aboutsummaryrefslogtreecommitdiff
path: root/src/lib/krb5/asn.1/krb5_decode.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5/asn.1/krb5_decode.c')
-rw-r--r--src/lib/krb5/asn.1/krb5_decode.c62
1 files changed, 58 insertions, 4 deletions
diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c
index 03a3029..596997f 100644
--- a/src/lib/krb5/asn.1/krb5_decode.c
+++ b/src/lib/krb5/asn.1/krb5_decode.c
@@ -90,6 +90,7 @@ if((var) == NULL) clean_return(ENOMEM)
construction = t2.construction; \
tagnum = t2.tagnum; \
indef = t2.indef; \
+ taglen = t2.length; \
}
#define get_eoc() \
@@ -107,6 +108,7 @@ if((var) == NULL) clean_return(ENOMEM)
/* decode sequence header and initialize tagnum with the first field */
#define begin_structure()\
+unsigned int taglen;\
asn1buf subbuf;\
int seqindef;\
int indef;\
@@ -219,7 +221,7 @@ krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authentica
get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
if(tagnum == 6){ alloc_field((*rep)->subkey,krb5_keyblock); }
opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
- opt_field((*rep)->seq_number,7,asn1_decode_int32);
+ opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
(*rep)->magic = KV5M_AUTHENTICATOR;
end_structure();
@@ -440,7 +442,7 @@ krb5_error_code decode_krb5_ap_rep_enc_part(const krb5_data *code, krb5_ap_rep_e
get_field((*rep)->cusec,1,asn1_decode_int32);
if(tagnum == 2){ alloc_field((*rep)->subkey,krb5_keyblock); }
opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
- opt_field((*rep)->seq_number,3,asn1_decode_int32);
+ opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
end_structure();
(*rep)->magic = KV5M_AP_REP_ENC_PART;
}
@@ -494,8 +496,26 @@ krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **r
cleanup(free);
}
-krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep)
+/*
+ * decode_krb5_safe_with_body
+ *
+ * Like decode_krb5_safe(), but grabs the encoding of the
+ * KRB-SAFE-BODY as well, in case re-encoding would produce a
+ * different encoding. (Yes, we're using DER, but there's this
+ * annoying problem with pre-1.3.x code using signed sequence numbers,
+ * which we permissively decode and cram into unsigned 32-bit numbers.
+ * When they're re-encoded, they're no longer negative if they started
+ * out negative, so checksum verification fails.)
+ *
+ * This does *not* perform any copying; the returned pointer to the
+ * encoded KRB-SAFE-BODY points into the input buffer.
+ */
+krb5_error_code decode_krb5_safe_with_body(
+ const krb5_data *code,
+ krb5_safe **rep,
+ krb5_data *body)
{
+ krb5_data tmpbody;
setup();
alloc_field(*rep,krb5_safe);
clear_field(rep,checksum);
@@ -511,12 +531,26 @@ krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep)
if(msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
#endif
}
+ /*
+ * Gross kludge to extract pointer to encoded safe-body. Relies
+ * on tag prefetch done by next_tag(). Don't handle indefinite
+ * encoding, as it's too much work.
+ */
+ if (!indef) {
+ tmpbody.length = taglen;
+ tmpbody.data = subbuf.next;
+ } else {
+ tmpbody.length = 0;
+ tmpbody.data = NULL;
+ }
get_field(**rep,2,asn1_decode_krb_safe_body);
alloc_field((*rep)->checksum,krb5_checksum);
get_field(*((*rep)->checksum),3,asn1_decode_checksum);
(*rep)->magic = KV5M_SAFE;
end_structure();
}
+ if (body != NULL)
+ *body = tmpbody;
cleanup_manual();
error_out:
if (rep && *rep) {
@@ -526,6 +560,11 @@ error_out:
return retval;
}
+krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep)
+{
+ return decode_krb5_safe_with_body(code, rep, NULL);
+}
+
krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep)
{
setup();
@@ -561,7 +600,7 @@ krb5_error_code decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_p
get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
opt_field((*rep)->usec,2,asn1_decode_int32);
- opt_field((*rep)->seq_number,3,asn1_decode_int32);
+ opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
alloc_field((*rep)->s_address,krb5_address);
get_field(*((*rep)->s_address),4,asn1_decode_host_address);
if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
@@ -744,6 +783,21 @@ krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_en
cleanup_none(); /* we're not allocating anything here */
}
+krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
+{
+ setup_buf_only();
+ *rep = 0;
+ retval = asn1_decode_etype_info2(&buf,rep, 0);
+ if (retval == ASN1_BAD_ID) {
+ retval = asn1buf_wrap_data(&buf,code);
+ if(retval) clean_return(retval);
+ retval = asn1_decode_etype_info2(&buf, rep, 1);
+ }
+ if(retval) clean_return(retval);
+ cleanup_none(); /* we're not allocating anything here */
+}
+
+
krb5_error_code decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **rep)
{
setup_buf_only();
generated by cgit v1.1 at 2024-08-01 10:08:48 +0000