12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Copyright 2012 Nexenta Systems, Inc. All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Copyright (C) 2002 Microsoft Corporation
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// THIS CODE AND INFORMATION IS PROVIDED "AS IS"
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// OR IMPLIED, INCLUDING BUT NOT LIMITED
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// AND/OR FITNESS FOR A PARTICULAR PURPOSE.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Date - 10/08/2002
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Author - Sanj Surati
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// SPNEGO Token Handler Source File
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Contains implementation of SPNEGO Token Handling API
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// as defined in SPNEGO.H.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Defined in DERPARSE.C
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/**********************************************************************/
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/** SPNEGO Token Handler API implementation **/
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/**********************************************************************/
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoInitFromBinary
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] pbTokenData - Binary Token Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] ulLength - Length of binary Token Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] phSpnegoToken - SPNEGO_TOKEN_HANDLE pointer
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Initializes a SPNEGO_TOKEN_HANDLE from the supplied
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// binary data. Data is copied locally. Returned data structure
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// must be freed by calling spnegoFreeData().
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoInitFromBinary( unsigned char* pbTokenData, unsigned long ulLength, SPNEGO_TOKEN_HANDLE* phSpnegoToken )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN** ppSpnegoToken = (SPNEGO_TOKEN**) phSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Pass off to a handler function that allows tighter control over how the token structure
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // is handled. In this case, we want the token data copied and we want the associated buffer
4bff34e37def8a90f9194d81bc345c52ba20086athurlow nReturn = InitTokenFromBinary( SPNEGO_TOKEN_INTERNAL_COPYDATA,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross/////////////////////////////////////////////////////////////////////////////
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// spnegoCreateNegTokenHint
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Parameters:
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// [in] pMechTypeList - List of MechTypes (OIDs) to include
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// [in] MechTypeCnt - Length of MechTypes array
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// [in] pbPrincipal - Principal name for MechListMIC
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// [out] phSpnegoToken - SPNEGO_TOKEN_HANDLE pointer
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// int Success - SPNEGO_E_SUCCESS
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Failure - SPNEGO API Error code
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Comments :
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Initializes a SPNEGO_TOKEN_HANDLE for a NegTokenInit type token
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// from the supplied parameters. The token created is the "hint"
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// used (for example) in the response to an SMB negotiate protocol.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// Returned data structure must be freed by calling spnegoFreeData().
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// The "hint" tells the client what authentication methods this
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// server supports (the ones in the MechTypeList). The Principal
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// name historically was the server's own SPN, but recent versions
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// of windows only supply: "not_defined_in_RFC4178@please_ignore"
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// So if you want to be nice to your clients, provide the host SPN,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross// otherwise provide the bogus SPN string like recent windows.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross////////////////////////////////////////////////////////////////////////////
12b65585e720714b31036daaa2b30eb76014048eGordon Rossint spnegoCreateNegTokenHint( SPNEGO_MECH_OID *pMechTypeList, int MechTypeCnt,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross unsigned char *pbPrincipal, SPNEGO_TOKEN_HANDLE* phSpnegoToken )
12b65585e720714b31036daaa2b30eb76014048eGordon Ross SPNEGO_TOKEN** ppSpnegoToken = (SPNEGO_TOKEN**) phSpnegoToken;
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if ( NULL == ppSpnegoToken || NULL == pbPrincipal )
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Get the actual token size
12b65585e720714b31036daaa2b30eb76014048eGordon Ross ulMechListMICLen = ASNDerCalcElementLength( ulPrincipalLen, NULL );
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0, /* ulMechTokenLen */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0, /* nReqFlagsAvailable */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross // Allocate a buffer to hold the data.
