search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 2.6.16.61-rc1
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / cifs / asn1.c
blobdcafda8315c3d78857b9213c312c2dd2f24857e5
1 /*
2 * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
3 * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
4 *
5 * Copyright (c) 2000 RP Internet (www.rpi.net.au).
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20 #include <linux/config.h>
21 #include <linux/module.h>
22 #include <linux/types.h>
23 #include <linux/kernel.h>
24 #include <linux/mm.h>
25 #include <linux/slab.h>
26 #include "cifspdu.h"
27 #include "cifsglob.h"
28 #include "cifs_debug.h"
29 #include "cifsproto.h"
30
31 /*****************************************************************************
32 *
33 * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
34 *
35 *****************************************************************************/
36
37 /* Class */
38 #define ASN1_UNI 0 /* Universal */
39 #define ASN1_APL 1 /* Application */
40 #define ASN1_CTX 2 /* Context */
41 #define ASN1_PRV 3 /* Private */
42
43 /* Tag */
44 #define ASN1_EOC 0 /* End Of Contents or N/A */
45 #define ASN1_BOL 1 /* Boolean */
46 #define ASN1_INT 2 /* Integer */
47 #define ASN1_BTS 3 /* Bit String */
48 #define ASN1_OTS 4 /* Octet String */
49 #define ASN1_NUL 5 /* Null */
50 #define ASN1_OJI 6 /* Object Identifier */
51 #define ASN1_OJD 7 /* Object Description */
52 #define ASN1_EXT 8 /* External */
53 #define ASN1_SEQ 16 /* Sequence */
54 #define ASN1_SET 17 /* Set */
55 #define ASN1_NUMSTR 18 /* Numerical String */
56 #define ASN1_PRNSTR 19 /* Printable String */
57 #define ASN1_TEXSTR 20 /* Teletext String */
58 #define ASN1_VIDSTR 21 /* Video String */
59 #define ASN1_IA5STR 22 /* IA5 String */
60 #define ASN1_UNITIM 23 /* Universal Time */
61 #define ASN1_GENTIM 24 /* General Time */
62 #define ASN1_GRASTR 25 /* Graphical String */
63 #define ASN1_VISSTR 26 /* Visible String */
64 #define ASN1_GENSTR 27 /* General String */
65
66 /* Primitive / Constructed methods*/
67 #define ASN1_PRI 0 /* Primitive */
68 #define ASN1_CON 1 /* Constructed */
69
70 /*
71 * Error codes.
72 */
73 #define ASN1_ERR_NOERROR 0
74 #define ASN1_ERR_DEC_EMPTY 2
75 #define ASN1_ERR_DEC_EOC_MISMATCH 3
76 #define ASN1_ERR_DEC_LENGTH_MISMATCH 4
77 #define ASN1_ERR_DEC_BADVALUE 5
78
79 #define SPNEGO_OID_LEN 7
80 #define NTLMSSP_OID_LEN 10
81 static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
82 static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
83
84 /*
85 * ASN.1 context.
