn1_encode_pa_pk_as_rep_draft9
- (asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen);
asn1_error_code asn1_encode_td_trusted_certifiers
- (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
asn1_error_code asn1_encode_typed_data
- (asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen);
asn1_error_code asn1_encode_sequence_of_typed_data
- (asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen);
+ (asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen);
#endif
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_make.c
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
#include "asn1_make.h"
asn1_error_code asn1_make_etag(asn1buf *buf, asn1_class asn1class,
- asn1_tagnum tagnum, unsigned int in_len,
- unsigned int *retlen)
+ asn1_tagnum tagnum, unsigned int in_len,
+ unsigned int *retlen)
{
return asn1_make_tag(buf,asn1class,CONSTRUCTED,tagnum,in_len,retlen);
}
asn1_error_code asn1_make_tag(asn1buf *buf, asn1_class asn1class,
- asn1_construction construction,
- asn1_tagnum tagnum, unsigned int in_len,
- unsigned int *retlen)
+ asn1_construction construction,
+ asn1_tagnum tagnum, unsigned int in_len,
+ unsigned int *retlen)
{
asn1_error_code retval;
unsigned int sumlen=0, length;
asn1_error_code retval;
if (in_len < 128) {
- retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
- if (retval) return retval;
- *retlen = 1;
+ retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
+ if (retval) return retval;
+ *retlen = 1;
} else {
- int in_copy=in_len, length=0;
-
- while (in_copy != 0) {
- retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
- if (retval) return retval;
- in_copy = in_copy >> 8;
- length++;
- }
- retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
- if (retval) return retval;
- length++;
- *retlen = length;
+ int in_copy=in_len, length=0;
+
+ while (in_copy != 0) {
+ retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
+ if (retval) return retval;
+ in_copy = in_copy >> 8;
+ length++;
+ }
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
+ if (retval) return retval;
+ length++;
+ *retlen = length;
}
return 0;
}
asn1_error_code asn1_make_id(asn1buf *buf, asn1_class asn1class,
- asn1_construction construction,
- asn1_tagnum tagnum, unsigned int *retlen)
+ asn1_construction construction,
+ asn1_tagnum tagnum, unsigned int *retlen)
{
asn1_error_code retval;
if (tagnum < 31) {
- retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
- (asn1_octet)tagnum));
- if (retval) return retval;
- *retlen = 1;
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
+ (asn1_octet)tagnum));
+ if (retval) return retval;
+ *retlen = 1;
} else {
- asn1_tagnum tagcopy = tagnum;
- int length = 0;
-
- retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
- if (retval) return retval;
- tagcopy >>= 7;
- length++;
-
- for (; tagcopy != 0; tagcopy >>= 7) {
- retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
- if (retval) return retval;
- length++;
- }
-
- retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
- if (retval) return retval;
- length++;
- *retlen = length;
+ asn1_tagnum tagcopy = tagnum;
+ int length = 0;
+
+ retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
+ if (retval) return retval;
+ tagcopy >>= 7;
+ length++;
+
+ for (; tagcopy != 0; tagcopy >>= 7) {
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
+ if (retval) return retval;
+ length++;
+ }
+
+ retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
+ if (retval) return retval;
+ length++;
+ *retlen = length;
}
return 0;
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_make.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
*/
asn1_error_code asn1_make_etag
- (asn1buf *buf,
- asn1_class asn1class,
- asn1_tagnum tagnum,
- unsigned int in_len,
- unsigned int *retlen);
+ (asn1buf *buf,
+ asn1_class asn1class,
+ asn1_tagnum tagnum,
+ unsigned int in_len,
+ unsigned int *retlen);
/* requires *buf is allocated, in_len is the length of an ASN.1 encoding
which has just been inserted in *buf
modifies *buf, *retlen
effects Inserts an explicit tag with class = asn1class, id# = tag
length = in_len into *buf.
- Returns the length of this encoding in *retlen.
- Returns ENOMEM if memory runs out. */
+ Returns the length of this encoding in *retlen.
+ Returns ENOMEM if memory runs out. */
asn1_error_code asn1_make_tag
- (asn1buf *buf, asn1_class asn1class,
- asn1_construction construction,
- asn1_tagnum tagnum,
- unsigned int in_len,
- unsigned int *retlen);
+ (asn1buf *buf, asn1_class asn1class,
+ asn1_construction construction,
+ asn1_tagnum tagnum,
+ unsigned int in_len,
+ unsigned int *retlen);
/* requires *buf is allocated, in_len is the length of an ASN.1 encoding
which has just been inserted in *buf
modifies *buf, *retlen
effects Inserts the encoding of a tag with class = asn1class,
primitive/constructed staus = construction,
- id# = tag and length = in_len into *buf.
- Returns the length of this encoding in *retlen.
- Returns ENOMEM if memory runs out.
- Returns ASN1_OVERFLOW if tagnum exceeds the limits of
- the implementation. */
+ id# = tag and length = in_len into *buf.
+ Returns the length of this encoding in *retlen.
+ Returns ENOMEM if memory runs out.
+ Returns ASN1_OVERFLOW if tagnum exceeds the limits of
+ the implementation. */
asn1_error_code asn1_make_sequence
- (asn1buf *buf, const unsigned int seq_len, unsigned int *len);
+ (asn1buf *buf, const unsigned int seq_len, unsigned int *len);
/* requires *buf is allocated, seq_len is the length of a series of
sequence components which have just been inserted in *buf
modifies *buf, *retlen
Returns ENOMEM if memory runs out. */
asn1_error_code asn1_make_set
- (asn1buf *buf, const unsigned int set_len,
- unsigned int *retlen);
+ (asn1buf *buf, const unsigned int set_len,
+ unsigned int *retlen);
/* requires *buf is allocated, seq_len is the length of a series of
sequence components which have just been inserted in *buf
modifies *buf, *retlen
Returns ENOMEM if memory runs out. */
asn1_error_code asn1_make_string
- (asn1buf *buf,
- const unsigned int len, const char *string,
- int *retlen);
+ (asn1buf *buf,
+ const unsigned int len, const char *string,
+ int *retlen);
/* requires *buf is allocated, len is the length of *string
effects Inserts the encoding of *string (a series of octets) in *buf.
Returns the length of this encoding in *retlen.
/* "helper" procedure for asn1_make_tag */
asn1_error_code asn1_make_length
- (asn1buf *buf, const unsigned int in_len,
- unsigned int *retlen);
+ (asn1buf *buf, const unsigned int in_len,
+ unsigned int *retlen);
/* requires *buf is allocated, in_len is the length of an ASN.1 encoding
which has just been inserted in *buf
modifies *buf, *retlen
/* "helper" procedure for asn1_make_tag */
asn1_error_code asn1_make_id
- (asn1buf *buf,
- asn1_class asn1class,
- asn1_construction construction,
- asn1_tagnum tagnum,
- unsigned int *retlen);
+ (asn1buf *buf,
+ asn1_class asn1class,
+ asn1_construction construction,
+ asn1_tagnum tagnum,
+ unsigned int *retlen);
/* requires *buf is allocated, asn1class and tagnum are appropriate for
the ASN.1 encoding which has just been inserted in *buf
modifies *buf, *retlen
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_misc.c
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
target->realm.data = (char*)malloc(target->realm.length); /* copy realm */
if (target->realm.data == NULL) return ENOMEM;
memcpy(target->realm.data,source->realm.data, /* to client */
- target->realm.length);
+ target->realm.length);
return 0;
}
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/asn1_misc.h
- *
+ *
* Copyright 1994 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
#include "krbasn1.h"
asn1_error_code asn1_krb5_realm_copy
- (krb5_principal target, krb5_principal source);
+ (krb5_principal target, krb5_principal source);
/* requires target, source, and source->realm are allocated
effects Copies source->realm into target->realm.
Returns ENOMEM if memory is exhausted. */
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/* Coding Buffer Implementation */
/*
next >= base
next <= bound+2 (i.e. next should be able to step just past the bound,
but no further. (The bound should move out in response
- to being crossed by next.)) */
+ to being crossed by next.)) */
#define ASN1BUF_OMIT_INLINE_FUNCS
#include "asn1buf.h"
#include <stdio.h>
#include "asn1_get.h"
-#define asn1_is_eoc(class, num, indef) \
+#define asn1_is_eoc(class, num, indef) \
((class) == UNIVERSAL && !(num) && !(indef))
asn1_error_code asn1buf_create(asn1buf **buf)
{
subbuf->base = subbuf->next = buf->next;
if (!indef) {
- subbuf->bound = subbuf->base + length - 1;
- if (subbuf->bound > buf->bound)
- return ASN1_OVERRUN;
+ subbuf->bound = subbuf->base + length - 1;
+ if (subbuf->bound > buf->bound)
+ return ASN1_OVERRUN;
} else /* constructed indefinite */
- subbuf->bound = buf->bound;
+ subbuf->bound = buf->bound;
return 0;
}
asn1_error_code asn1buf_sync(asn1buf *buf, asn1buf *subbuf,
- asn1_class asn1class, asn1_tagnum lasttag,
- unsigned int length, int indef, int seqindef)
+ asn1_class asn1class, asn1_tagnum lasttag,
+ unsigned int length, int indef, int seqindef)
{
asn1_error_code retval;
if (!seqindef) {
- /* sequence was encoded as definite length */
- buf->next = subbuf->bound + 1;
+ /* sequence was encoded as definite length */
+ buf->next = subbuf->bound + 1;
} else if (!asn1_is_eoc(asn1class, lasttag, indef)) {
- retval = asn1buf_skiptail(subbuf, length, indef);
- if (retval)
- return retval;
+ retval = asn1buf_skiptail(subbuf, length, indef);
+ if (retval)
+ return retval;
} else {
- /* We have just read the EOC octets. */
- buf->next = subbuf->next;
+ /* We have just read the EOC octets. */
+ buf->next = subbuf->next;
}
return 0;
}
nestlevel = 1 + indef;
if (!indef) {
- if (length <= buf->bound - buf->next + 1)
- buf->next += length;
- else
- return ASN1_OVERRUN;
+ if (length <= buf->bound - buf->next + 1)
+ buf->next += length;
+ else
+ return ASN1_OVERRUN;
}
while (nestlevel > 0) {
- if (buf->bound - buf->next + 1 <= 0)
- return ASN1_OVERRUN;
- retval = asn1_get_tag_2(buf, &t);
- if (retval) return retval;
- if (!t.indef) {
- if (t.length <= buf->bound - buf->next + 1)
- buf->next += t.length;
- else
- return ASN1_OVERRUN;
- }
- if (t.indef)
- nestlevel++;
- if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
- nestlevel--; /* got an EOC encoding */
+ if (buf->bound - buf->next + 1 <= 0)
+ return ASN1_OVERRUN;
+ retval = asn1_get_tag_2(buf, &t);
+ if (retval) return retval;
+ if (!t.indef) {
+ if (t.length <= buf->bound - buf->next + 1)
+ buf->next += t.length;
+ else
+ return ASN1_OVERRUN;
+ }
+ if (t.indef)
+ nestlevel++;
+ if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
+ nestlevel--; /* got an EOC encoding */
}
return 0;
}
asn1_error_code asn1buf_destroy(asn1buf **buf)
{
if (*buf != NULL) {
- free((*buf)->base);
- free(*buf);
- *buf = NULL;
+ free((*buf)->base);
+ free(*buf);
+ *buf = NULL;
}
return 0;
}
retval = asn1buf_ensure_space(buf,len);
if (retval) return retval;
for (length=1; length<=len; length++,(buf->next)++)
- *(buf->next) = (char)(s[len-length]);
+ *(buf->next) = (char)(s[len-length]);
return 0;
}
retval = asn1buf_ensure_space(buf,len);
if (retval) return retval;
for (length=1; length<=len; length++,(buf->next)++)
- *(buf->next) = (char)(s[len-length]);
+ *(buf->next) = (char)(s[len-length]);
return 0;
}
if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
if (len == 0) {
- *s = 0;
- return 0;
+ *s = 0;
+ return 0;
}
*s = (asn1_octet*)malloc(len*sizeof(asn1_octet));
if (*s == NULL)
- return ENOMEM;
+ return ENOMEM;
for (i=0; i<len; i++)
- (*s)[i] = (asn1_octet)(buf->next)[i];
+ (*s)[i] = (asn1_octet)(buf->next)[i];
buf->next += len;
return 0;
}
if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
if (len == 0) {
- *s = 0;
- return 0;
+ *s = 0;
+ return 0;
}
*s = (char*)malloc(len*sizeof(char));
if (*s == NULL) return ENOMEM;
for (i=0; i<len; i++)
- (*s)[i] = (char)(buf->next)[i];
+ (*s)[i] = (char)(buf->next)[i];
buf->next += len;
return 0;
}
* Two 0 octets means the end of an indefinite encoding.
*/
if (indef && remain >= 2 && !*(buf->next) && !*(buf->next + 1))
- return 0;
+ return 0;
else return remain;
}
(*code)->length = asn1buf_len(buf);
(*code)->data = (char*)malloc((((*code)->length)+1)*sizeof(char));
if ((*code)->data == NULL) {
- free(*code);
- *code = NULL;
- return ENOMEM;
+ free(*code);
+ *code = NULL;
+ return ENOMEM;
}
for (i=0; i < (*code)->length; i++)
- ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
+ ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
((*code)->data)[(*code)->length] = '\0';
return 0;
}
{
free(*s);
if (buf == NULL) {
- *s = malloc(sizeof("<NULL>"));
- if (*s == NULL) return ENOMEM;
- strcpy(*s,"<NULL>");
+ *s = malloc(sizeof("<NULL>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<NULL>");
} else if (buf->base == NULL) {
- *s = malloc(sizeof("<EMPTY>"));
- if (*s == NULL) return ENOMEM;
- strcpy(*s,"<EMPTY>");
+ *s = malloc(sizeof("<EMPTY>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<EMPTY>");
} else {
- unsigned int length = asn1buf_len(buf);
- unsigned int i;
+ unsigned int length = asn1buf_len(buf);
+ unsigned int i;
- *s = calloc(length+1, sizeof(char));
- if (*s == NULL) return ENOMEM;
- (*s)[length] = '\0';
- for (i=0; i<length; i++) ;
+ *s = calloc(length+1, sizeof(char));
+ if (*s == NULL) return ENOMEM;
+ (*s)[length] = '\0';
+ for (i=0; i<length; i++) ;
/* OLDDECLARG( (*s)[i] = , (buf->base)[length-i-1]) */
}
return 0;
asn1_error_code asn1buf_hex_unparse(const asn1buf *buf, char **s)
{
-#define hexchar(d) ((d)<=9 ? ('0'+(d)) : \
- ((d)<=15 ? ('A'+(d)-10) : \
- 'X'))
+#define hexchar(d) ((d)<=9 ? ('0'+(d)) : \
+ ((d)<=15 ? ('A'+(d)-10) : \
+ 'X'))
free(*s);
if (buf == NULL) {
- *s = malloc(sizeof("<NULL>"));
- if (*s == NULL) return ENOMEM;
- strcpy(*s,"<NULL>");
+ *s = malloc(sizeof("<NULL>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<NULL>");
} else if (buf->base == NULL) {
- *s = malloc(sizeof("<EMPTY>"));
- if (*s == NULL) return ENOMEM;
- strcpy(*s,"<EMPTY>");
+ *s = malloc(sizeof("<EMPTY>"));
+ if (*s == NULL) return ENOMEM;
+ strcpy(*s,"<EMPTY>");
} else {
- unsigned int length = asn1buf_len(buf);
- int i;
-
- *s = malloc(3*length);
- if (*s == NULL) return ENOMEM;
- for (i = length-1; i >= 0; i--) {
- (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
- (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
- (*s)[3*(length-i-1)+2] = ' ';
- }
- (*s)[3*length-1] = '\0';
+ unsigned int length = asn1buf_len(buf);
+ int i;
+
+ *s = malloc(3*length);
+ if (*s == NULL) return ENOMEM;
+ for (i = length-1; i >= 0; i--) {
+ (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
+ (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
+ (*s)[3*(length-i-1)+2] = ' ';
+ }
+ (*s)[3*length-1] = '\0';
}
return 0;
}
{
int avail = asn1buf_free(buf);
if (avail < amount) {
- asn1_error_code retval = asn1buf_expand(buf, amount-avail);
- if (retval) return retval;
+ asn1_error_code retval = asn1buf_expand(buf, amount-avail);
+ if (retval) return retval;
}
return 0;
}
else bound_offset = buf->bound - buf->base;
if (inc < STANDARD_INCREMENT)
- inc = STANDARD_INCREMENT;
+ inc = STANDARD_INCREMENT;
if (buf->base == NULL)
- buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+ buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
else
- buf->base = realloc(buf->base,
- (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+ buf->base = realloc(buf->base,
+ (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
if (buf->base == NULL) return ENOMEM;
buf->bound = (buf->base) + bound_offset + inc;
buf->next = (buf->base) + next_offset;
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/* Coding Buffer Specifications */
#ifndef __ASN1BUF_H__
#define __ASN1BUF_H__
/**************** Private Procedures ****************/
int asn1buf_size
- (const asn1buf *buf);
+ (const asn1buf *buf);
/* requires *buf has been created and not destroyed
- effects Returns the total size
- (in octets) of buf's octet buffer. */
+ effects Returns the total size
+ (in octets) of buf's octet buffer. */
#define asn1buf_size(buf) \
(((buf) == NULL || (buf)->base == NULL) \
? 0 \
: ((buf)->bound - (buf)->base + 1))
unsigned int asn1buf_free
- (const asn1buf *buf);
+ (const asn1buf *buf);
/* requires *buf is allocated
effects Returns the number of unused, allocated octets in *buf. */
#define asn1buf_free(buf) \
asn1_error_code asn1buf_ensure_space
- (asn1buf *buf, const unsigned int amount);
+ (asn1buf *buf, const unsigned int amount);
/* requires *buf is allocated
modifies *buf
effects If buf has less than amount octets of free space, then it is
asn1_error_code asn1buf_expand
- (asn1buf *buf, unsigned int inc);
+ (asn1buf *buf, unsigned int inc);
/* requires *buf is allocated
modifies *buf
effects Expands *buf by allocating space for inc more octets.
Returns ENOMEM if memory is exhausted. */
int asn1buf_len
- (const asn1buf *buf);
+ (const asn1buf *buf);
/* requires *buf is allocated
effects Returns the length of the encoding in *buf. */
-#define asn1buf_len(buf) ((buf)->next - (buf)->base)
+#define asn1buf_len(buf) ((buf)->next - (buf)->base)
/****** End of private procedures *****/
-
+
/*
- Overview
-
+ Overview
+
The coding buffer is an array of char (to match a krb5_data structure)
with 3 reference pointers:
1) base - The bottom of the octet array. Used for memory management
2) next - Points to the next available octet position in the array.
During encoding, this is the next free position, and it
advances as octets are added to the array.
- During decoding, this is the next unread position, and it
+ During decoding, this is the next unread position, and it
advances as octets are read from the array.
3) bound - Points to the top of the array. Used for bounds-checking.
-
+
All pointers to encoding buffers should be initalized to NULL.
-
+
Operations
asn1buf_create
*/
asn1_error_code asn1buf_create
- (asn1buf **buf);
+ (asn1buf **buf);
/* effects Creates a new encoding buffer pointed to by *buf.
Returns ENOMEM if the buffer can't be created. */
asn1_error_code asn1buf_wrap_data
- (asn1buf *buf, const krb5_data *code);
+ (asn1buf *buf, const krb5_data *code);
/* requires *buf has already been allocated
effects Turns *buf into a "wrapper" for *code. i.e. *buf is set up
such that its bottom is the beginning of *code, and its top
- is the top of *code.
- Returns ASN1_MISSING_FIELD if code is empty. */
+ is the top of *code.
+ Returns ASN1_MISSING_FIELD if code is empty. */
asn1_error_code asn1buf_imbed
- (asn1buf *subbuf, const asn1buf *buf,
- const unsigned int length,
- const int indef);
+ (asn1buf *subbuf, const asn1buf *buf,
+ const unsigned int length,
+ const int indef);
/* requires *subbuf and *buf are allocated
effects *subbuf becomes a sub-buffer of *buf. *subbuf begins
at *buf's current position and is length octets long.
(Unless this would exceed the bounds of *buf -- in
- that case, ASN1_OVERRUN is returned) *subbuf's current
- position starts at the beginning of *subbuf. */
+ that case, ASN1_OVERRUN is returned) *subbuf's current
+ position starts at the beginning of *subbuf. */
asn1_error_code asn1buf_sync
- (asn1buf *buf, asn1buf *subbuf, asn1_class Class,
- asn1_tagnum lasttag,
- unsigned int length, int indef,
- int seqindef);
+ (asn1buf *buf, asn1buf *subbuf, asn1_class Class,
+ asn1_tagnum lasttag,
+ unsigned int length, int indef,
+ int seqindef);
/* requires *subbuf is a sub-buffer of *buf, as created by asn1buf_imbed.
lasttag is the last tagnumber read.
effects Synchronizes *buf's current position to match that of *subbuf. */
asn1_error_code asn1buf_skiptail
- (asn1buf *buf, const unsigned int length,
- const int indef);
+ (asn1buf *buf, const unsigned int length,
+ const int indef);
/* requires *buf is a subbuffer used in a decoding of a
constructed indefinite sequence.
effects skips trailing fields. */
asn1_error_code asn1buf_destroy
- (asn1buf **buf);
+ (asn1buf **buf);
/* effects Deallocates **buf, sets *buf to NULL. */
asn1_error_code asn1buf_insert_octet
- (asn1buf *buf, const int o);
+ (asn1buf *buf, const int o);
/* requires *buf is allocated
effects Inserts o into the buffer *buf, expanding the buffer if
necessary. Returns ENOMEM memory is exhausted. */
#endif
asn1_error_code asn1buf_insert_octetstring
- (asn1buf *buf, const unsigned int len, const asn1_octet *s);
+ (asn1buf *buf, const unsigned int len, const asn1_octet *s);
/* requires *buf is allocated
modifies *buf
effects Inserts the contents of s (an octet array of length len)
into the buffer *buf, expanding the buffer if necessary.
- Returns ENOMEM if memory is exhausted. */
+ Returns ENOMEM if memory is exhausted. */
asn1_error_code asn1buf_insert_charstring
- (asn1buf *buf, const unsigned int len, const char *s);
+ (asn1buf *buf, const unsigned int len, const char *s);
/* requires *buf is allocated
modifies *buf
effects Inserts the contents of s (a character array of length len)
into the buffer *buf, expanding the buffer if necessary.
- Returns ENOMEM if memory is exhausted. */
+ Returns ENOMEM if memory is exhausted. */
asn1_error_code asn1buf_remove_octet
- (asn1buf *buf, asn1_octet *o);
+ (asn1buf *buf, asn1_octet *o);
/* requires *buf is allocated
effects Returns *buf's current octet in *o and advances to
the next octet.
- Returns ASN1_OVERRUN if *buf has already been exhausted. */
+ Returns ASN1_OVERRUN if *buf has already been exhausted. */
#define asn1buf_remove_octet(buf,o) \
(((buf)->next > (buf)->bound) \
? ASN1_OVERRUN \
: ((*(o) = (asn1_octet)(*(((buf)->next)++))),0))
asn1_error_code asn1buf_remove_octetstring
- (asn1buf *buf, const unsigned int len, asn1_octet **s);
+ (asn1buf *buf, const unsigned int len, asn1_octet **s);
/* requires *buf is allocated
effects Removes the next len octets of *buf and returns them in **s.
- Returns ASN1_OVERRUN if there are fewer than len unread octets
- left in *buf.
- Returns ENOMEM if *s could not be allocated. */
+ Returns ASN1_OVERRUN if there are fewer than len unread octets
+ left in *buf.
+ Returns ENOMEM if *s could not be allocated. */
asn1_error_code asn1buf_remove_charstring
- (asn1buf *buf, const unsigned int len,
- char **s);
+ (asn1buf *buf, const unsigned int len,
+ char **s);
/* requires *buf is allocated
effects Removes the next len octets of *buf and returns them in **s.
- Returns ASN1_OVERRUN if there are fewer than len unread octets
- left in *buf.
- Returns ENOMEM if *s could not be allocated. */
+ Returns ASN1_OVERRUN if there are fewer than len unread octets
+ left in *buf.
+ Returns ENOMEM if *s could not be allocated. */
asn1_error_code asn1buf_unparse
- (const asn1buf *buf, char **s);
+ (const asn1buf *buf, char **s);
/* modifies *s
effects Returns a human-readable representation of *buf in *s,
where each octet in *buf is represented by a character in *s. */
asn1_error_code asn1buf_hex_unparse
- (const asn1buf *buf, char **s);
+ (const asn1buf *buf, char **s);
/* modifies *s
effects Returns a human-readable representation of *buf in *s,
where each octet in *buf is represented by a 2-digit
- hexadecimal number in *s. */
+ hexadecimal number in *s. */
asn1_error_code asn12krb5_buf
- (const asn1buf *buf, krb5_data **code);
+ (const asn1buf *buf, krb5_data **code);
/* modifies *code
effects Instantiates **code with the krb5_data representation of **buf. */
int asn1buf_remains
- (asn1buf *buf, int indef);
+ (asn1buf *buf, int indef);
/* requires *buf is a buffer containing an asn.1 structure or array
modifies *buf
effects Returns the number of unprocessed octets remaining in *buf. */
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* lib/krb5/asn.1/asn1glue.h
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
*
* Header file for some glue functions (macros, mostly)
*/
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/krb5_decode.c
- *
+ *
* Copyright 1994, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
/* process encoding header ***************************************/
/* decode tag and check that it == [APPLICATION tagnum] */
-#define check_apptag(tagexpect) \
-{ \
- taginfo t1; \
- retval = asn1_get_tag_2(&buf, &t1); \
- if (retval) clean_return (retval); \
- if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED) \
- clean_return(ASN1_BAD_ID); \
- if (t1.tagnum != (tagexpect)) clean_return(KRB5_BADMSGTYPE); \
- asn1class = t1.asn1class; \
- construction = t1.construction; \
- tagnum = t1.tagnum; \
+#define check_apptag(tagexpect) \
+{ \
+ taginfo t1; \
+ retval = asn1_get_tag_2(&buf, &t1); \
+ if (retval) clean_return (retval); \
+ if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED) \
+ clean_return(ASN1_BAD_ID); \
+ if (t1.tagnum != (tagexpect)) clean_return(KRB5_BADMSGTYPE); \
+ asn1class = t1.asn1class; \
+ construction = t1.construction; \
+ tagnum = t1.tagnum; \
}
/* process a structure *******************************************/
/* decode an explicit tag and place the number in tagnum */
-#define next_tag() \
-{ taginfo t2; \
- retval = asn1_get_tag_2(&subbuf, &t2); \
- if (retval) clean_return(retval); \
- asn1class = t2.asn1class; \
- construction = t2.construction; \
- tagnum = t2.tagnum; \
- indef = t2.indef; \
- taglen = t2.length; \
+#define next_tag() \
+{ taginfo t2; \
+ retval = asn1_get_tag_2(&subbuf, &t2); \
+ if (retval) clean_return(retval); \
+ asn1class = t2.asn1class; \
+ construction = t2.construction; \
+ tagnum = t2.tagnum; \
+ indef = t2.indef; \
+ taglen = t2.length; \
}
static asn1_error_code
retval = asn1_get_tag_2(buf, &t);
if (retval)
- return retval;
+ return retval;
if (t.asn1class != UNIVERSAL || t.tagnum || t.indef)
- return ASN1_MISSING_EOC;
+ return ASN1_MISSING_EOC;
return 0;
}
-#define get_eoc() \
-{ \
- retval = asn1_get_eoc_tag(&subbuf); \
- if (retval) return retval; \
+#define get_eoc() \
+{ \
+ retval = asn1_get_eoc_tag(&subbuf); \
+ if (retval) return retval; \
}
/* decode sequence header and initialize tagnum with the first field */
get_field_body(var,decoder)
/* decode (or skip, if not present) an optional field */
-#define opt_field(var,tagexpect,decoder) \
- if (asn1buf_remains(&subbuf, seqindef)) { \
- if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
- clean_return(ASN1_BAD_ID); \
- if (tagnum == (tagexpect)) { \
- get_field_body(var,decoder); \
- } \
+#define opt_field(var,tagexpect,decoder) \
+ if (asn1buf_remains(&subbuf, seqindef)) { \
+ if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
+ clean_return(ASN1_BAD_ID); \
+ if (tagnum == (tagexpect)) { \
+ get_field_body(var,decoder); \
+ } \
}
/* field w/ accompanying length *********/
get_lenfield_body(len,var,decoder)
/* decode an optional field w/ length */
-#define opt_lenfield(len,var,tagexpect,decoder) \
- if (asn1buf_remains(&subbuf, seqindef)) { \
- if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
- clean_return(ASN1_BAD_ID); \
- if (tagnum == (tagexpect)) { \
- get_lenfield_body(len,var,decoder); \
- } \
+#define opt_lenfield(len,var,tagexpect,decoder) \
+ if (asn1buf_remains(&subbuf, seqindef)) { \
+ if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
+ clean_return(ASN1_BAD_ID); \
+ if (tagnum == (tagexpect)) { \
+ get_lenfield_body(len,var,decoder); \
+ } \
}
-
+
/* clean up ******************************************************/
/* finish up */
return 0; \
error_out: \
if (rep && *rep) { \
- cleanup_routine(*rep); \
- *rep = NULL; \
+ cleanup_routine(*rep); \
+ *rep = NULL; \
} \
return retval;
return 0; \
error_out: \
return retval;
-
+
#define cleanup_manual()\
return 0;
check_apptag(2);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- alloc_field((*rep)->client,krb5_principal_data);
- get_field((*rep)->client,1,asn1_decode_realm);
- get_field((*rep)->client,2,asn1_decode_principal_name);
- if (tagnum == 3) {
- alloc_field((*rep)->checksum,krb5_checksum);
- get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
- get_field((*rep)->cusec,4,asn1_decode_int32);
- get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
- if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); }
- opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
- opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
- opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
- (*rep)->magic = KV5M_AUTHENTICATOR;
- end_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ alloc_field((*rep)->client,krb5_principal_data);
+ get_field((*rep)->client,1,asn1_decode_realm);
+ get_field((*rep)->client,2,asn1_decode_principal_name);
+ if (tagnum == 3) {
+ alloc_field((*rep)->checksum,krb5_checksum);
+ get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
+ get_field((*rep)->cusec,4,asn1_decode_int32);
+ get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
+ if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); }
+ opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
+ opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
+ opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
+ (*rep)->magic = KV5M_AUTHENTICATOR;
+ end_structure();
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,subkey);
- free_field(*rep,checksum);
- free_field(*rep,client);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,subkey);
+ free_field(*rep,checksum);
+ free_field(*rep,client);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
setup();
alloc_field(*rep,krb5_ticket);
clear_field(rep,server);
-
+
check_apptag(1);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
- }
- alloc_field((*rep)->server,krb5_principal_data);
- get_field((*rep)->server,1,asn1_decode_realm);
- get_field((*rep)->server,2,asn1_decode_principal_name);
- get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
- (*rep)->magic = KV5M_TICKET;
- end_structure();
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
+ }
+ alloc_field((*rep)->server,krb5_principal_data);
+ get_field((*rep)->server,1,asn1_decode_realm);
+ get_field((*rep)->server,2,asn1_decode_principal_name);
+ get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+ (*rep)->magic = KV5M_TICKET;
+ end_structure();
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,server);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,server);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
alloc_field(*rep,krb5_keyblock);
{ begin_structure();
- get_field((*rep)->enctype,0,asn1_decode_enctype);
- get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
- end_structure();
- (*rep)->magic = KV5M_KEYBLOCK;
+ get_field((*rep)->enctype,0,asn1_decode_enctype);
+ get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
+ end_structure();
+ (*rep)->magic = KV5M_KEYBLOCK;
}
cleanup(free);
}
check_apptag(3);
{ begin_structure();
- get_field((*rep)->flags,0,asn1_decode_ticket_flags);
- alloc_field((*rep)->session,krb5_keyblock);
- get_field(*((*rep)->session),1,asn1_decode_encryption_key);
- alloc_field((*rep)->client,krb5_principal_data);
- get_field((*rep)->client,2,asn1_decode_realm);
- get_field((*rep)->client,3,asn1_decode_principal_name);
- get_field((*rep)->transited,4,asn1_decode_transited_encoding);
- get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
- if (tagnum == 6)
- { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
- else
- (*rep)->times.starttime=(*rep)->times.authtime;
- get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
- opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
- opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
- opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
- (*rep)->magic = KV5M_ENC_TKT_PART;
- end_structure();
+ get_field((*rep)->flags,0,asn1_decode_ticket_flags);
+ alloc_field((*rep)->session,krb5_keyblock);
+ get_field(*((*rep)->session),1,asn1_decode_encryption_key);
+ alloc_field((*rep)->client,krb5_principal_data);
+ get_field((*rep)->client,2,asn1_decode_realm);
+ get_field((*rep)->client,3,asn1_decode_principal_name);
+ get_field((*rep)->transited,4,asn1_decode_transited_encoding);
+ get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
+ if (tagnum == 6)
+ { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
+ else
+ (*rep)->times.starttime=(*rep)->times.authtime;
+ get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
+ opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
+ opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
+ opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
+ (*rep)->magic = KV5M_ENC_TKT_PART;
+ end_structure();
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,session);
- free_field(*rep,client);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,session);
+ free_field(*rep,client);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
if (retval) clean_return(retval);
#ifdef KRB5_MSGTYPE_STRICT
if ((*rep)->msg_type != KRB5_AS_REP)
- clean_return(KRB5_BADMSGTYPE);
+ clean_return(KRB5_BADMSGTYPE);
#endif
cleanup(free);
check_apptag(14);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
#endif
- }
- get_field((*rep)->ap_options,2,asn1_decode_ap_options);
- alloc_field((*rep)->ticket,krb5_ticket);
- get_field(*((*rep)->ticket),3,asn1_decode_ticket);
- get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
- end_structure();
- (*rep)->magic = KV5M_AP_REQ;
+ }
+ get_field((*rep)->ap_options,2,asn1_decode_ap_options);
+ alloc_field((*rep)->ticket,krb5_ticket);
+ get_field(*((*rep)->ticket),3,asn1_decode_ticket);
+ get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
+ end_structure();
+ (*rep)->magic = KV5M_AP_REQ;
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,ticket);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,ticket);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
check_apptag(15);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
#endif
- }
- get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
- end_structure();
- (*rep)->magic = KV5M_AP_REP;
+ }
+ get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
+ end_structure();
+ (*rep)->magic = KV5M_AP_REP;
}
cleanup(free);
}
check_apptag(27);
{ begin_structure();
- get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
- get_field((*rep)->cusec,1,asn1_decode_int32);
- if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); }
- opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
- opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
- end_structure();
- (*rep)->magic = KV5M_AP_REP_ENC_PART;
+ get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
+ get_field((*rep)->cusec,1,asn1_decode_int32);
+ if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); }
+ opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
+ opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+ end_structure();
+ (*rep)->magic = KV5M_AP_REP_ENC_PART;
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,subkey);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,subkey);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
#ifdef KRB5_MSGTYPE_STRICT
if ((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
#endif
-
+
cleanup(free);
}
#ifdef KRB5_MSGTYPE_STRICT
if ((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
#endif
-
+
cleanup(free);
}
check_apptag(20);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if (msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
#endif
- }
- /*
- * Gross kludge to extract pointer to encoded safe-body. Relies
- * on tag prefetch done by next_tag(). Don't handle indefinite
- * encoding, as it's too much work.
- */
- if (!indef) {
- tmpbody.length = taglen;
- tmpbody.data = subbuf.next;
- } else {
- tmpbody.length = 0;
- tmpbody.data = NULL;
- }
- get_field(**rep,2,asn1_decode_krb_safe_body);
- alloc_field((*rep)->checksum,krb5_checksum);
- get_field(*((*rep)->checksum),3,asn1_decode_checksum);
- (*rep)->magic = KV5M_SAFE;
- end_structure();
+ }
+ /*
+ * Gross kludge to extract pointer to encoded safe-body. Relies
+ * on tag prefetch done by next_tag(). Don't handle indefinite
+ * encoding, as it's too much work.
+ */
+ if (!indef) {
+ tmpbody.length = taglen;
+ tmpbody.data = subbuf.next;
+ } else {
+ tmpbody.length = 0;
+ tmpbody.data = NULL;
+ }
+ get_field(**rep,2,asn1_decode_krb_safe_body);
+ alloc_field((*rep)->checksum,krb5_checksum);
+ get_field(*((*rep)->checksum),3,asn1_decode_checksum);
+ (*rep)->magic = KV5M_SAFE;
+ end_structure();
}
if (body != NULL)
- *body = tmpbody;
+ *body = tmpbody;
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,checksum);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,checksum);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
check_apptag(21);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
#endif
- }
- get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
- (*rep)->magic = KV5M_PRIV;
- end_structure();
+ }
+ get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+ (*rep)->magic = KV5M_PRIV;
+ end_structure();
}
cleanup(free);
}
check_apptag(28);
{ begin_structure();
- get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
- opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
- opt_field((*rep)->usec,2,asn1_decode_int32);
- opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
- alloc_field((*rep)->s_address,krb5_address);
- get_field(*((*rep)->s_address),4,asn1_decode_host_address);
- if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
- opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
- (*rep)->magic = KV5M_PRIV_ENC_PART;
- end_structure();
+ get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
+ opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
+ opt_field((*rep)->usec,2,asn1_decode_int32);
+ opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+ alloc_field((*rep)->s_address,krb5_address);
+ get_field(*((*rep)->s_address),4,asn1_decode_host_address);
+ if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+ opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+ (*rep)->magic = KV5M_PRIV_ENC_PART;
+ end_structure();
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,r_address);
- free_field(*rep,s_address);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,r_address);
+ free_field(*rep,s_address);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
check_apptag(22);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
#endif
- }
- get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
- get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
- (*rep)->magic = KV5M_CRED;
- end_structure();
+ }
+ get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
+ get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+ (*rep)->magic = KV5M_CRED;
+ end_structure();
}
cleanup(free);
}
check_apptag(29);
{ begin_structure();
- get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
- opt_field((*rep)->nonce,1,asn1_decode_int32);
- opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
- opt_field((*rep)->usec,3,asn1_decode_int32);
- if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); }
- opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
- if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
- opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
- (*rep)->magic = KV5M_CRED_ENC_PART;
- end_structure();
+ get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
+ opt_field((*rep)->nonce,1,asn1_decode_int32);
+ opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
+ opt_field((*rep)->usec,3,asn1_decode_int32);
+ if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); }
+ opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
+ if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+ opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+ (*rep)->magic = KV5M_CRED_ENC_PART;
+ end_structure();
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,r_address);
- free_field(*rep,s_address);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,r_address);
+ free_field(*rep,s_address);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
alloc_field(*rep,krb5_error);
clear_field(rep,server);
clear_field(rep,client);
-
+
check_apptag(30);
{ begin_structure();
- { krb5_kvno kvno;
- get_field(kvno,0,asn1_decode_kvno);
- if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
- { krb5_msgtype msg_type;
- get_field(msg_type,1,asn1_decode_msgtype);
+ { krb5_kvno kvno;
+ get_field(kvno,0,asn1_decode_kvno);
+ if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+ { krb5_msgtype msg_type;
+ get_field(msg_type,1,asn1_decode_msgtype);
#ifdef KRB5_MSGTYPE_STRICT
- if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
+ if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
#endif
- }
- opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
- opt_field((*rep)->cusec,3,asn1_decode_int32);
- get_field((*rep)->stime,4,asn1_decode_kerberos_time);
- get_field((*rep)->susec,5,asn1_decode_int32);
- get_field((*rep)->error,6,asn1_decode_ui_4);
- if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); }
- opt_field((*rep)->client,7,asn1_decode_realm);
- opt_field((*rep)->client,8,asn1_decode_principal_name);
- alloc_field((*rep)->server,krb5_principal_data);
- get_field((*rep)->server,9,asn1_decode_realm);
- get_field((*rep)->server,10,asn1_decode_principal_name);
- opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
- opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
- (*rep)->magic = KV5M_ERROR;
- end_structure();
+ }
+ opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
+ opt_field((*rep)->cusec,3,asn1_decode_int32);
+ get_field((*rep)->stime,4,asn1_decode_kerberos_time);
+ get_field((*rep)->susec,5,asn1_decode_int32);
+ get_field((*rep)->error,6,asn1_decode_ui_4);
+ if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); }
+ opt_field((*rep)->client,7,asn1_decode_realm);
+ opt_field((*rep)->client,8,asn1_decode_principal_name);
+ alloc_field((*rep)->server,krb5_principal_data);
+ get_field((*rep)->server,9,asn1_decode_realm);
+ get_field((*rep)->server,10,asn1_decode_principal_name);
+ opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
+ opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
+ (*rep)->magic = KV5M_ERROR;
+ end_structure();
}
cleanup_manual();
error_out:
if (rep && *rep) {
- free_field(*rep,server);
- free_field(*rep,client);
- free(*rep);
- *rep = NULL;
+ free_field(*rep,server);
+ free_field(*rep,client);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
*rep = 0;
retval = asn1_decode_authorization_data(&buf,rep);
if (retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here... */
+ cleanup_none(); /* we're not allocating anything here... */
}
krb5_error_code decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **rep)
setup();
alloc_field(*rep,krb5_pwd_data);
{ begin_structure();
- get_field((*rep)->sequence_count,0,asn1_decode_int);
- get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
- (*rep)->magic = KV5M_PWD_DATA;
- end_structure (); }
+ get_field((*rep)->sequence_count,0,asn1_decode_int);
+ get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
+ (*rep)->magic = KV5M_PWD_DATA;
+ end_structure (); }
cleanup(free);
}
*rep = 0;
retval = asn1_decode_sequence_of_pa_data(&buf,rep);
if (retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here */
+ cleanup_none(); /* we're not allocating anything here */
}
krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **rep)
setup();
alloc_field(*rep,krb5_alt_method);
{ begin_structure();
- get_field((*rep)->method,0,asn1_decode_int32);
- if (tagnum == 1) {
- get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
- } else {
- (*rep)->length = 0;
- (*rep)->data = 0;
- }
- (*rep)->magic = KV5M_ALT_METHOD;
- end_structure();
+ get_field((*rep)->method,0,asn1_decode_int32);
+ if (tagnum == 1) {
+ get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
+ } else {
+ (*rep)->length = 0;
+ (*rep)->data = 0;
+ }
+ (*rep)->magic = KV5M_ALT_METHOD;
+ end_structure();
}
cleanup(free);
}
*rep = 0;
retval = asn1_decode_etype_info(&buf,rep);
if (retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here */
+ cleanup_none(); /* we're not allocating anything here */
}
krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
*rep = 0;
retval = asn1_decode_etype_info2(&buf,rep, 0);
if (retval == ASN1_BAD_ID) {
- retval = asn1buf_wrap_data(&buf,code);
- if (retval) clean_return(retval);
- retval = asn1_decode_etype_info2(&buf, rep, 1);
+ retval = asn1buf_wrap_data(&buf,code);
+ if (retval) clean_return(retval);
+ retval = asn1_decode_etype_info2(&buf, rep, 1);
}
if (retval) clean_return(retval);
- cleanup_none(); /* we're not allocating anything here */
+ cleanup_none(); /* we're not allocating anything here */
}
setup();
alloc_field(*rep,krb5_pa_enc_ts);
{ begin_structure();
- get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
- if (tagnum == 1) {
- get_field((*rep)->pausec,1,asn1_decode_int32);
- } else
- (*rep)->pausec = 0;
- end_structure (); }
+ get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
+ if (tagnum == 1) {
+ get_field((*rep)->pausec,1,asn1_decode_int32);
+ } else
+ (*rep)->pausec = 0;
+ end_structure (); }
cleanup(free);
}
krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_predicted_sam_response **rep)
{
- setup_buf_only(); /* preallocated */
+ setup_buf_only(); /* preallocated */
alloc_field(*rep,krb5_predicted_sam_response);
retval = asn1_decode_predicted_sam_response(&buf,*rep);
cleanup(free);
}
-krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep)
+krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep)
{
setup_buf_only();
alloc_field(*rep, krb5_principal_data);
retval = asn1_decode_reply_key_pack(&buf, *rep);
if (retval)
- goto error_out;
+ goto error_out;
cleanup_manual();
error_out:
if (rep && *rep) {
- free((*rep)->replyKey.contents);
- free((*rep)->asChecksum.contents);
- free(*rep);
- *rep = NULL;
+ free((*rep)->replyKey.contents);
+ free((*rep)->asChecksum.contents);
+ free(*rep);
+ *rep = NULL;
}
return retval;
}
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* src/lib/krb5/asn.1/krb5_encode.c
- *
+ *
* Copyright 1994, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
krb5_addfield(rep->field_i, i, asn1_type);
/* for string fields (these encoders take an additional argument,
- the length of the string) */
+ the length of the string) */
addlenfield(rep->field_length, rep->field, i-1, asn1_type);
/* if you really have to do things yourself... */
if (retval) return retval;
sum += length;
retval = asn1_make_etag(buf,
- [UNIVERSAL/APPLICATION/CONTEXT_SPECIFIC/PRIVATE],
- tag_number, length, &length);
+ [UNIVERSAL/APPLICATION/CONTEXT_SPECIFIC/PRIVATE],
+ tag_number, length, &length);
if (retval) return retval;
sum += length;
\
retval = asn1buf_create(&buf);\
if (retval) return retval
-
+
/* krb5_addfield -- add a field, or component, to the encoding */
#define krb5_addfield(value,tag,encoder)\
{ retval = encoder(buf,value,&length);\
{
krb5_setup();
- /* authorization-data[8] AuthorizationData OPTIONAL */
+ /* authorization-data[8] AuthorizationData OPTIONAL */
if (rep->authorization_data != NULL &&
- rep->authorization_data[0] != NULL) {
- retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
- rep->authorization_data,
- &length);
- if (retval) {
- asn1buf_destroy(&buf);
- return retval; }
- sum += length;
- retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
- if (retval) {
- asn1buf_destroy(&buf);
- return retval; }
- sum += length;
+ rep->authorization_data[0] != NULL) {
+ retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
+ rep->authorization_data,
+ &length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval; }
+ sum += length;
+ retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
+ if (retval) {
+ asn1buf_destroy(&buf);
+ return retval; }
+ sum += length;
}
- /* seq-number[7] INTEGER OPTIONAL */
+ /* seq-number[7] INTEGER OPTIONAL */
if (rep->seq_number != 0)
- krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
+ krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
- /* subkey[6] EncryptionKey OPTIONAL */
+ /* subkey[6] EncryptionKey OPTIONAL */
if (rep->subkey != NULL)
- krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
+ krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
- /* ctime[5] KerberosTime */
+ /* ctime[5] KerberosTime */
krb5_addfield(rep->ctime,5,asn1_encode_kerberos_time);
- /* cusec[4] INTEGER */
+ /* cusec[4] INTEGER */
krb5_addfield(rep->cusec,4,asn1_encode_integer);
- /* cksum[3] Checksum OPTIONAL */
+ /* cksum[3] Checksum OPTIONAL */
if (rep->checksum != NULL)
- krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+ krb5_addfield(rep->checksum,3,asn1_encode_checksum);
- /* cname[2] PrincipalName */
+ /* cname[2] PrincipalName */
krb5_addfield(rep->client,2,asn1_encode_principal_name);
- /* crealm[1] Realm */
+ /* crealm[1] Realm */
krb5_addfield(rep->client,1,asn1_encode_realm);
- /* authenticator-vno[0] INTEGER */
+ /* authenticator-vno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* Authenticator ::= [APPLICATION 2] SEQUENCE */
{
krb5_setup();
- /* enc-part[3] EncryptedData */
+ /* enc-part[3] EncryptedData */
krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
- /* sname [2] PrincipalName */
+ /* sname [2] PrincipalName */
krb5_addfield(rep->server,2,asn1_encode_principal_name);
- /* realm [1] Realm */
+ /* realm [1] Realm */
krb5_addfield(rep->server,1,asn1_encode_realm);
- /* tkt-vno [0] INTEGER */
+ /* tkt-vno [0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* Ticket ::= [APPLICATION 1] SEQUENCE */
{
krb5_setup();
- /* keyvalue[1] OCTET STRING */
+ /* keyvalue[1] OCTET STRING */
krb5_addlenfield(rep->length,rep->contents,1,asn1_encode_octetstring);
- /* enctype[0] INTEGER */
+ /* enctype[0] INTEGER */
krb5_addfield(rep->enctype,0,asn1_encode_integer);
/* EncryptionKey ::= SEQUENCE */
{
krb5_setup();
- /* authorization-data[10] AuthorizationData OPTIONAL */
+ /* authorization-data[10] AuthorizationData OPTIONAL */
if (rep->authorization_data != NULL &&
- rep->authorization_data[0] != NULL)
- krb5_addfield((const krb5_authdata**)rep->authorization_data,
- 10,asn1_encode_authorization_data);
+ rep->authorization_data[0] != NULL)
+ krb5_addfield((const krb5_authdata**)rep->authorization_data,
+ 10,asn1_encode_authorization_data);
- /* caddr[9] HostAddresses OPTIONAL */
+ /* caddr[9] HostAddresses OPTIONAL */
if (rep->caddrs != NULL && rep->caddrs[0] != NULL)
- krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
+ krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
- /* renew-till[8] KerberosTime OPTIONAL */
+ /* renew-till[8] KerberosTime OPTIONAL */
if (rep->times.renew_till)
- krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
+ krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
- /* endtime[7] KerberosTime */
+ /* endtime[7] KerberosTime */
krb5_addfield(rep->times.endtime,7,asn1_encode_kerberos_time);
- /* starttime[6] KerberosTime OPTIONAL */
+ /* starttime[6] KerberosTime OPTIONAL */
if (rep->times.starttime)
- krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
+ krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
- /* authtime[5] KerberosTime */
+ /* authtime[5] KerberosTime */
krb5_addfield(rep->times.authtime,5,asn1_encode_kerberos_time);
- /* transited[4] TransitedEncoding */
+ /* transited[4] TransitedEncoding */
krb5_addfield(&(rep->transited),4,asn1_encode_transited_encoding);
- /* cname[3] PrincipalName */
+ /* cname[3] PrincipalName */
krb5_addfield(rep->client,3,asn1_encode_principal_name);
- /* crealm[2] Realm */
+ /* crealm[2] Realm */
krb5_addfield(rep->client,2,asn1_encode_realm);
- /* key[1] EncryptionKey */
+ /* key[1] EncryptionKey */
krb5_addfield(rep->session,1,asn1_encode_encryption_key);
- /* flags[0] TicketFlags */
+ /* flags[0] TicketFlags */
krb5_addfield(rep->flags,0,asn1_encode_ticket_flags);
/* EncTicketPart ::= [APPLICATION 3] SEQUENCE */
krb5_cleanup();
}
-/* yes, the translation is identical to that used for KDC__REP */
+/* yes, the translation is identical to that used for KDC__REP */
krb5_error_code encode_krb5_as_rep(const krb5_kdc_rep *rep, krb5_data **code)
{
krb5_setup();
krb5_cleanup();
}
-/* yes, the translation is identical to that used for KDC__REP */
+/* yes, the translation is identical to that used for KDC__REP */
krb5_error_code encode_krb5_tgs_rep(const krb5_kdc_rep *rep, krb5_data **code)
{
krb5_setup();
{
krb5_setup();
- /* authenticator[4] EncryptedData */
+ /* authenticator[4] EncryptedData */
krb5_addfield(&(rep->authenticator),4,asn1_encode_encrypted_data);
- /* ticket[3] Ticket */
+ /* ticket[3] Ticket */
krb5_addfield(rep->ticket,3,asn1_encode_ticket);
- /* ap-options[2] APOptions */
+ /* ap-options[2] APOptions */
krb5_addfield(rep->ap_options,2,asn1_encode_ap_options);
- /* msg-type[1] INTEGER */
+ /* msg-type[1] INTEGER */
krb5_addfield(ASN1_KRB_AP_REQ,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
- /* AP-REQ ::= [APPLICATION 14] SEQUENCE */
+ /* AP-REQ ::= [APPLICATION 14] SEQUENCE */
krb5_makeseq();
krb5_apptag(14);
{
krb5_setup();
- /* enc-part[2] EncryptedData */
+ /* enc-part[2] EncryptedData */
krb5_addfield(&(rep->enc_part),2,asn1_encode_encrypted_data);
-
- /* msg-type[1] INTEGER */
+
+ /* msg-type[1] INTEGER */
krb5_addfield(ASN1_KRB_AP_REP,1,asn1_encode_integer);
-
- /* pvno[0] INTEGER */
+
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
-
- /* AP-REP ::= [APPLICATION 15] SEQUENCE */
+
+ /* AP-REP ::= [APPLICATION 15] SEQUENCE */
krb5_makeseq();
krb5_apptag(15);
-
+
krb5_cleanup();
}
{
krb5_setup();
- /* seq-number[3] INTEGER OPTIONAL */
+ /* seq-number[3] INTEGER OPTIONAL */
if (rep->seq_number)
- krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+ krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
- /* subkey[2] EncryptionKey OPTIONAL */
+ /* subkey[2] EncryptionKey OPTIONAL */
if (rep->subkey != NULL)
- krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
+ krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
- /* cusec[1] INTEGER */
+ /* cusec[1] INTEGER */
krb5_addfield(rep->cusec,1,asn1_encode_integer);
- /* ctime[0] KerberosTime */
+ /* ctime[0] KerberosTime */
krb5_addfield(rep->ctime,0,asn1_encode_kerberos_time);
/* EncAPRepPart ::= [APPLICATION 27] SEQUENCE */
{
krb5_setup();
- /* cksum[3] Checksum */
+ /* cksum[3] Checksum */
krb5_addfield(rep->checksum,3,asn1_encode_checksum);
- /* safe-body[2] KRB-SAFE-BODY */
+ /* safe-body[2] KRB-SAFE-BODY */
krb5_addfield(rep,2,asn1_encode_krb_safe_body);
- /* msg-type[1] INTEGER */
+ /* msg-type[1] INTEGER */
krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
krb5_setup();
if (body == NULL) {
- asn1buf_destroy(&buf);
- return ASN1_MISSING_FIELD;
+ asn1buf_destroy(&buf);
+ return ASN1_MISSING_FIELD;
}
- /* cksum[3] Checksum */
+ /* cksum[3] Checksum */
krb5_addfield(rep->checksum,3,asn1_encode_checksum);
- /* safe-body[2] KRB-SAFE-BODY */
+ /* safe-body[2] KRB-SAFE-BODY */
krb5_addfield(body,2,asn1_encode_krb_saved_safe_body);
- /* msg-type[1] INTEGER */
+ /* msg-type[1] INTEGER */
krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
{
krb5_setup();
- /* enc-part[3] EncryptedData */
+ /* enc-part[3] EncryptedData */
krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
- /* msg-type[1] INTEGER */
+ /* msg-type[1] INTEGER */
krb5_addfield(ASN1_KRB_PRIV,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* KRB-PRIV ::= [APPLICATION 21] SEQUENCE */
{
krb5_setup();
- /* r-address[5] HostAddress OPTIONAL -- recip's addr */
+ /* r-address[5] HostAddress OPTIONAL -- recip's addr */
if (rep->r_address)
- krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+ krb5_addfield(rep->r_address,5,asn1_encode_host_address);
- /* s-address[4] HostAddress -- sender's addr */
+ /* s-address[4] HostAddress -- sender's addr */
krb5_addfield(rep->s_address,4,asn1_encode_host_address);
- /* seq-number[3] INTEGER OPTIONAL */
+ /* seq-number[3] INTEGER OPTIONAL */
if (rep->seq_number)
- krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+ krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
- /* usec[2] INTEGER OPTIONAL */
+ /* usec[2] INTEGER OPTIONAL */
if (rep->timestamp) {
- krb5_addfield(rep->usec,2,asn1_encode_integer);
- /* timestamp[1] KerberosTime OPTIONAL */
- krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
+ krb5_addfield(rep->usec,2,asn1_encode_integer);
+ /* timestamp[1] KerberosTime OPTIONAL */
+ krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
}
- /* user-data[0] OCTET STRING */
+ /* user-data[0] OCTET STRING */
krb5_addlenfield(rep->user_data.length,rep->user_data.data,0,asn1_encode_charstring);
/* EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE */
{
krb5_setup();
- /* enc-part[3] EncryptedData */
+ /* enc-part[3] EncryptedData */
krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
- /* tickets[2] SEQUENCE OF Ticket */
+ /* tickets[2] SEQUENCE OF Ticket */
krb5_addfield((const krb5_ticket**)rep->tickets,2,asn1_encode_sequence_of_ticket);
- /* msg-type[1] INTEGER, -- KRB_CRED */
+ /* msg-type[1] INTEGER, -- KRB_CRED */
krb5_addfield(ASN1_KRB_CRED,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* KRB-CRED ::= [APPLICATION 22] SEQUENCE */
{
krb5_setup();
- /* r-address[5] HostAddress OPTIONAL */
+ /* r-address[5] HostAddress OPTIONAL */
if (rep->r_address != NULL)
- krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+ krb5_addfield(rep->r_address,5,asn1_encode_host_address);
- /* s-address[4] HostAddress OPTIONAL */
+ /* s-address[4] HostAddress OPTIONAL */
if (rep->s_address != NULL)
- krb5_addfield(rep->s_address,4,asn1_encode_host_address);
+ krb5_addfield(rep->s_address,4,asn1_encode_host_address);
- /* usec[3] INTEGER OPTIONAL */
+ /* usec[3] INTEGER OPTIONAL */
if (rep->timestamp) {
- krb5_addfield(rep->usec,3,asn1_encode_integer);
- /* timestamp[2] KerberosTime OPTIONAL */
- krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
+ krb5_addfield(rep->usec,3,asn1_encode_integer);
+ /* timestamp[2] KerberosTime OPTIONAL */
+ krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
}
- /* nonce[1] INTEGER OPTIONAL */
+ /* nonce[1] INTEGER OPTIONAL */
if (rep->nonce)
- krb5_addfield(rep->nonce,1,asn1_encode_integer);
+ krb5_addfield(rep->nonce,1,asn1_encode_integer);
- /* ticket-info[0] SEQUENCE OF KrbCredInfo */
+ /* ticket-info[0] SEQUENCE OF KrbCredInfo */
krb5_addfield((const krb5_cred_info**)rep->ticket_info,
- 0,asn1_encode_sequence_of_krb_cred_info);
+ 0,asn1_encode_sequence_of_krb_cred_info);
/* EncKrbCredPart ::= [APPLICATION 29] SEQUENCE */
krb5_makeseq();
{
krb5_setup();
- /* e-data[12] OCTET STRING OPTIONAL */
+ /* e-data[12] OCTET STRING OPTIONAL */
if (rep->e_data.data != NULL && rep->e_data.length > 0)
- krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
+ krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
- /* e-text[11] GeneralString OPTIONAL */
+ /* e-text[11] GeneralString OPTIONAL */
if (rep->text.data != NULL && rep->text.length > 0)
- krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
+ krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
- /* sname[10] PrincipalName -- Correct name */
+ /* sname[10] PrincipalName -- Correct name */
krb5_addfield(rep->server,10,asn1_encode_principal_name);
- /* realm[9] Realm -- Correct realm */
+ /* realm[9] Realm -- Correct realm */
krb5_addfield(rep->server,9,asn1_encode_realm);
- /* cname[8] PrincipalName OPTIONAL */
+ /* cname[8] PrincipalName OPTIONAL */
if (rep->client != NULL) {
- krb5_addfield(rep->client,8,asn1_encode_principal_name);
- /* crealm[7] Realm OPTIONAL */
- krb5_addfield(rep->client,7,asn1_encode_realm);
+ krb5_addfield(rep->client,8,asn1_encode_principal_name);
+ /* crealm[7] Realm OPTIONAL */
+ krb5_addfield(rep->client,7,asn1_encode_realm);
}
- /* error-code[6] INTEGER */
+ /* error-code[6] INTEGER */
krb5_addfield(rep->error,6,asn1_encode_ui_4);
- /* susec[5] INTEGER */
+ /* susec[5] INTEGER */
krb5_addfield(rep->susec,5,asn1_encode_integer);
- /* stime[4] KerberosTime */
+ /* stime[4] KerberosTime */
krb5_addfield(rep->stime,4,asn1_encode_kerberos_time);
- /* cusec[3] INTEGER OPTIONAL */
+ /* cusec[3] INTEGER OPTIONAL */
if (rep->cusec)
- krb5_addfield(rep->cusec,3,asn1_encode_integer);
+ krb5_addfield(rep->cusec,3,asn1_encode_integer);
- /* ctime[2] KerberosTime OPTIONAL */
+ /* ctime[2] KerberosTime OPTIONAL */
if (rep->ctime)
- krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
+ krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
- /* msg-type[1] INTEGER */
+ /* msg-type[1] INTEGER */
krb5_addfield(ASN1_KRB_ERROR,1,asn1_encode_integer);
- /* pvno[0] INTEGER */
+ /* pvno[0] INTEGER */
krb5_addfield(KVNO,0,asn1_encode_integer);
/* KRB-ERROR ::= [APPLICATION 30] SEQUENCE */
asn1_error_code retval;
asn1buf *buf=NULL;
unsigned int length;
-
+
if (rep == NULL) return ASN1_MISSING_FIELD;
retval = asn1buf_create(&buf);
if (retval) return retval;
retval = asn1_encode_authorization_data(buf,(const krb5_authdata**)rep,
- &length);
+ &length);
if (retval) return retval;
krb5_cleanup();
asn1_error_code retval;
asn1buf *buf=NULL;
unsigned int length;
-
+
if (rep == NULL) return ASN1_MISSING_FIELD;
retval = asn1buf_create(&buf);
{
krb5_setup();
- /* method-data[1] OctetString OPTIONAL */
+ /* method-data[1] OctetString OPTIONAL */
if (rep->data != NULL && rep->length > 0)
- krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
+ krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
- /* method-type[0] Integer */
+ /* method-type[0] Integer */
krb5_addfield(rep->method,0,asn1_encode_integer);
krb5_makeseq();
sum += length;
krb5_cleanup();
}
-
+
krb5_error_code encode_krb5_enc_data(const krb5_enc_data *rep, krb5_data **code)
{
/* pausec[1] INTEGER OPTIONAL */
if (rep->pausec)
- krb5_addfield(rep->pausec,1,asn1_encode_integer);
+ krb5_addfield(rep->pausec,1,asn1_encode_integer);
/* patimestamp[0] KerberosTime, -- client's time */
krb5_addfield(rep->patimestamp,0,asn1_encode_kerberos_time);
}
krb5_error_code encode_krb5_setpw_req(const krb5_principal target,
- char *password, krb5_data **code)
+ char *password, krb5_data **code)
{
/* Macros really want us to have a variable called rep which we do not need*/
const char *rep = "dummy string";
+/* -*- mode: c; indent-tabs-mode: nil -*- */
#ifndef __KRBASN1_H__
#define __KRBASN1_H__
#include "k5-int.h"
#include <stdio.h>
#include <errno.h>
-#include <limits.h> /* For INT_MAX */
+#include <limits.h> /* For INT_MAX */
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
typedef enum { PRIMITIVE = 0x00, CONSTRUCTED = 0x20 } asn1_construction;
typedef enum { UNIVERSAL = 0x00, APPLICATION = 0x40,
- CONTEXT_SPECIFIC = 0x80, PRIVATE = 0xC0 } asn1_class;
+ CONTEXT_SPECIFIC = 0x80, PRIVATE = 0xC0 } asn1_class;
typedef int asn1_tagnum;
#define ASN1_TAGNUM_CEILING INT_MAX
#define KVNO 5
/* Universal Tag Numbers */
-#define ASN1_INTEGER 2
-#define ASN1_BITSTRING 3
-#define ASN1_OCTETSTRING 4
-#define ASN1_NULL 5
-#define ASN1_OBJECTIDENTIFIER 6
+#define ASN1_INTEGER 2
+#define ASN1_BITSTRING 3
+#define ASN1_OCTETSTRING 4
+#define ASN1_NULL 5
+#define ASN1_OBJECTIDENTIFIER 6
#define ASN1_ENUMERATED 10
-#define ASN1_SEQUENCE 16
-#define ASN1_SET 17
-#define ASN1_PRINTABLESTRING 19
-#define ASN1_IA5STRING 22
-#define ASN1_UTCTIME 23
-#define ASN1_GENERALTIME 24
-#define ASN1_GENERALSTRING 27
+#define ASN1_SEQUENCE 16
+#define ASN1_SET 17
+#define ASN1_PRINTABLESTRING 19
+#define ASN1_IA5STRING 22
+#define ASN1_UTCTIME 23
+#define ASN1_GENERALTIME 24
+#define ASN1_GENERALSTRING 27
/* Kerberos Message Types */
-#define ASN1_KRB_AS_REQ 10
-#define ASN1_KRB_AS_REP 11
-#define ASN1_KRB_TGS_REQ 12
-#define ASN1_KRB_TGS_REP 13
-#define ASN1_KRB_AP_REQ 14
-#define ASN1_KRB_AP_REP 15
-#define ASN1_KRB_SAFE 20
-#define ASN1_KRB_PRIV 21
-#define ASN1_KRB_CRED 22
-#define ASN1_KRB_ERROR 30
+#define ASN1_KRB_AS_REQ 10
+#define ASN1_KRB_AS_REP 11
+#define ASN1_KRB_TGS_REQ 12
+#define ASN1_KRB_TGS_REP 13
+#define ASN1_KRB_AP_REQ 14
+#define ASN1_KRB_AP_REP 15
+#define ASN1_KRB_SAFE 20
+#define ASN1_KRB_PRIV 21
+#define ASN1_KRB_CRED 22
+#define ASN1_KRB_ERROR 30
#endif
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/* ... copyright ... */
/* Novell key-format scheme:
#define asn1_encode_sequence_of_keys krb5int_ldap_encode_sequence_of_keys
#define asn1_decode_sequence_of_keys krb5int_ldap_decode_sequence_of_keys
-#define cleanup(err) \
- { \
- ret = err; \
- goto last; \
- }
+#define cleanup(err) \
+ { \
+ ret = err; \
+ goto last; \
+ }
-#define checkerr \
- if (ret != 0) \
- goto last
+#define checkerr \
+ if (ret != 0) \
+ goto last
/************************************************************************/
-/* Encode the Principal's keys */
+/* Encode the Principal's keys */
/************************************************************************/
static asn1_error_code
asn1_encode_key(asn1buf *buf,
- krb5_key_data key_data,
- unsigned int *retlen)
+ krb5_key_data key_data,
+ unsigned int *retlen)
{
asn1_error_code ret = 0;
unsigned int length, sum = 0;
/* Encode the key type and value. */
{
- unsigned int key_len = 0;
- /* key value */
- ret = asn1_encode_octetstring (buf,
- key_data.key_data_length[0],
- key_data.key_data_contents[0],
- &length); checkerr;
- key_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); checkerr;
- key_len += length;
- /* key type */
- ret = asn1_encode_integer (buf, key_data.key_data_type[0], &length);
- checkerr;
- key_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
- key_len += length;
-
- ret = asn1_make_sequence(buf, key_len, &length); checkerr;
- key_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, key_len, &length); checkerr;
- key_len += length;
-
- sum += key_len;
+ unsigned int key_len = 0;
+ /* key value */
+ ret = asn1_encode_octetstring (buf,
+ key_data.key_data_length[0],
+ key_data.key_data_contents[0],
+ &length); checkerr;
+ key_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); checkerr;
+ key_len += length;
+ /* key type */
+ ret = asn1_encode_integer (buf, key_data.key_data_type[0], &length);
+ checkerr;
+ key_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
+ key_len += length;
+
+ ret = asn1_make_sequence(buf, key_len, &length); checkerr;
+ key_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, key_len, &length); checkerr;
+ key_len += length;
+
+ sum += key_len;
}
/* Encode the salt type and value (optional) */
if (key_data.key_data_ver > 1) {
- unsigned int salt_len = 0;
- /* salt value (optional) */
- if (key_data.key_data_length[1] > 0) {
- ret = asn1_encode_octetstring (buf,
- key_data.key_data_length[1],
- key_data.key_data_contents[1],
- &length); checkerr;
- salt_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length);
- checkerr;
- salt_len += length;
- }
- /* salt type */
- ret = asn1_encode_integer (buf, key_data.key_data_type[1], &length);
- checkerr;
- salt_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
- salt_len += length;
-
- ret = asn1_make_sequence(buf, salt_len, &length); checkerr;
- salt_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, salt_len, &length); checkerr;
- salt_len += length;
-
- sum += salt_len;
+ unsigned int salt_len = 0;
+ /* salt value (optional) */
+ if (key_data.key_data_length[1] > 0) {
+ ret = asn1_encode_octetstring (buf,
+ key_data.key_data_length[1],
+ key_data.key_data_contents[1],
+ &length); checkerr;
+ salt_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length);
+ checkerr;
+ salt_len += length;
+ }
+ /* salt type */
+ ret = asn1_encode_integer (buf, key_data.key_data_type[1], &length);
+ checkerr;
+ salt_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
+ salt_len += length;
+
+ ret = asn1_make_sequence(buf, salt_len, &length); checkerr;
+ salt_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, salt_len, &length); checkerr;
+ salt_len += length;
+
+ sum += salt_len;
}
ret = asn1_make_sequence(buf, sum, &length); checkerr;
/* asn1_error_code asn1_encode_sequence_of_keys (krb5_key_data *key_data, */
krb5_error_code
asn1_encode_sequence_of_keys (krb5_key_data *key_data,
- krb5_int16 n_key_data,
- krb5_int32 mkvno, /* Master key version number */
- krb5_data **code)
+ krb5_int16 n_key_data,
+ krb5_int32 mkvno, /* Master key version number */
+ krb5_data **code)
{
asn1_error_code ret = 0;
asn1buf *buf = NULL;
/* Sequence of keys */
{
- int i;
- unsigned int seq_len = 0;
-
- for (i = n_key_data - 1; i >= 0; i--) {
- ret = asn1_encode_key (buf, key_data[i], &length); checkerr;
- seq_len += length;
- }
- ret = asn1_make_sequence(buf, seq_len, &length); checkerr;
- seq_len += length;
- ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 4, seq_len, &length); checkerr;
- seq_len += length;
-
- sum += seq_len;
+ int i;
+ unsigned int seq_len = 0;
+
+ for (i = n_key_data - 1; i >= 0; i--) {
+ ret = asn1_encode_key (buf, key_data[i], &length); checkerr;
+ seq_len += length;
+ }
+ ret = asn1_make_sequence(buf, seq_len, &length); checkerr;
+ seq_len += length;
+ ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 4, seq_len, &length); checkerr;
+ seq_len += length;
+
+ sum += seq_len;
}
/* mkvno */
if (mkvno < 0)
- cleanup (ASN1_BAD_FORMAT);
+ cleanup (ASN1_BAD_FORMAT);
tmp_ul = (unsigned long)mkvno;
ret = asn1_encode_unsigned_integer (buf, tmp_ul, &length); checkerr;
sum += length;
/* kvno (assuming all keys in array have same version) */
if (key_data[0].key_data_kvno < 0)
- cleanup (ASN1_BAD_FORMAT);
+ cleanup (ASN1_BAD_FORMAT);
tmp_ul = (unsigned long)key_data[0].key_data_kvno;
ret = asn1_encode_unsigned_integer (buf, tmp_ul, &length);
checkerr;
asn1buf_destroy (&buf);
if (ret != 0 && *code != NULL) {
- free ((*code)->data);
+ free ((*code)->data);
free (*code);
}
}
/************************************************************************/
-/* Decode the Principal's keys */
+/* Decode the Principal's keys */
/************************************************************************/
-#define safe_syncbuf(outer,inner,buflen) \
- if (! ((inner)->next == (inner)->bound + 1 && \
- (inner)->next == (outer)->next + buflen)) \
- cleanup (ASN1_BAD_LENGTH); \
- asn1buf_sync((outer), (inner), 0, 0, 0, 0, 0);
+#define safe_syncbuf(outer,inner,buflen) \
+ if (! ((inner)->next == (inner)->bound + 1 && \
+ (inner)->next == (outer)->next + buflen)) \
+ cleanup (ASN1_BAD_LENGTH); \
+ asn1buf_sync((outer), (inner), 0, 0, 0, 0, 0);
static asn1_error_code
decode_tagged_integer (asn1buf *buf, asn1_tagnum expectedtag, long *val)
ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr;
ret = asn1_get_tag_2(&tmp, &t); checkerr;
if (t.tagnum != expectedtag)
- cleanup (ASN1_MISSING_FIELD);
+ cleanup (ASN1_MISSING_FIELD);
buflen = t.length;
ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr;
ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr;
ret = asn1_get_tag_2(&tmp, &t); checkerr;
if (t.tagnum != expectedtag)
- cleanup (ASN1_MISSING_FIELD);
+ cleanup (ASN1_MISSING_FIELD);
buflen = t.length;
ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr;
static asn1_error_code
decode_tagged_octetstring (asn1buf *buf, asn1_tagnum expectedtag, int *len,
- asn1_octet **val)
+ asn1_octet **val)
{
int buflen;
asn1_error_code ret = 0;
ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr;
ret = asn1_get_tag_2(&tmp, &t); checkerr;
if (t.tagnum != expectedtag)
- cleanup (ASN1_MISSING_FIELD);
+ cleanup (ASN1_MISSING_FIELD);
buflen = t.length;
ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr;
last:
if (ret != 0)
- free (*val);
+ free (*val);
return ret;
}
asn1_get_tag_2(&subbuf, &t);
/* Salt */
if (t.tagnum == 0) {
- int salt_buflen;
- asn1buf slt;
- unsigned long keytype;
- int keylen;
-
- key->key_data_ver = 2;
- asn1_get_sequence(&subbuf, &length, &seqindef);
- salt_buflen = length;
- asn1buf_imbed(&slt, &subbuf, length, seqindef);
-
- ret = decode_tagged_integer (&slt, 0, &keytype);
- key->key_data_type[1] = keytype; /* XXX range check?? */
- checkerr;
-
- if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
- ret = decode_tagged_octetstring (&slt, 1, &keylen,
- &key->key_data_contents[1]);
- checkerr;
- } else
- keylen = 0;
- safe_syncbuf (&subbuf, &slt, salt_buflen);
- key->key_data_length[1] = keylen; /* XXX range check?? */
-
- ret = asn1_get_tag_2(&subbuf, &t); checkerr;
+ int salt_buflen;
+ asn1buf slt;
+ unsigned long keytype;
+ int keylen;
+
+ key->key_data_ver = 2;
+ asn1_get_sequence(&subbuf, &length, &seqindef);
+ salt_buflen = length;
+ asn1buf_imbed(&slt, &subbuf, length, seqindef);
+
+ ret = decode_tagged_integer (&slt, 0, &keytype);
+ key->key_data_type[1] = keytype; /* XXX range check?? */
+ checkerr;
+
+ if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
+ ret = decode_tagged_octetstring (&slt, 1, &keylen,
+ &key->key_data_contents[1]);
+ checkerr;
+ } else
+ keylen = 0;
+ safe_syncbuf (&subbuf, &slt, salt_buflen);
+ key->key_data_length[1] = keylen; /* XXX range check?? */
+
+ ret = asn1_get_tag_2(&subbuf, &t); checkerr;
} else
- key->key_data_ver = 1;
+ key->key_data_ver = 1;
/* Key */
{
- int key_buflen;
- asn1buf kbuf;
- long lval;
- int ival;
+ int key_buflen;
+ asn1buf kbuf;
+ long lval;
+ int ival;
- if (t.tagnum != 1)
- cleanup (ASN1_MISSING_FIELD);
+ if (t.tagnum != 1)
+ cleanup (ASN1_MISSING_FIELD);
- ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
- key_buflen = length;
- ret = asn1buf_imbed(&kbuf, &subbuf, length, seqindef); checkerr;
+ ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
+ key_buflen = length;
+ ret = asn1buf_imbed(&kbuf, &subbuf, length, seqindef); checkerr;
- ret = decode_tagged_integer (&kbuf, 0, &lval);
- checkerr;
- key->key_data_type[0] = lval; /* XXX range check? */
+ ret = decode_tagged_integer (&kbuf, 0, &lval);
+ checkerr;
+ key->key_data_type[0] = lval; /* XXX range check? */
- ret = decode_tagged_octetstring (&kbuf, 1, &ival,
- &key->key_data_contents[0]); checkerr;
- key->key_data_length[0] = ival; /* XXX range check? */
+ ret = decode_tagged_octetstring (&kbuf, 1, &ival,
+ &key->key_data_contents[0]); checkerr;
+ key->key_data_length[0] = ival; /* XXX range check? */
- safe_syncbuf (&subbuf, &kbuf, key_buflen);
+ safe_syncbuf (&subbuf, &kbuf, key_buflen);
}
safe_syncbuf (buf, &subbuf, full_buflen);
last:
if (ret != 0) {
- free (key->key_data_contents[0]);
- key->key_data_contents[0] = NULL;
- free (key->key_data_contents[1]);
- key->key_data_contents[1] = NULL;
+ free (key->key_data_contents[0]);
+ key->key_data_contents[0] = NULL;
+ free (key->key_data_contents[1]);
+ key->key_data_contents[1] = NULL;
}
return ret;
}
/* asn1_error_code asn1_decode_sequence_of_keys (krb5_data *in, */
krb5_error_code asn1_decode_sequence_of_keys (krb5_data *in,
- krb5_key_data **out,
- krb5_int16 *n_key_data,
- int *mkvno)
+ krb5_key_data **out,
+ krb5_int16 *n_key_data,
+ int *mkvno)
{
asn1_error_code ret;
asn1buf buf, subbuf;
/* attribute-major-vno */
ret = decode_tagged_integer (&subbuf, 0, &lval); checkerr;
- maj = lval; /* XXX range check? */
+ maj = lval; /* XXX range check? */
/* attribute-minor-vno */
ret = decode_tagged_integer (&subbuf, 1, &lval); checkerr;
- min = lval; /* XXX range check? */
+ min = lval; /* XXX range check? */
if (maj != 1 || min != 1)
- cleanup (ASN1_BAD_FORMAT);
+ cleanup (ASN1_BAD_FORMAT);
/* kvno (assuming all keys in array have same version) */
ret = decode_tagged_integer (&subbuf, 2, &lval); checkerr;
- kvno = lval; /* XXX range check? */
+ kvno = lval; /* XXX range check? */
/* mkvno (optional) */
ret = decode_tagged_integer (&subbuf, 3, &lval); checkerr;
- *mkvno = lval; /* XXX range check? */
+ *mkvno = lval; /* XXX range check? */
ret = asn1_get_tag_2(&subbuf, &t); checkerr;
/* Sequence of keys */
{
- int i, seq_buflen;
- asn1buf keyseq;
- if (t.tagnum != 4)
- cleanup (ASN1_MISSING_FIELD);
- ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
- seq_buflen = length;
- ret = asn1buf_imbed(&keyseq, &subbuf, length, seqindef); checkerr;
- for (i = 1, *out = NULL; ; i++) {
- krb5_key_data *tmp;
- tmp = (krb5_key_data *) realloc (*out, i * sizeof (krb5_key_data));
- if (tmp == NULL)
- cleanup (ENOMEM);
- *out = tmp;
- (*out)[i - 1].key_data_kvno = kvno;
- ret = asn1_decode_key(&keyseq, &(*out)[i - 1]); checkerr;
- (*n_key_data)++;
- if (asn1buf_remains(&keyseq, 0) == 0)
- break; /* Not freeing the last key structure */
- }
- safe_syncbuf (&subbuf, &keyseq, seq_buflen);
+ int i, seq_buflen;
+ asn1buf keyseq;
+ if (t.tagnum != 4)
+ cleanup (ASN1_MISSING_FIELD);
+ ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
+ seq_buflen = length;
+ ret = asn1buf_imbed(&keyseq, &subbuf, length, seqindef); checkerr;
+ for (i = 1, *out = NULL; ; i++) {
+ krb5_key_data *tmp;
+ tmp = (krb5_key_data *) realloc (*out, i * sizeof (krb5_key_data));
+ if (tmp == NULL)
+ cleanup (ENOMEM);
+ *out = tmp;
+ (*out)[i - 1].key_data_kvno = kvno;
+ ret = asn1_decode_key(&keyseq, &(*out)[i - 1]); checkerr;
+ (*n_key_data)++;
+ if (asn1buf_remains(&keyseq, 0) == 0)
+ break; /* Not freeing the last key structure */
+ }
+ safe_syncbuf (&subbuf, &keyseq, seq_buflen);
}
/*
last:
if (ret != 0) {
- int i;
- for (i = 0; i < *n_key_data; i++) {
- free ((*out)[i].key_data_contents[0]);
- free ((*out)[i].key_data_contents[1]);
- }
- free (*out);
- *out = NULL;
+ int i;
+ for (i = 0; i < *n_key_data; i++) {
+ free ((*out)[i].key_data_contents[0]);
+ free ((*out)[i].key_data_contents[1]);
+ }
+ free (*out);
+ *out = NULL;
}
return ret;