2 * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
3 * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
5 * Copyright (c) 2000 RP Internet (www.rpi.net.au).
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/config.h>
21 #include <linux/module.h>
22 #include <linux/types.h>
23 #include <linux/kernel.h>
25 #include <linux/slab.h>
28 #include "cifs_debug.h"
30 /*****************************************************************************
32 * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
34 *****************************************************************************/
37 #define ASN1_UNI 0 /* Universal */
38 #define ASN1_APL 1 /* Application */
39 #define ASN1_CTX 2 /* Context */
40 #define ASN1_PRV 3 /* Private */
43 #define ASN1_EOC 0 /* End Of Contents or N/A */
44 #define ASN1_BOL 1 /* Boolean */
45 #define ASN1_INT 2 /* Integer */
46 #define ASN1_BTS 3 /* Bit String */
47 #define ASN1_OTS 4 /* Octet String */
48 #define ASN1_NUL 5 /* Null */
49 #define ASN1_OJI 6 /* Object Identifier */
50 #define ASN1_OJD 7 /* Object Description */
51 #define ASN1_EXT 8 /* External */
52 #define ASN1_SEQ 16 /* Sequence */
53 #define ASN1_SET 17 /* Set */
54 #define ASN1_NUMSTR 18 /* Numerical String */
55 #define ASN1_PRNSTR 19 /* Printable String */
56 #define ASN1_TEXSTR 20 /* Teletext String */
57 #define ASN1_VIDSTR 21 /* Video String */
58 #define ASN1_IA5STR 22 /* IA5 String */
59 #define ASN1_UNITIM 23 /* Universal Time */
60 #define ASN1_GENTIM 24 /* General Time */
61 #define ASN1_GRASTR 25 /* Graphical String */
62 #define ASN1_VISSTR 26 /* Visible String */
63 #define ASN1_GENSTR 27 /* General String */
65 /* Primitive / Constructed methods*/
66 #define ASN1_PRI 0 /* Primitive */
67 #define ASN1_CON 1 /* Constructed */
72 #define ASN1_ERR_NOERROR 0
73 #define ASN1_ERR_DEC_EMPTY 2
74 #define ASN1_ERR_DEC_EOC_MISMATCH 3
75 #define ASN1_ERR_DEC_LENGTH_MISMATCH 4
76 #define ASN1_ERR_DEC_BADVALUE 5
78 #define SPNEGO_OID_LEN 7
79 #define NTLMSSP_OID_LEN 10
80 unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
81 unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
87 int error; /* Error condition */
88 unsigned char *pointer; /* Octet just to be decoded */
89 unsigned char *begin; /* First octet */
90 unsigned char *end; /* Octet after last octet */
94 * Octet string (not null terminated)
102 asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
105 ctx->end = buf + len;
107 ctx->error = ASN1_ERR_NOERROR;
111 asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
113 if (ctx->pointer >= ctx->end) {
114 ctx->error = ASN1_ERR_DEC_EMPTY;
117 *ch = *(ctx->pointer)++;
122 asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
129 if (!asn1_octet_decode(ctx, &ch))
133 } while ((ch & 0x80) == 0x80);
138 asn1_id_decode(struct asn1_ctx *ctx,
139 unsigned int *cls, unsigned int *con, unsigned int *tag)
143 if (!asn1_octet_decode(ctx, &ch))
146 *cls = (ch & 0xC0) >> 6;
147 *con = (ch & 0x20) >> 5;
151 if (!asn1_tag_decode(ctx, tag))
158 asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
160 unsigned char ch, cnt;
162 if (!asn1_octet_decode(ctx, &ch))
173 cnt = (unsigned char) (ch & 0x7F);
177 if (!asn1_octet_decode(ctx, &ch))
189 asn1_header_decode(struct asn1_ctx *ctx,
191 unsigned int *cls, unsigned int *con, unsigned int *tag)
193 unsigned int def, len;
195 if (!asn1_id_decode(ctx, cls, con, tag))
198 if (!asn1_length_decode(ctx, &def, &len))
202 *eoc = ctx->pointer + len;
209 asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
214 if (!asn1_octet_decode(ctx, &ch))
218 ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
222 if (!asn1_octet_decode(ctx, &ch))
226 ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
231 if (ctx->pointer != eoc) {
232 ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
239 /* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
246 static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
247 unsigned char *eoc, long *integer)
252 if (!asn1_octet_decode(ctx, &ch))
255 *integer = (signed char) ch;
258 while (ctx->pointer < eoc) {
259 if (++len > sizeof(long)) {
260 ctx->error = ASN1_ERR_DEC_BADVALUE;
264 if (!asn1_octet_decode(ctx, &ch))
273 static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
275 unsigned int *integer)
280 if (!asn1_octet_decode(ctx, &ch))
289 while (ctx->pointer < eoc) {
290 if (++len > sizeof(unsigned int)) {
291 ctx->error = ASN1_ERR_DEC_BADVALUE;
295 if (!asn1_octet_decode(ctx, &ch))
304 static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
306 unsigned long *integer)
311 if (!asn1_octet_decode(ctx, &ch))
320 while (ctx->pointer < eoc) {
321 if (++len > sizeof(unsigned long)) {
322 ctx->error = ASN1_ERR_DEC_BADVALUE;
326 if (!asn1_octet_decode(ctx, &ch))
336 asn1_octets_decode(struct asn1_ctx *ctx,
338 unsigned char **octets, unsigned int *len)
344 *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