12b65585e720714b31036daaa2b30eb76014048eGordon Ross * Construct the MechListMIC
12b65585e720714b31036daaa2b30eb76014048eGordon Ross pbMechListMIC = pbTokenData + (nTokenLength - ulMechListMICLen);
12b65585e720714b31036daaa2b30eb76014048eGordon Ross (void) ASNDerWriteElement( pbMechListMIC, SPNEGO_NEGINIT_ELEMENT_MECHTYPES,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross // Now write the token
12b65585e720714b31036daaa2b30eb76014048eGordon Ross 0, /* ContextFlags */
12b65585e720714b31036daaa2b30eb76014048eGordon Ross // This will copy our allocated pointer, and ensure that the sructure cleans
12b65585e720714b31036daaa2b30eb76014048eGordon Ross // up the data later
12b65585e720714b31036daaa2b30eb76014048eGordon Ross nReturn = InitTokenFromBinary( SPNEGO_TOKEN_INTERNAL_COPYPTR,
12b65585e720714b31036daaa2b30eb76014048eGordon Ross // Cleanup on failure
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoCreateNegTokenInit
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] MechType - MechType to specify in MechTypeList element
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] ucContextFlags - Context Flags element value
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] pbMechToken - Pointer to binary MechToken Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] ulMechTokenLen - Length of MechToken Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] pbMechListMIC - Pointer to binary MechListMIC Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] ulMechListMICLen - Length of MechListMIC Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] phSpnegoToken - SPNEGO_TOKEN_HANDLE pointer
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Initializes a SPNEGO_TOKEN_HANDLE for a NegTokenInit type
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// from the supplied parameters. ucContextFlags may be 0 or must be
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// a valid flag combination. MechToken data can be NULL - if not, it
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// must correspond to the MechType. MechListMIC can also be NULL.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Returned data structure must be freed by calling spnegoFreeData().
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoCreateNegTokenInit( SPNEGO_MECH_OID MechType,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned char ucContextFlags, unsigned char* pbMechToken,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned long ulMechTokenLen, unsigned char* pbMechListMIC,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned long ulMechListMICLen, SPNEGO_TOKEN_HANDLE* phSpnegoToken )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN** ppSpnegoToken = (SPNEGO_TOKEN**) phSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Get the actual token size
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( ( nReturn = CalculateMinSpnegoInitTokenSize( ulMechTokenLen, ulMechListMICLen,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Allocate a buffer to hold the data.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Now write the token
12b65585e720714b31036daaa2b30eb76014048eGordon Ross if ( ( nReturn = CreateSpnegoInitToken( &MechType, 1,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // This will copy our allocated pointer, and ensure that the sructure cleans
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // up the data later
4bff34e37def8a90f9194d81bc345c52ba20086athurlow nReturn = InitTokenFromBinary( SPNEGO_TOKEN_INTERNAL_COPYPTR,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Cleanup on failure
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF alloc succeeded
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // If calculated token size
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF Valid Parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoCreateNegTokenTarg
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] MechType - MechType to specify in supported MechType element
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] spnegoNegResult - NegResult value
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] pbMechToken - Pointer to response MechToken Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] ulMechTokenLen - Length of MechToken Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] pbMechListMIC - Pointer to binary MechListMIC Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] ulMechListMICLen - Length of MechListMIC Data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] phSpnegoToken - SPNEGO_TOKEN_HANDLE pointer
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Initializes a SPNEGO_TOKEN_HANDLE for a NegTokenTarg type
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// from the supplied parameters. MechToken data can be NULL - if not,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// it must correspond to the MechType. MechListMIC can also be NULL.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Returned data structure must be freed by calling spnegoFreeData().
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoCreateNegTokenTarg( SPNEGO_MECH_OID MechType,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_NEGRESULT spnegoNegResult, unsigned char* pbMechToken,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned long ulMechTokenLen, unsigned char* pbMechListMIC,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned long ulMechListMICLen, SPNEGO_TOKEN_HANDLE* phSpnegoToken )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN** ppSpnegoToken = (SPNEGO_TOKEN**) phSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // spnego_mech_oid_NotUsed and spnego_negresult_NotUsed
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // are okay here, however a valid MechOid is required
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // if spnego_negresult_success or spnego_negresult_incomplete
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // is specified.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Get the actual token size
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( ( nReturn = CalculateMinSpnegoTargTokenSize( MechType, spnegoNegResult, ulMechTokenLen,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Allocate a buffer to hold the data.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Now write the token
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // This will copy our allocated pointer, and ensure that the sructure cleans
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // up the data later
4bff34e37def8a90f9194d81bc345c52ba20086athurlow nReturn = InitTokenFromBinary( SPNEGO_TOKEN_INTERNAL_COPYPTR,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Cleanup on failure
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF alloc succeeded
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // If calculated token size
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF Valid Parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoTokenGetBinary
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] pbTokenData - Buffer to copy token into
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in/out] pulDataLen - Length of pbTokenData buffer, filled out
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// with actual size used upon function return.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Copies binary SPNEGO token data from hSpnegoToken into the user
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// supplied buffer. If pbTokenData is NULL, or the value in pulDataLen
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// is too small, the function will return SPNEGO_E_BUFFER_TOO_SMALL and
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// fill out pulDataLen with the minimum required buffer size.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoTokenGetBinary( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pbTokenData,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow unsigned long * pulDataLen )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters - pbTokenData is optional
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check for Buffer too small conditions
4bff34e37def8a90f9194d81bc345c52ba20086athurlow memcpy( pbTokenData, pSpnegoToken->pbBinaryData, pSpnegoToken->ulBinaryDataLen );
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoFreeData
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Frees up resources consumed by hSpnegoToken. The supplied data
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// pointer is invalidated by this function.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowvoid spnegoFreeData( SPNEGO_TOKEN_HANDLE hSpnegoToken )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoGetTokenType
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] piTokenType - Filled out with token type value.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// The function will analyze hSpnegoToken and return the appropriate
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// type in piTokenType.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoGetTokenType( SPNEGO_TOKEN_HANDLE hSpnegoToken, int * piTokenType )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check that the type in the structure makes sense
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( SPNEGO_TOKEN_INIT == pSpnegoToken->ucTokenType ||
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoIsMechTypeAvailable
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] MechOID - MechOID to search MechTypeList for
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] piMechTypeIndex - Filled out with index in MechTypeList
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// element if MechOID is found.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// hSpnegoToken must reference a token of type NegTokenInit. The
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// function will search the MechTypeList element for an OID corresponding
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// to the specified MechOID. If one is found, the index (0 based) will
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// be passed into the piMechTypeIndex parameter.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Returns the Initial Mech Type in the MechList element in the NegInitToken.