86 */
87 struct asn1_ctx {
88 int error; /* Error condition */
89 unsigned char *pointer; /* Octet just to be decoded */
90 unsigned char *begin; /* First octet */
91 unsigned char *end; /* Octet after last octet */
92 };
93
94 /*
95 * Octet string (not null terminated)
96 */
97 struct asn1_octstr {
98 unsigned char *data;
99 unsigned int len;
100 };
101
102 static void
103 asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
104 {
105 ctx->begin = buf;
106 ctx->end = buf + len;
107 ctx->pointer = buf;
108 ctx->error = ASN1_ERR_NOERROR;
109 }
110
111 static unsigned char
112 asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
113 {
114 if (ctx->pointer >= ctx->end) {
115 ctx->error = ASN1_ERR_DEC_EMPTY;
116 return 0;
117 }
118 *ch = *(ctx->pointer)++;
119 return 1;
120 }
121
122 static unsigned char
123 asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
124 {
125 unsigned char ch;
126
127 *tag = 0;
128
129 do {
130 if (!asn1_octet_decode(ctx, &ch))
131 return 0;
132 *tag <<= 7;
133 *tag |= ch & 0x7F;
134 } while ((ch & 0x80) == 0x80);
135 return 1;
136 }
137
138 static unsigned char
139 asn1_id_decode(struct asn1_ctx *ctx,
140 unsigned int *cls, unsigned int *con, unsigned int *tag)
141 {
142 unsigned char ch;
143
144 if (!asn1_octet_decode(ctx, &ch))
145 return 0;
146
147 *cls = (ch & 0xC0) >> 6;
148 *con = (ch & 0x20) >> 5;
149 *tag = (ch & 0x1F);
150
151 if (*tag == 0x1F) {
152 if (!asn1_tag_decode(ctx, tag))
153 return 0;
154 }
155 return 1;
156 }
157
158 static unsigned char
159 asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
160 {
161 unsigned char ch, cnt;
162
163 if (!asn1_octet_decode(ctx, &ch))
164 return 0;
165
166 if (ch == 0x80)
167 *def = 0;
168 else {
169 *def = 1;
170
171 if (ch < 0x80)
172 *len = ch;
173 else {
174 cnt = (unsigned char) (ch & 0x7F);
175 *len = 0;
176
177 while (cnt > 0) {
178 if (!asn1_octet_decode(ctx, &ch))
179 return 0;
180 *len <<= 8;
181 *len |= ch;
182 cnt--;
183 }
184 }
185 }
186
187 /* don't trust len bigger than ctx buffer */
188 if (*len > ctx->end - ctx->pointer)
189 return 0;
190
191 return 1;
192 }
193
194 static unsigned char
195 asn1_header_decode(struct asn1_ctx *ctx,
196 unsigned char **eoc,
197 unsigned int *cls, unsigned int *con, unsigned int *tag)
198 {
199 unsigned int def = 0;
200 unsigned int len = 0;
201
202 if (!asn1_id_decode(ctx, cls, con, tag))
203 return 0;
204
205 if (!asn1_length_decode(ctx, &def, &len))
206 return 0;
207
208 /* primitive shall be definite, indefinite shall be constructed */
209 if (*con == ASN1_PRI && !def)
210 return 0;
211
212 if (def)
213 *eoc = ctx->pointer + len;
214 else
215 *eoc = NULL;
216 return 1;
217 }
218
219 static unsigned char
220 asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
221 {
222 unsigned char ch;
223
224 if (eoc == NULL) {
225 if (!asn1_octet_decode(ctx, &ch))
226 return 0;
227
228 if (ch != 0x00) {
229 ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
230 return 0;
231 }
232
233 if (!asn1_octet_decode(ctx, &ch))
234 return 0;
235
236 if (ch != 0x00) {
237 ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
238 return 0;
239 }
240 return 1;
241 } else {
242 if (ctx->pointer != eoc) {
243 ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
244 return 0;
245 }
246 return 1;
247 }
248 }
249
250 /* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
251 unsigned char *eoc)
252 {
253 ctx->pointer = eoc;
254 return 1;
255 }
256
257 static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
258 unsigned char *eoc, long *integer)
259 {
260 unsigned char ch;
261 unsigned int len;
262
263 if (!asn1_octet_decode(ctx, &ch))
264 return 0;
265
266 *integer = (signed char) ch;
267 len = 1;
268
269 while (ctx->pointer < eoc) {
270 if (++len > sizeof(long)) {
271 ctx->error = ASN1_ERR_DEC_BADVALUE;
272 return 0;
273 }
274
275 if (!asn1_octet_decode(ctx, &ch))
276 return 0;
277
278 *integer <<= 8;
279 *integer |= ch;
280 }
281 return 1;
282 }
283
284 static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
285 unsigned char *eoc,
286 unsigned int *integer)
287 {
288 unsigned char ch;
289 unsigned int len;
290
291 if (!asn1_octet_decode(ctx, &ch))
292 return 0;
293
294 *integer = ch;
295 if (ch == 0)
296 len = 0;
297 else
298 len = 1;
299
300 while (ctx->pointer < eoc) {
301 if (++len > sizeof(unsigned int)) {
302 ctx->error = ASN1_ERR_DEC_BADVALUE;
303 return 0;
304 }
305
306 if (!asn1_octet_decode(ctx, &ch))
307 return 0;
308
309 *integer <<= 8;
310 *integer |= ch;
311 }
312 return 1;
313 }
314
315 static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
316 unsigned char *eoc,
317 unsigned long *integer)
318 {
319 unsigned char ch;
320 unsigned int len;
321
322 if (!asn1_octet_decode(ctx, &ch))
323 return 0;
324
325 *integer = ch;
326 if (ch == 0)
327 len = 0;
328 else
329 len = 1;
330
331 while (ctx->pointer < eoc) {
332 if (++len > sizeof(unsigned long)) {
333 ctx->error = ASN1_ERR_DEC_BADVALUE;
334 return 0;
335 }
336
337 if (!asn1_octet_decode(ctx, &ch))
338 return 0;
339
340 *integer <<= 8;
341 *integer |= ch;
342 }
343 return 1;
344 }
345
346 static unsigned char
347 asn1_octets_decode(struct asn1_ctx *ctx,
348 unsigned char *eoc,
349 unsigned char **octets, unsigned int *len)
350 {
351 unsigned char *ptr;
352
353 *len = 0;
354
355 *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
356 if (*octets == NULL) {
357 return 0;
358 }
359
360 ptr = *octets;
361 while (ctx->pointer < eoc) {
362 if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
363 kfree(*octets);
364 *octets = NULL;
365 return 0;
366 }
367 (*len)++;
368 }
369 return 1;
370 } */
371
372 static unsigned char
373 asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
374 {
375 unsigned char ch;
376
377 *subid = 0;
378
379 do {
380 if (!asn1_octet_decode(ctx, &ch))
381 return 0;
382
383 *subid <<= 7;
384 *subid |= ch & 0x7F;
385 } while ((ch & 0x80) == 0x80);
386 return 1;
387 }
388
389 static int
390 asn1_oid_decode(struct asn1_ctx *ctx,
391 unsigned char *eoc, unsigned long **oid, unsigned int *len)
392 {
393 unsigned long subid;
394 unsigned int size;
395 unsigned long *optr;
396
397 size = eoc - ctx->pointer + 1;
398
399 /* first subid actually encodes first two subids */
400 if (size < 2 || size > ULONG_MAX/sizeof(unsigned long))
401 return 0;
402
403 *oid = kmalloc(size * sizeof (unsigned long), GFP_ATOMIC);
404 if (*oid == NULL) {
405 return 0;
406 }
407
408 optr = *oid;
409
410 if (!asn1_subid_decode(ctx, &subid)) {
411 kfree(*oid);
412 *oid = NULL;
413 return 0;
414 }
415
416 if (subid < 40) {
417 optr[0] = 0;
418 optr[1] = subid;
419 } else if (subid < 80) {
420 optr[0] = 1;
421 optr[1] = subid - 40;
422 } else {
423 optr[0] = 2;
424 optr[1] = subid - 80;
425 }
426
427 *len = 2;
428 optr += 2;
429
430 while (ctx->pointer < eoc) {
431 if (++(*len) > size) {
432 ctx->error = ASN1_ERR_DEC_BADVALUE;
433 kfree(*oid);
434 *oid = NULL;
435 return 0;
436 }
437
438 if (!asn1_subid_decode(ctx, optr++)) {
439 kfree(*oid);
440 *oid = NULL;
441 return 0;
442 }
443 }
444 return 1;
445 }
446
447 static int
448 compare_oid(unsigned long *oid1, unsigned int oid1len,
449 unsigned long *oid2, unsigned int oid2len)
450 {
451 unsigned int i;
452
453 if (oid1len != oid2len)
454 return 0;
455 else {
456 for (i = 0; i < oid1len; i++) {
457 if (oid1[i] != oid2[i])
458 return 0;
459 }
460 return 1;
461 }
462 }
463
464 /* BB check for endian conversion issues here */
465
466 int
467 decode_negTokenInit(unsigned char *security_blob, int length,
468 enum securityEnum *secType)
469 {
470 struct asn1_ctx ctx;
471 unsigned char *end;
472 unsigned char *sequence_end;
473 unsigned long *oid = NULL;
474 unsigned int cls, con, tag, oidlen, rc;
475 int use_ntlmssp = FALSE;
476
477 *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default */
478
479 /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
480
481 asn1_open(&ctx, security_blob, length);
482
483 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
484 cFYI(1, ("Error decoding negTokenInit header "));
485 return 0;
486 } else if ((cls != ASN1_APL) || (con != ASN1_CON)
487 || (tag != ASN1_EOC)) {
488 cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
489 return 0;
490 } else {
491 /* remember to free obj->oid */
492 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
493 if (rc) {
494 if ((tag == ASN1_OJI) && (cls == ASN1_PRI)) {
495 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
496 if (rc) {
497 rc = compare_oid(oid, oidlen,
498 SPNEGO_OID,
499 SPNEGO_OID_LEN);
500 kfree(oid);
501 }
502 } else
503 rc = 0;
504 }
505
506 if (!rc) {
507 cFYI(1, ("Error decoding negTokenInit header"));
508 return 0;
509 }
510
511 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
512 cFYI(1, ("Error decoding negTokenInit "));
513 return 0;
514 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
515 || (tag != ASN1_EOC)) {
516 cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 0",
517 cls, con, tag, end, *end));
518 return 0;
519 }
520
521 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
522 cFYI(1, ("Error decoding negTokenInit "));
523 return 0;
524 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
525 || (tag != ASN1_SEQ)) {
526 cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 1",
527 cls, con, tag, end, *end));
528 return 0;
529 }
530
531 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
532 cFYI(1, ("Error decoding 2nd part of negTokenInit "));
533 return 0;
534 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
535 || (tag != ASN1_EOC)) {
536 cFYI(1,
537 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
538 cls, con, tag, end, *end));
539 return 0;
540 }
541
542 if (asn1_header_decode
543 (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
544 cFYI(1, ("Error decoding 2nd part of negTokenInit "));
545 return 0;
546 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
547 || (tag != ASN1_SEQ)) {
548 cFYI(1,
549 ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
550 cls, con, tag, end, *end));
551 return 0;
552 }
553
554 while (!asn1_eoc_decode(&ctx, sequence_end)) {
555 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
556 if (!rc) {
557 cFYI(1,
558 ("Error 1 decoding negTokenInit header exit 2"));
559 return 0;
560 }
561 if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
562 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
563 if(rc) {
564 cFYI(1,
565 ("OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx",
566 oidlen, *oid, *(oid + 1), *(oid + 2),
567 *(oid + 3)));
568 rc = compare_oid(oid, oidlen, NTLMSSP_OID,
569 NTLMSSP_OID_LEN);
570 kfree(oid);
571 if (rc)
572 use_ntlmssp = TRUE;
573 }
574 } else {
575 cFYI(1,("This should be an oid what is going on? "));
576 }
577 }
578
579 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
580 cFYI(1,
581 ("Error decoding last part of negTokenInit exit 3"));
582 return 0;
583 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { /* tag = 3 indicating mechListMIC */
584 cFYI(1,
585 ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
586 cls, con, tag, end, *end));
587 return 0;
588 }
589 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
590 cFYI(1,
591 ("Error decoding last part of negTokenInit exit 5"));
592 return 0;
593 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
594 || (tag != ASN1_SEQ)) {
595 cFYI(1,
596 ("Exit 6 cls = %d con = %d tag = %d end = %p (%d)",
597 cls, con, tag, end, *end));
598 }
599
600 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
601 cFYI(1,
602 ("Error decoding last part of negTokenInit exit 7"));
603 return 0;
604 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
605 cFYI(1,
606 ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
607 cls, con, tag, end, *end));
608 return 0;
609 }
610 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
611 cFYI(1,
612 ("Error decoding last part of negTokenInit exit 9"));
613 return 0;
614 } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
615 || (tag != ASN1_GENSTR)) {
616 cFYI(1,
617 ("Exit 10 cls = %d con = %d tag = %d end = %p (%d)",
618 cls, con, tag, end, *end));
619 return 0;
620 }
621 cFYI(1, ("Need to call asn1_octets_decode() function for this %s", ctx.pointer)); /* is this UTF-8 or ASCII? */
622 }
623
624 /* if (use_kerberos)
625 *secType = Kerberos
626 else */
627 if (use_ntlmssp) {
628 *secType = NTLMSSP;
629 }
630
631 return 1;
632 }
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree