1 // Copyright 2012 Nexenta Systems, Inc. All rights reserved. 2 // Copyright (C) 2002 Microsoft Corporation 3 // All rights reserved. 4 // 5 // THIS CODE AND INFORMATION IS PROVIDED "AS IS" 6 // WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 7 // OR IMPLIED, INCLUDING BUT NOT LIMITED 8 // TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY 9 // AND/OR FITNESS FOR A PARTICULAR PURPOSE. 10 // 11 // Date - 10/08/2002 12 // Author - Sanj Surati 13 14 ///////////////////////////////////////////////////////////// 15 // 16 // DERPARSE.H 17 // 18 // SPNEGO Token Handler Header File 19 // 20 // Contains the definitions required to properly parse the 21 // SPNEGO DER encoding. 22 // 23 ///////////////////////////////////////////////////////////// 24 25 #ifndef __DERPARSE_H__ 26 #define __DERPARSE_H__ 27 28 // C++ Specific 29 #if defined(__cplusplus) 30 extern "C" 31 { 32 #endif 33 34 /* Identifier Types */ 35 #define IDENTIFIER_MASK 0xC0 // Bits 7 and 8 36 #define IDENTIFIER_UNIVERSAL 0x00 // 00 = universal 37 #define IDENTIFIER_APPLICATION 0x40 // 01 = application 38 #define IDENTIFIER_CONTEXT_SPECIFIC 0x80 // 10 = context specific 39 #define IDENTIFIER_PRIVATE 0xC0 // 11 = Private 40 41 /* Encoding type */ 42 43 #define FORM_MASK 0x20 /* Bit 6 */ 44 #define PRIMITIVE 0x00 /* 0 = primitive */ 45 #define CONSTRUCTED 0x20 /* 1 = constructed */ 46 47 /* Universal tags */ 48 49 #define TAG_MASK 0x1F /* Bits 5 - 1 */ 50 #define BOOLEAN 0x01 /* 1: TRUE or FALSE */ 51 #define INTEGER 0x02 /* 2: Arbitrary precision integer */ 52 #define BITSTRING 0x03 /* 2: Sequence of bits */ 53 #define OCTETSTRING 0x04 /* 4: Sequence of bytes */ 54 #define NULLTAG 0x05 /* 5: NULL */ 55 #define OID 0x06 /* 6: Object Identifier (numeric sequence) */ 56 #define OBJDESCRIPTOR 0x07 /* 7: Object Descriptor (human readable) */ 57 #define EXTERNAL 0x08 /* 8: External / Instance Of */ 58 #define REAL 0x09 /* 9: Real (Mantissa * Base^Exponent) */ 59 #define ENUMERATED 0x0A /* 10: Enumerated */ 60 #define EMBEDDED_PDV 0x0B /* 11: Embedded Presentation Data Value */ 61 #define SEQUENCE 0x10 /* 16: Constructed Sequence / Sequence Of */ 62 #define SET 0x11 /* 17: Constructed Set / Set Of */ 63 #define NUMERICSTR 0x12 /* 18: Numeric String (digits only) */ 64 #define PRINTABLESTR 0x13 /* 19: Printable String */ 65 #define T61STR 0x14 /* 20: T61 String (Teletex) */ 66 #define VIDEOTEXSTR 0x15 /* 21: Videotex String */ 67 #define IA5STR 0x16 /* 22: IA5 String */ 68 #define UTCTIME 0x17 /* 23: UTC Time */ 69 #define GENERALIZEDTIME 0x18 /* 24: Generalized Time */ 70 #define GRAPHICSTR 0x19 /* 25: Graphic String */ 71 #define VISIBLESTR 0x1A /* 26: Visible String (ISO 646) */ 72 #define GENERALSTR 0x1B /* 27: General String */ 73 #define UNIVERSALSTR 0x1C /* 28: Universal String */ 74 #define BMPSTR 0x1E /* 30: Basic Multilingual Plane String */ 75 76 /* Length encoding */ 77 78 #define LEN_XTND 0x80 /* Indefinite or long form */ 79 #define LEN_MASK 0x7f /* Bits 7 - 1 */ 80 81 #define SEQ_ELM(n) (IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | ((n)&TAG_MASK)) 82 83 // 84 // SPNEGO Token Parsing Constants 85 // 86 87 88 // Fixed Length of NegTokenInit ReqFlags field 89 #define SPNEGO_NEGINIT_MAXLEN_REQFLAGS 2 90 91 // Difference in bits for ReqFlags token 92 #define SPNEGO_NEGINIT_REQFLAGS_BITDIFF 1 93 94 // Fixed Length of NegTokenTarg NegResult field 95 #define SPNEGO_NEGTARG_MAXLEN_NEGRESULT 1 96 97 // Application Specific Construct - Always at the start of a NegTokenInit 98 #define SPNEGO_NEGINIT_APP_CONSTRUCT ( IDENTIFIER_APPLICATION | CONSTRUCTED ) // 0x60 99 100 // Constructed Sequence token - after the actual token identifier token 101 #define SPNEGO_CONSTRUCTED_SEQUENCE ( SEQUENCE | CONSTRUCTED ) 102 103 // MechList Type Identifier 104 #define SPNEGO_MECHLIST_TYPE ( SEQUENCE | CONSTRUCTED | OID ) 105 106 // 107 // NegTokenInit - Token Identifier and Elements 108 // 109 110 // NegTokenInit - 0xa0 111 #define SPNEGO_NEGINIT_TOKEN_IDENTIFIER ( IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | \ 112 SPNEGO_TOKEN_INIT ) 113 114 // Structure elements for NegTokenInit 115 #define SPNEGO_NEGINIT_MECHTYPES 0x0 // MechTypes is element 0 116 #define SPNEGO_NEGINIT_REQFLAGS 0x1 // ReqFlags is element 1 117 #define SPNEGO_NEGINIT_MECHTOKEN 0x2 // MechToken is element 2 118 #define SPNEGO_NEGINIT_MECHLISTMIC 0x3 // MechListMIC is element 3 119 120 // MechTypes element is 0xa0 121 #define SPNEGO_NEGINIT_ELEMENT_MECHTYPES SEQ_ELM(SPNEGO_NEGINIT_MECHTYPES) 122 // ReqFlags element is 0xa1 123 #define SPNEGO_NEGINIT_ELEMENT_REQFLAGS SEQ_ELM(SPNEGO_NEGINIT_REQFLAGS) 124 // MechToken element is 0xa2 125 #define SPNEGO_NEGINIT_ELEMENT_MECHTOKEN SEQ_ELM(SPNEGO_NEGINIT_MECHTOKEN) 126 // MechListMIC element is 0xa3 127 #define SPNEGO_NEGINIT_ELEMENT_MECHLISTMIC SEQ_ELM(SPNEGO_NEGINIT_MECHLISTMIC) 128 129 // 130 // NegTokenTarg - Token Identifier and Elements 131 // 132 133 // NegTokenTarg - 0xa1 134 #define SPNEGO_NEGTARG_TOKEN_IDENTIFIER ( IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | \ 135 SPNEGO_TOKEN_TARG ) 136 137 // Structure elements for NegTokenTarg 138 #define SPNEGO_NEGTARG_NEGRESULT 0x0 // NegResult is element 0 139 #define SPNEGO_NEGTARG_SUPPORTEDMECH 0x1 // SupportedMech is element 1 140 #define SPNEGO_NEGTARG_RESPONSETOKEN 0x2 // ResponseToken is element 2 141 #define SPNEGO_NEGTARG_MECHLISTMIC 0x3 // MechListMIC is element 3 142 143 // NegResult element is 0xa0 144 #define SPNEGO_NEGTARG_ELEMENT_NEGRESULT SEQ_ELM(SPNEGO_NEGTARG_NEGRESULT) 145 // SupportedMech element is 0xa1 146 #define SPNEGO_NEGTARG_ELEMENT_SUPPORTEDMECH SEQ_ELM(SPNEGO_NEGTARG_SUPPORTEDMECH) 147 // ResponseToken element is 0xa2 148 #define SPNEGO_NEGTARG_ELEMENT_RESPONSETOKEN SEQ_ELM(SPNEGO_NEGTARG_RESPONSETOKEN) 149 // MechListMIC element is 0xa3 150 #define SPNEGO_NEGTARG_ELEMENT_MECHLISTMIC SEQ_ELM(SPNEGO_NEGTARG_MECHLISTMIC) 151 152 // 153 // Defines a GSS Mechanism OID. We keep a single static array 154 // of these which we'll use for validation/searches/parsing. 155 // 156 157 typedef struct _mechOID 158 { 159 unsigned char* ucOid; // Byte representation of OID 160 int iLen; // Length of the OID, length and identifier 161 int iActualDataLen; // Length of the actual OID 162 SPNEGO_MECH_OID eMechanismOID; // Which OID is this? 163 } MECH_OID; 164 165 166 // 167 // ASN Der functions 168 // 169 170 int ASNDerGetLength( unsigned char* pbLengthData, long nBoundaryLength, long* pnLength, 171 long* pnNumLengthBytes ); 172 int ASNDerCheckToken( unsigned char* pbTokenData, unsigned char nToken, 173 long nCheckLength, long nBoundaryLength, long* pnLength, 174 long* pnTokenLength ); 175 int ASNDerCheckOID( unsigned char* pbTokenData, SPNEGO_MECH_OID nMechOID, long nBoundaryLength, 176 long* pnTokenLength ); 177 int ASNDerCalcNumLengthBytes( long nLength ); 178 long ASNDerCalcTokenLength( long nLength, long nDataLength ); 179 long ASNDerCalcElementLength( long nDataLength, long* pnInternalLength ); 180 long ASNDerCalcMechListLength( SPNEGO_MECH_OID *mechOidLst, int mechOidCnt, 181 long* pnInternalLength ); 182 int ASNDerWriteLength( unsigned char* pbData, long nLength ); 183 int ASNDerWriteToken( unsigned char* pbData, unsigned char ucType, 184 unsigned char* pbTokenValue, long nLength ); 185 int ASNDerWriteOID( unsigned char* pbData, SPNEGO_MECH_OID eMechOID ); 186 long ASNDerWriteMechList( unsigned char* pbData, SPNEGO_MECH_OID *mechOidLst, int mechOidCnt ); 187 int ASNDerWriteElement( unsigned char* pbData, unsigned char ucElementSequence, 188 unsigned char ucType, unsigned char* pbTokenValue, long nLength ); 189 190 191 // C++ Specific 192 #if defined(__cplusplus) 193 } 194 #endif 195 196 #endif 197