1*0Sstevel@tonic-gate /* krb5_asn.c */ 2*0Sstevel@tonic-gate /* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, 3*0Sstevel@tonic-gate ** using ocsp/{*.h,*asn*.c} as a starting point 4*0Sstevel@tonic-gate */ 5*0Sstevel@tonic-gate /* ==================================================================== 6*0Sstevel@tonic-gate * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 7*0Sstevel@tonic-gate * 8*0Sstevel@tonic-gate * Redistribution and use in source and binary forms, with or without 9*0Sstevel@tonic-gate * modification, are permitted provided that the following conditions 10*0Sstevel@tonic-gate * are met: 11*0Sstevel@tonic-gate * 12*0Sstevel@tonic-gate * 1. Redistributions of source code must retain the above copyright 13*0Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer. 14*0Sstevel@tonic-gate * 15*0Sstevel@tonic-gate * 2. Redistributions in binary form must reproduce the above copyright 16*0Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer in 17*0Sstevel@tonic-gate * the documentation and/or other materials provided with the 18*0Sstevel@tonic-gate * distribution. 19*0Sstevel@tonic-gate * 20*0Sstevel@tonic-gate * 3. All advertising materials mentioning features or use of this 21*0Sstevel@tonic-gate * software must display the following acknowledgment: 22*0Sstevel@tonic-gate * "This product includes software developed by the OpenSSL Project 23*0Sstevel@tonic-gate * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24*0Sstevel@tonic-gate * 25*0Sstevel@tonic-gate * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26*0Sstevel@tonic-gate * endorse or promote products derived from this software without 27*0Sstevel@tonic-gate * prior written permission. For written permission, please contact 28*0Sstevel@tonic-gate * licensing@OpenSSL.org. 29*0Sstevel@tonic-gate * 30*0Sstevel@tonic-gate * 5. Products derived from this software may not be called "OpenSSL" 31*0Sstevel@tonic-gate * nor may "OpenSSL" appear in their names without prior written 32*0Sstevel@tonic-gate * permission of the OpenSSL Project. 33*0Sstevel@tonic-gate * 34*0Sstevel@tonic-gate * 6. Redistributions of any form whatsoever must retain the following 35*0Sstevel@tonic-gate * acknowledgment: 36*0Sstevel@tonic-gate * "This product includes software developed by the OpenSSL Project 37*0Sstevel@tonic-gate * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38*0Sstevel@tonic-gate * 39*0Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40*0Sstevel@tonic-gate * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41*0Sstevel@tonic-gate * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42*0Sstevel@tonic-gate * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43*0Sstevel@tonic-gate * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44*0Sstevel@tonic-gate * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45*0Sstevel@tonic-gate * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46*0Sstevel@tonic-gate * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47*0Sstevel@tonic-gate * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48*0Sstevel@tonic-gate * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49*0Sstevel@tonic-gate * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50*0Sstevel@tonic-gate * OF THE POSSIBILITY OF SUCH DAMAGE. 51*0Sstevel@tonic-gate * ==================================================================== 52*0Sstevel@tonic-gate * 53*0Sstevel@tonic-gate * This product includes cryptographic software written by Eric Young 54*0Sstevel@tonic-gate * (eay@cryptsoft.com). This product includes software written by Tim 55*0Sstevel@tonic-gate * Hudson (tjh@cryptsoft.com). 56*0Sstevel@tonic-gate * 57*0Sstevel@tonic-gate */ 58*0Sstevel@tonic-gate #include <openssl/asn1.h> 59*0Sstevel@tonic-gate #include <openssl/asn1t.h> 60*0Sstevel@tonic-gate #include <openssl/krb5_asn.h> 61*0Sstevel@tonic-gate 62*0Sstevel@tonic-gate 63*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_ENCDATA) = { 64*0Sstevel@tonic-gate ASN1_EXP(KRB5_ENCDATA, etype, ASN1_INTEGER, 0), 65*0Sstevel@tonic-gate ASN1_EXP_OPT(KRB5_ENCDATA, kvno, ASN1_INTEGER, 1), 66*0Sstevel@tonic-gate ASN1_EXP(KRB5_ENCDATA, cipher, ASN1_OCTET_STRING,2) 67*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_ENCDATA) 68*0Sstevel@tonic-gate 69*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCDATA) 70*0Sstevel@tonic-gate 71*0Sstevel@tonic-gate 72*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_PRINCNAME) = { 73*0Sstevel@tonic-gate ASN1_EXP(KRB5_PRINCNAME, nametype, ASN1_INTEGER, 0), 74*0Sstevel@tonic-gate ASN1_EXP_SEQUENCE_OF(KRB5_PRINCNAME, namestring, ASN1_GENERALSTRING, 1) 75*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_PRINCNAME) 76*0Sstevel@tonic-gate 77*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_PRINCNAME) 78*0Sstevel@tonic-gate 79*0Sstevel@tonic-gate 80*0Sstevel@tonic-gate /* [APPLICATION 1] = 0x61 */ 81*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_TKTBODY) = { 