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoIsMechTypeAvailable( SPNEGO_TOKEN_HANDLE hSpnegoToken, SPNEGO_MECH_OID MechOID, int * piMechTypeIndex )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check if MechList is available
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( pSpnegoToken->aElementArray[SPNEGO_INIT_MECHTYPES_ELEMENT].iElementPresent
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Locate the MechOID in the list element
4bff34e37def8a90f9194d81bc345c52ba20086athurlow &pSpnegoToken->aElementArray[SPNEGO_INIT_MECHTYPES_ELEMENT],
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoGetContextFlags
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] pucContextFlags - Filled out with ContextFlags value.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// hSpnegoToken must reference a token of type NegTokenInit. The
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// function will copy data from the ContextFlags element into the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// location pucContextFlags points to. Note that the function will
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// fail if the actual ContextFlags data appears invalid.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoGetContextFlags( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pucContextFlags )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check if ContextFlags is available
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( pSpnegoToken->aElementArray[SPNEGO_INIT_REQFLAGS_ELEMENT].iElementPresent
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // The length should be two, the value should show a 1 bit difference in the difference byte, and
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // the value must be valid
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( pSpnegoToken->aElementArray[SPNEGO_INIT_REQFLAGS_ELEMENT].nDatalength == SPNEGO_NEGINIT_MAXLEN_REQFLAGS &&
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoToken->aElementArray[SPNEGO_INIT_REQFLAGS_ELEMENT].pbData[0] == SPNEGO_NEGINIT_REQFLAGS_BITDIFF &&
4bff34e37def8a90f9194d81bc345c52ba20086athurlow IsValidContextFlags( pSpnegoToken->aElementArray[SPNEGO_INIT_REQFLAGS_ELEMENT].pbData[1] ) )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *pucContextFlags = pSpnegoToken->aElementArray[SPNEGO_INIT_REQFLAGS_ELEMENT].pbData[1];
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoGetNegotiationResult
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] pnegResult - Filled out with NegResult value.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// hSpnegoToken must reference a token of type NegTokenTarg. The
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// function will copy data from the NegResult element into the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// location pointed to by pnegResult. Note that the function will
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// fail if the actual NegResult data appears invalid.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoGetNegotiationResult( SPNEGO_TOKEN_HANDLE hSpnegoToken, SPNEGO_NEGRESULT* pnegResult )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check if NegResult is available
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( pSpnegoToken->aElementArray[SPNEGO_TARG_NEGRESULT_ELEMENT].iElementPresent
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Must be 1 byte long and a valid value
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( pSpnegoToken->aElementArray[SPNEGO_TARG_NEGRESULT_ELEMENT].nDatalength == SPNEGO_NEGTARG_MAXLEN_NEGRESULT &&
4bff34e37def8a90f9194d81bc345c52ba20086athurlow IsValidNegResult( *pSpnegoToken->aElementArray[SPNEGO_TARG_NEGRESULT_ELEMENT].pbData ) )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *pnegResult = *pSpnegoToken->aElementArray[SPNEGO_TARG_NEGRESULT_ELEMENT].pbData;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoGetSupportedMechType
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] pMechOID - Filled out with Supported MechType value.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// hSpnegoToken must reference a token of type NegTokenTarg. The
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// function will check the Supported MechType element, and if it
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// corresponds to a supported MechType ( spnego_mech_oid_Kerberos_V5_Legacy
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// or spnego_mech_oid_Kerberos_V5 ), will set the location pointed
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// to by pMechOID equal to the appropriate value.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoGetSupportedMechType( SPNEGO_TOKEN_HANDLE hSpnegoToken, SPNEGO_MECH_OID* pMechOID )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check if MechList is available
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( pSpnegoToken->aElementArray[SPNEGO_TARG_SUPPMECH_ELEMENT].iElementPresent
4bff34e37def8a90f9194d81bc345c52ba20086athurlow g_stcMechOIDList[nCtr].eMechanismOID != spnego_mech_oid_NotUsed;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoToken->aElementArray[SPNEGO_TARG_SUPPMECH_ELEMENT].pbData,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoToken->aElementArray[SPNEGO_TARG_SUPPMECH_ELEMENT].nDatalength,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // For enum MechOIDs
