source: vendor/current/libcli/auth/spnego_parse.c

Last change on this file was 988, checked in by Silvan Scherrer, 9 years ago

Samba Server: update vendor to version 4.4.3
File size: 11.7 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3
4 RFC2478 Compliant SPNEGO implementation
5
6 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21*/
22
23#include "includes.h"
24#include "../libcli/auth/spnego.h"
25#include "../lib/util/asn1.h"
26
27static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
28 struct spnego_negTokenInit *token)
29{
30 ZERO_STRUCTP(token);
31
32 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
33 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
34
35 while (!asn1_has_error(asn1) && 0 < asn1_tag_remaining(asn1)) {
36 int i;
37 uint8_t context;
38
39 if (!asn1_peek_uint8(asn1, &context)) {
40 asn1_set_error(asn1);
41 break;
42 }
43
44 switch (context) {
45 /* Read mechTypes */
46 case ASN1_CONTEXT(0): {
47 const char **mechTypes;
48
49 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
50 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
51
52 mechTypes = talloc(mem_ctx, const char *);
53 if (mechTypes == NULL) {
54 asn1_set_error(asn1);
55 return false;
56 }
57 for (i = 0; !asn1_has_error(asn1) &&
58 0 < asn1_tag_remaining(asn1); i++) {
59 char *oid;
60 const char **p;
61 p = talloc_realloc(mem_ctx,
62 mechTypes,
63 const char *, i+2);
64 if (p == NULL) {
65 talloc_free(mechTypes);
66 asn1_set_error(asn1);
67 return false;
68 }
69 mechTypes = p;
70
71 if (!asn1_read_OID(asn1, mechTypes, &oid)) return false;
72 mechTypes[i] = oid;
73 }
74 mechTypes[i] = NULL;
75 token->mechTypes = mechTypes;
76
77 asn1_end_tag(asn1);
78 asn1_end_tag(asn1);
79 break;
80 }
81 /* Read reqFlags */
82 case ASN1_CONTEXT(1):
83 if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
84 if (!asn1_read_BitString(asn1, mem_ctx, &token->reqFlags,
85 &token->reqFlagsPadding)) return false;
86 if (!asn1_end_tag(asn1)) return false;
87 break;
88 /* Read mechToken */
89 case ASN1_CONTEXT(2):
90 if (!asn1_start_tag(asn1, ASN1_CONTEXT(2))) return false;
91 if (!asn1_read_OctetString(asn1, mem_ctx, &token->mechToken)) return false;
92 if (!asn1_end_tag(asn1)) return false;
93 break;
94 /* Read mecListMIC */
95 case ASN1_CONTEXT(3):
96 {
97 uint8_t type_peek;
98 if (!asn1_start_tag(asn1, ASN1_CONTEXT(3))) return false;
99 if (!asn1_peek_uint8(asn1, &type_peek)) {
100 asn1_set_error(asn1);
101 break;
102 }
103 if (type_peek == ASN1_OCTET_STRING) {
104 if (!asn1_read_OctetString(asn1, mem_ctx,
105 &token->mechListMIC)) return false;
106 } else {
107 /* RFC 2478 says we have an Octet String here,
108 but W2k sends something different... */
109 char *mechListMIC;
110 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
111 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
112 if (!asn1_read_GeneralString(asn1, mem_ctx, &mechListMIC)) return false;
113 if (!asn1_end_tag(asn1)) return false;
114 if (!asn1_end_tag(asn1)) return false;
115
116 token->targetPrincipal = mechListMIC;
117 }
118 if (!asn1_end_tag(asn1)) return false;
119 break;
120 }
121 default:
122 asn1_set_error(asn1);
123 break;
124 }
125 }
126
127 if (!asn1_end_tag(asn1)) return false;
128 if (!asn1_end_tag(asn1)) return false;
129
130 return !asn1_has_error(asn1);
131}
132
133static bool write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
134{
135 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
136 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
137
138 /* Write mechTypes */
139 if (token->mechTypes && *token->mechTypes) {
140 int i;
141
142 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
143 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
144 for (i = 0; token->mechTypes[i]; i++) {
145 if (!asn1_write_OID(asn1, token->mechTypes[i])) return false;
146 }
147 if (!asn1_pop_tag(asn1)) return false;
148 if (!asn1_pop_tag(asn1)) return false;
149 }
150
151 /* write reqFlags */
152 if (token->reqFlags.length > 0) {
153 if (!asn1_push_tag(asn1, ASN1_CONTEXT(1))) return false;
154 if (!asn1_write_BitString(asn1, token->reqFlags.data,
155 token->reqFlags.length,
156 token->reqFlagsPadding)) return false;
157 if (!asn1_pop_tag(asn1)) return false;
158 }
159
160 /* write mechToken */
161 if (token->mechToken.data) {
162 if (!asn1_push_tag(asn1, ASN1_CONTEXT(2))) return false;
163 if (!asn1_write_OctetString(asn1, token->mechToken.data,
164 token->mechToken.length)) return false;
165 if (!asn1_pop_tag(asn1)) return false;
166 }
167
168 /* write mechListMIC */
169 if (token->mechListMIC.data) {
170 if (!asn1_push_tag(asn1, ASN1_CONTEXT(3))) return false;
171#if 0
172 /* This is what RFC 2478 says ... */
173 asn1_write_OctetString(asn1, token->mechListMIC.data,
174 token->mechListMIC.length);
175#else
176 /* ... but unfortunately this is what Windows
177 sends/expects */
178 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
179 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
180 if (!asn1_push_tag(asn1, ASN1_GENERAL_STRING)) return false;
181 if (!asn1_write(asn1, token->mechListMIC.data,
182 token->mechListMIC.length)) return false;
183 if (!asn1_pop_tag(asn1)) return false;
184 if (!asn1_pop_tag(asn1)) return false;
185 if (!asn1_pop_tag(asn1)) return false;
186#endif
187 if (!asn1_pop_tag(asn1)) return false;
188 }
189
190 if (!asn1_pop_tag(asn1)) return false;
191 if (!asn1_pop_tag(asn1)) return false;
192
193 return !asn1_has_error(asn1);
194}
195
196static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
197 struct spnego_negTokenTarg *token)
198{
199 ZERO_STRUCTP(token);
200
201 if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
202 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
203
204 while (!asn1_has_error(asn1) && 0 < asn1_tag_remaining(asn1)) {
205 uint8_t context;
206 uint8_t neg_result;
207 char *oid;
208
209 if (!asn1_peek_uint8(asn1, &context)) {
210 asn1_set_error(asn1);
211 break;
212 }
213
214 switch (context) {
215 case ASN1_CONTEXT(0):
216 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
217 if (!asn1_start_tag(asn1, ASN1_ENUMERATED)) return false;
218 if (!asn1_read_uint8(asn1, &neg_result)) return false;
219 token->negResult = neg_result;
220 if (!asn1_end_tag(asn1)) return false;
221 if (!asn1_end_tag(asn1)) return false;
222 break;
223 case ASN1_CONTEXT(1):
224 if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
225 if (!asn1_read_OID(asn1, mem_ctx, &oid)) return false;
226 token->supportedMech = oid;
227 if (!asn1_end_tag(asn1)) return false;
228 break;
229 case ASN1_CONTEXT(2):
230 if (!asn1_start_tag(asn1, ASN1_CONTEXT(2))) return false;
231 if (!asn1_read_OctetString(asn1, mem_ctx, &token->responseToken)) return false;
232 if (!asn1_end_tag(asn1)) return false;
233 break;
234 case ASN1_CONTEXT(3):
235 if (!asn1_start_tag(asn1, ASN1_CONTEXT(3))) return false;
236 if (!asn1_read_OctetString(asn1, mem_ctx, &token->mechListMIC)) return false;
237 if (!asn1_end_tag(asn1)) return false;
238 break;
239 default:
240 asn1_set_error(asn1);
241 break;
242 }
243 }
244
245 if (!asn1_end_tag(asn1)) return false;
246 if (!asn1_end_tag(asn1)) return false;
247
248 return !asn1_has_error(asn1);
249}
250
251static bool write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
252{
253 if (!asn1_push_tag(asn1, ASN1_CONTEXT(1))) return false;
254 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
255
256 if (token->negResult != SPNEGO_NONE_RESULT) {
257 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
258 if (!asn1_write_enumerated(asn1, token->negResult)) return false;
259 if (!asn1_pop_tag(asn1)) return false;
260 }
261
262 if (token->supportedMech) {
263 if (!asn1_push_tag(asn1, ASN1_CONTEXT(1))) return false;
264 if (!asn1_write_OID(asn1, token->supportedMech)) return false;
265 if (!asn1_pop_tag(asn1)) return false;
266 }
267
268 if (token->responseToken.data) {
269 if (!asn1_push_tag(asn1, ASN1_CONTEXT(2))) return false;
270 if (!asn1_write_OctetString(asn1, token->responseToken.data,
271 token->responseToken.length)) return false;
272 if (!asn1_pop_tag(asn1)) return false;
273 }
274
275 if (token->mechListMIC.data) {
276 if (!asn1_push_tag(asn1, ASN1_CONTEXT(3))) return false;
277 if (!asn1_write_OctetString(asn1, token->mechListMIC.data,
278 token->mechListMIC.length)) return false;
279 if (!asn1_pop_tag(asn1)) return false;
280 }
281
282 if (!asn1_pop_tag(asn1)) return false;
283 if (!asn1_pop_tag(asn1)) return false;
284
285 return !asn1_has_error(asn1);
286}
287
288ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data *token)
289{
290 struct asn1_data *asn1;
291 ssize_t ret = -1;
292 uint8_t context;
293
294 ZERO_STRUCTP(token);
295
296 if (data.length == 0) {
297 return ret;
298 }
299
300 asn1 = asn1_init(mem_ctx);
301 if (asn1 == NULL) {
302 return -1;
303 }
304
305 if (!asn1_load(asn1, data)) goto err;
306
307 if (!asn1_peek_uint8(asn1, &context)) {
308 asn1_set_error(asn1);
309 } else {
310 switch (context) {
311 case ASN1_APPLICATION(0):
312 if (!asn1_start_tag(asn1, ASN1_APPLICATION(0))) goto err;
313 if (!asn1_check_OID(asn1, OID_SPNEGO)) goto err;
314 if (read_negTokenInit(asn1, mem_ctx, &token->negTokenInit)) {
315 token->type = SPNEGO_NEG_TOKEN_INIT;
316 }
317 if (!asn1_end_tag(asn1)) goto err;
318 break;
319 case ASN1_CONTEXT(1):
320 if (read_negTokenTarg(asn1, mem_ctx, &token->negTokenTarg)) {
321 token->type = SPNEGO_NEG_TOKEN_TARG;
322 }
323 break;
324 default:
325 asn1_set_error(asn1);
326 break;
327 }
328 }
329
330 if (!asn1_has_error(asn1)) {
331 ret = asn1_current_ofs(asn1);
332 }
333
334 err:
335
336 asn1_free(asn1);
337
338 return ret;
339}
340
341ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_data *spnego)
342{
343 struct asn1_data *asn1 = asn1_init(mem_ctx);
344 ssize_t ret = -1;
345
346 if (asn1 == NULL) {
347 return -1;
348 }
349
350 switch (spnego->type) {
351 case SPNEGO_NEG_TOKEN_INIT:
352 if (!asn1_push_tag(asn1, ASN1_APPLICATION(0))) goto err;
353 if (!asn1_write_OID(asn1, OID_SPNEGO)) goto err;
354 if (!write_negTokenInit(asn1, &spnego->negTokenInit)) goto err;
355 if (!asn1_pop_tag(asn1)) goto err;
356 break;
357 case SPNEGO_NEG_TOKEN_TARG:
358 write_negTokenTarg(asn1, &spnego->negTokenTarg);
359 break;
360 default:
361 asn1_set_error(asn1);
362 break;
363 }
364
365 if (!asn1_extract_blob(asn1, mem_ctx, blob)) {
366 goto err;
367 }
368
369 ret = asn1_current_ofs(asn1);
370
371 err:
372
373 asn1_free(asn1);
374
375 return ret;
376}
377
378bool spnego_free_data(struct spnego_data *spnego)
379{
380 bool ret = true;
381
382 if (!spnego) goto out;
383
384 switch(spnego->type) {
385 case SPNEGO_NEG_TOKEN_INIT:
386 if (spnego->negTokenInit.mechTypes) {
387 talloc_free(discard_const(spnego->negTokenInit.mechTypes));
388 }
389 data_blob_free(&spnego->negTokenInit.reqFlags);
390 data_blob_free(&spnego->negTokenInit.mechToken);
391 data_blob_free(&spnego->negTokenInit.mechListMIC);
392 talloc_free(spnego->negTokenInit.targetPrincipal);
393 break;
394 case SPNEGO_NEG_TOKEN_TARG:
395 if (spnego->negTokenTarg.supportedMech) {
396 talloc_free(discard_const(spnego->negTokenTarg.supportedMech));
397 }
398 data_blob_free(&spnego->negTokenTarg.responseToken);
399 data_blob_free(&spnego->negTokenTarg.mechListMIC);
400 break;
401 default:
402 ret = false;
403 break;
404 }
405 ZERO_STRUCTP(spnego);
406out:
407 return ret;
408}
409
410bool spnego_write_mech_types(TALLOC_CTX *mem_ctx,
411 const char * const *mech_types,
412 DATA_BLOB *blob)
413{
414 bool ret = false;
415 struct asn1_data *asn1 = asn1_init(mem_ctx);
416
417 if (asn1 == NULL) {
418 return false;
419 }
420
421 /* Write mechTypes */
422 if (mech_types && *mech_types) {
423 int i;
424
425 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) goto err;
426 for (i = 0; mech_types[i]; i++) {
427 if (!asn1_write_OID(asn1, mech_types[i])) goto err;
428 }
429 if (!asn1_pop_tag(asn1)) goto err;
430 }
431
432 if (asn1_has_error(asn1)) {
433 goto err;
434 }
435
436 if (!asn1_extract_blob(asn1, mem_ctx, blob)) {
437 goto err;
438 }
439
440 ret = true;
441
442 err:
443
444 asn1_free(asn1);
445
446 return ret;
447}
Note: See TracBrowser for help on using the repository browser.