542
623
asn1_error_code asn1_decode_transited_encoding(asn1buf *buf, krb5_transited *val)
546
get_field(val->tr_type,0,asn1_decode_octet);
547
get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
549
val->magic = KV5M_TRANSITED;
626
val->tr_contents.data = NULL;
628
get_field(val->tr_type,0,asn1_decode_octet);
629
get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
631
val->magic = KV5M_TRANSITED;
635
krb5_free_data_contents(NULL, &val->tr_contents);
554
639
asn1_error_code asn1_decode_enc_kdc_rep_part(asn1buf *buf, krb5_enc_kdc_rep_part *val)
558
alloc_field(val->session,krb5_keyblock);
559
get_field(*(val->session),0,asn1_decode_encryption_key);
560
get_field(val->last_req,1,asn1_decode_last_req);
561
get_field(val->nonce,2,asn1_decode_int32);
562
opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
563
get_field(val->flags,4,asn1_decode_ticket_flags);
564
get_field(val->times.authtime,5,asn1_decode_kerberos_time);
565
/* Set to authtime if missing */
566
opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
567
get_field(val->times.endtime,7,asn1_decode_kerberos_time);
568
opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
569
alloc_field(val->server,krb5_principal_data);
570
get_field(val->server,9,asn1_decode_realm);
571
get_field(val->server,10,asn1_decode_principal_name);
572
opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
574
val->magic = KV5M_ENC_KDC_REP_PART;
643
val->last_req = NULL;
647
get_field(val->session,0,asn1_decode_encryption_key_ptr);
648
get_field(val->last_req,1,asn1_decode_last_req);
649
get_field(val->nonce,2,asn1_decode_int32);
650
opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
651
get_field(val->flags,4,asn1_decode_ticket_flags);
652
get_field(val->times.authtime,5,asn1_decode_kerberos_time);
653
/* Set to authtime if missing */
654
opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
655
get_field(val->times.endtime,7,asn1_decode_kerberos_time);
656
opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
657
alloc_principal(val->server);
658
get_field(val->server,9,asn1_decode_realm);
659
get_field(val->server,10,asn1_decode_principal_name);
660
opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
661
opt_field(val->enc_padata,12,asn1_decode_sequence_of_pa_data,NULL);
663
val->magic = KV5M_ENC_KDC_REP_PART;
667
krb5_free_keyblock(NULL, val->session);
668
krb5_free_last_req(NULL, val->last_req);
669
krb5_free_principal(NULL, val->server);
670
krb5_free_addresses(NULL, val->caddrs);
672
val->last_req = NULL;
579
678
asn1_error_code asn1_decode_ticket(asn1buf *buf, krb5_ticket *val)
586
get_field(vno,0,asn1_decode_kvno);
587
if(vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
588
alloc_field(val->server,krb5_principal_data);
589
get_field(val->server,1,asn1_decode_realm);
590
get_field(val->server,2,asn1_decode_principal_name);
591
get_field(val->enc_part,3,asn1_decode_encrypted_data);
593
val->magic = KV5M_TICKET;
597
retval = asn1_get_tag_2(buf, &t);
598
if (retval) return retval;
684
val->enc_part.ciphertext.data = NULL;
685
val->enc_part2 = NULL;
688
get_field(vno,0,asn1_decode_kvno);
689
if (vno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
690
alloc_principal(val->server);
691
get_field(val->server,1,asn1_decode_realm);
692
get_field(val->server,2,asn1_decode_principal_name);
693
get_field(val->enc_part,3,asn1_decode_encrypted_data);
695
val->magic = KV5M_TICKET;
699
retval = asn1_get_tag_2(buf, &t);
700
if (retval) clean_return(retval);
704
krb5_free_principal(NULL, val->server);
705
krb5_free_data_contents(NULL, &val->enc_part.ciphertext);
711
asn1_decode_ticket_ptr(asn1buf *buf, krb5_ticket **valptr)
713
decode_ptr(krb5_ticket *, asn1_decode_ticket);
603
716
asn1_error_code asn1_decode_kdc_req(asn1buf *buf, krb5_kdc_req *val)
608
get_field(kvno,1,asn1_decode_kvno);
609
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
610
get_field(val->msg_type,2,asn1_decode_msgtype);
611
opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
612
get_field(*val,4,asn1_decode_kdc_req_body);
614
val->magic = KV5M_KDC_REQ;
722
get_field(kvno,1,asn1_decode_kvno);
723
if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
724
get_field(val->msg_type,2,asn1_decode_msgtype);
725
opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
726
get_field(*val,4,asn1_decode_kdc_req_body);
728
val->magic = KV5M_KDC_REQ;
732
krb5_free_pa_data(NULL, val->padata);
619
737
asn1_error_code asn1_decode_kdc_req_body(asn1buf *buf, krb5_kdc_req *val)
623
krb5_principal psave;
625
get_field(val->kdc_options,0,asn1_decode_kdc_options);
626
if(tagnum == 1){ alloc_field(val->client,krb5_principal_data); }
627
opt_field(val->client,1,asn1_decode_principal_name,NULL);
628
alloc_field(val->server,krb5_principal_data);
629
get_field(val->server,2,asn1_decode_realm);
630
if(val->client != NULL){
631
retval = asn1_krb5_realm_copy(val->client,val->server);
632
if(retval) return retval; }
743
val->addresses = NULL;
744
val->authorization_data.ciphertext.data = NULL;
745
val->unenc_authdata = NULL;
746
val->second_ticket = NULL;
748
krb5_principal psave;
750
get_field(val->kdc_options,0,asn1_decode_kdc_options);
751
if (tagnum == 1) { alloc_principal(val->client); }
752
opt_field(val->client,1,asn1_decode_principal_name,NULL);
753
alloc_principal(val->server);
754
get_field(val->server,2,asn1_decode_realm);
755
if (val->client != NULL) {
756
retval = asn1_krb5_realm_copy(val->client,val->server);
757
if (retval) clean_return(retval); }
634
/* If opt_field server is missing, memory reference to server is
635
lost and results in memory leak */
637
opt_field(val->server,3,asn1_decode_principal_name,NULL);
638
if(val->server == NULL){
639
if(psave->realm.data) {
640
free(psave->realm.data);
641
psave->realm.data = NULL;
642
psave->realm.length=0;
646
opt_field(val->from,4,asn1_decode_kerberos_time,0);
647
get_field(val->till,5,asn1_decode_kerberos_time);
648
opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
649
get_field(val->nonce,7,asn1_decode_int32);
650
get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
651
opt_field(val->addresses,9,asn1_decode_host_addresses,0);
653
get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
655
val->authorization_data.magic = KV5M_ENC_DATA;
656
val->authorization_data.enctype = 0;
657
val->authorization_data.kvno = 0;
658
val->authorization_data.ciphertext.data = NULL;
659
val->authorization_data.ciphertext.length = 0;
661
opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
663
val->magic = KV5M_KDC_REQ;
759
/* If opt_field server is missing, memory reference to server is
760
lost and results in memory leak */
762
opt_field(val->server,3,asn1_decode_principal_name,NULL);
763
if (val->server == NULL) {
764
if (psave->realm.data) {
765
free(psave->realm.data);
766
psave->realm.data = NULL;
767
psave->realm.length=0;
771
opt_field(val->from,4,asn1_decode_kerberos_time,0);
772
get_field(val->till,5,asn1_decode_kerberos_time);
773
opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
774
get_field(val->nonce,7,asn1_decode_int32);
775
get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
776
opt_field(val->addresses,9,asn1_decode_host_addresses,0);
778
get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
780
val->authorization_data.magic = KV5M_ENC_DATA;
781
val->authorization_data.enctype = 0;
782
val->authorization_data.kvno = 0;
783
val->authorization_data.ciphertext.data = NULL;
784
val->authorization_data.ciphertext.length = 0;
786
opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
788
val->magic = KV5M_KDC_REQ;
792
krb5_free_principal(NULL, val->client);
793
krb5_free_principal(NULL, val->server);
795
krb5_free_addresses(NULL, val->addresses);
796
krb5_free_data_contents(NULL, &val->authorization_data.ciphertext);
797
krb5_free_tickets(NULL, val->second_ticket);
801
val->addresses = NULL;
802
val->unenc_authdata = NULL;
803
val->second_ticket = NULL;
668
807
asn1_error_code asn1_decode_krb_safe_body(asn1buf *buf, krb5_safe *val)
672
get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
673
opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
674
opt_field(val->usec,2,asn1_decode_int32,0);
675
opt_field(val->seq_number,3,asn1_decode_seqnum,0);
676
alloc_field(val->s_address,krb5_address);
677
get_field(*(val->s_address),4,asn1_decode_host_address);
679
alloc_field(val->r_address,krb5_address);
680
get_field(*(val->r_address),5,asn1_decode_host_address);
681
} else val->r_address = NULL;
683
val->magic = KV5M_SAFE;
810
val->user_data.data = NULL;
811
val->r_address = NULL;
812
val->s_address = NULL;
813
val->checksum = NULL;
815
get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
816
opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
817
opt_field(val->usec,2,asn1_decode_int32,0);
818
opt_field(val->seq_number,3,asn1_decode_seqnum,0);
819
get_field(val->s_address,4,asn1_decode_host_address_ptr);
821
get_field(val->r_address,5,asn1_decode_host_address_ptr);
824
val->magic = KV5M_SAFE;
828
krb5_free_data_contents(NULL, &val->user_data);
829
krb5_free_address(NULL, val->r_address);
830
krb5_free_address(NULL, val->s_address);
831
val->r_address = NULL;
832
val->s_address = NULL;
688
836
asn1_error_code asn1_decode_host_address(asn1buf *buf, krb5_address *val)
692
get_field(val->addrtype,0,asn1_decode_addrtype);
693
get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
695
val->magic = KV5M_ADDRESS;
839
val->contents = NULL;
841
get_field(val->addrtype,0,asn1_decode_addrtype);
842
get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
844
val->magic = KV5M_ADDRESS;
849
val->contents = NULL;
854
asn1_decode_host_address_ptr(asn1buf *buf, krb5_address **valptr)
856
decode_ptr(krb5_address *, asn1_decode_host_address);
700
859
asn1_error_code asn1_decode_kdc_rep(asn1buf *buf, krb5_kdc_rep *val)
705
get_field(pvno,0,asn1_decode_kvno);
706
if(pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
707
get_field(val->msg_type,1,asn1_decode_msgtype);
708
opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
709
alloc_field(val->client,krb5_principal_data);
710
get_field(val->client,3,asn1_decode_realm);
711
get_field(val->client,4,asn1_decode_principal_name);
712
alloc_field(val->ticket,krb5_ticket);
713
get_field(*(val->ticket),5,asn1_decode_ticket);
714
get_field(val->enc_part,6,asn1_decode_encrypted_data);
716
val->magic = KV5M_KDC_REP;
865
val->enc_part.ciphertext.data = NULL;
866
val->enc_part2 = NULL;
869
get_field(pvno,0,asn1_decode_kvno);
870
if (pvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
871
get_field(val->msg_type,1,asn1_decode_msgtype);
872
opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
873
alloc_principal(val->client);
874
get_field(val->client,3,asn1_decode_realm);
875
get_field(val->client,4,asn1_decode_principal_name);
876
get_field(val->ticket,5,asn1_decode_ticket_ptr);
877
get_field(val->enc_part,6,asn1_decode_encrypted_data);
879
val->magic = KV5M_KDC_REP;
883
krb5_free_pa_data(NULL, val->padata);
884
krb5_free_principal(NULL, val->client);
885
krb5_free_ticket(NULL, val->ticket);
886
krb5_free_data_contents(NULL, &val->enc_part.ciphertext);
890
val->enc_part.ciphertext.data = NULL;
723
896
#define get_element(element,decoder)\
724
retval = decoder(&seqbuf,element);\
725
if(retval) return retval
897
retval = decoder(&seqbuf,&element);\
898
if (retval) clean_return(retval)
901
array_expand (void *array, int n_elts, size_t elt_size)
907
if ((unsigned int) n_elts > SIZE_MAX / elt_size)
909
new_size = n_elts * elt_size;
912
if (new_size / elt_size != (unsigned int) n_elts)
914
return realloc(array, new_size);
727
917
#define array_append(array,size,element,type)\
729
if (*(array) == NULL)\
730
*(array) = (type**)malloc((size+1)*sizeof(type*));\
732
*(array) = (type**)realloc(*(array),\
733
(size+1)*sizeof(type*));\
734
if(*(array) == NULL) return ENOMEM;\
735
(*(array))[(size)-1] = elt
737
#define decode_array_body(type,decoder)\
919
void *new_array = array_expand(*(array), (size)+2, sizeof(type*));\
920
if (new_array == NULL) clean_return(ENOMEM);\
921
*(array) = new_array;\
922
(*(array))[(size)++] = elt;\
926
* Function body for array decoders. freefn is expected to look like
927
* a krb5_free_ function, so we pass a null first argument.
929
#define decode_array_body(type,decoder,freefn)\
738
930
asn1_error_code retval;\
931
type *elt = NULL, **array;\
934
array = *val = NULL;\
741
935
{ sequence_of(buf);\
742
while(asn1buf_remains(&seqbuf,seqofindef) > 0){\
743
alloc_field(elt,type);\
936
while (asn1buf_remains(&seqbuf,seqofindef) > 0) {\
744
937
get_element(elt,decoder);\
745
array_append(val,size,elt,type);\
938
array_append(&array,size,elt,type);\
748
*val = (type **)malloc(sizeof(type*));\
749
(*val)[size] = NULL;\
942
array = malloc(sizeof(type*));\
750
944
end_sequence_of(buf);\
951
for (i = 0; i < size; i++)\
952
freefn(NULL,array[i]);\
956
static void free_authdata_elt(void *dummy, krb5_authdata *val)
755
962
asn1_error_code asn1_decode_authorization_data(asn1buf *buf, krb5_authdata ***val)
757
decode_array_body(krb5_authdata,asn1_decode_authdata_elt);
964
decode_array_body(krb5_authdata,asn1_decode_authdata_elt_ptr,
760
968
asn1_error_code asn1_decode_authdata_elt(asn1buf *buf, krb5_authdata *val)
764
get_field(val->ad_type,0,asn1_decode_authdatatype);
765
get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
767
val->magic = KV5M_AUTHDATA;
971
val->contents = NULL;
973
get_field(val->ad_type,0,asn1_decode_authdatatype);
974
get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
976
val->magic = KV5M_AUTHDATA;
981
val->contents = NULL;
986
asn1_decode_authdata_elt_ptr(asn1buf *buf, krb5_authdata **valptr)
988
decode_ptr(krb5_authdata *, asn1_decode_authdata_elt);
772
991
asn1_error_code asn1_decode_host_addresses(asn1buf *buf, krb5_address ***val)
774
decode_array_body(krb5_address,asn1_decode_host_address);
993
decode_array_body(krb5_address,asn1_decode_host_address_ptr,
777
997
asn1_error_code asn1_decode_sequence_of_ticket(asn1buf *buf, krb5_ticket ***val)
779
decode_array_body(krb5_ticket,asn1_decode_ticket);
999
decode_array_body(krb5_ticket,asn1_decode_ticket_ptr,krb5_free_ticket);
1002
static void free_cred_info(void *dummy, krb5_cred_info *val)
1004
krb5_free_keyblock(NULL, val->session);
1005
krb5_free_principal(NULL, val->client);
1006
krb5_free_principal(NULL, val->server);
1007
krb5_free_addresses(NULL, val->caddrs);
782
1011
asn1_error_code asn1_decode_sequence_of_krb_cred_info(asn1buf *buf, krb5_cred_info ***val)
784
decode_array_body(krb5_cred_info,asn1_decode_krb_cred_info);
1013
decode_array_body(krb5_cred_info,asn1_decode_krb_cred_info_ptr,
787
1017
asn1_error_code asn1_decode_krb_cred_info(asn1buf *buf, krb5_cred_info *val)
791
alloc_field(val->session,krb5_keyblock);
792
get_field(*(val->session),0,asn1_decode_encryption_key);
794
alloc_field(val->client,krb5_principal_data);
795
opt_field(val->client,1,asn1_decode_realm,NULL);
796
opt_field(val->client,2,asn1_decode_principal_name,NULL); }
797
opt_field(val->flags,3,asn1_decode_ticket_flags,0);
798
opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
799
opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
800
opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
801
opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
803
alloc_field(val->server,krb5_principal_data);
804
opt_field(val->server,8,asn1_decode_realm,NULL);
805
opt_field(val->server,9,asn1_decode_principal_name,NULL); }
806
opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
808
val->magic = KV5M_CRED_INFO;
1020
val->session = NULL;
1024
{ begin_structure();
1025
get_field(val->session,0,asn1_decode_encryption_key_ptr);
1027
alloc_principal(val->client);
1028
opt_field(val->client,1,asn1_decode_realm,NULL);
1029
opt_field(val->client,2,asn1_decode_principal_name,NULL); }
1030
opt_field(val->flags,3,asn1_decode_ticket_flags,0);
1031
opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
1032
opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
1033
opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
1034
opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
1036
alloc_principal(val->server);
1037
opt_field(val->server,8,asn1_decode_realm,NULL);
1038
opt_field(val->server,9,asn1_decode_principal_name,NULL); }
1039
opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
1041
val->magic = KV5M_CRED_INFO;
1045
krb5_free_keyblock(NULL, val->session);
1046
krb5_free_principal(NULL, val->client);
1047
krb5_free_principal(NULL, val->server);
1048
krb5_free_addresses(NULL, val->caddrs);
1049
val->session = NULL;
1057
asn1_decode_krb_cred_info_ptr(asn1buf *buf, krb5_cred_info **valptr)
1059
decode_ptr(krb5_cred_info *, asn1_decode_krb_cred_info);
1062
static void free_pa_data(void *dummy, krb5_pa_data *val)
1064
free(val->contents);
813
1068
asn1_error_code asn1_decode_sequence_of_pa_data(asn1buf *buf, krb5_pa_data ***val)
815
decode_array_body(krb5_pa_data,asn1_decode_pa_data);
1070
decode_array_body(krb5_pa_data,asn1_decode_pa_data_ptr,free_pa_data);
818
1073
asn1_error_code asn1_decode_pa_data(asn1buf *buf, krb5_pa_data *val)
822
get_field(val->pa_type,1,asn1_decode_int32);
823
get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
825
val->magic = KV5M_PA_DATA;
1076
val->contents = NULL;
1077
{ begin_structure();
1078
get_field(val->pa_type,1,asn1_decode_int32);
1079
get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
1081
val->magic = KV5M_PA_DATA;
1085
free(val->contents);
1086
val->contents = NULL;
1090
asn1_error_code asn1_decode_pa_data_ptr(asn1buf *buf, krb5_pa_data **valptr)
1092
decode_ptr(krb5_pa_data *, asn1_decode_pa_data);
1095
static void free_last_req_entry(void *dummy, krb5_last_req_entry *val)
830
1100
asn1_error_code asn1_decode_last_req(asn1buf *buf, krb5_last_req_entry ***val)
832
decode_array_body(krb5_last_req_entry,asn1_decode_last_req_entry);
1102
decode_array_body(krb5_last_req_entry,asn1_decode_last_req_entry_ptr,
1103
free_last_req_entry);
835
1106
asn1_error_code asn1_decode_last_req_entry(asn1buf *buf, krb5_last_req_entry *val)
839
get_field(val->lr_type,0,asn1_decode_int32);
840
get_field(val->value,1,asn1_decode_kerberos_time);
842
val->magic = KV5M_LAST_REQ_ENTRY;
1109
{ begin_structure();
1110
get_field(val->lr_type,0,asn1_decode_int32);
1111
get_field(val->value,1,asn1_decode_kerberos_time);
1113
val->magic = KV5M_LAST_REQ_ENTRY;
843
1114
#ifdef KRB5_GENEROUS_LR_TYPE
844
/* If we are only a single byte wide and negative - fill in the
846
if((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
1115
/* If we are only a single byte wide and negative - fill in the
1117
if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
1126
asn1_decode_last_req_entry_ptr(asn1buf *buf, krb5_last_req_entry **valptr)
1128
decode_ptr(krb5_last_req_entry *, asn1_decode_last_req_entry);
852
1131
asn1_error_code asn1_decode_sequence_of_enctype(asn1buf *buf, int *num, krb5_enctype **val)
854
asn1_error_code retval;
856
while(asn1buf_remains(&seqbuf,seqofindef) > 0){
859
*val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
861
*val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
862
if(*val == NULL) return ENOMEM;
863
retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
864
if(retval) return retval;
1134
krb5_enctype *array = NULL, *new_array;
1136
asn1_error_code retval;
1138
while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
1140
new_array = realloc(array,size*sizeof(krb5_enctype));
1141
if (new_array == NULL) clean_return(ENOMEM);
1143
retval = asn1_decode_enctype(&seqbuf,&array[size-1]);
1144
if (retval) clean_return(retval);
1146
end_sequence_of(buf);
867
end_sequence_of(buf);
872
1156
asn1_error_code asn1_decode_sequence_of_checksum(asn1buf *buf, krb5_checksum ***val)
874
decode_array_body(krb5_checksum, asn1_decode_checksum);
1158
decode_array_body(krb5_checksum, asn1_decode_checksum_ptr,
1159
krb5_free_checksum);
1162
static void free_etype_info_entry(void *dummy, krb5_etype_info_entry *val)
1164
krb5_free_data_contents(NULL, &val->s2kparams);
877
1169
static asn1_error_code asn1_decode_etype_info2_entry(asn1buf *buf, krb5_etype_info_entry *val )
881
get_field(val->etype,0,asn1_decode_enctype);
883
get_lenfield(val->length,val->salt,1,asn1_decode_generalstring);
885
val->length = KRB5_ETYPE_NO_SALT;
890
get_lenfield( val->s2kparams.length, params,
891
2, asn1_decode_octetstring);
892
val->s2kparams.data = ( char *) params;
894
val->s2kparams.data = NULL;
895
val->s2kparams.length = 0;
898
val->magic = KV5M_ETYPE_INFO_ENTRY;
1172
krb5_octet *params = NULL;
1175
val->s2kparams.data = NULL;
1176
{ begin_structure();
1177
get_field(val->etype,0,asn1_decode_enctype);
1179
get_lenfield(val->length,salt,1,asn1_decode_generalstring);
1180
val->salt = (krb5_octet *) salt;
1183
val->length = KRB5_ETYPE_NO_SALT;
1185
get_lenfield( val->s2kparams.length, params,
1186
2, asn1_decode_octetstring);
1187
val->s2kparams.data = ( char *) params;
1190
val->s2kparams.length = 0;
1192
val->magic = KV5M_ETYPE_INFO_ENTRY;
1198
krb5_free_data_contents(NULL, &val->s2kparams);
1204
static asn1_error_code
1205
asn1_decode_etype_info2_entry_ptr(asn1buf *buf, krb5_etype_info_entry **valptr)
1207
decode_ptr(krb5_etype_info_entry *, asn1_decode_etype_info2_entry);
903
1210
static asn1_error_code asn1_decode_etype_info2_entry_1_3(asn1buf *buf, krb5_etype_info_entry *val )
907
get_field(val->etype,0,asn1_decode_enctype);
909
get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
911
val->length = KRB5_ETYPE_NO_SALT;
916
get_lenfield( val->s2kparams.length, params,
917
2, asn1_decode_octetstring);
918
val->s2kparams.data = ( char *) params;
920
val->s2kparams.data = NULL;
921
val->s2kparams.length = 0;
924
val->magic = KV5M_ETYPE_INFO_ENTRY;
1214
val->s2kparams.data = NULL;
1215
{ begin_structure();
1216
get_field(val->etype,0,asn1_decode_enctype);
1218
get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
1220
val->length = KRB5_ETYPE_NO_SALT;
1222
krb5_octet *params ;
1223
get_lenfield( val->s2kparams.length, params,
1224
2, asn1_decode_octetstring);
1225
val->s2kparams.data = ( char *) params;
1227
val->s2kparams.length = 0;
1229
val->magic = KV5M_ETYPE_INFO_ENTRY;
1233
krb5_free_data_contents(NULL, &val->s2kparams);
1239
static asn1_error_code
1240
asn1_decode_etype_info2_entry_1_3_ptr(asn1buf *buf,
1241
krb5_etype_info_entry **valptr)
1243
decode_ptr(krb5_etype_info_entry *, asn1_decode_etype_info2_entry_1_3);
930
1246
static asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_info_entry *val )
934
get_field(val->etype,0,asn1_decode_enctype);
936
get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
938
val->length = KRB5_ETYPE_NO_SALT;
1250
val->s2kparams.data = NULL;
1251
{ begin_structure();
1252
get_field(val->etype,0,asn1_decode_enctype);
1254
get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
1256
val->length = KRB5_ETYPE_NO_SALT;
1257
val->s2kparams.length = 0;
1260
val->magic = KV5M_ETYPE_INFO_ENTRY;
941
val->s2kparams.data = NULL;
942
val->s2kparams.length = 0;
945
val->magic = KV5M_ETYPE_INFO_ENTRY;
1269
static asn1_error_code
1270
asn1_decode_etype_info_entry_ptr(asn1buf *buf, krb5_etype_info_entry **valptr)
1272
decode_ptr(krb5_etype_info_entry *, asn1_decode_etype_info_entry);
950
1275
asn1_error_code asn1_decode_etype_info(asn1buf *buf, krb5_etype_info_entry ***val )
952
decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry);
1277
decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry_ptr,
1278
free_etype_info_entry);
1281
static asn1_error_code decode_etype_info2_13(asn1buf *buf, krb5_etype_info_entry ***val)
1283
decode_array_body(krb5_etype_info_entry,
1284
asn1_decode_etype_info2_entry_1_3_ptr,
1285
free_etype_info_entry);
955
1288
asn1_error_code asn1_decode_etype_info2(asn1buf *buf, krb5_etype_info_entry ***val ,
956
krb5_boolean v1_3_behavior)
1289
krb5_boolean v1_3_behavior)
959
decode_array_body(krb5_etype_info_entry,
960
asn1_decode_etype_info2_entry_1_3);
962
decode_array_body(krb5_etype_info_entry,
963
asn1_decode_etype_info2_entry);
1292
return decode_etype_info2_13(buf, val);
1294
decode_array_body(krb5_etype_info_entry,
1295
asn1_decode_etype_info2_entry_ptr,
1296
free_etype_info_entry);
967
1300
asn1_error_code asn1_decode_passwdsequence(asn1buf *buf, passwd_phrase_element *val)
971
alloc_field(val->passwd,krb5_data);
972
get_lenfield(val->passwd->length,val->passwd->data,
973
0,asn1_decode_charstring);
974
val->passwd->magic = KV5M_DATA;
975
alloc_field(val->phrase,krb5_data);
976
get_lenfield(val->phrase->length,val->phrase->data,
977
1,asn1_decode_charstring);
978
val->phrase->magic = KV5M_DATA;
980
val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
1305
{ begin_structure();
1306
alloc_data(val->passwd);
1307
get_lenfield(val->passwd->length,val->passwd->data,
1308
0,asn1_decode_charstring);
1309
val->passwd->magic = KV5M_DATA;
1310
alloc_data(val->phrase);
1311
get_lenfield(val->phrase->length,val->phrase->data,
1312
1,asn1_decode_charstring);
1313
val->phrase->magic = KV5M_DATA;
1315
val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
1319
krb5_free_data(NULL, val->passwd);
1320
krb5_free_data(NULL, val->phrase);
1327
asn1_decode_passwdsequence_ptr(asn1buf *buf, passwd_phrase_element **valptr)
1329
decode_ptr(passwd_phrase_element *, asn1_decode_passwdsequence);
985
1332
asn1_error_code asn1_decode_sequence_of_passwdsequence(asn1buf *buf, passwd_phrase_element ***val)
987
decode_array_body(passwd_phrase_element,asn1_decode_passwdsequence);
1334
decode_array_body(passwd_phrase_element,asn1_decode_passwdsequence_ptr,
1335
krb5_free_passwd_phrase_element);
990
1338
asn1_error_code asn1_decode_sam_flags(asn1buf *buf, krb5_flags *val)
993
1341
#define opt_string(val,n,fn) opt_lenfield((val).length,(val).data,n,fn)
994
1342
#define opt_cksum(var,tagexpect,decoder)\
995
if(tagnum == (tagexpect)){\
1343
if (tagnum == (tagexpect)) {\
996
1344
get_field_body(var,decoder); }\
997
1345
else var.length = 0
999
1347
asn1_error_code asn1_decode_sam_challenge(asn1buf *buf, krb5_sam_challenge *val)
1002
{ begin_structure();
1003
get_field(val->sam_type,0,asn1_decode_int32);
1004
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1005
opt_string(val->sam_type_name,2,asn1_decode_charstring);
1006
opt_string(val->sam_track_id,3,asn1_decode_charstring);
1007
opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
1008
opt_string(val->sam_challenge,5,asn1_decode_charstring);
1009
opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
1010
opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
1011
opt_field(val->sam_nonce,8,asn1_decode_int32,0);
1012
opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
1014
val->magic = KV5M_SAM_CHALLENGE;
1350
val->sam_type_name.data = NULL;
1351
val->sam_track_id.data = NULL;
1352
val->sam_challenge_label.data = NULL;
1353
val->sam_response_prompt.data = NULL;
1354
val->sam_pk_for_sad.data = NULL;
1355
val->sam_cksum.contents = NULL;
1356
{ begin_structure();
1357
get_field(val->sam_type,0,asn1_decode_int32);
1358
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1359
opt_string(val->sam_type_name,2,asn1_decode_charstring);
1360
opt_string(val->sam_track_id,3,asn1_decode_charstring);
1361
opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
1362
opt_string(val->sam_challenge,5,asn1_decode_charstring);
1363
opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
1364
opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
1365
opt_field(val->sam_nonce,8,asn1_decode_int32,0);
1366
opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
1368
val->magic = KV5M_SAM_CHALLENGE;
1372
krb5_free_sam_challenge_contents(NULL, val);
1018
1375
asn1_error_code asn1_decode_sam_challenge_2(asn1buf *buf, krb5_sam_challenge_2 *val)
1024
if (tagnum != 0) return ASN1_MISSING_FIELD;
1025
if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
1028
{ sequence_of_no_tagvars(&subbuf);
1030
end_sequence_of_no_tagvars(&subbuf);
1033
alloclen = end - save;
1034
if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
1036
val->sam_challenge_2_body.length = alloclen;
1037
memcpy(val->sam_challenge_2_body.data, save, alloclen);
1039
get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
1377
krb5_checksum **cksump;
1379
val->sam_challenge_2_body.data = NULL;
1380
val->sam_cksum = NULL;
1384
if (tagnum != 0) clean_return(ASN1_MISSING_FIELD);
1385
if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
1386
clean_return(ASN1_BAD_ID);
1388
{ sequence_of_no_tagvars(&subbuf);
1389
end_sequence_of_no_tagvars(&subbuf);
1392
alloclen = end - save;
1393
val->sam_challenge_2_body.data = malloc(alloclen);
1394
if (!val->sam_challenge_2_body.data)
1395
clean_return(ENOMEM);
1396
val->sam_challenge_2_body.length = alloclen;
1397
memcpy(val->sam_challenge_2_body.data, save, alloclen);
1399
get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
1404
krb5_free_data_contents(NULL, &val->sam_challenge_2_body);
1405
if (val->sam_cksum) {
1406
for (cksump = val->sam_cksum; *cksump; cksump++)
1407
krb5_free_checksum(NULL, *cksump);
1408
free(val->sam_cksum);
1409
val->sam_cksum = NULL;
1044
1413
asn1_error_code asn1_decode_sam_challenge_2_body(asn1buf *buf, krb5_sam_challenge_2_body *val)
1047
{ begin_structure();
1048
get_field(val->sam_type,0,asn1_decode_int32);
1049
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1050
opt_string(val->sam_type_name,2,asn1_decode_charstring);
1051
opt_string(val->sam_track_id,3,asn1_decode_charstring);
1052
opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
1053
opt_string(val->sam_challenge,5,asn1_decode_charstring);
1054
opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
1055
opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
1056
get_field(val->sam_nonce,8,asn1_decode_int32);
1057
get_field(val->sam_etype, 9, asn1_decode_int32);
1059
val->magic = KV5M_SAM_CHALLENGE;
1416
val->sam_type_name.data = NULL;
1417
val->sam_track_id.data = NULL;
1418
val->sam_challenge_label.data = NULL;
1419
val->sam_challenge.data = NULL;
1420
val->sam_response_prompt.data = NULL;
1421
val->sam_pk_for_sad.data = NULL;
1422
{ begin_structure();
1423
get_field(val->sam_type,0,asn1_decode_int32);
1424
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1425
opt_string(val->sam_type_name,2,asn1_decode_charstring);
1426
opt_string(val->sam_track_id,3,asn1_decode_charstring);
1427
opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
1428
opt_string(val->sam_challenge,5,asn1_decode_charstring);
1429
opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
1430
opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
1431
get_field(val->sam_nonce,8,asn1_decode_int32);
1432
get_field(val->sam_etype, 9, asn1_decode_int32);
1434
val->magic = KV5M_SAM_CHALLENGE;
1438
krb5_free_sam_challenge_2_body_contents(NULL, val);
1063
1441
asn1_error_code asn1_decode_enc_sam_key(asn1buf *buf, krb5_sam_key *val)
1066
{ begin_structure();
1067
/* alloc_field(val->sam_key,krb5_keyblock); */
1068
get_field(val->sam_key,0,asn1_decode_encryption_key);
1070
val->magic = KV5M_SAM_KEY;
1444
val->sam_key.contents = NULL;
1445
{ begin_structure();
1446
get_field(val->sam_key,0,asn1_decode_encryption_key);
1448
val->magic = KV5M_SAM_KEY;
1452
krb5_free_keyblock_contents(NULL, &val->sam_key);
1075
1456
asn1_error_code asn1_decode_enc_sam_response_enc(asn1buf *buf, krb5_enc_sam_response_enc *val)
1078
{ begin_structure();
1079
opt_field(val->sam_nonce,0,asn1_decode_int32,0);
1080
opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
1081
opt_field(val->sam_usec,2,asn1_decode_int32,0);
1082
opt_string(val->sam_sad,3,asn1_decode_charstring);
1084
val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
1459
val->sam_sad.data = NULL;
1460
{ begin_structure();
1461
opt_field(val->sam_nonce,0,asn1_decode_int32,0);
1462
opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
1463
opt_field(val->sam_usec,2,asn1_decode_int32,0);
1464
opt_string(val->sam_sad,3,asn1_decode_charstring);
1466
val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
1470
krb5_free_enc_sam_response_enc_contents(NULL, val);
1089
1474
asn1_error_code asn1_decode_enc_sam_response_enc_2(asn1buf *buf, krb5_enc_sam_response_enc_2 *val)
1092
{ begin_structure();
1093
get_field(val->sam_nonce,0,asn1_decode_int32);
1094
opt_string(val->sam_sad,1,asn1_decode_charstring);
1096
val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
1477
val->sam_sad.data = NULL;
1478
{ begin_structure();
1479
get_field(val->sam_nonce,0,asn1_decode_int32);
1480
opt_string(val->sam_sad,1,asn1_decode_charstring);
1482
val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
1486
krb5_free_enc_sam_response_enc_2_contents(NULL, val);
1101
1490
#define opt_encfield(fld,tag,fn) \
1102
if(tagnum == tag){ \
1491
if (tagnum == tag) { \
1103
1492
get_field(fld,tag,fn); } \
1105
1494
fld.magic = 0;\
1106
1495
fld.enctype = 0;\
1112
1501
asn1_error_code asn1_decode_sam_response(asn1buf *buf, krb5_sam_response *val)
1115
{ begin_structure();
1116
get_field(val->sam_type,0,asn1_decode_int32);
1117
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1118
opt_string(val->sam_track_id,2,asn1_decode_charstring);
1119
opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
1120
get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
1121
opt_field(val->sam_nonce,5,asn1_decode_int32,0);
1122
opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
1124
val->magic = KV5M_SAM_RESPONSE;
1504
val->sam_track_id.data = NULL;
1505
val->sam_enc_key.ciphertext.data = NULL;
1506
val->sam_enc_nonce_or_ts.ciphertext.data = NULL;
1507
{ begin_structure();
1508
get_field(val->sam_type,0,asn1_decode_int32);
1509
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1510
opt_string(val->sam_track_id,2,asn1_decode_charstring);
1511
opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
1512
get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
1513
opt_field(val->sam_nonce,5,asn1_decode_int32,0);
1514
opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
1516
val->magic = KV5M_SAM_RESPONSE;
1520
krb5_free_sam_response_contents(NULL, val);
1129
1524
asn1_error_code asn1_decode_sam_response_2(asn1buf *buf, krb5_sam_response_2 *val)
1132
{ begin_structure();
1133
get_field(val->sam_type,0,asn1_decode_int32);
1134
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1135
opt_string(val->sam_track_id,2,asn1_decode_charstring);
1136
get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
1137
get_field(val->sam_nonce,4,asn1_decode_int32);
1139
val->magic = KV5M_SAM_RESPONSE;
1527
val->sam_track_id.data = NULL;
1528
val->sam_enc_nonce_or_sad.ciphertext.data = NULL;
1529
{ begin_structure();
1530
get_field(val->sam_type,0,asn1_decode_int32);
1531
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1532
opt_string(val->sam_track_id,2,asn1_decode_charstring);
1533
get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
1534
get_field(val->sam_nonce,4,asn1_decode_int32);
1536
val->magic = KV5M_SAM_RESPONSE;
1540
krb5_free_sam_response_2_contents(NULL, val);
1145
1545
asn1_error_code asn1_decode_predicted_sam_response(asn1buf *buf, krb5_predicted_sam_response *val)
1148
{ begin_structure();
1149
get_field(val->sam_key,0,asn1_decode_encryption_key);
1150
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1151
get_field(val->stime,2,asn1_decode_kerberos_time);
1152
get_field(val->susec,3,asn1_decode_int32);
1153
alloc_field(val->client,krb5_principal_data);
1154
get_field(val->client,4,asn1_decode_realm);
1155
get_field(val->client,5,asn1_decode_principal_name);
1156
opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
1158
val->magic = KV5M_PREDICTED_SAM_RESPONSE;
1548
val->sam_key.contents = NULL;
1550
val->msd.data = NULL;
1551
{ begin_structure();
1552
get_field(val->sam_key,0,asn1_decode_encryption_key);
1553
get_field(val->sam_flags,1,asn1_decode_sam_flags);
1554
get_field(val->stime,2,asn1_decode_kerberos_time);
1555
get_field(val->susec,3,asn1_decode_int32);
1556
alloc_principal(val->client);
1557
get_field(val->client,4,asn1_decode_realm);
1558
get_field(val->client,5,asn1_decode_principal_name);
1559
opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
1561
val->magic = KV5M_PREDICTED_SAM_RESPONSE;
1565
krb5_free_predicted_sam_response_contents(NULL, val);
1569
asn1_error_code asn1_decode_setpw_req(asn1buf *buf, krb5_data *newpasswd, krb5_principal *principal)
1571
krb5_principal princ = NULL;
1575
newpasswd->data = NULL;
1576
{ begin_structure();
1577
get_lenfield(newpasswd->length, newpasswd->data, 0, asn1_decode_charstring);
1579
alloc_principal(princ);
1580
opt_field(princ, 1, asn1_decode_principal_name, 0);
1581
opt_field(princ, 2, asn1_decode_realm, 0);
1588
krb5_free_data_contents(NULL, newpasswd);
1589
krb5_free_principal(NULL, princ);
1593
asn1_error_code asn1_decode_pa_for_user(asn1buf *buf, krb5_pa_for_user *val)
1597
val->cksum.contents = NULL;
1598
val->auth_package.data = NULL;
1599
{ begin_structure();
1600
alloc_principal(val->user);
1601
get_field(val->user,0,asn1_decode_principal_name);
1602
get_field(val->user,1,asn1_decode_realm);
1603
get_field(val->cksum,2,asn1_decode_checksum);
1604
get_lenfield(val->auth_package.length,val->auth_package.data,3,asn1_decode_generalstring);
1609
krb5_free_principal(NULL, val->user);
1610
krb5_free_checksum_contents(NULL, &val->cksum);
1611
krb5_free_data_contents(NULL, &val->auth_package);
1616
asn1_error_code asn1_decode_pa_pac_req(asn1buf *buf, krb5_pa_pac_req *val)
1619
{ begin_structure();
1620
get_field(val->include_pac,0,asn1_decode_boolean);
1628
asn1_error_code asn1_decode_fast_armor
1629
(asn1buf *buf, krb5_fast_armor *val)
1632
val->armor_value.data = NULL;
1634
get_field(val->armor_type, 0, asn1_decode_int32);
1635
get_lenfield(val->armor_value.length, val->armor_value.data,
1636
1, asn1_decode_charstring);
1641
krb5_free_data_contents( NULL, &val->armor_value);
1645
asn1_error_code asn1_decode_fast_armor_ptr
1646
(asn1buf *buf, krb5_fast_armor **valptr)
1648
decode_ptr(krb5_fast_armor *, asn1_decode_fast_armor);
1651
asn1_error_code asn1_decode_fast_finished
1652
(asn1buf *buf, krb5_fast_finished *val)
1656
val->ticket_checksum.contents = NULL;
1658
get_field(val->timestamp, 0, asn1_decode_kerberos_time);
1659
get_field(val->usec, 1, asn1_decode_int32);
1660
alloc_field(val->client);
1661
get_field(val->client, 2, asn1_decode_realm);
1662
get_field(val->client, 3, asn1_decode_principal_name);
1663
get_field(val->ticket_checksum, 4, asn1_decode_checksum);
1668
krb5_free_principal(NULL, val->client);
1669
krb5_free_checksum_contents( NULL, &val->ticket_checksum);
1672
asn1_error_code asn1_decode_fast_finished_ptr
1673
(asn1buf *buf, krb5_fast_finished **valptr)
1675
decode_ptr( krb5_fast_finished *, asn1_decode_fast_finished);
1679
#ifndef DISABLE_PKINIT
1165
1682
asn1_error_code asn1_decode_external_principal_identifier(asn1buf *buf, krb5_external_principal_identifier *val)
1685
val->subjectName.data = NULL;
1686
val->issuerAndSerialNumber.data = NULL;
1687
val->subjectKeyIdentifier.data = NULL;
1170
opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
1171
opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
1172
opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
1690
opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
1691
opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
1692
opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
1697
free(val->subjectName.data);
1698
free(val->issuerAndSerialNumber.data);
1699
free(val->subjectKeyIdentifier.data);
1700
val->subjectName.data = NULL;
1701
val->issuerAndSerialNumber.data = NULL;
1702
val->subjectKeyIdentifier.data = NULL;
1707
asn1_decode_external_principal_identifier_ptr
1709
krb5_external_principal_identifier **valptr)
1711
decode_ptr(krb5_external_principal_identifier *,
1712
asn1_decode_external_principal_identifier);
1716
free_external_principal_identifier(void *dummy,
1717
krb5_external_principal_identifier *val)
1719
free(val->subjectName.data);
1720
free(val->issuerAndSerialNumber.data);
1721
free(val->subjectKeyIdentifier.data);
1178
1725
asn1_error_code asn1_decode_sequence_of_external_principal_identifier(asn1buf *buf, krb5_external_principal_identifier ***val)
1180
decode_array_body(krb5_external_principal_identifier,asn1_decode_external_principal_identifier);
1727
decode_array_body(krb5_external_principal_identifier,
1728
asn1_decode_external_principal_identifier_ptr,
1729
free_external_principal_identifier);
1183
1732
asn1_error_code asn1_decode_pa_pk_as_req(asn1buf *buf, krb5_pa_pk_as_req *val)
1188
get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
1189
opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
1190
opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
1735
val->signedAuthPack.data = NULL;
1736
val->trustedCertifiers = NULL;
1737
val->kdcPkId.data = NULL;
1740
get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
1741
opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
1742
opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
1747
free(val->signedAuthPack.data);
1748
free(val->trustedCertifiers);
1749
free(val->kdcPkId.data);
1750
val->signedAuthPack.data = NULL;
1751
val->trustedCertifiers = NULL;
1752
val->kdcPkId.data = NULL;
1196
#if 0 /* XXX This needs to be tested!!! XXX */
1756
#if 0 /* XXX This needs to be tested!!! XXX */
1197
1757
asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
1760
val->choice = choice_trusted_cas_UNKNOWN;
1204
begin_explicit_choice();
1205
if (t.tagnum == choice_trusted_cas_principalName) {
1206
val->choice = choice_trusted_cas_principalName;
1207
} else if (t.tagnum == choice_trusted_cas_caName) {
1208
val->choice = choice_trusted_cas_caName;
1209
start = subbuf.next;
1211
sequence_of_no_tagvars(&subbuf);
1213
end_sequence_of_no_tagvars(&subbuf);
1216
alloclen = end - start;
1217
val->u.caName.data = malloc(alloclen);
1218
if (val->u.caName.data == NULL)
1220
memcpy(val->u.caName.data, start, alloclen);
1221
val->u.caName.length = alloclen;
1223
} else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
1224
val->choice = choice_trusted_cas_issuerAndSerial;
1225
start = subbuf.next;
1227
sequence_of_no_tagvars(&subbuf);
1229
end_sequence_of_no_tagvars(&subbuf);
1232
alloclen = end - start;
1233
val->u.issuerAndSerial.data = malloc(alloclen);
1234
if (val->u.issuerAndSerial.data == NULL)
1236
memcpy(val->u.issuerAndSerial.data, start, alloclen);
1237
val->u.issuerAndSerial.length = alloclen;
1239
} else return ASN1_BAD_ID;
1240
end_explicit_choice();
1765
begin_explicit_choice();
1766
if (t.tagnum == choice_trusted_cas_principalName) {
1767
val->choice = choice_trusted_cas_principalName;
1768
} else if (t.tagnum == choice_trusted_cas_caName) {
1769
val->choice = choice_trusted_cas_caName;
1770
val->u.caName.data = NULL;
1771
start = subbuf.next;
1773
sequence_of_no_tagvars(&subbuf);
1775
end_sequence_of_no_tagvars(&subbuf);
1778
alloclen = end - start;
1779
val->u.caName.data = malloc(alloclen);
1780
if (val->u.caName.data == NULL)
1781
clean_return(ENOMEM);
1782
memcpy(val->u.caName.data, start, alloclen);
1783
val->u.caName.length = alloclen;
1785
} else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
1786
val->choice = choice_trusted_cas_issuerAndSerial;
1787
val->u.issuerAndSerial.data = NULL;
1788
start = subbuf.next;
1790
sequence_of_no_tagvars(&subbuf);
1792
end_sequence_of_no_tagvars(&subbuf);
1795
alloclen = end - start;
1796
val->u.issuerAndSerial.data = malloc(alloclen);
1797
if (val->u.issuerAndSerial.data == NULL)
1798
clean_return(ENOMEM);
1799
memcpy(val->u.issuerAndSerial.data, start, alloclen);
1800
val->u.issuerAndSerial.length = alloclen;
1802
} else clean_return(ASN1_BAD_ID);
1803
end_explicit_choice();
1807
if (val->choice == choice_trusted_cas_caName)
1808
free(val->u.caName.data);
1809
else if (val->choice == choice_trusted_cas_issuerAndSerial)
1810
free(val->u.issuerAndSerial.data);
1811
val->choice = choice_trusted_cas_UNKNOWN;
1245
1815
asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
1818
val->choice = choice_trusted_cas_UNKNOWN;
1248
1819
{ begin_choice();
1249
if (tagnum == choice_trusted_cas_principalName) {
1250
val->choice = choice_trusted_cas_principalName;
1251
asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
1252
} else if (tagnum == choice_trusted_cas_caName) {
1253
val->choice = choice_trusted_cas_caName;
1254
get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
1255
} else if (tagnum == choice_trusted_cas_issuerAndSerial) {
1256
val->choice = choice_trusted_cas_issuerAndSerial;
1257
get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
1258
choice_trusted_cas_issuerAndSerial);
1259
} else return ASN1_BAD_ID;
1820
if (tagnum == choice_trusted_cas_principalName) {
1821
val->choice = choice_trusted_cas_principalName;
1822
val->u.principalName = NULL;
1823
asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
1824
} else if (tagnum == choice_trusted_cas_caName) {
1825
val->choice = choice_trusted_cas_caName;
1826
val->u.caName.data = NULL;
1827
get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
1828
} else if (tagnum == choice_trusted_cas_issuerAndSerial) {
1829
val->choice = choice_trusted_cas_issuerAndSerial;
1830
val->u.issuerAndSerial.data = NULL;
1831
get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
1832
choice_trusted_cas_issuerAndSerial);
1833
} else clean_return(ASN1_BAD_ID);
1838
if (val->choice == choice_trusted_cas_caName)
1839
free(val->u.caName.data);
1840
else if (val->choice == choice_trusted_cas_issuerAndSerial)
1841
free(val->u.issuerAndSerial.data);
1842
val->choice = choice_trusted_cas_UNKNOWN;
1848
asn1_decode_trusted_ca_ptr(asn1buf *buf, krb5_trusted_ca **valptr)
1850
decode_ptr(krb5_trusted_ca *, asn1_decode_trusted_ca);
1853
static void free_trusted_ca(void *dummy, krb5_trusted_ca *val)
1855
if (val->choice == choice_trusted_cas_caName)
1856
free(val->u.caName.data);
1857
else if (val->choice == choice_trusted_cas_issuerAndSerial)
1858
free(val->u.issuerAndSerial.data);
1266
1862
asn1_error_code asn1_decode_sequence_of_trusted_ca(asn1buf *buf, krb5_trusted_ca ***val)
1268
decode_array_body(krb5_trusted_ca, asn1_decode_trusted_ca);
1864
decode_array_body(krb5_trusted_ca, asn1_decode_trusted_ca_ptr,
1271
1868
asn1_error_code asn1_decode_pa_pk_as_req_draft9(asn1buf *buf, krb5_pa_pk_as_req_draft9 *val)
1274
{ begin_structure();
1275
get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
1276
opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
1277
opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
1278
opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
1872
val->signedAuthPack.data = NULL;
1873
val->kdcCert.data = NULL;
1874
val->encryptionCert.data = NULL;
1875
val->trustedCertifiers = NULL;
1876
{ begin_structure();
1877
get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
1878
opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
1879
opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
1880
opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
1885
free(val->signedAuthPack.data);
1886
free(val->kdcCert.data);
1887
free(val->encryptionCert.data);
1888
if (val->trustedCertifiers) {
1889
for (i = 0; val->trustedCertifiers[i]; i++)
1890
free_trusted_ca(NULL, val->trustedCertifiers[i]);
1891
free(val->trustedCertifiers);
1893
val->signedAuthPack.data = NULL;
1894
val->kdcCert.data = NULL;
1895
val->encryptionCert.data = NULL;
1896
val->trustedCertifiers = NULL;
1284
1900
asn1_error_code asn1_decode_dh_rep_info(asn1buf *buf, krb5_dh_rep_info *val)
1903
val->dhSignedData.data = NULL;
1904
val->serverDHNonce.data = NULL;
1287
1905
{ begin_structure();
1288
get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
1906
get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
1290
opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
1908
opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
1913
free(val->dhSignedData.data);
1914
free(val->serverDHNonce.data);
1915
val->dhSignedData.data = NULL;
1916
val->serverDHNonce.data = NULL;
1296
1920
asn1_error_code asn1_decode_pk_authenticator(asn1buf *buf, krb5_pk_authenticator *val)
1923
val->paChecksum.contents = NULL;
1299
1924
{ begin_structure();
1300
get_field(val->cusec, 0, asn1_decode_int32);
1301
get_field(val->ctime, 1, asn1_decode_kerberos_time);
1302
get_field(val->nonce, 2, asn1_decode_int32);
1303
opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
1925
get_field(val->cusec, 0, asn1_decode_int32);
1926
get_field(val->ctime, 1, asn1_decode_kerberos_time);
1927
get_field(val->nonce, 2, asn1_decode_int32);
1928
opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
1933
krb5_free_checksum_contents(NULL, &val->paChecksum);
1309
1937
asn1_error_code asn1_decode_pk_authenticator_draft9(asn1buf *buf, krb5_pk_authenticator_draft9 *val)
1940
val->kdcName = NULL;
1941
val->kdcRealm.data = NULL;
1312
1942
{ begin_structure();
1313
alloc_field(val->kdcName,krb5_principal_data);
1314
get_field(val->kdcName, 0, asn1_decode_principal_name);
1315
get_field(val->kdcName, 1, asn1_decode_realm);
1316
get_field(val->cusec, 2, asn1_decode_int32);
1317
get_field(val->ctime, 3, asn1_decode_kerberos_time);
1318
get_field(val->nonce, 4, asn1_decode_int32);
1943
alloc_principal(val->kdcName);
1944
get_field(val->kdcName, 0, asn1_decode_principal_name);
1945
get_field(val->kdcName, 1, asn1_decode_realm);
1946
get_field(val->cusec, 2, asn1_decode_int32);
1947
get_field(val->ctime, 3, asn1_decode_kerberos_time);
1948
get_field(val->nonce, 4, asn1_decode_int32);
1953
krb5_free_principal(NULL, val->kdcName);
1324
1957
asn1_error_code asn1_decode_algorithm_identifier(asn1buf *buf, krb5_algorithm_identifier *val) {
1327
{ begin_structure_no_tag();
1329
* Forbid indefinite encoding because we don't read enough tag
1330
* information from the trailing octets ("ANY DEFINED BY") to
1331
* synchronize EOC tags, etc.
1333
if (seqindef) return ASN1_BAD_FORMAT;
1335
* Set up tag variables because we don't actually call anything
1336
* that fetches tag info for us; it's all buried in the decoder
1339
tagnum = ASN1_TAGNUM_CEILING;
1340
asn1class = UNIVERSAL;
1341
construction = PRIMITIVE;
1344
retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
1345
&val->algorithm.data);
1346
if(retval) return retval;
1347
val->parameters.length = 0;
1960
val->algorithm.data = NULL;
1348
1961
val->parameters.data = NULL;
1350
if(length > subbuf.next - subbuf.base) {
1351
unsigned int size = length - (subbuf.next - subbuf.base);
1352
retval = asn1buf_remove_octetstring(&subbuf, size,
1353
&val->parameters.data);
1354
if(retval) return retval;
1355
val->parameters.length = size;
1962
{ begin_structure_no_tag();
1964
* Forbid indefinite encoding because we don't read enough tag
1965
* information from the trailing octets ("ANY DEFINED BY") to
1966
* synchronize EOC tags, etc.
1968
if (seqindef) clean_return(ASN1_BAD_FORMAT);
1970
* Set up tag variables because we don't actually call anything
1971
* that fetches tag info for us; it's all buried in the decoder
1974
tagnum = ASN1_TAGNUM_CEILING;
1975
asn1class = UNIVERSAL;
1976
construction = PRIMITIVE;
1979
retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
1980
&val->algorithm.data);
1981
if (retval) clean_return(retval);
1982
val->parameters.length = 0;
1983
val->parameters.data = NULL;
1985
assert(subbuf.next >= subbuf.base);
1986
if (length > (size_t)(subbuf.next - subbuf.base)) {
1987
unsigned int size = length - (subbuf.next - subbuf.base);
1988
retval = asn1buf_remove_octetstring(&subbuf, size,
1989
&val->parameters.data);
1990
if (retval) clean_return(retval);
1991
val->parameters.length = size;
1998
free(val->algorithm.data);
1999
free(val->parameters.data);
2000
val->algorithm.data = NULL;
2001
val->parameters.data = NULL;
2006
asn1_decode_algorithm_identifier_ptr(asn1buf *buf,
2007
krb5_algorithm_identifier **valptr)
2009
decode_ptr(krb5_algorithm_identifier *, asn1_decode_algorithm_identifier);
1363
2012
asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *val)
1365
2014
asn1_octet unused;
2016
val->algorithm.algorithm.data = NULL;
2017
val->algorithm.parameters.data = NULL;
2018
val->subjectPublicKey.data = NULL;
1367
2019
{ begin_structure_no_tag();
1369
retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
1370
if (retval) return retval;
1372
/* SubjectPublicKey encoded as a BIT STRING */
1374
if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
1375
tagnum != ASN1_BITSTRING)
1378
retval = asn1buf_remove_octet(&subbuf, &unused);
1379
if(retval) return retval;
1381
/* Number of unused bits must be between 0 and 7. */
1382
/* What to do if unused is not zero? */
1383
if (unused > 7) return ASN1_BAD_FORMAT;
1386
val->subjectPublicKey.length = 0;
1387
val->subjectPublicKey.data = NULL;
1388
retval = asn1buf_remove_octetstring(&subbuf, taglen,
1389
&val->subjectPublicKey.data);
1390
if(retval) return retval;
1391
val->subjectPublicKey.length = taglen;
1393
* We didn't call any macro that does next_tag(); do so now to
1394
* preload tag of any trailing encodings.
2021
retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
2022
if (retval) clean_return(retval);
2024
/* SubjectPublicKey encoded as a BIT STRING */
2026
if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
2027
tagnum != ASN1_BITSTRING)
2028
clean_return(ASN1_BAD_ID);
2030
retval = asn1buf_remove_octet(&subbuf, &unused);
2031
if (retval) clean_return(retval);
2033
/* Number of unused bits must be between 0 and 7. */
2034
/* What to do if unused is not zero? */
2035
if (unused > 7) clean_return(ASN1_BAD_FORMAT);
2038
val->subjectPublicKey.length = 0;
2039
val->subjectPublicKey.data = NULL;
2040
retval = asn1buf_remove_octetstring(&subbuf, taglen,
2041
&val->subjectPublicKey.data);
2042
if (retval) clean_return(retval);
2043
val->subjectPublicKey.length = taglen;
2045
* We didn't call any macro that does next_tag(); do so now to
2046
* preload tag of any trailing encodings.
2053
free(val->algorithm.algorithm.data);
2054
free(val->algorithm.parameters.data);
2055
free(val->subjectPublicKey.data);
2056
val->algorithm.algorithm.data = NULL;
2057
val->algorithm.parameters.data = NULL;
2058
val->subjectPublicKey.data = NULL;
2063
free_algorithm_identifier(void *dummy, krb5_algorithm_identifier *val)
2065
free(val->algorithm.data);
2066
free(val->parameters.data);
1402
2070
asn1_error_code asn1_decode_sequence_of_algorithm_identifier(asn1buf *buf, krb5_algorithm_identifier ***val)
1404
decode_array_body(krb5_algorithm_identifier, asn1_decode_algorithm_identifier);
2072
decode_array_body(krb5_algorithm_identifier,
2073
asn1_decode_algorithm_identifier_ptr,
2074
free_algorithm_identifier);
1407
2077
asn1_error_code asn1_decode_kdc_dh_key_info (asn1buf *buf, krb5_kdc_dh_key_info *val)
2080
val->subjectPublicKey.data = NULL;
1410
2081
{ begin_structure();
1411
retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
1412
if(retval) return retval;
1413
val->subjectPublicKey.length = taglen;
1415
get_field(val->nonce, 1, asn1_decode_int32);
1416
opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
2082
retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
2083
if (retval) clean_return(retval);
2084
val->subjectPublicKey.length = taglen;
2086
get_field(val->nonce, 1, asn1_decode_int32);
2087
opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
2092
free(val->subjectPublicKey.data);
2093
val->subjectPublicKey.data = NULL;
1422
2097
asn1_error_code asn1_decode_reply_key_pack (asn1buf *buf, krb5_reply_key_pack *val)
2100
val->replyKey.contents = NULL;
2101
val->asChecksum.contents = NULL;
1425
2102
{ begin_structure();
1426
get_field(val->replyKey, 0, asn1_decode_encryption_key);
1427
get_field(val->asChecksum, 1, asn1_decode_checksum);
2103
get_field(val->replyKey, 0, asn1_decode_encryption_key);
2104
get_field(val->asChecksum, 1, asn1_decode_checksum);
2109
free(val->replyKey.contents);
2110
free(val->asChecksum.contents);
2111
val->replyKey.contents = NULL;
2112
val->asChecksum.contents = NULL;
1433
2116
asn1_error_code asn1_decode_reply_key_pack_draft9 (asn1buf *buf, krb5_reply_key_pack_draft9 *val)
2119
val->replyKey.contents = NULL;
1436
2120
{ begin_structure();
1437
get_field(val->replyKey, 0, asn1_decode_encryption_key);
1438
get_field(val->nonce, 1, asn1_decode_int32);
2121
get_field(val->replyKey, 0, asn1_decode_encryption_key);
2122
get_field(val->nonce, 1, asn1_decode_int32);
2127
free(val->replyKey.contents);
2128
val->replyKey.contents = NULL;
1445
2133
asn1_error_code asn1_decode_krb5_principal_name (asn1buf *buf, krb5_principal *val)
2137
(*val)->realm.data = NULL;
2138
(*val)->data = NULL;
1448
2139
{ begin_structure();
1449
get_field(*val, 0, asn1_decode_realm);
1450
get_field(*val, 1, asn1_decode_principal_name);
2140
get_field(*val, 0, asn1_decode_realm);
2141
get_field(*val, 1, asn1_decode_principal_name);
2146
krb5_free_data_contents(NULL, &(*val)->realm);
2148
for (i = 0; i < (*val)->length; i++)
2149
krb5_free_data_contents(NULL, &(*val)->data[i]);
2152
(*val)->realm.data = NULL;
2153
(*val)->data = NULL;
1456
2157
asn1_error_code asn1_decode_auth_pack(asn1buf *buf, krb5_auth_pack *val)
2161
val->clientPublicValue = NULL;
2162
val->pkAuthenticator.paChecksum.contents = NULL;
2163
val->supportedCMSTypes = NULL;
2164
val->clientDHNonce.data = NULL;
1459
2165
{ begin_structure();
1460
get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
1461
if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }
1462
/* can't call opt_field because it does decoder(&subbuf, &(val)); */
1463
if (asn1buf_remains(&subbuf, seqindef)) {
1464
if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
1465
&& (tagnum || taglen || asn1class != UNIVERSAL))
1468
retval = asn1_decode_subject_pk_info(&subbuf,
1469
val->clientPublicValue);
1470
if (!taglen && indef) { get_eoc(); }
1472
} else val->clientPublicValue = NULL;
1474
/* can't call opt_field because it does decoder(&subbuf, &(val)); */
1475
if (asn1buf_remains(&subbuf, seqindef)) {
1477
asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
1478
if (!taglen && indef) { get_eoc(); }
1480
} else val->supportedCMSTypes = NULL;
1482
opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
2166
get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
2168
alloc_field(val->clientPublicValue);
2169
val->clientPublicValue->algorithm.algorithm.data = NULL;
2170
val->clientPublicValue->algorithm.parameters.data = NULL;
2171
val->clientPublicValue->subjectPublicKey.data = NULL;
2173
/* can't call opt_field because it does decoder(&subbuf, &(val)); */
2174
if (asn1buf_remains(&subbuf, seqindef)) {
2175
if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
2176
&& (tagnum || taglen || asn1class != UNIVERSAL))
2177
clean_return(ASN1_BAD_ID);
2179
retval = asn1_decode_subject_pk_info(&subbuf,
2180
val->clientPublicValue);
2181
if (retval) clean_return(retval);
2182
if (!taglen && indef) { get_eoc(); }
2184
} else val->clientPublicValue = NULL;
2186
/* can't call opt_field because it does decoder(&subbuf, &(val)); */
2187
if (asn1buf_remains(&subbuf, seqindef)) {
2189
retval = asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
2190
if (retval) clean_return(retval);
2191
if (!taglen && indef) { get_eoc(); }
2193
} else val->supportedCMSTypes = NULL;
2195
opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
2200
if (val->clientPublicValue) {
2201
free(val->clientPublicValue->algorithm.algorithm.data);
2202
free(val->clientPublicValue->algorithm.parameters.data);
2203
free(val->clientPublicValue->subjectPublicKey.data);
2204
free(val->clientPublicValue);
2206
free(val->pkAuthenticator.paChecksum.contents);
2207
if (val->supportedCMSTypes) {
2208
for (i = 0; val->supportedCMSTypes[i]; i++)
2209
free_algorithm_identifier(NULL, val->supportedCMSTypes[i]);
2210
free(val->supportedCMSTypes);
2212
free(val->clientDHNonce.data);
2213
val->clientPublicValue = NULL;
2214
val->pkAuthenticator.paChecksum.contents = NULL;
2215
val->supportedCMSTypes = NULL;
2216
val->clientDHNonce.data = NULL;
1488
2220
asn1_error_code asn1_decode_auth_pack_draft9(asn1buf *buf, krb5_auth_pack_draft9 *val)
2223
val->pkAuthenticator.kdcName = NULL;
2224
val->clientPublicValue = NULL;
1491
2225
{ begin_structure();
1492
get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
1494
alloc_field(val->clientPublicValue, krb5_subject_pk_info);
1495
/* can't call opt_field because it does decoder(&subbuf, &(val)); */
1496
if (asn1buf_remains(&subbuf, seqindef)) {
1497
if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
1498
&& (tagnum || taglen || asn1class != UNIVERSAL))
1501
retval = asn1_decode_subject_pk_info(&subbuf,
1502
val->clientPublicValue);
1503
if (!taglen && indef) { get_eoc(); }
1505
} else val->clientPublicValue = NULL;
2226
get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
2228
alloc_field(val->clientPublicValue);
2229
val->clientPublicValue->algorithm.algorithm.data = NULL;
2230
val->clientPublicValue->algorithm.parameters.data = NULL;
2231
val->clientPublicValue->subjectPublicKey.data = NULL;
2232
/* can't call opt_field because it does decoder(&subbuf, &(val)); */
2233
if (asn1buf_remains(&subbuf, seqindef)) {
2234
if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
2235
&& (tagnum || taglen || asn1class != UNIVERSAL))
2236
clean_return(ASN1_BAD_ID);
2238
retval = asn1_decode_subject_pk_info(&subbuf,
2239
val->clientPublicValue);
2240
if (retval) clean_return(retval);
2241
if (!taglen && indef) { get_eoc(); }
2243
} else val->clientPublicValue = NULL;
2250
free(val->pkAuthenticator.kdcName);
2251
if (val->clientPublicValue) {
2252
free(val->clientPublicValue->algorithm.algorithm.data);
2253
free(val->clientPublicValue->algorithm.parameters.data);
2254
free(val->clientPublicValue->subjectPublicKey.data);
2255
free(val->clientPublicValue);
2257
val->pkAuthenticator.kdcName = NULL;
2258
val->clientPublicValue = NULL;
1513
2262
asn1_error_code asn1_decode_pa_pk_as_rep(asn1buf *buf, krb5_pa_pk_as_rep *val)
1517
if (tagnum == choice_pa_pk_as_rep_dhInfo) {
1518
val->choice = choice_pa_pk_as_rep_dhInfo;
1519
get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
1520
} else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
1521
val->choice = choice_pa_pk_as_rep_encKeyPack;
1522
get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
1523
choice_pa_pk_as_rep_encKeyPack);
1525
val->choice = choice_pa_pk_as_rep_UNKNOWN;
2265
val->choice = choice_pa_pk_as_rep_UNKNOWN;
2267
if (tagnum == choice_pa_pk_as_rep_dhInfo) {
2268
val->choice = choice_pa_pk_as_rep_dhInfo;
2269
val->u.dh_Info.dhSignedData.data = NULL;
2270
val->u.dh_Info.serverDHNonce.data = NULL;
2271
get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
2272
} else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
2273
val->choice = choice_pa_pk_as_rep_encKeyPack;
2274
val->u.encKeyPack.data = NULL;
2275
get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
2276
choice_pa_pk_as_rep_encKeyPack);
2278
val->choice = choice_pa_pk_as_rep_UNKNOWN;
2284
if (val->choice == choice_pa_pk_as_rep_dhInfo) {
2285
free(val->u.dh_Info.dhSignedData.data);
2286
free(val->u.dh_Info.serverDHNonce.data);
2287
} else if (val->choice == choice_pa_pk_as_rep_encKeyPack) {
2288
free(val->u.encKeyPack.data);
2290
val->choice = choice_pa_pk_as_rep_UNKNOWN;
1532
2294
asn1_error_code asn1_decode_pa_pk_as_rep_draft9(asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val)
1535
{ begin_structure();
1536
if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
1537
val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
1538
get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
1539
choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
1540
} else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
1541
val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
1542
get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
1543
choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
1545
val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
2297
val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
2298
{ begin_structure();
2299
if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
2300
val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
2301
val->u.dhSignedData.data = NULL;
2302
get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
2303
choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
2304
} else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
2305
val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
2306
val->u.encKeyPack.data = NULL;
2307
get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
2308
choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
2310
val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
2316
if (val->choice == choice_pa_pk_as_rep_draft9_dhSignedData)
2317
free(val->u.dhSignedData.data);
2318
else if (val->choice == choice_pa_pk_as_rep_draft9_encKeyPack)
2319
free(val->u.encKeyPack.data);
2320
val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
2324
#endif /* DISABLE_PKINIT */
2326
static void free_typed_data(void *dummy, krb5_typed_data *val)
1552
2332
asn1_error_code asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data ***val)
1554
decode_array_body(krb5_typed_data,asn1_decode_typed_data);
1557
asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val)
1560
{ begin_structure();
1561
get_field(val->type,0,asn1_decode_int32);
1562
get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
2334
decode_array_body(krb5_typed_data,asn1_decode_typed_data_ptr,
2338
asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val)
2342
{ begin_structure();
2343
get_field(val->type,0,asn1_decode_int32);
2344
get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
2355
asn1_decode_typed_data_ptr(asn1buf *buf, krb5_typed_data **valptr)
2357
decode_ptr(krb5_typed_data *, asn1_decode_typed_data);