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoTokenGetMechToken
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] pbTokenData - Buffer to copy MechToken into
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in/out] pulDataLen - Length of pbTokenData buffer, filled out
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// with actual size used upon function return.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// hSpnegoToken can point to either NegTokenInit or a NegTokenTarg token.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// The function will copy the MechToken (the initial MechToken if
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// NegTokenInit, the response MechToken if NegTokenTarg) from the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// underlying token into the buffer pointed to by pbTokenData. If
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// pbTokenData is NULL, or the value in pulDataLen is too small, the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// function will return SPNEGO_E_BUFFER_TOO_SMALL and fill out pulDataLen
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// with the minimum required buffer size. The token can then be passed
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// to a GSS-API function for processing.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoGetMechToken( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pbTokenData, unsigned long* pulDataLen )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Point at the proper Element
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( SPNEGO_TOKEN_INIT == pSpnegoToken->ucTokenType )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoElement = &pSpnegoToken->aElementArray[SPNEGO_INIT_MECHTOKEN_ELEMENT];
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoElement = &pSpnegoToken->aElementArray[SPNEGO_TARG_RESPTOKEN_ELEMENT];
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check if MechType is available
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( SPNEGO_TOKEN_ELEMENT_AVAILABLE == pSpnegoElement->iElementPresent )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check for Buffer too small conditions
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Copy Memory
4bff34e37def8a90f9194d81bc345c52ba20086athurlow memcpy( pbTokenData, pSpnegoElement->pbData, pSpnegoElement->nDatalength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Function:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// spnegoTokenGetMechListMIC
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Parameters:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in] hSpnegoToken - Initialized SPNEGO_TOKEN_HANDLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [out] pbTokenData - Buffer to copy MechListMIC data into
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// [in/out] pulDataLen - Length of pbTokenData buffer, filled out
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// with actual size used upon function return.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// int Success - SPNEGO_E_SUCCESS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Failure - SPNEGO API Error code
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// Comments :
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// hSpnegoToken can point to either NegTokenInit or a NegTokenTarg token.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// The function will copy the MechListMIC data from the underlying token
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// into the buffer pointed to by pbTokenData. If pbTokenData is NULL,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// or the value in pulDataLen is too small, the function will return
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// SPNEGO_E_BUFFER_TOO_SMALL and fill out pulDataLen with the minimum
4bff34e37def8a90f9194d81bc345c52ba20086athurlow// required buffer size.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow////////////////////////////////////////////////////////////////////////////
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint spnegoGetMechListMIC( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pbMICData, unsigned long* pulDataLen )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SPNEGO_TOKEN* pSpnegoToken = (SPNEGO_TOKEN*) hSpnegoToken;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check parameters
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Point at the proper Element
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( SPNEGO_TOKEN_INIT == pSpnegoToken->ucTokenType )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoElement = &pSpnegoToken->aElementArray[SPNEGO_INIT_MECHLISTMIC_ELEMENT];
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pSpnegoElement = &pSpnegoToken->aElementArray[SPNEGO_TARG_MECHLISTMIC_ELEMENT];
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check if MechType is available
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if ( SPNEGO_TOKEN_ELEMENT_AVAILABLE == pSpnegoElement->iElementPresent )
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Check for Buffer too small conditions
4bff34e37def8a90f9194d81bc345c52ba20086athurlow // Copy Memory
4bff34e37def8a90f9194d81bc345c52ba20086athurlow memcpy( pbMICData, pSpnegoElement->pbData, pSpnegoElement->nDatalength );
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } // IF parameters OK