12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Copyright 2012 Nexenta Systems, Inc. All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Copyright (C) 2002 Microsoft Corporation
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// THIS CODE AND INFORMATION IS PROVIDED "AS IS"
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// OR IMPLIED, INCLUDING BUT NOT LIMITED
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// AND/OR FITNESS FOR A PARTICULAR PURPOSE.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Date - 10/08/2002
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Author - Sanj Surati
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// DERPARSE.H
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// SPNEGO Token Handler Header File
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Contains the definitions required to properly parse the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// SPNEGO DER encoding.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#ifndef __DERPARSE_H__
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define __DERPARSE_H__
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// C++ Specific
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#if defined(__cplusplus)
4bff34e37def8a90f9194d81bc345c52ba20086athurlowextern "C"
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#endif
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/* Identifier Types */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define IDENTIFIER_MASK 0xC0 // Bits 7 and 8
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define IDENTIFIER_UNIVERSAL 0x00 // 00 = universal
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define IDENTIFIER_APPLICATION 0x40 // 01 = application
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define IDENTIFIER_CONTEXT_SPECIFIC 0x80 // 10 = context specific
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define IDENTIFIER_PRIVATE 0xC0 // 11 = Private
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/* Encoding type */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define FORM_MASK 0x20 /* Bit 6 */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define PRIMITIVE 0x00 /* 0 = primitive */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define CONSTRUCTED 0x20 /* 1 = constructed */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/* Universal tags */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define TAG_MASK 0x1F /* Bits 5 - 1 */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define BOOLEAN 0x01 /* 1: TRUE or FALSE */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define INTEGER 0x02 /* 2: Arbitrary precision integer */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define BITSTRING 0x03 /* 2: Sequence of bits */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define OCTETSTRING 0x04 /* 4: Sequence of bytes */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define NULLTAG 0x05 /* 5: NULL */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define OID 0x06 /* 6: Object Identifier (numeric sequence) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define OBJDESCRIPTOR 0x07 /* 7: Object Descriptor (human readable) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define EXTERNAL 0x08 /* 8: External / Instance Of */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define REAL 0x09 /* 9: Real (Mantissa * Base^Exponent) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define ENUMERATED 0x0A /* 10: Enumerated */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define EMBEDDED_PDV 0x0B /* 11: Embedded Presentation Data Value */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SEQUENCE 0x10 /* 16: Constructed Sequence / Sequence Of */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SET 0x11 /* 17: Constructed Set / Set Of */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define NUMERICSTR 0x12 /* 18: Numeric String (digits only) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define PRINTABLESTR 0x13 /* 19: Printable String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define T61STR 0x14 /* 20: T61 String (Teletex) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define VIDEOTEXSTR 0x15 /* 21: Videotex String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define IA5STR 0x16 /* 22: IA5 String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define UTCTIME 0x17 /* 23: UTC Time */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define GENERALIZEDTIME 0x18 /* 24: Generalized Time */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define GRAPHICSTR 0x19 /* 25: Graphic String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define VISIBLESTR 0x1A /* 26: Visible String (ISO 646) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define GENERALSTR 0x1B /* 27: General String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define UNIVERSALSTR 0x1C /* 28: Universal String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define BMPSTR 0x1E /* 30: Basic Multilingual Plane String */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/* Length encoding */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define LEN_XTND 0x80 /* Indefinite or long form */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define LEN_MASK 0x7f /* Bits 7 - 1 */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SEQ_ELM(n) (IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | ((n)&TAG_MASK))
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// SPNEGO Token Parsing Constants
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Fixed Length of NegTokenInit ReqFlags field
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_MAXLEN_REQFLAGS 2
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Difference in bits for ReqFlags token
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_REQFLAGS_BITDIFF 1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Fixed Length of NegTokenTarg NegResult field
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_MAXLEN_NEGRESULT 1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Application Specific Construct - Always at the start of a NegTokenInit
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_APP_CONSTRUCT ( IDENTIFIER_APPLICATION | CONSTRUCTED ) // 0x60
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Constructed Sequence token - after the actual token identifier token
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_CONSTRUCTED_SEQUENCE ( SEQUENCE | CONSTRUCTED )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// MechList Type Identifier
