2 * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
3 * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
5 * Copyright (c) 2000 RP Internet (www.rpi.net.au).
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/module.h>
21 #include <linux/types.h>
22 #include <linux/kernel.h>
24 #include <linux/slab.h>
27 #include "cifs_debug.h"
28 #include "cifsproto.h"
30 /*****************************************************************************
32 * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
34 *****************************************************************************/
37 #define ASN1_UNI 0 /* Universal */
38 #define ASN1_APL 1 /* Application */
39 #define ASN1_CTX 2 /* Context */
40 #define ASN1_PRV 3 /* Private */
43 #define ASN1_EOC 0 /* End Of Contents or N/A */
44 #define ASN1_BOL 1 /* Boolean */
45 #define ASN1_INT 2 /* Integer */
46 #define ASN1_BTS 3 /* Bit String */
47 #define ASN1_OTS 4 /* Octet String */
48 #define ASN1_NUL 5 /* Null */
49 #define ASN1_OJI 6 /* Object Identifier */
50 #define ASN1_OJD 7 /* Object Description */
51 #define ASN1_EXT 8 /* External */
52 #define ASN1_ENUM 10 /* Enumerated */
53 #define ASN1_SEQ 16 /* Sequence */
54 #define ASN1_SET 17 /* Set */
55 #define ASN1_NUMSTR 18 /* Numerical String */
56 #define ASN1_PRNSTR 19 /* Printable String */
57 #define ASN1_TEXSTR 20 /* Teletext String */
58 #define ASN1_VIDSTR 21 /* Video String */
59 #define ASN1_IA5STR 22 /* IA5 String */
60 #define ASN1_UNITIM 23 /* Universal Time */
61 #define ASN1_GENTIM 24 /* General Time */
62 #define ASN1_GRASTR 25 /* Graphical String */
63 #define ASN1_VISSTR 26 /* Visible String */
64 #define ASN1_GENSTR 27 /* General String */
66 /* Primitive / Constructed methods*/
67 #define ASN1_PRI 0 /* Primitive */
68 #define ASN1_CON 1 /* Constructed */
73 #define ASN1_ERR_NOERROR 0
74 #define ASN1_ERR_DEC_EMPTY 2
75 #define ASN1_ERR_DEC_EOC_MISMATCH 3
76 #define ASN1_ERR_DEC_LENGTH_MISMATCH 4
77 #define ASN1_ERR_DEC_BADVALUE 5
79 #define SPNEGO_OID_LEN 7
80 #define NTLMSSP_OID_LEN 10
81 #define KRB5_OID_LEN 7
82 #define KRB5U2U_OID_LEN 8
83 #define MSKRB5_OID_LEN 7
84 static unsigned long SPNEGO_OID
[7] = { 1, 3, 6, 1, 5, 5, 2 };
85 static unsigned long NTLMSSP_OID
[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
86 static unsigned long KRB5_OID
[7] = { 1, 2, 840, 113554, 1, 2, 2 };
87 static unsigned long KRB5U2U_OID
[8] = { 1, 2, 840, 113554, 1, 2, 2, 3 };
88 static unsigned long MSKRB5_OID
[7] = { 1, 2, 840, 48018, 1, 2, 2 };
94 int error
; /* Error condition */
95 unsigned char *pointer
; /* Octet just to be decoded */
96 unsigned char *begin
; /* First octet */
97 unsigned char *end
; /* Octet after last octet */
101 * Octet string (not null terminated)
109 asn1_open(struct asn1_ctx
*ctx
, unsigned char *buf
, unsigned int len
)
112 ctx
->end
= buf
+ len
;
114 ctx
->error
= ASN1_ERR_NOERROR
;
118 asn1_octet_decode(struct asn1_ctx
*ctx
, unsigned char *ch
)
120 if (ctx
->pointer
>= ctx
->end
) {
121 ctx
->error
= ASN1_ERR_DEC_EMPTY
;
124 *ch
= *(ctx
->pointer
)++;
130 asn1_tag_decode(struct asn1_ctx
*ctx
, unsigned int *tag
)
137 if (!asn1_octet_decode(ctx
, &ch
))
141 } while ((ch
& 0x80) == 0x80);
146 asn1_id_decode(struct asn1_ctx
*ctx
,
147 unsigned int *cls
, unsigned int *con
, unsigned int *tag
)
151 if (!asn1_octet_decode(ctx
, &ch
))
154 *cls
= (ch
& 0xC0) >> 6;
155 *con
= (ch
& 0x20) >> 5;
159 if (!asn1_tag_decode(ctx
, tag
))
166 asn1_length_decode(struct asn1_ctx
*ctx
, unsigned int *def
, unsigned int *len
)
168 unsigned char ch
, cnt
;
170 if (!asn1_octet_decode(ctx
, &ch
))
181 cnt
= (unsigned char) (ch
& 0x7F);
185 if (!asn1_octet_decode(ctx
, &ch
))
194 /* don't trust len bigger than ctx buffer */
195 if (*len
> ctx
->end
- ctx
