#include "asn1_k_encode.h"
#include "asn1_make.h"
#include "asn1_encode.h"
#include <assert.h>
#define asn1_setup()\
asn1_error_code retval;\
unsigned int sum=0
#define asn1_makeseq()\
{ unsigned int length;\
retval = asn1_make_sequence(buf,sum,&length);\
if (retval) {\
return retval; }\
sum += length; }
#define asn1_cleanup()\
*retlen = sum;\
return 0
#define asn1_addfield(value,tag,encoder)\
{ unsigned int length; \
retval = encoder(buf,value,&length); \
if (retval) {\
return retval; }\
sum += length;\
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
if (retval) {\
return retval; }\
sum += length; }
DEFINTTYPE(int32, krb5_int32);
DEFPTRTYPE(int32_ptr, int32);
DEFUINTTYPE(uint, unsigned int);
DEFUINTTYPE(octet, krb5_octet);
DEFUINTTYPE(ui_4, krb5_ui_4);
DEFFNLENTYPE(octetstring, unsigned char *, asn1_encode_octetstring);
DEFFNLENTYPE(s_octetstring, char *, asn1_encode_octetstring);
DEFFNLENTYPE(charstring, char *, asn1_encode_charstring);
DEFFNLENTYPE(generalstring, char *, asn1_encode_generalstring);
DEFFNLENTYPE(u_generalstring, unsigned char *, asn1_encode_generalstring);
DEFFNLENTYPE(opaque, char *, asn1_encode_opaque);
DEFFIELDTYPE(gstring_data, krb5_data,
FIELDOF_STRING(krb5_data, generalstring, data, length, -1));
DEFPTRTYPE(gstring_data_ptr,gstring_data);
DEFFIELDTYPE(ostring_data, krb5_data,
FIELDOF_STRING(krb5_data, s_octetstring, data, length, -1));
DEFPTRTYPE(ostring_data_ptr,ostring_data);
DEFFIELDTYPE(opaque_data, krb5_data,
FIELDOF_STRING(krb5_data, opaque, data, length, -1));
DEFFIELDTYPE(realm_of_principal_data, krb5_principal_data,
FIELDOF_NORM(krb5_principal_data, gstring_data, realm, -1));
DEFPTRTYPE(realm_of_principal, realm_of_principal_data);
static const struct field_info princname_fields[] = {
FIELDOF_NORM(krb5_principal_data, int32, type, 0),
FIELDOF_SEQOF_INT32(krb5_principal_data, gstring_data_ptr, data, length, 1),
};
DEFSEQTYPE(principal_data, krb5_principal_data, princname_fields, 0);
DEFPTRTYPE(principal, principal_data);
static asn1_error_code
asn1_encode_kerberos_time_at(asn1buf *buf, const krb5_timestamp *val,
unsigned int *retlen)
{
time_t tval = *val;
return asn1_encode_generaltime(buf, tval, retlen);
}
DEFFNXTYPE(kerberos_time, krb5_timestamp, asn1_encode_kerberos_time_at);
const static struct field_info address_fields[] = {
FIELDOF_NORM(krb5_address, int32, addrtype, 0),
FIELDOF_STRING(krb5_address, octetstring, contents, length, 1),
};
DEFSEQTYPE(address, krb5_address, address_fields, 0);
DEFPTRTYPE(address_ptr, address);
DEFNULLTERMSEQOFTYPE(seq_of_host_addresses, address_ptr);
DEFPTRTYPE(ptr_seqof_host_addresses, seq_of_host_addresses);
static unsigned int
optional_encrypted_data (const void *vptr)
{
const krb5_enc_data *val = vptr;
unsigned int optional = 0;
if (val->kvno != 0)
optional |= (1u << 1);
return optional;
}
static const struct field_info encrypted_data_fields[] = {
FIELDOF_NORM(krb5_enc_data, int32, enctype, 0),
FIELDOF_OPT(krb5_enc_data, uint, kvno, 1, 1),
FIELDOF_NORM(krb5_enc_data, ostring_data, ciphertext, 2),
};
DEFSEQTYPE(encrypted_data, krb5_enc_data, encrypted_data_fields,
optional_encrypted_data);
static asn1_error_code
asn1_encode_krb5_flags_at(asn1buf *buf, const krb5_flags *val,
unsigned int *retlen)
{
unsigned char cbuf[4];
store_32_be((krb5_ui_4) *val, cbuf);
return asn1_encode_bitstring(buf, 4, cbuf, retlen);
}
DEFFNXTYPE(krb5_flags, krb5_flags, asn1_encode_krb5_flags_at);
const static struct field_info authdata_elt_fields[] = {
FIELDOF_NORM(krb5_authdata, int32, ad_type, 0),
FIELDOF_STRING(krb5_authdata, octetstring, contents, length, 1),
};
DEFSEQTYPE(authdata_elt, krb5_authdata, authdata_elt_fields, 0);
DEFPTRTYPE(authdata_elt_ptr, authdata_elt);
DEFNONEMPTYNULLTERMSEQOFTYPE(auth_data, authdata_elt_ptr);
DEFPTRTYPE(auth_data_ptr, auth_data);
static const struct field_info encryption_key_fields[] = {
FIELDOF_NORM(krb5_keyblock, int32, enctype, 0),
FIELDOF_STRING(krb5_keyblock, octetstring, contents, length, 1),
};
DEFSEQTYPE(encryption_key, krb5_keyblock, encryption_key_fields, 0);
DEFPTRTYPE(ptr_encryption_key, encryption_key);
static const struct field_info checksum_fields[] = {
FIELDOF_NORM(krb5_checksum, int32, checksum_type, 0),
FIELDOF_STRING(krb5_checksum, octetstring, contents, length, 1),
};
DEFSEQTYPE(checksum, krb5_checksum, checksum_fields, 0);
DEFPTRTYPE(checksum_ptr, checksum);
DEFNULLTERMSEQOFTYPE(seq_of_checksum, checksum_ptr);
DEFPTRTYPE(ptr_seqof_checksum, seq_of_checksum);
static const struct field_info lr_fields[] = {
FIELDOF_NORM(krb5_last_req_entry, int32, lr_type, 0),
FIELDOF_NORM(krb5_last_req_entry, kerberos_time, value, 1),
};
DEFSEQTYPE(last_req_ent, krb5_last_req_entry, lr_fields, 0);
DEFPTRTYPE(last_req_ent_ptr, last_req_ent);
DEFNONEMPTYNULLTERMSEQOFTYPE(last_req, last_req_ent_ptr);
DEFPTRTYPE(last_req_ptr, last_req);
static const struct field_info ticket_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELDOF_NORM(krb5_ticket, realm_of_principal, server, 1),
FIELDOF_NORM(krb5_ticket, principal, server, 2),
FIELDOF_NORM(krb5_ticket, encrypted_data, enc_part, 3),
};
DEFSEQTYPE(untagged_ticket, krb5_ticket, ticket_fields, 0);
DEFAPPTAGGEDTYPE(ticket, 1, untagged_ticket);
DEFPTRTYPE(ticket_ptr, ticket);
DEFNONEMPTYNULLTERMSEQOFTYPE(seq_of_ticket,ticket_ptr);