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_MECHLIST_TYPE ( SEQUENCE | CONSTRUCTED | OID )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// NegTokenInit - Token Identifier and Elements
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// NegTokenInit - 0xa0
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_TOKEN_IDENTIFIER ( IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | \
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN_INIT )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Structure elements for NegTokenInit
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_MECHTYPES 0x0 // MechTypes is element 0
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_REQFLAGS 0x1 // ReqFlags is element 1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_MECHTOKEN 0x2 // MechToken is element 2
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_MECHLISTMIC 0x3 // MechListMIC is element 3
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// MechTypes element is 0xa0
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_ELEMENT_MECHTYPES SEQ_ELM(SPNEGO_NEGINIT_MECHTYPES)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// ReqFlags element is 0xa1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_ELEMENT_REQFLAGS SEQ_ELM(SPNEGO_NEGINIT_REQFLAGS)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// MechToken element is 0xa2
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_ELEMENT_MECHTOKEN SEQ_ELM(SPNEGO_NEGINIT_MECHTOKEN)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// MechListMIC element is 0xa3
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGINIT_ELEMENT_MECHLISTMIC SEQ_ELM(SPNEGO_NEGINIT_MECHLISTMIC)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// NegTokenTarg - Token Identifier and Elements
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// NegTokenTarg - 0xa1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_TOKEN_IDENTIFIER ( IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | \
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN_TARG )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Structure elements for NegTokenTarg
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_NEGRESULT 0x0 // NegResult is element 0
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_SUPPORTEDMECH 0x1 // SupportedMech is element 1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_RESPONSETOKEN 0x2 // ResponseToken is element 2
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_MECHLISTMIC 0x3 // MechListMIC is element 3
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// NegResult element is 0xa0
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_ELEMENT_NEGRESULT SEQ_ELM(SPNEGO_NEGTARG_NEGRESULT)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// SupportedMech element is 0xa1
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_ELEMENT_SUPPORTEDMECH SEQ_ELM(SPNEGO_NEGTARG_SUPPORTEDMECH)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// ResponseToken element is 0xa2
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_ELEMENT_RESPONSETOKEN SEQ_ELM(SPNEGO_NEGTARG_RESPONSETOKEN)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// MechListMIC element is 0xa3
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#define SPNEGO_NEGTARG_ELEMENT_MECHLISTMIC SEQ_ELM(SPNEGO_NEGTARG_MECHLISTMIC)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Defines a GSS Mechanism OID. We keep a single static array
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// of these which we'll use for validation/searches/parsing.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlowtypedef struct _mechOID
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned char* ucOid; // Byte representation of OID
4bff34e37def8a90f9194d81bc345c52ba20086athurlow int iLen; // Length of the OID, length and identifier
4bff34e37def8a90f9194d81bc345c52ba20086athurlow int iActualDataLen; // Length of the actual OID
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_MECH_OID eMechanismOID; // Which OID is this?
4bff34e37def8a90f9194d81bc345c52ba20086athurlow} MECH_OID;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// ASN Der functions
4bff34e37def8a90f9194d81bc345c52ba20086athurlow//
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerGetLength( unsigned char* pbLengthData, long nBoundaryLength, long* pnLength,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow long* pnNumLengthBytes );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerCheckToken( unsigned char* pbTokenData, unsigned char nToken,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow long nCheckLength, long nBoundaryLength, long* pnLength,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow long* pnTokenLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerCheckOID( unsigned char* pbTokenData, SPNEGO_MECH_OID nMechOID, long nBoundaryLength,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow long* pnTokenLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerCalcNumLengthBytes( long nLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowlong ASNDerCalcTokenLength( long nLength, long nDataLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowlong ASNDerCalcElementLength( long nDataLength, long* pnInternalLength );
12b65585e720714b31036daaa2b30eb76014048eGordon Rosslong ASNDerCalcMechListLength( SPNEGO_MECH_OID *mechOidLst, int mechOidCnt,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross long* pnInternalLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerWriteLength( unsigned char* pbData, long nLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerWriteToken( unsigned char* pbData, unsigned char ucType,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned char* pbTokenValue, long nLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerWriteOID( unsigned char* pbData, SPNEGO_MECH_OID eMechOID );
12b65585e720714b31036daaa2b30eb76014048eGordon Rosslong ASNDerWriteMechList( unsigned char* pbData, SPNEGO_MECH_OID *mechOidLst, int mechOidCnt );
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint ASNDerWriteElement( unsigned char* pbData, unsigned char ucElementSequence,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned char ucType, unsigned char* pbTokenValue, long nLength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // C++ Specific
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#if defined(__cplusplus)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#endif
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#endif