82*0Sstevel@tonic-gate ASN1_EXP(KRB5_TKTBODY, tktvno, ASN1_INTEGER, 0), 83*0Sstevel@tonic-gate ASN1_EXP(KRB5_TKTBODY, realm, ASN1_GENERALSTRING, 1), 84*0Sstevel@tonic-gate ASN1_EXP(KRB5_TKTBODY, sname, KRB5_PRINCNAME, 2), 85*0Sstevel@tonic-gate ASN1_EXP(KRB5_TKTBODY, encdata, KRB5_ENCDATA, 3) 86*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_TKTBODY) 87*0Sstevel@tonic-gate 88*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_TKTBODY) 89*0Sstevel@tonic-gate 90*0Sstevel@tonic-gate 91*0Sstevel@tonic-gate ASN1_ITEM_TEMPLATE(KRB5_TICKET) = 92*0Sstevel@tonic-gate ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 1, 93*0Sstevel@tonic-gate KRB5_TICKET, KRB5_TKTBODY) 94*0Sstevel@tonic-gate ASN1_ITEM_TEMPLATE_END(KRB5_TICKET) 95*0Sstevel@tonic-gate 96*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_TICKET) 97*0Sstevel@tonic-gate 98*0Sstevel@tonic-gate 99*0Sstevel@tonic-gate /* [APPLICATION 14] = 0x6e */ 100*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_APREQBODY) = { 101*0Sstevel@tonic-gate ASN1_EXP(KRB5_APREQBODY, pvno, ASN1_INTEGER, 0), 102*0Sstevel@tonic-gate ASN1_EXP(KRB5_APREQBODY, msgtype, ASN1_INTEGER, 1), 103*0Sstevel@tonic-gate ASN1_EXP(KRB5_APREQBODY, apoptions, ASN1_BIT_STRING, 2), 104*0Sstevel@tonic-gate ASN1_EXP(KRB5_APREQBODY, ticket, KRB5_TICKET, 3), 105*0Sstevel@tonic-gate ASN1_EXP(KRB5_APREQBODY, authenticator, KRB5_ENCDATA, 4), 106*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_APREQBODY) 107*0Sstevel@tonic-gate 108*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQBODY) 109*0Sstevel@tonic-gate 110*0Sstevel@tonic-gate ASN1_ITEM_TEMPLATE(KRB5_APREQ) = 111*0Sstevel@tonic-gate ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 14, 112*0Sstevel@tonic-gate KRB5_APREQ, KRB5_APREQBODY) 113*0Sstevel@tonic-gate ASN1_ITEM_TEMPLATE_END(KRB5_APREQ) 114*0Sstevel@tonic-gate 115*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQ) 116*0Sstevel@tonic-gate 117*0Sstevel@tonic-gate 118*0Sstevel@tonic-gate /* Authenticator stuff */ 119*0Sstevel@tonic-gate 120*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_CHECKSUM) = { 121*0Sstevel@tonic-gate ASN1_EXP(KRB5_CHECKSUM, ctype, ASN1_INTEGER, 0), 122*0Sstevel@tonic-gate ASN1_EXP(KRB5_CHECKSUM, checksum, ASN1_OCTET_STRING,1) 123*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_CHECKSUM) 124*0Sstevel@tonic-gate 125*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_CHECKSUM) 126*0Sstevel@tonic-gate 127*0Sstevel@tonic-gate 128*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_ENCKEY) = { 129*0Sstevel@tonic-gate ASN1_EXP(KRB5_ENCKEY, ktype, ASN1_INTEGER, 0), 130*0Sstevel@tonic-gate ASN1_EXP(KRB5_ENCKEY, keyvalue, ASN1_OCTET_STRING,1) 131*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_ENCKEY) 132*0Sstevel@tonic-gate 133*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCKEY) 134*0Sstevel@tonic-gate 135*0Sstevel@tonic-gate 136*0Sstevel@tonic-gate /* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */ 137*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_AUTHDATA) = { 138*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHDATA, adtype, ASN1_INTEGER, 0), 139*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHDATA, addata, ASN1_OCTET_STRING,1) 140*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_AUTHDATA) 141*0Sstevel@tonic-gate 142*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHDATA) 143*0Sstevel@tonic-gate 144*0Sstevel@tonic-gate 145*0Sstevel@tonic-gate /* [APPLICATION 2] = 0x62 */ 146*0Sstevel@tonic-gate ASN1_SEQUENCE(KRB5_AUTHENTBODY) = { 147*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHENTBODY, avno, ASN1_INTEGER, 0), 148*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHENTBODY, crealm, ASN1_GENERALSTRING, 1), 149*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHENTBODY, cname, KRB5_PRINCNAME, 2), 150*0Sstevel@tonic-gate ASN1_EXP_OPT(KRB5_AUTHENTBODY, cksum, KRB5_CHECKSUM, 3), 151*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHENTBODY, cusec, ASN1_INTEGER, 4), 152*0Sstevel@tonic-gate ASN1_EXP(KRB5_AUTHENTBODY, ctime, ASN1_GENERALIZEDTIME, 5), 153*0Sstevel@tonic-gate ASN1_EXP_OPT(KRB5_AUTHENTBODY, subkey, KRB5_ENCKEY, 6), 154*0Sstevel@tonic-gate ASN1_EXP_OPT(KRB5_AUTHENTBODY, seqnum, ASN1_INTEGER, 7), 155*0Sstevel@tonic-gate ASN1_EXP_SEQUENCE_OF_OPT 156*0Sstevel@tonic-gate (KRB5_AUTHENTBODY, authorization, KRB5_AUTHDATA, 8), 157*0Sstevel@tonic-gate } ASN1_SEQUENCE_END(KRB5_AUTHENTBODY) 158*0Sstevel@tonic-gate 159*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENTBODY) 160*0Sstevel@tonic-gate 161*0Sstevel@tonic-gate ASN1_ITEM_TEMPLATE(KRB5_AUTHENT) = 162*0Sstevel@tonic-gate ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 2, 163*0Sstevel@tonic-gate KRB5_AUTHENT, KRB5_AUTHENTBODY) 164*0Sstevel@tonic-gate ASN1_ITEM_TEMPLATE_END(KRB5_AUTHENT) 165*0Sstevel@tonic-gate 166*0Sstevel@tonic-gate IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENT) 167*0Sstevel@tonic-gate 168