DEFPTRTYPE(ptr_seqof_ticket, seq_of_ticket);
static const struct field_info enc_kdc_rep_part_fields[] = {
FIELDOF_NORM(krb5_enc_kdc_rep_part, ptr_encryption_key, session, 0),
FIELDOF_NORM(krb5_enc_kdc_rep_part, last_req_ptr, last_req, 1),
FIELDOF_NORM(krb5_enc_kdc_rep_part, int32, nonce, 2),
FIELDOF_OPT(krb5_enc_kdc_rep_part, kerberos_time, key_exp, 3, 3),
FIELDOF_NORM(krb5_enc_kdc_rep_part, krb5_flags, flags, 4),
FIELDOF_NORM(krb5_enc_kdc_rep_part, kerberos_time, times.authtime, 5),
FIELDOF_OPT(krb5_enc_kdc_rep_part, kerberos_time, times.starttime, 6, 6),
FIELDOF_NORM(krb5_enc_kdc_rep_part, kerberos_time, times.endtime, 7),
FIELDOF_OPT(krb5_enc_kdc_rep_part, kerberos_time, times.renew_till, 8, 8),
FIELDOF_NORM(krb5_enc_kdc_rep_part, realm_of_principal, server, 9),
FIELDOF_NORM(krb5_enc_kdc_rep_part, principal, server, 10),
FIELDOF_OPT(krb5_enc_kdc_rep_part, ptr_seqof_host_addresses, caddrs,
11, 11),
};
static unsigned int optional_enc_kdc_rep_part(const void *p)
{
const krb5_enc_kdc_rep_part *val = p;
unsigned int optional = 0;
if (val->key_exp)
optional |= (1u << 3);
if (val->times.starttime)
optional |= (1u << 6);
if (val->flags & TKT_FLG_RENEWABLE)
optional |= (1u << 8);
if (val->caddrs != NULL && val->caddrs[0] != NULL)
optional |= (1u << 11);
return optional;
}
DEFSEQTYPE(enc_kdc_rep_part, krb5_enc_kdc_rep_part, enc_kdc_rep_part_fields,
optional_enc_kdc_rep_part);
struct kdc_req_hack {
krb5_kdc_req v;
krb5_data *server_realm;
};
static const struct field_info kdc_req_hack_fields[] = {
FIELDOF_NORM(struct kdc_req_hack, krb5_flags, v.kdc_options, 0),
FIELDOF_OPT(struct kdc_req_hack, principal, v.client, 1, 1),
FIELDOF_NORM(struct kdc_req_hack, gstring_data_ptr, server_realm, 2),
FIELDOF_OPT(struct kdc_req_hack, principal, v.server, 3, 3),
FIELDOF_OPT(struct kdc_req_hack, kerberos_time, v.from, 4, 4),
FIELDOF_NORM(struct kdc_req_hack, kerberos_time, v.till, 5),
FIELDOF_OPT(struct kdc_req_hack, kerberos_time, v.rtime, 6, 6),
FIELDOF_NORM(struct kdc_req_hack, int32, v.nonce, 7),
FIELDOF_SEQOF_INT32(struct kdc_req_hack, int32_ptr, v.ktype, v.nktypes, 8),
FIELDOF_OPT(struct kdc_req_hack, ptr_seqof_host_addresses, v.addresses, 9, 9),
FIELDOF_OPT(struct kdc_req_hack, encrypted_data, v.authorization_data, 10, 10),
FIELDOF_OPT(struct kdc_req_hack, ptr_seqof_ticket, v.second_ticket, 11, 11),
};
static unsigned int optional_kdc_req_hack(const void *p)
{
const struct kdc_req_hack *val2 = p;
const krb5_kdc_req *val = &val2->v;
unsigned int optional = 0;
if (val->second_ticket != NULL && val->second_ticket[0] != NULL)
optional |= (1u << 11);
if (val->authorization_data.ciphertext.data != NULL)
optional |= (1u << 10);
if (val->addresses != NULL && val->addresses[0] != NULL)
optional |= (1u << 9);
if (val->rtime)
optional |= (1u << 6);
if (val->from)
optional |= (1u << 4);
if (val->server != NULL)
optional |= (1u << 3);
if (val->client != NULL)
optional |= (1u << 1);
return optional;
}
DEFSEQTYPE(kdc_req_body_hack, struct kdc_req_hack, kdc_req_hack_fields,
optional_kdc_req_hack);
static asn1_error_code
asn1_encode_kdc_req_hack(asn1buf *, const struct kdc_req_hack *,
unsigned int *);
MAKE_ENCFN(asn1_encode_kdc_req_hack, kdc_req_body_hack);
static asn1_error_code
asn1_encode_kdc_req_body(asn1buf *buf, const krb5_kdc_req *val,
unsigned int *retlen)
{
struct kdc_req_hack val2;
val2.v = *val;
if (val->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY) {
if (val->second_ticket != NULL && val->second_ticket[0] != NULL) {
val2.server_realm = &val->second_ticket[0]->server->realm;
} else return ASN1_MISSING_FIELD;
} else if (val->server != NULL) {
val2.server_realm = &val->server->realm;
} else return ASN1_MISSING_FIELD;
return asn1_encode_kdc_req_hack(buf, &val2, retlen);
}
DEFFNXTYPE(kdc_req_body, krb5_kdc_req, asn1_encode_kdc_req_body);
static const struct field_info transited_fields[] = {
FIELDOF_NORM(krb5_transited, octet, tr_type, 0),
FIELDOF_NORM(krb5_transited, ostring_data, tr_contents, 1),
};
DEFSEQTYPE(transited, krb5_transited, transited_fields, 0);
static const struct field_info pa_data_fields[] = {
FIELDOF_NORM(krb5_pa_data, int32, pa_type, 1),
FIELDOF_STRING(krb5_pa_data, octetstring, contents, length, 2),
};
DEFSEQTYPE(pa_data, krb5_pa_data, pa_data_fields, 0);
DEFPTRTYPE(pa_data_ptr, pa_data);
DEFNULLTERMSEQOFTYPE(seq_of_pa_data, pa_data_ptr);
DEFPTRTYPE(ptr_seqof_pa_data, seq_of_pa_data);
static const struct field_info krb_safe_body_fields[] = {
FIELDOF_NORM(krb5_safe, ostring_data, user_data, 0),
FIELDOF_OPT(krb5_safe, kerberos_time, timestamp, 1, 1),
FIELDOF_OPT(krb5_safe, int32, usec, 2, 2),
FIELDOF_OPT(krb5_safe, uint, seq_number, 3, 3),
FIELDOF_NORM(krb5_safe, address_ptr, s_address, 4),
FIELDOF_OPT(krb5_safe, address_ptr, r_address, 5, 5),
};
static unsigned int optional_krb_safe_body(const void *p)
{
const krb5_safe *val = p;
unsigned int optional = 0;
if (val->timestamp) {
optional |= (1u << 1);
optional |= (1u << 2);
}
if (val->seq_number)
optional |= (1u << 3);
if (val->r_address != NULL)
optional |= (1u << 5);
return optional;
}
DEFSEQTYPE(krb_safe_body, krb5_safe, krb_safe_body_fields,
optional_krb_safe_body);
static const struct field_info krb_cred_info_fields[] = {
FIELDOF_NORM(krb5_cred_info, ptr_encryption_key, session, 0),
FIELDOF_OPT(krb5_cred_info, realm_of_principal, client, 1, 1),
FIELDOF_OPT(krb5_cred_info, principal, client, 2, 2),
FIELDOF_OPT(krb5_cred_info, krb5_flags, flags, 3, 3),
FIELDOF_OPT(krb5_cred_info, kerberos_time, times.authtime, 4, 4),
FIELDOF_OPT(krb5_cred_info, kerberos_time, times.starttime, 5, 5),
FIELDOF_OPT(krb5_cred_info, kerberos_time, times.endtime, 6, 6),
FIELDOF_OPT(krb5_cred_info, kerberos_time, times.renew_till, 7, 7),
FIELDOF_OPT(krb5_cred_info, realm_of_principal, server, 8, 8),
FIELDOF_OPT(krb5_cred_info, principal, server, 9, 9),
FIELDOF_OPT(krb5_cred_info, ptr_seqof_host_addresses, caddrs, 10, 10),
};
static unsigned int optional_krb_cred_info(const void *p)
{
const krb5_cred_info *val = p;
unsigned int optional = 0;
if (val->caddrs != NULL && val->caddrs[0] != NULL)
optional |= (1u << 10);
if (val->server != NULL) {
optional |= (1u << 9);
optional |= (1u << 8);
}
if (val->times.renew_till)
optional |= (1u << 7);
if (val->times.endtime)
optional |= (1u << 6);
if (val->times.starttime)
optional |= (1u << 5);
if (val->times.authtime)
optional |= (1u << 4);
if (val->flags)
optional |= (1u << 3);
if (val->client != NULL) {
optional |= (1u << 2);
optional |= (1u << 1);
}
return optional;
}
DEFSEQTYPE(cred_info, krb5_cred_info, krb_cred_info_fields,
optional_krb_cred_info);
DEFPTRTYPE(cred_info_ptr, cred_info);
DEFNULLTERMSEQOFTYPE(seq_of_cred_info, cred_info_ptr);
DEFPTRTYPE(ptrseqof_cred_info, seq_of_cred_info);
static unsigned int
optional_etype_info_entry(const void *vptr)
{
const krb5_etype_info_entry *val = vptr;
unsigned int optional = 0;
if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT)
optional |= (1u << 1);
return optional;
}
static const struct field_info etype_info_entry_fields[] = {
FIELDOF_NORM(krb5_etype_info_entry, int32, etype, 0),
FIELDOF_OPTSTRING(krb5_etype_info_entry, octetstring, salt, length, 1, 1),
};
DEFSEQTYPE(etype_info_entry, krb5_etype_info_entry, etype_info_entry_fields,
optional_etype_info_entry);
static unsigned int
optional_etype_info2_entry(const void *vptr)
{
const krb5_etype_info_entry *val = vptr;
unsigned int optional = 0;
if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT)
optional |= (1u << 1);
if (val->s2kparams.data)
optional |= (1u << 2);
return optional;
}
static const struct field_info etype_info2_entry_fields[] = {
FIELDOF_NORM(krb5_etype_info_entry, int32, etype, 0),
FIELDOF_OPTSTRING(krb5_etype_info_entry, u_generalstring, salt, length,
1, 1),
FIELDOF_OPT(krb5_etype_info_entry, ostring_data, s2kparams, 2, 2),
};
DEFSEQTYPE(etype_info2_entry, krb5_etype_info_entry, etype_info2_entry_fields,
optional_etype_info2_entry);
DEFPTRTYPE(etype_info_entry_ptr, etype_info_entry);
DEFNULLTERMSEQOFTYPE(etype_info, etype_info_entry_ptr);
DEFPTRTYPE(etype_info2_entry_ptr, etype_info2_entry);
DEFNULLTERMSEQOFTYPE(etype_info2, etype_info2_entry_ptr);
static const struct field_info passwdsequence_fields[] = {
FIELDOF_NORM(passwd_phrase_element, ostring_data_ptr, passwd, 0),
FIELDOF_NORM(passwd_phrase_element, ostring_data_ptr, phrase, 1),
};
DEFSEQTYPE(passwdsequence, passwd_phrase_element, passwdsequence_fields, 0);
DEFPTRTYPE(passwdsequence_ptr, passwdsequence);
DEFNONEMPTYNULLTERMSEQOFTYPE(seqof_passwdsequence, passwdsequence_ptr);
DEFPTRTYPE(ptr_seqof_passwdsequence, seqof_passwdsequence);
static const struct field_info sam_challenge_fields[] = {
FIELDOF_NORM(krb5_sam_challenge, int32, sam_type, 0),
FIELDOF_NORM(krb5_sam_challenge, krb5_flags, sam_flags, 1),
FIELDOF_OPT(krb5_sam_challenge, ostring_data, sam_type_name, 2, 2),
FIELDOF_OPT(krb5_sam_challenge, ostring_data, sam_track_id,3, 3),
FIELDOF_OPT(krb5_sam_challenge, ostring_data, sam_challenge_label,4, 4),
FIELDOF_OPT(krb5_sam_challenge, ostring_data, sam_challenge,5, 5),
FIELDOF_OPT(krb5_sam_challenge, ostring_data, sam_response_prompt,6, 6),
FIELDOF_OPT(krb5_sam_challenge, ostring_data, sam_pk_for_sad,7, 7),
FIELDOF_OPT(krb5_sam_challenge, int32, sam_nonce, 8, 8),
FIELDOF_OPT(krb5_sam_challenge, checksum, sam_cksum, 9, 9),
};
static unsigned int optional_sam_challenge(const void *p)
{
const krb5_sam_challenge *val = p;
unsigned int optional = 0;
if (val->sam_cksum.length)
optional |= (1u << 9);
if (val->sam_nonce)
optional |= (1u << 8);
if (val->sam_pk_for_sad.length > 0) optional |= (1u << 7);
if (val->sam_response_prompt.length > 0) optional |= (1u << 6);
if (val->sam_challenge.length > 0) optional |= (1u << 5);
if (val->sam_challenge_label.length > 0) optional |= (1u << 4);
if (val->sam_track_id.length > 0) optional |= (1u << 3);
if (val->sam_type_name.length > 0) optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(sam_challenge,krb5_sam_challenge,sam_challenge_fields,
optional_sam_challenge);
#if 0
MAKE_ENCFN(asn1_encode_sequence_of_checksum, seq_of_checksum);
static asn1_error_code
asn1_encode_sam_challenge_2(asn1buf *buf, const krb5_sam_challenge_2 *val,
unsigned int *retlen)
{
asn1_setup();
if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
return ASN1_MISSING_FIELD;
asn1_addfield(val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
{
unsigned int length;
retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
(unsigned char *)val->sam_challenge_2_body.data);
if (retval) {
return retval;
}
sum += val->sam_challenge_2_body.length;
retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
val->sam_challenge_2_body.length, &length);
if (retval) {
return retval;
}
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
DEFFNXTYPE(sam_challenge_2, krb5_sam_challenge_2, asn1_encode_sam_challenge_2);
static const struct field_info sam_challenge_2_body_fields[] = {
FIELDOF_NORM(krb5_sam_challenge_2_body, int32, sam_type, 0),
FIELDOF_NORM(krb5_sam_challenge_2_body, krb5_flags, sam_flags, 1),
FIELDOF_OPT(krb5_sam_challenge_2_body, ostring_data, sam_type_name, 2, 2),
FIELDOF_OPT(krb5_sam_challenge_2_body, ostring_data, sam_track_id,3, 3),
FIELDOF_OPT(krb5_sam_challenge_2_body, ostring_data, sam_challenge_label,4, 4),
FIELDOF_OPT(krb5_sam_challenge_2_body, ostring_data, sam_challenge,5, 5),
FIELDOF_OPT(krb5_sam_challenge_2_body, ostring_data, sam_response_prompt,6, 6),
FIELDOF_OPT(krb5_sam_challenge_2_body, ostring_data, sam_pk_for_sad,7, 7),
FIELDOF_NORM(krb5_sam_challenge_2_body, int32, sam_nonce, 8),
FIELDOF_NORM(krb5_sam_challenge_2_body, int32, sam_etype, 9),
};
static unsigned int optional_sam_challenge_2_body(const void *p)
{
const krb5_sam_challenge_2_body *val = p;
unsigned int optional = 0;
if (val->sam_pk_for_sad.length > 0) optional |= (1u << 7);
if (val->sam_response_prompt.length > 0) optional |= (1u << 6);
if (val->sam_challenge.length > 0) optional |= (1u << 5);
if (val->sam_challenge_label.length > 0) optional |= (1u << 4);
if (val->sam_track_id.length > 0) optional |= (1u << 3);
if (val->sam_type_name.length > 0) optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(sam_challenge_2_body,krb5_sam_challenge_2_body,sam_challenge_2_body_fields,
optional_sam_challenge_2_body);
#endif
static const struct field_info sam_key_fields[] = {
FIELDOF_NORM(krb5_sam_key, encryption_key, sam_key, 0),
};
DEFSEQTYPE(sam_key, krb5_sam_key, sam_key_fields, 0);
static const struct field_info enc_sam_response_enc_fields[] = {
FIELDOF_NORM(krb5_enc_sam_response_enc, int32, sam_nonce, 0),
FIELDOF_NORM(krb5_enc_sam_response_enc, kerberos_time, sam_timestamp, 1),
FIELDOF_NORM(krb5_enc_sam_response_enc, int32, sam_usec, 2),
FIELDOF_OPT(krb5_enc_sam_response_enc, ostring_data, sam_sad, 3, 3),
};
static unsigned int optional_enc_sam_response_enc(const void *p)
{
const krb5_enc_sam_response_enc *val = p;
unsigned int optional = 0;
if (val->sam_sad.length > 0) optional |= (1u << 3);
return optional;
}
DEFSEQTYPE(enc_sam_response_enc, krb5_enc_sam_response_enc,
enc_sam_response_enc_fields, optional_enc_sam_response_enc);
static const struct field_info enc_sam_response_enc_2_fields[] = {
FIELDOF_NORM(krb5_enc_sam_response_enc_2, int32, sam_nonce, 0),
FIELDOF_OPT(krb5_enc_sam_response_enc_2, ostring_data, sam_sad, 1, 1),
};
static unsigned int optional_enc_sam_response_enc_2(const void *p)
{
const krb5_enc_sam_response_enc_2 *val = p;
unsigned int optional = 0;
if (val->sam_sad.length > 0) optional |= (1u << 1);
return optional;
}
DEFSEQTYPE(enc_sam_response_enc_2, krb5_enc_sam_response_enc_2,
enc_sam_response_enc_2_fields, optional_enc_sam_response_enc_2);
static const struct field_info sam_response_fields[] = {
FIELDOF_NORM(krb5_sam_response, int32, sam_type, 0),
FIELDOF_NORM(krb5_sam_response, krb5_flags, sam_flags, 1),
FIELDOF_OPT(krb5_sam_response, ostring_data, sam_track_id, 2, 2),
FIELDOF_OPT(krb5_sam_response, encrypted_data, sam_enc_key, 3, 3),
FIELDOF_NORM(krb5_sam_response, encrypted_data, sam_enc_nonce_or_ts, 4),
FIELDOF_OPT(krb5_sam_response, int32, sam_nonce, 5, 5),
FIELDOF_OPT(krb5_sam_response, kerberos_time, sam_patimestamp, 6, 6),
};
static unsigned int optional_sam_response(const void *p)
{
const krb5_sam_response *val = p;
unsigned int optional = 0;
if (val->sam_patimestamp)
optional |= (1u << 6);
if (val->sam_nonce)
optional |= (1u << 5);
if (val->sam_enc_key.ciphertext.length)
optional |= (1u << 3);
if (val->sam_track_id.length > 0) optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(sam_response, krb5_sam_response, sam_response_fields,
optional_sam_response);
static const struct field_info sam_response_2_fields[] = {
FIELDOF_NORM(krb5_sam_response_2, int32, sam_type, 0),
FIELDOF_NORM(krb5_sam_response_2, krb5_flags, sam_flags, 1),
FIELDOF_OPT(krb5_sam_response_2, ostring_data, sam_track_id, 2, 2),
FIELDOF_NORM(krb5_sam_response_2, encrypted_data, sam_enc_nonce_or_sad, 3),
FIELDOF_NORM(krb5_sam_response_2, int32, sam_nonce, 4),
};
static unsigned int optional_sam_response_2(const void *p)
{
const krb5_sam_response_2 *val = p;
unsigned int optional = 0;
if (val->sam_track_id.length > 0) optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(sam_response_2, krb5_sam_response_2, sam_response_2_fields,
optional_sam_response_2);
static const struct field_info predicted_sam_response_fields[] = {
FIELDOF_NORM(krb5_predicted_sam_response, encryption_key, sam_key, 0),
FIELDOF_NORM(krb5_predicted_sam_response, krb5_flags, sam_flags, 1),
FIELDOF_NORM(krb5_predicted_sam_response, kerberos_time, stime, 2),
FIELDOF_NORM(krb5_predicted_sam_response, int32, susec, 3),
FIELDOF_NORM(krb5_predicted_sam_response, realm_of_principal, client, 4),
FIELDOF_NORM(krb5_predicted_sam_response, principal, client, 5),
FIELDOF_OPT(krb5_predicted_sam_response, ostring_data, msd, 6, 6),
};
static unsigned int optional_predicted_sam_response(const void *p)
{
const krb5_predicted_sam_response *val = p;
unsigned int optional = 0;
if (val->msd.length > 0) optional |= (1u << 6);
return optional;
}
DEFSEQTYPE(predicted_sam_response, krb5_predicted_sam_response,
predicted_sam_response_fields,
optional_predicted_sam_response);
static const struct field_info krb5_authenticator_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELDOF_NORM(krb5_authenticator, realm_of_principal, client, 1),
FIELDOF_NORM(krb5_authenticator, principal, client, 2),
FIELDOF_OPT(krb5_authenticator, checksum_ptr, checksum, 3, 3),
FIELDOF_NORM(krb5_authenticator, int32, cusec, 4),
FIELDOF_NORM(krb5_authenticator, kerberos_time, ctime, 5),
FIELDOF_OPT(krb5_authenticator, ptr_encryption_key, subkey, 6, 6),
FIELDOF_OPT(krb5_authenticator, uint, seq_number, 7, 7),
FIELDOF_OPT(krb5_authenticator, auth_data_ptr, authorization_data, 8, 8),
};
static unsigned int optional_krb5_authenticator(const void *p)
{
const krb5_authenticator *val = p;
unsigned int optional = 0;
if (val->authorization_data != NULL && val->authorization_data[0] != NULL)
optional |= (1u << 8);
if (val->seq_number != 0)
optional |= (1u << 7);
if (val->subkey != NULL)
optional |= (1u << 6);
if (val->checksum != NULL)
optional |= (1u << 3);
return optional;
}
DEFSEQTYPE(untagged_krb5_authenticator, krb5_authenticator, krb5_authenticator_fields,
optional_krb5_authenticator);
DEFAPPTAGGEDTYPE(krb5_authenticator, 2, untagged_krb5_authenticator);
static const struct field_info enc_tkt_part_fields[] = {
FIELDOF_NORM(krb5_enc_tkt_part, krb5_flags, flags, 0),
FIELDOF_NORM(krb5_enc_tkt_part, ptr_encryption_key, session, 1),
FIELDOF_NORM(krb5_enc_tkt_part, realm_of_principal, client, 2),
FIELDOF_NORM(krb5_enc_tkt_part, principal, client, 3),
FIELDOF_NORM(krb5_enc_tkt_part, transited, transited, 4),
FIELDOF_NORM(krb5_enc_tkt_part, kerberos_time, times.authtime, 5),
FIELDOF_OPT(krb5_enc_tkt_part, kerberos_time, times.starttime, 6, 6),
FIELDOF_NORM(krb5_enc_tkt_part, kerberos_time, times.endtime, 7),
FIELDOF_OPT(krb5_enc_tkt_part, kerberos_time, times.renew_till, 8, 8),
FIELDOF_OPT(krb5_enc_tkt_part, ptr_seqof_host_addresses, caddrs, 9, 9),
FIELDOF_OPT(krb5_enc_tkt_part, auth_data_ptr, authorization_data, 10, 10),
};
static unsigned int optional_enc_tkt_part(const void *p)
{
const krb5_enc_tkt_part *val = p;
unsigned int optional = 0;
if (val->authorization_data != NULL && val->authorization_data[0] != NULL)
optional |= (1u << 10);
if (val->caddrs != NULL && val->caddrs[0] != NULL)
optional |= (1u << 9);
if (val->times.renew_till)
optional |= (1u << 8);
if (val->times.starttime)
optional |= (1u << 6);
return optional;
}
DEFSEQTYPE(untagged_enc_tkt_part, krb5_enc_tkt_part, enc_tkt_part_fields,
optional_enc_tkt_part);
DEFAPPTAGGEDTYPE(enc_tkt_part, 3, untagged_enc_tkt_part);
DEFAPPTAGGEDTYPE(enc_tgs_rep_part, 26, enc_kdc_rep_part);
static const struct field_info as_rep_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(KRB5_AS_REP, 1),
FIELDOF_OPT(krb5_kdc_rep, ptr_seqof_pa_data, padata, 2, 2),
FIELDOF_NORM(krb5_kdc_rep, realm_of_principal, client, 3),
FIELDOF_NORM(krb5_kdc_rep, principal, client, 4),
FIELDOF_NORM(krb5_kdc_rep, ticket_ptr, ticket, 5),
FIELDOF_NORM(krb5_kdc_rep, encrypted_data, enc_part, 6),
};
static unsigned int optional_as_rep(const void *p)
{
const krb5_kdc_rep *val = p;
unsigned int optional = 0;
if (val->padata != NULL && val->padata[0] != NULL)
optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(untagged_as_rep, krb5_kdc_rep, as_rep_fields, optional_as_rep);
DEFAPPTAGGEDTYPE(as_rep, 11, untagged_as_rep);
static const struct field_info tgs_rep_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(KRB5_TGS_REP, 1),
FIELDOF_OPT(krb5_kdc_rep, ptr_seqof_pa_data, padata, 2, 2),
FIELDOF_NORM(krb5_kdc_rep, realm_of_principal, client, 3),
FIELDOF_NORM(krb5_kdc_rep, principal, client, 4),
FIELDOF_NORM(krb5_kdc_rep, ticket_ptr, ticket, 5),
FIELDOF_NORM(krb5_kdc_rep, encrypted_data, enc_part, 6),
};
static unsigned int optional_tgs_rep(const void *p)
{
const krb5_kdc_rep *val = p;
unsigned int optional = 0;
if (val->padata != NULL && val->padata[0] != NULL)
optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(untagged_tgs_rep, krb5_kdc_rep, tgs_rep_fields, optional_tgs_rep);
DEFAPPTAGGEDTYPE(tgs_rep, 13, untagged_tgs_rep);
static const struct field_info ap_req_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_AP_REQ, 1),
FIELDOF_NORM(krb5_ap_req, krb5_flags, ap_options, 2),
FIELDOF_NORM(krb5_ap_req, ticket_ptr, ticket, 3),
FIELDOF_NORM(krb5_ap_req, encrypted_data, authenticator, 4),
};
DEFSEQTYPE(untagged_ap_req, krb5_ap_req, ap_req_fields, 0);
DEFAPPTAGGEDTYPE(ap_req, 14, untagged_ap_req);
static const struct field_info ap_rep_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_AP_REP, 1),
FIELDOF_NORM(krb5_ap_rep, encrypted_data, enc_part, 2),
};
DEFSEQTYPE(untagged_ap_rep, krb5_ap_rep, ap_rep_fields, 0);
DEFAPPTAGGEDTYPE(ap_rep, 15, untagged_ap_rep);
static const struct field_info ap_rep_enc_part_fields[] = {
FIELDOF_NORM(krb5_ap_rep_enc_part, kerberos_time, ctime, 0),
FIELDOF_NORM(krb5_ap_rep_enc_part, int32, cusec, 1),
FIELDOF_OPT(krb5_ap_rep_enc_part, ptr_encryption_key, subkey, 2, 2),
FIELDOF_OPT(krb5_ap_rep_enc_part, uint, seq_number, 3, 3),
};