->pointer
)
202 asn1_header_decode(struct asn1_ctx
*ctx
,
204 unsigned int *cls
, unsigned int *con
, unsigned int *tag
)
206 unsigned int def
= 0;
207 unsigned int len
= 0;
209 if (!asn1_id_decode(ctx
, cls
, con
, tag
))
212 if (!asn1_length_decode(ctx
, &def
, &len
))
215 /* primitive shall be definite, indefinite shall be constructed */
216 if (*con
== ASN1_PRI
&& !def
)
220 *eoc
= ctx
->pointer
+ len
;
227 asn1_eoc_decode(struct asn1_ctx
*ctx
, unsigned char *eoc
)
232 if (!asn1_octet_decode(ctx
, &ch
))
236 ctx
->error
= ASN1_ERR_DEC_EOC_MISMATCH
;
240 if (!asn1_octet_decode(ctx
, &ch
))
244 ctx
->error
= ASN1_ERR_DEC_EOC_MISMATCH
;
249 if (ctx
->pointer
!= eoc
) {
250 ctx
->error
= ASN1_ERR_DEC_LENGTH_MISMATCH
;
257 /* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
264 static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
265 unsigned char *eoc, long *integer)
270 if (!asn1_octet_decode(ctx, &ch))
273 *integer = (signed char) ch;
276 while (ctx->pointer < eoc) {
277 if (++len > sizeof(long)) {
278 ctx->error = ASN1_ERR_DEC_BADVALUE;
282 if (!asn1_octet_decode(ctx, &ch))
291 static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
293 unsigned int *integer)
298 if (!asn1_octet_decode(ctx, &ch))
307 while (ctx->pointer < eoc) {
308 if (++len > sizeof(unsigned int)) {
309 ctx->error = ASN1_ERR_DEC_BADVALUE;
313 if (!asn1_octet_decode(ctx, &ch))
322 static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
324 unsigned long *integer)
329 if (!asn1_octet_decode(ctx, &ch))
338 while (ctx->pointer < eoc) {
339 if (++len > sizeof(unsigned long)) {
340 ctx->error = ASN1_ERR_DEC_BADVALUE;
344 if (!asn1_octet_decode(ctx, &ch))
354 asn1_octets_decode(struct asn1_ctx *ctx,
356 unsigned char **octets, unsigned int *len)
362 *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
363 if (*octets == NULL) {
368 while (ctx->pointer < eoc) {
369 if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
380 asn1_subid_decode(struct asn1_ctx
*ctx
, unsigned long *subid
)
387 if (!asn1_octet_decode(ctx
, &ch
))
392 } while ((ch
& 0x80) == 0x80);
397 asn1_oid_decode(struct asn1_ctx
*ctx
,
398 unsigned char *eoc
, unsigned long **oid
, unsigned int *len
)
404 size
= eoc
- ctx
->pointer
+ 1;
406 /* first subid actually encodes first two subids */
407 if (size
< 2 || size
> UINT_MAX
/sizeof(unsigned long))
410 *oid
= kmalloc(size
* sizeof(unsigned long), GFP_ATOMIC
);
416 if (!asn1_subid_decode(ctx
, &subid
)) {
425 } else if (subid
< 80) {
427 optr
[1] = subid
- 40;
430 optr
[1] = subid
- 80;
436 while (ctx
->pointer
< eoc
) {
437 if (++(*len
) > size
) {
438 ctx
->error
= ASN1_ERR_DEC_BADVALUE
;
444 if (!asn1_subid_decode(ctx
, optr
++)) {
454 compare_oid(unsigned long *oid1
, unsigned int oid1len
,
455 unsigned long *oid2
, unsigned int oid2len
)
459 if (oid1len
!= oid2len
)
462 for (i
= 0; i
< oid1len
; i
++) {
463 if (oid1
[i
] != oid2
[i
])
470 /* BB check for endian conversion issues here */
473 decode_negTokenInit(unsigned char *security_blob
, int length
,
474 struct TCP_Server_Info
*server
)
478 unsigned char *sequence_end
;
479 unsigned long *oid
= NULL
;
480 unsigned int cls
, con
, tag
, oidlen
, rc
;
482 /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
484 asn1_open(&ctx
, security_blob
, length
);
487 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
488 cFYI(1, "Error decoding negTokenInit header");
490 } else if ((cls
!= ASN1_APL
) || (con
!= ASN1_CON
)
491 || (tag
!= ASN1_EOC
)) {
492 cFYI(1, "cls = %d con = %d tag = %d", cls
, con
, tag
);
496 /* Check for SPNEGO OID -- remember to free obj->oid */
497 rc
= asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
);
499 if ((tag
== ASN1_OJI
) && (con
== ASN1_PRI
) &&
501 rc
= asn1_oid_decode(&ctx
, end
, &oid