345 if (*octets == NULL) {
350 while (ctx->pointer < eoc) {
351 if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
362 asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
369 if (!asn1_octet_decode(ctx, &ch))
374 } while ((ch & 0x80) == 0x80);
379 asn1_oid_decode(struct asn1_ctx *ctx,
380 unsigned char *eoc, unsigned long **oid, unsigned int *len)
386 size = eoc - ctx->pointer + 1;
387 *oid = kmalloc(size * sizeof (unsigned long), GFP_ATOMIC);
394 if (!asn1_subid_decode(ctx, &subid)) {
403 } else if (subid < 80) {
405 optr[1] = subid - 40;
408 optr[1] = subid - 80;
414 while (ctx->pointer < eoc) {
415 if (++(*len) > size) {
416 ctx->error = ASN1_ERR_DEC_BADVALUE;
422 if (!asn1_subid_decode(ctx, optr++)) {
432 compare_oid(unsigned long *oid1, unsigned int oid1len,
433 unsigned long *oid2, unsigned int oid2len)
437 if (oid1len != oid2len)
440 for (i = 0; i < oid1len; i++) {
441 if (oid1[i] != oid2[i])
448 /* BB check for endian conversion issues here */
451 decode_negTokenInit(unsigned char *security_blob, int length,
452 enum securityEnum *secType)
456 unsigned char *sequence_end;
458 unsigned int cls, con, tag, oidlen, rc;
459 int use_ntlmssp = FALSE;
461 *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default */
463 /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
465 asn1_open(&ctx, security_blob, length);
467 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
468 cFYI(1, ("Error decoding negTokenInit header "));
470 } else if ((cls != ASN1_APL) || (con != ASN1_CON)
471 || (tag != ASN1_EOC)) {
472 cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
475 /* remember to free obj->oid */
476 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
478 if ((tag == ASN1_OJI) && (cls == ASN1_PRI)) {
479 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
481 rc = compare_oid(oid, oidlen,
491 cFYI(1, ("Error decoding negTokenInit header"));
495 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
496 cFYI(1, ("Error decoding negTokenInit "));
498 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
499 || (tag != ASN1_EOC)) {
500 cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 0",
501 cls, con, tag, end, *end));
505 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
506 cFYI(1, ("Error decoding negTokenInit "));
508 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
509 || (tag != ASN1_SEQ)) {
510 cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 1",
511 cls, con, tag, end, *end));
515 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
516 cFYI(1, ("Error decoding 2nd part of negTokenInit "));
518 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
519 || (tag != ASN1_EOC)) {
521 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
522 cls, con, tag, end, *end));
526 if (asn1_header_decode
527 (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
528 cFYI(1, ("Error decoding 2nd part of negTokenInit "));
530 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
531 || (tag != ASN1_SEQ)) {
533 ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
534 cls, con, tag, end, *end));
538 while (!asn1_eoc_decode(&ctx, sequence_end)) {
539 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
542 ("Error 1 decoding negTokenInit header exit 2"));
545 if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
546 asn1_oid_decode(&ctx, end, &oid, &oidlen);
548 ("OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx",
549 oidlen, *oid, *(oid + 1), *(oid + 2),
551 rc = compare_oid(oid, oidlen, NTLMSSP_OID,
557 cFYI(1,("This should be an oid what is going on? "));
561 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
563 ("Error decoding last part of negTokenInit exit 3"));
565 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { /* tag = 3 indicating mechListMIC */
567 ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
568 cls, con, tag, end, *end));
571 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
573 ("Error decoding last part of negTokenInit exit 5"));
575 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
576 || (tag != ASN1_SEQ)) {
578 ("Exit 6 cls = %d con = %d tag = %d end = %p (%d)",
579 cls, con, tag, end, *end));
582 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
584 ("Error decoding last part of negTokenInit exit 7"));
586 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
588 ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
589 cls, con, tag, end, *end));
592 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
594 ("Error decoding last part of negTokenInit exit 9"));
596 } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
597 || (tag != ASN1_GENSTR)) {
599 ("Exit 10 cls = %d con = %d tag = %d end = %p (%d)",
600 cls, con, tag, end, *end));
603 cFYI(1, ("Need to call asn1_octets_decode() function for this %s", ctx.pointer)); /* is this UTF-8 or ASCII? */
git://git.onelab.eu / linux-2.6.git / blob