static unsigned int optional_ap_rep_enc_part(const void *p)
{
const krb5_ap_rep_enc_part *val = p;
unsigned int optional = 0;
if (val->seq_number)
optional |= (1u << 3);
if (val->subkey != NULL)
optional |= (1u << 2);
return optional;
}
DEFSEQTYPE(untagged_ap_rep_enc_part, krb5_ap_rep_enc_part,
ap_rep_enc_part_fields, optional_ap_rep_enc_part);
DEFAPPTAGGEDTYPE(ap_rep_enc_part, 27, untagged_ap_rep_enc_part);
static const struct field_info as_req_fields[] = {
FIELD_INT_IMM(KVNO, 1),
FIELD_INT_IMM(KRB5_AS_REQ, 2),
FIELDOF_OPT(krb5_kdc_req, ptr_seqof_pa_data, padata, 3, 3),
FIELDOF_ENCODEAS(krb5_kdc_req, kdc_req_body, 4),
};
static unsigned int optional_as_req(const void *p)
{
const krb5_kdc_req *val = p;
unsigned int optional = 0;
if (val->padata != NULL && val->padata[0] != NULL)
optional |= (1u << 3);
return optional;
}
DEFSEQTYPE(untagged_as_req, krb5_kdc_req, as_req_fields, optional_as_req);
DEFAPPTAGGEDTYPE(as_req, 10, untagged_as_req);
static const struct field_info tgs_req_fields[] = {
FIELD_INT_IMM(KVNO, 1),
FIELD_INT_IMM(KRB5_TGS_REQ, 2),
FIELDOF_OPT(krb5_kdc_req, ptr_seqof_pa_data, padata, 3, 3),
FIELDOF_ENCODEAS(krb5_kdc_req, kdc_req_body, 4),
};
static unsigned int optional_tgs_req(const void *p)
{
const krb5_kdc_req *val = p;
unsigned int optional = 0;
if (val->padata != NULL && val->padata[0] != NULL)
optional |= (1u << 3);
return optional;
}
DEFSEQTYPE(untagged_tgs_req, krb5_kdc_req, tgs_req_fields,
optional_tgs_req);
DEFAPPTAGGEDTYPE(tgs_req, 12, untagged_tgs_req);
static const struct field_info krb5_safe_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_SAFE,1),
FIELD_SELF(krb_safe_body, 2),
FIELDOF_NORM(krb5_safe, checksum_ptr, checksum, 3),
};
DEFSEQTYPE(untagged_krb5_safe, krb5_safe, krb5_safe_fields, 0);
DEFAPPTAGGEDTYPE(krb5_safe, 20, untagged_krb5_safe);
DEFPTRTYPE(krb_saved_safe_body_ptr, opaque_data);
DEFFIELDTYPE(krb5_safe_checksum_only, krb5_safe,
FIELDOF_NORM(krb5_safe, checksum_ptr, checksum, -1));
DEFPTRTYPE(krb5_safe_checksum_only_ptr, krb5_safe_checksum_only);
static const struct field_info krb5_safe_with_body_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_SAFE,1),
FIELDOF_NORM(struct krb5_safe_with_body, krb_saved_safe_body_ptr, body, 2),
FIELDOF_NORM(struct krb5_safe_with_body, krb5_safe_checksum_only_ptr, safe, 3),
};
DEFSEQTYPE(untagged_krb5_safe_with_body, struct krb5_safe_with_body,
krb5_safe_with_body_fields, 0);
DEFAPPTAGGEDTYPE(krb5_safe_with_body, 20, untagged_krb5_safe_with_body);
static const struct field_info priv_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_PRIV, 1),
FIELDOF_NORM(krb5_priv, encrypted_data, enc_part, 3),
};
DEFSEQTYPE(untagged_priv, krb5_priv, priv_fields, 0);
DEFAPPTAGGEDTYPE(krb5_priv, 21, untagged_priv);
static const struct field_info priv_enc_part_fields[] = {
FIELDOF_NORM(krb5_priv_enc_part, ostring_data, user_data, 0),
FIELDOF_OPT(krb5_priv_enc_part, kerberos_time, timestamp, 1, 1),
FIELDOF_OPT(krb5_priv_enc_part, int32, usec, 2, 2),
FIELDOF_OPT(krb5_priv_enc_part, uint, seq_number, 3, 3),
FIELDOF_NORM(krb5_priv_enc_part, address_ptr, s_address, 4),
FIELDOF_OPT(krb5_priv_enc_part, address_ptr, r_address, 5, 5),
};
static unsigned int optional_priv_enc_part(const void *p)
{
const krb5_priv_enc_part *val = p;
unsigned int optional = 0;
if (val->timestamp) {
optional |= (1u << 2);
optional |= (1u << 1);
}
if (val->seq_number)
optional |= (1u << 3);
if (val->r_address)
optional |= (1u << 5);
return optional;
}
DEFSEQTYPE(untagged_priv_enc_part, krb5_priv_enc_part, priv_enc_part_fields,
optional_priv_enc_part);
DEFAPPTAGGEDTYPE(priv_enc_part, 28, untagged_priv_enc_part);
static const struct field_info cred_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_CRED, 1),
FIELDOF_NORM(krb5_cred, ptr_seqof_ticket, tickets, 2),
FIELDOF_NORM(krb5_cred, encrypted_data, enc_part, 3),
};
DEFSEQTYPE(untagged_cred, krb5_cred, cred_fields, 0);
DEFAPPTAGGEDTYPE(krb5_cred, 22, untagged_cred);
static const struct field_info enc_cred_part_fields[] = {
FIELDOF_NORM(krb5_cred_enc_part, ptrseqof_cred_info, ticket_info, 0),
FIELDOF_OPT(krb5_cred_enc_part, int32, nonce, 1, 1),
FIELDOF_OPT(krb5_cred_enc_part, kerberos_time, timestamp, 2, 2),
FIELDOF_OPT(krb5_cred_enc_part, int32, usec, 3, 3),
FIELDOF_OPT(krb5_cred_enc_part, address_ptr, s_address, 4, 4),
FIELDOF_OPT(krb5_cred_enc_part, address_ptr, r_address, 5, 5),
};
static unsigned int optional_enc_cred_part(const void *p)
{
const krb5_cred_enc_part *val = p;
unsigned int optional = 0;
if (val->r_address != NULL)
optional |= (1u << 5);
if (val->s_address != NULL)
optional |= (1u << 4);
if (val->timestamp) {
optional |= (1u << 2);
optional |= (1u << 3);
}
if (val->nonce)
optional |= (1u << 1);
return optional;
}
DEFSEQTYPE(untagged_enc_cred_part, krb5_cred_enc_part, enc_cred_part_fields,
optional_enc_cred_part);
DEFAPPTAGGEDTYPE(enc_cred_part, 29, untagged_enc_cred_part);
static const struct field_info error_fields[] = {
FIELD_INT_IMM(KVNO, 0),
FIELD_INT_IMM(ASN1_KRB_ERROR, 1),
FIELDOF_OPT(krb5_error, kerberos_time, ctime, 2, 2),
FIELDOF_OPT(krb5_error, int32, cusec, 3, 3),
FIELDOF_NORM(krb5_error, kerberos_time, stime, 4),
FIELDOF_NORM(krb5_error, int32, susec, 5),
FIELDOF_NORM(krb5_error, ui_4, error, 6),
FIELDOF_OPT(krb5_error, realm_of_principal, client, 7, 7),
FIELDOF_OPT(krb5_error, principal, client, 8, 8),
FIELDOF_NORM(krb5_error, realm_of_principal, server, 9),
FIELDOF_NORM(krb5_error, principal, server, 10),
FIELDOF_OPT(krb5_error, gstring_data, text, 11, 11),
FIELDOF_OPT(krb5_error, ostring_data, e_data, 12, 12),
};
static unsigned int optional_error(const void *p)
{
const krb5_error *val = p;
unsigned int optional = 0;
if (val->ctime)
optional |= (1u << 2);
if (val->cusec)
optional |= (1u << 3);
if (val->client) {
optional |= (1u << 7);
optional |= (1u << 8);
}
if (val->text.data != NULL && val->text.length > 0)
optional |= (1u << 11);
if (val->e_data.data != NULL && val->e_data.length > 0)
optional |= (1u << 12);
return optional;
}
DEFSEQTYPE(untagged_krb5_error, krb5_error, error_fields, optional_error);
DEFAPPTAGGEDTYPE(krb5_error, 30, untagged_krb5_error);
static const struct field_info alt_method_fields[] = {
FIELDOF_NORM(krb5_alt_method, int32, method, 0),
FIELDOF_OPTSTRING(krb5_alt_method, octetstring, data, length, 1, 1),
};
static unsigned int
optional_alt_method(const void *p)
{
const krb5_alt_method *a = p;
unsigned int optional = 0;
if (a->data != NULL && a->length > 0)
optional |= (1u << 1);
return optional;
}
DEFSEQTYPE(alt_method, krb5_alt_method, alt_method_fields, optional_alt_method);
static const struct field_info pa_enc_ts_fields[] = {
FIELDOF_NORM(krb5_pa_enc_ts, kerberos_time, patimestamp, 0),
FIELDOF_OPT(krb5_pa_enc_ts, int32, pausec, 1, 1),
};
static unsigned int
optional_pa_enc_ts(const void *p)
{
const krb5_pa_enc_ts *val = p;
unsigned int optional = 0;
if (val->pausec)
optional |= (1u << 1);
return optional;
}
DEFSEQTYPE(pa_enc_ts, krb5_pa_enc_ts, pa_enc_ts_fields, optional_pa_enc_ts);
static const struct field_info pwd_data_fields[] = {
FIELDOF_NORM(krb5_pwd_data, int32, sequence_count, 0),
FIELDOF_NORM(krb5_pwd_data, ptr_seqof_passwdsequence, element, 1),
};
DEFSEQTYPE(pwd_data, krb5_pwd_data, pwd_data_fields, 0);
static const struct field_info setpw_req_fields[] = {
FIELDOF_NORM(struct krb5_setpw_req, ostring_data, password, 0),
FIELDOF_NORM(struct krb5_setpw_req, principal, target, 1),
FIELDOF_NORM(struct krb5_setpw_req, realm_of_principal, target, 2),
};
DEFSEQTYPE(setpw_req, struct krb5_setpw_req, setpw_req_fields, 0);
MAKE_FULL_ENCODER(encode_krb5_authenticator, krb5_authenticator);
MAKE_FULL_ENCODER(encode_krb5_ticket, ticket);
MAKE_FULL_ENCODER(encode_krb5_encryption_key, encryption_key);
MAKE_FULL_ENCODER(encode_krb5_enc_tkt_part, enc_tkt_part);
MAKE_FULL_ENCODER(encode_krb5_enc_kdc_rep_part, enc_tgs_rep_part);
MAKE_FULL_ENCODER(encode_krb5_as_rep, as_rep);
MAKE_FULL_ENCODER(encode_krb5_tgs_rep, tgs_rep);
MAKE_FULL_ENCODER(encode_krb5_ap_req, ap_req);
MAKE_FULL_ENCODER(encode_krb5_ap_rep, ap_rep);
MAKE_FULL_ENCODER(encode_krb5_ap_rep_enc_part, ap_rep_enc_part);
MAKE_FULL_ENCODER(encode_krb5_as_req, as_req);
MAKE_FULL_ENCODER(encode_krb5_tgs_req, tgs_req);
MAKE_FULL_ENCODER(encode_krb5_kdc_req_body, kdc_req_body);
MAKE_FULL_ENCODER(encode_krb5_safe, krb5_safe);
MAKE_FULL_ENCODER(encode_krb5_safe_with_body, krb5_safe_with_body);
MAKE_FULL_ENCODER(encode_krb5_priv, krb5_priv);
MAKE_FULL_ENCODER(encode_krb5_enc_priv_part, priv_enc_part);
MAKE_FULL_ENCODER(encode_krb5_cred, krb5_cred);
MAKE_FULL_ENCODER(encode_krb5_enc_cred_part, enc_cred_part);
MAKE_FULL_ENCODER(encode_krb5_error, krb5_error);
MAKE_FULL_ENCODER(encode_krb5_authdata, auth_data);
MAKE_FULL_ENCODER(encode_krb5_authdata_elt, authdata_elt);
MAKE_FULL_ENCODER(encode_krb5_alt_method, alt_method);
MAKE_FULL_ENCODER(encode_krb5_etype_info, etype_info);
MAKE_FULL_ENCODER(encode_krb5_etype_info2, etype_info2);
MAKE_FULL_ENCODER(encode_krb5_enc_data, encrypted_data);
MAKE_FULL_ENCODER(encode_krb5_pa_enc_ts, pa_enc_ts);
MAKE_FULL_ENCODER(encode_krb5_pwd_sequence, passwdsequence);
MAKE_FULL_ENCODER(encode_krb5_pwd_data, pwd_data);
MAKE_FULL_ENCODER(encode_krb5_padata_sequence, seq_of_pa_data);
MAKE_FULL_ENCODER(encode_krb5_sam_challenge, sam_challenge);
#if 0
MAKE_FULL_ENCODER(encode_krb5_sam_challenge_2, sam_challenge_2);
MAKE_FULL_ENCODER(encode_krb5_sam_challenge_2_body,
sam_challenge_2_body);
#endif
MAKE_FULL_ENCODER(encode_krb5_sam_key, sam_key);
MAKE_FULL_ENCODER(encode_krb5_enc_sam_response_enc,
enc_sam_response_enc);
MAKE_FULL_ENCODER(encode_krb5_enc_sam_response_enc_2,
enc_sam_response_enc_2);
MAKE_FULL_ENCODER(encode_krb5_sam_response, sam_response);
MAKE_FULL_ENCODER(encode_krb5_sam_response_2, sam_response_2);
MAKE_FULL_ENCODER(encode_krb5_predicted_sam_response,
predicted_sam_response);
MAKE_FULL_ENCODER(encode_krb5_setpw_req, setpw_req);
#ifndef DISABLE_PKINIT
#if 0
How to write an asn1 encoder function using these macros:
asn1_error_code asn1_encode_krb5_substructure(asn1buf *buf,
const krb5_type *val,
int *retlen)
{
asn1_setup();
asn1_addfield(val->last_field, n, asn1_type);
asn1_addfield(rep->next_to_last_field, n-1, asn1_type);
...
if (rep->field_i == should_not_be_omitted)
asn1_addfield(rep->field_i, i, asn1_type);
addlenfield(rep->field_length, rep->field, i-1, asn1_type);
retval = asn1_encode_asn1_type(buf,rep->field,&length);
if (retval) return retval;
sum += length;
retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, tag_number, length,
&length);
if (retval) return retval;
sum += length;
...
asn1_addfield(rep->second_field, 1, asn1_type);
asn1_addfield(rep->first_field, 0, asn1_type);
asn1_makeseq();
asn1_cleanup();
}
#endif
#define asn1_addlenfield(len,value,tag,encoder)\
{ unsigned int length; \
retval = encoder(buf,len,value,&length); \
if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length;\
retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
if (retval) {\
asn1buf_destroy(&buf);\
return retval; }\
sum += length; }
#define asn1_addfield_implicit(value,tag,encoder)\
{ unsigned int length;\
retval = encoder(buf,value,&length);\
if (retval) {\
return retval; }\
sum += length;\
retval = asn1_make_tag(buf,CONTEXT_SPECIFIC,PRIMITIVE,tag,length,&length); \
if (retval) {\
return retval; }\
sum += length; }
#define asn1_insert_implicit_octetstring(len,value,tag)\
{ unsigned int length;\
retval = asn1buf_insert_octetstring(buf,len,value);\
if (retval) {\
return retval; }\
sum += len;\
retval = asn1_make_tag(buf,CONTEXT_SPECIFIC,PRIMITIVE,tag,len,&length); \
if (retval) {\
return retval; }\
sum += length; }
#define asn1_insert_implicit_bitstring(len,value,tag)\
{ retval = asn1buf_insert_octetstring(buf,len,value); \
if (retval) {\
return retval; }\
sum += len;\
retval = asn1buf_insert_octet(buf, 0);\
if (retval) {\
return retval; }\
sum++;\
retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,tag,len+1,&length); \
if (retval) {\
return retval; }\
sum += length; }
MAKE_ENCFN(asn1_encode_realm, realm_of_principal_data);
MAKE_ENCFN(asn1_encode_principal_name, principal_data);
MAKE_ENCFN(asn1_encode_encryption_key, encryption_key);
MAKE_ENCFN(asn1_encode_checksum, checksum);
static asn1_error_code
asn1_encode_kerberos_time(asn1buf *buf, const krb5_timestamp val,
unsigned int *retlen)
{
return asn1_encode_kerberos_time_at(buf,&val,retlen);
}
asn1_error_code asn1_encode_pk_authenticator(asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen)
{
asn1_setup();
asn1_addlenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_encode_octetstring);
asn1_addfield(val->nonce, 2, asn1_encode_integer);
asn1_addfield(val->ctime, 1, asn1_encode_kerberos_time);
asn1_addfield(val->cusec, 0, asn1_encode_integer);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_pk_authenticator_draft9(asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen)
{
asn1_setup();
asn1_addfield(val->nonce, 4, asn1_encode_integer);
asn1_addfield(val->ctime, 3, asn1_encode_kerberos_time);
asn1_addfield(val->cusec, 2, asn1_encode_integer);
asn1_addfield(val->kdcName, 1, asn1_encode_realm);
asn1_addfield(val->kdcName, 0, asn1_encode_principal_name);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_algorithm_identifier(asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen)
{
asn1_setup();
if (val->parameters.length != 0) {
retval = asn1buf_insert_octetstring(buf, val->parameters.length,
val->parameters.data);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
sum += val->parameters.length;
}
{
unsigned int length;
retval = asn1_encode_oid(buf, val->algorithm.length,
val->algorithm.data,
&length);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_subject_pk_info(asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen)
{
asn1_setup();
{
unsigned int length;
asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
}
if (val->algorithm.parameters.length != 0) {
unsigned int length;
retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length,
val->algorithm.parameters.data);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
sum += val->algorithm.parameters.length;
retval = asn1_encode_oid(buf, val->algorithm.algorithm.length,
val->algorithm.algorithm.data,
&length);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
sum += length;
retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE,
val->algorithm.parameters.length + length,
&length);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_algorithm_identifier(asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen)
{
asn1_setup();
int i;
if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
unsigned int length;
retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
if (retval) return retval;
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_auth_pack(asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen)
{
asn1_setup();
if (val->clientDHNonce.length != 0)
asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
if (val->supportedCMSTypes != NULL)
asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
if (val->clientPublicValue != NULL)
asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_auth_pack_draft9(asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen)
{
asn1_setup();
if (val->clientPublicValue != NULL)
asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_external_principal_identifier(asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen)
{
asn1_setup();
if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
return ASN1_MISSING_FIELD;
if (val->subjectKeyIdentifier.length != 0)
asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
if (val->issuerAndSerialNumber.length != 0)
asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
if (val->subjectName.length != 0)
asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_external_principal_identifier(asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen)
{
asn1_setup();
int i;
if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
unsigned int length;
retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
if (retval) return retval;
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_req(asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen)
{
asn1_setup();
if (val->kdcPkId.length != 0)
asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
if (val->trustedCertifiers != NULL)
asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_trusted_ca(asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen)
{
asn1_setup();
switch (val->choice) {
case choice_trusted_cas_issuerAndSerial:
asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
break;
case choice_trusted_cas_caName:
asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
break;
case choice_trusted_cas_principalName:
asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
break;
default:
return ASN1_MISSING_FIELD;
}
asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_trusted_ca(asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen)
{
asn1_setup();
int i;
if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
unsigned int length;
retval = asn1_encode_trusted_ca(buf,val[i],&length);
if (retval) return retval;
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_req_draft9(asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen)
{
asn1_setup();
if (val->encryptionCert.length != 0)
asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
if (val->kdcCert.length != 0)
asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
if (val->trustedCertifiers != NULL)
asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_dh_rep_info(asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen)
{
asn1_setup();
if (val->serverDHNonce.length != 0)
asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_kdc_dh_key_info(asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen)
{
asn1_setup();
if (val->dhKeyExpiration != 0)
asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
asn1_addfield(val->nonce, 1, asn1_encode_integer);
{
unsigned int length;
asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
val->subjectPublicKey.length + 1 + length,
&length);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_reply_key_pack(asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen)
{
asn1_setup();
asn1_addfield(&(val->asChecksum), 1, asn1_encode_checksum);
asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_reply_key_pack_draft9(asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen)
{
asn1_setup();
asn1_addfield(val->nonce, 1, asn1_encode_integer);
asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_rep(asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen)
{
asn1_setup();
switch (val->choice)
{
case choice_pa_pk_as_rep_dhInfo:
asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
break;
case choice_pa_pk_as_rep_encKeyPack:
asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
break;
default:
return ASN1_MISSING_FIELD;
}
asn1_cleanup();
}
asn1_error_code asn1_encode_pa_pk_as_rep_draft9(asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen)
{
asn1_setup();
switch (val->choice)
{
case choice_pa_pk_as_rep_draft9_dhSignedData:
asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
break;
case choice_pa_pk_as_rep_encKeyPack:
asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
break;
default:
return ASN1_MISSING_FIELD;
}
asn1_cleanup();
}
asn1_error_code asn1_encode_td_trusted_certifiers(asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen)
{
asn1_setup();
{
unsigned int length;
retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
if (retval) {
asn1buf_destroy(&buf);
return retval;
}
}
asn1_cleanup();
}
asn1_error_code asn1_encode_sequence_of_typed_data(asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen)
{
asn1_setup();
int i;
if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
for (i=0; val[i] != NULL; i++);
for (i--; i>=0; i--) {
unsigned int length;
retval = asn1_encode_typed_data(buf,val[i],&length);
if (retval) return retval;
sum += length;
}
asn1_makeseq();
asn1_cleanup();
}
asn1_error_code asn1_encode_typed_data(asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen)
{
asn1_setup();
asn1_addlenfield(val->length, val->data, 1, asn1_encode_octetstring);
asn1_addfield(val->type, 0, asn1_encode_integer);
asn1_makeseq();
asn1_cleanup();
}
#endif