, &oidlen
);
503 rc
= compare_oid(oid
, oidlen
, SPNEGO_OID
,
511 /* SPNEGO OID not present or garbled -- bail out */
513 cFYI(1, "Error decoding negTokenInit header");
518 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
519 cFYI(1, "Error decoding negTokenInit");
521 } else if ((cls
!= ASN1_CTX
) || (con
!= ASN1_CON
)
522 || (tag
!= ASN1_EOC
)) {
523 cFYI(1, "cls = %d con = %d tag = %d end = %p (%d) exit 0",
524 cls
, con
, tag
, end
, *end
);
529 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
530 cFYI(1, "Error decoding negTokenInit");
532 } else if ((cls
!= ASN1_UNI
) || (con
!= ASN1_CON
)
533 || (tag
!= ASN1_SEQ
)) {
534 cFYI(1, "cls = %d con = %d tag = %d end = %p (%d) exit 1",
535 cls
, con
, tag
, end
, *end
);
540 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
541 cFYI(1, "Error decoding 2nd part of negTokenInit");
543 } else if ((cls
!= ASN1_CTX
) || (con
!= ASN1_CON
)
544 || (tag
!= ASN1_EOC
)) {
545 cFYI(1, "cls = %d con = %d tag = %d end = %p (%d) exit 0",
546 cls
, con
, tag
, end
, *end
);
551 if (asn1_header_decode
552 (&ctx
, &sequence_end
, &cls
, &con
, &tag
) == 0) {
553 cFYI(1, "Error decoding 2nd part of negTokenInit");
555 } else if ((cls
!= ASN1_UNI
) || (con
!= ASN1_CON
)
556 || (tag
!= ASN1_SEQ
)) {
557 cFYI(1, "cls = %d con = %d tag = %d end = %p (%d) exit 1",
558 cls
, con
, tag
, end
, *end
);
562 /* list of security mechanisms */
563 while (!asn1_eoc_decode(&ctx
, sequence_end
)) {
564 rc
= asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
);
566 cFYI(1, "Error decoding negTokenInit hdr exit2");
569 if ((tag
== ASN1_OJI
) && (con
== ASN1_PRI
)) {
570 if (asn1_oid_decode(&ctx
, end
, &oid
, &oidlen
)) {
572 cFYI(1, "OID len = %d oid = 0x%lx 0x%lx "
573 "0x%lx 0x%lx", oidlen
, *oid
,
574 *(oid
+ 1), *(oid
+ 2), *(oid
+ 3));
576 if (compare_oid(oid
, oidlen
, MSKRB5_OID
,
578 server
->sec_mskerberos
= true;
579 else if (compare_oid(oid
, oidlen
, KRB5U2U_OID
,
581 server
->sec_kerberosu2u
= true;
582 else if (compare_oid(oid
, oidlen
, KRB5_OID
,
584 server
->sec_kerberos
= true;
585 else if (compare_oid(oid
, oidlen
, NTLMSSP_OID
,
587 server
->sec_ntlmssp
= true;
592 cFYI(1, "Should be an oid what is going on?");
597 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
598 /* Check if we have reached the end of the blob, but with
599 no mechListMic (e.g. NTLMSSP instead of KRB5) */
600 if (ctx
.error
== ASN1_ERR_DEC_EMPTY
)
601 goto decode_negtoken_exit
;
602 cFYI(1, "Error decoding last part negTokenInit exit3");
604 } else if ((cls
!= ASN1_CTX
) || (con
!= ASN1_CON
)) {
605 /* tag = 3 indicating mechListMIC */
606 cFYI(1, "Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
607 cls
, con
, tag
, end
, *end
);
612 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
613 cFYI(1, "Error decoding last part negTokenInit exit5");
615 } else if ((cls
!= ASN1_UNI
) || (con
!= ASN1_CON
)
616 || (tag
!= ASN1_SEQ
)) {
617 cFYI(1, "cls = %d con = %d tag = %d end = %p (%d)",
618 cls
, con
, tag
, end
, *end
);
622 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
623 cFYI(1, "Error decoding last part negTokenInit exit 7");
625 } else if ((cls
!= ASN1_CTX
) || (con
!= ASN1_CON
)) {
626 cFYI(1, "Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
627 cls
, con
, tag
, end
, *end
);
632 if (asn1_header_decode(&ctx
, &end
, &cls
, &con
, &tag
) == 0) {
633 cFYI(1, "Error decoding last part negTokenInit exit9");
635 } else if ((cls
!= ASN1_UNI
) || (con
!= ASN1_PRI
)
636 || (tag
!= ASN1_GENSTR
)) {
637 cFYI(1, "Exit10 cls = %d con = %d tag = %d end = %p (%d)",
638 cls
, con
, tag
, end
, *end
);
641 cFYI(1, "Need to call asn1_octets_decode() function for %s",
642 ctx
.pointer
); /* is this UTF-8 or ASCII? */
643 decode_negtoken_exit
: