2 Unix SMB/CIFS implementation.
4 RFC2478 Compliant SPNEGO implementation
6 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "../libcli/auth/spnego.h"
25 #include "../lib/util/asn1.h"
27 static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
28 struct spnego_negTokenInit *token)
32 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
33 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
35 while (asn1_tag_remaining(asn1) > 0) {
39 if (!asn1_peek_uint8(asn1, &context)) {
46 case ASN1_CONTEXT(0): {
47 const char **mechTypes;
49 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
50 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
52 mechTypes = talloc(mem_ctx, const char *);
53 if (mechTypes == NULL) {
57 for (i = 0; asn1_tag_remaining(asn1) > 0; i++) {
60 p = talloc_realloc(mem_ctx,
64 talloc_free(mechTypes);
70 if (!asn1_read_OID(asn1, mechTypes, &oid)) return false;
74 token->mechTypes = mechTypes;
82 if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
83 if (!asn1_read_BitString(asn1, mem_ctx, &token->reqFlags,
84 &token->reqFlagsPadding)) return false;
85 if (!asn1_end_tag(asn1)) return false;
89 if (!asn1_start_tag(asn1, ASN1_CONTEXT(2))) return false;
90 if (!asn1_read_OctetString(asn1, mem_ctx, &token->mechToken)) return false;
91 if (!asn1_end_tag(asn1)) return false;
97 if (!asn1_start_tag(asn1, ASN1_CONTEXT(3))) return false;
98 if (!asn1_peek_uint8(asn1, &type_peek)) {
102 if (type_peek == ASN1_OCTET_STRING) {
103 if (!asn1_read_OctetString(asn1, mem_ctx,
104 &token->mechListMIC)) return false;
106 /* RFC 2478 says we have an Octet String here,
107 but W2k sends something different... */
109 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
110 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
111 if (!asn1_read_GeneralString(asn1, mem_ctx, &mechListMIC)) return false;
112 if (!asn1_end_tag(asn1)) return false;
113 if (!asn1_end_tag(asn1)) return false;
115 token->targetPrincipal = mechListMIC;
117 if (!asn1_end_tag(asn1)) return false;
121 asn1_set_error(asn1);
126 if (!asn1_end_tag(asn1)) return false;
127 if (!asn1_end_tag(asn1)) return false;
129 return !asn1_has_error(asn1);
132 static bool write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
134 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
135 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
137 /* Write mechTypes */
138 if (token->mechTypes && *token->mechTypes) {
141 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
142 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
143 for (i = 0; token->mechTypes[i]; i++) {
144 if (!asn1_write_OID(asn1, token->mechTypes[i])) return false;
146 if (!asn1_pop_tag(asn1)) return false;
147 if (!asn1_pop_tag(asn1)) return false;
151 if (token->reqFlags.length > 0) {
152 if (!asn1_push_tag(asn1, ASN1_CONTEXT(1))) return false;
153 if (!asn1_write_BitString(asn1, token->reqFlags.data,
154 token->reqFlags.length,
155 token->reqFlagsPadding)) return false;
156 if (!asn1_pop_tag(asn1)) return false;
159 /* write mechToken */
160 if (token->mechToken.data) {
161 if (!asn1_push_tag(asn1, ASN1_CONTEXT(2))) return false;
162 if (!asn1_write_OctetString(asn1, token->mechToken.data,
163 token->mechToken.length)) return false;
164 if (!asn1_pop_tag(asn1)) return false;
167 /* write mechListMIC */
168 if (token->mechListMIC.data) {
169 if (!asn1_push_tag(asn1, ASN1_CONTEXT(3))) return false;
171 /* This is what RFC 2478 says ... */
172 asn1_write_OctetString(asn1, token->mechListMIC.data,
173 token->mechListMIC.length);
175 /* ... but unfortunately this is what Windows
177 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
178 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
179 if (!asn1_push_tag(asn1, ASN1_GENERAL_STRING)) return false;
180 if (!asn1_write(asn1, token->mechListMIC.data,
181 token->mechListMIC.length)) return false;
182 if (!asn1_pop_tag(asn1)) return false;
183 if (!asn1_pop_tag(asn1)) return false;
184 if (!asn1_pop_tag(asn1)) return false;
186 if (!asn1_pop_tag(asn1)) return false;
189 if (!asn1_pop_tag(asn1)) return false;
190 if (!asn1_pop_tag(asn1)) return false;
192 return !asn1_has_error(asn1);
195 static bool read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
196 struct spnego_negTokenTarg *token)
200 if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
201 if (!asn1_start_tag(asn1, ASN1_SEQUENCE(0))) return false;
203 while (asn1_tag_remaining(asn1) > 0) {
208 if (!asn1_peek_uint8(asn1, &context)) {
209 asn1_set_error(asn1);
214 case ASN1_CONTEXT(0):
215 if (!asn1_start_tag(asn1, ASN1_CONTEXT(0))) return false;
216 if (!asn1_start_tag(asn1, ASN1_ENUMERATED)) return false;
217 if (!asn1_read_uint8(asn1, &neg_result)) return false;
218 token->negResult = neg_result;
219 if (!asn1_end_tag(asn1)) return false;
220 if (!asn1_end_tag(asn1)) return false;
222 case ASN1_CONTEXT(1):
223 if (!asn1_start_tag(asn1, ASN1_CONTEXT(1))) return false;
224 if (!asn1_read_OID(asn1, mem_ctx, &oid)) return false;
225 token->supportedMech = oid;
226 if (!asn1_end_tag(asn1)) return false;
228 case ASN1_CONTEXT(2):
229 if (!asn1_start_tag(asn1, ASN1_CONTEXT(2))) return false;
230 if (!asn1_read_OctetString(asn1, mem_ctx, &token->responseToken)) return false;
231 if (!asn1_end_tag(asn1)) return false;
233 case ASN1_CONTEXT(3):
234 if (!asn1_start_tag(asn1, ASN1_CONTEXT(3))) return false;
235 if (!asn1_read_OctetString(asn1, mem_ctx, &token->mechListMIC)) return false;
236 if (!asn1_end_tag(asn1)) return false;
239 asn1_set_error(asn1);
244 if (!asn1_end_tag(asn1)) return false;
245 if (!asn1_end_tag(asn1)) return false;
247 return !asn1_has_error(asn1);
250 static bool write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
252 if (!asn1_push_tag(asn1, ASN1_CONTEXT(1))) return false;
253 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) return false;
255 if (token->negResult != SPNEGO_NONE_RESULT) {
256 if (!asn1_push_tag(asn1, ASN1_CONTEXT(0))) return false;
257 if (!asn1_write_enumerated(asn1, token->negResult)) return false;
258 if (!asn1_pop_tag(asn1)) return false;
261 if (token->supportedMech) {
262 if (!asn1_push_tag(asn1, ASN1_CONTEXT(1))) return false;
263 if (!asn1_write_OID(asn1, token->supportedMech)) return false;
264 if (!asn1_pop_tag(asn1)) return false;
267 if (token->responseToken.data) {
268 if (!asn1_push_tag(asn1, ASN1_CONTEXT(2))) return false;
269 if (!asn1_write_OctetString(asn1, token->responseToken.data,
270 token->responseToken.length)) return false;
271 if (!asn1_pop_tag(asn1)) return false;
274 if (token->mechListMIC.data) {
275 if (!asn1_push_tag(asn1, ASN1_CONTEXT(3))) return false;
276 if (!asn1_write_OctetString(asn1, token->mechListMIC.data,
277 token->mechListMIC.length)) return false;
278 if (!asn1_pop_tag(asn1)) return false;
281 if (!asn1_pop_tag(asn1)) return false;
282 if (!asn1_pop_tag(asn1)) return false;
284 return !asn1_has_error(asn1);
287 ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data *token)
289 struct asn1_data *asn1;
295 if (data.length == 0) {
299 asn1 = asn1_init(mem_ctx);
304 if (!asn1_load(asn1, data)) goto err;
306 if (!asn1_peek_uint8(asn1, &context)) {
307 asn1_set_error(asn1);
310 case ASN1_APPLICATION(0):
311 if (!asn1_start_tag(asn1, ASN1_APPLICATION(0))) goto err;
312 if (!asn1_check_OID(asn1, OID_SPNEGO)) goto err;
313 if (read_negTokenInit(asn1, mem_ctx, &token->negTokenInit)) {
314 token->type = SPNEGO_NEG_TOKEN_INIT;
316 if (!asn1_end_tag(asn1)) goto err;
318 case ASN1_CONTEXT(1):
319 if (read_negTokenTarg(asn1, mem_ctx, &token->negTokenTarg)) {
320 token->type = SPNEGO_NEG_TOKEN_TARG;
324 asn1_set_error(asn1);
329 if (!asn1_has_error(asn1)) {
330 ret = asn1_current_ofs(asn1);
340 ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_data *spnego)
342 struct asn1_data *asn1 = asn1_init(mem_ctx);
349 switch (spnego->type) {
350 case SPNEGO_NEG_TOKEN_INIT:
351 if (!asn1_push_tag(asn1, ASN1_APPLICATION(0))) goto err;
352 if (!asn1_write_OID(asn1, OID_SPNEGO)) goto err;
353 if (!write_negTokenInit(asn1, &spnego->negTokenInit)) goto err;
354 if (!asn1_pop_tag(asn1)) goto err;
356 case SPNEGO_NEG_TOKEN_TARG:
357 write_negTokenTarg(asn1, &spnego->negTokenTarg);
360 asn1_set_error(asn1);
364 if (!asn1_extract_blob(asn1, mem_ctx, blob)) {
368 ret = asn1_current_ofs(asn1);
377 bool spnego_free_data(struct spnego_data *spnego)
381 if (!spnego) goto out;
383 switch(spnego->type) {
384 case SPNEGO_NEG_TOKEN_INIT:
385 if (spnego->negTokenInit.mechTypes) {
386 talloc_free(discard_const(spnego->negTokenInit.mechTypes));
388 data_blob_free(&spnego->negTokenInit.reqFlags);
389 data_blob_free(&spnego->negTokenInit.mechToken);
390 data_blob_free(&spnego->negTokenInit.mechListMIC);
391 talloc_free(spnego->negTokenInit.targetPrincipal);
393 case SPNEGO_NEG_TOKEN_TARG:
394 if (spnego->negTokenTarg.supportedMech) {
395 talloc_free(discard_const(spnego->negTokenTarg.supportedMech));
397 data_blob_free(&spnego->negTokenTarg.responseToken);
398 data_blob_free(&spnego->negTokenTarg.mechListMIC);
404 ZERO_STRUCTP(spnego);
409 bool spnego_write_mech_types(TALLOC_CTX *mem_ctx,
410 const char * const *mech_types,
414 struct asn1_data *asn1 = asn1_init(mem_ctx);
420 /* Write mechTypes */
421 if (mech_types && *mech_types) {
424 if (!asn1_push_tag(asn1, ASN1_SEQUENCE(0))) goto err;
425 for (i = 0; mech_types[i]; i++) {
426 if (!asn1_write_OID(asn1, mech_types[i])) goto err;
428 if (!asn1_pop_tag(asn1)) goto err;
431 if (asn1_has_error(asn1)) {
435 if (!asn1_extract_blob(asn1, mem_ctx, blob)) {