[linux.git] / fs / cifs / asn1.c

/*
 * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
 * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
 *
 * Copyright (c) 2000 RP Internet (www.rpi.net.au).
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
 */

#include <linux/module.h>
#include <linux/types.h>
#include <linux/kernel.h>
#include <linux/mm.h>
#include <linux/slab.h>
#include "cifspdu.h"
#include "cifsglob.h"
#include "cifs_debug.h"
#include "cifsproto.h"

/*****************************************************************************
 *
 * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
 *
 *****************************************************************************/

/* Class */
#define ASN1_UNI	0	/* Universal */
#define ASN1_APL	1	/* Application */
#define ASN1_CTX	2	/* Context */
#define ASN1_PRV	3	/* Private */

/* Tag */
#define ASN1_EOC	0	/* End Of Contents or N/A */
#define ASN1_BOL	1	/* Boolean */
#define ASN1_INT	2	/* Integer */
#define ASN1_BTS	3	/* Bit String */
#define ASN1_OTS	4	/* Octet String */
#define ASN1_NUL	5	/* Null */
#define ASN1_OJI	6	/* Object Identifier  */
#define ASN1_OJD	7	/* Object Description */
#define ASN1_EXT	8	/* External */
#define ASN1_SEQ	16	/* Sequence */
#define ASN1_SET	17	/* Set */
#define ASN1_NUMSTR	18	/* Numerical String */
#define ASN1_PRNSTR	19	/* Printable String */
#define ASN1_TEXSTR	20	/* Teletext String */
#define ASN1_VIDSTR	21	/* Video String */
#define ASN1_IA5STR	22	/* IA5 String */
#define ASN1_UNITIM	23	/* Universal Time */
#define ASN1_GENTIM	24	/* General Time */
#define ASN1_GRASTR	25	/* Graphical String */
#define ASN1_VISSTR	26	/* Visible String */
#define ASN1_GENSTR	27	/* General String */

/* Primitive / Constructed methods*/
#define ASN1_PRI	0	/* Primitive */
#define ASN1_CON	1	/* Constructed */

/*
 * Error codes.
 */
#define ASN1_ERR_NOERROR		0
#define ASN1_ERR_DEC_EMPTY		2
#define ASN1_ERR_DEC_EOC_MISMATCH	3
#define ASN1_ERR_DEC_LENGTH_MISMATCH	4
#define ASN1_ERR_DEC_BADVALUE		5

#define SPNEGO_OID_LEN 7
#define NTLMSSP_OID_LEN  10
#define KRB5_OID_LEN  7
#define MSKRB5_OID_LEN  7
static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 };
static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 };

/*
 * ASN.1 context.
 */
struct asn1_ctx {
	int error;		/* Error condition */
	unsigned char *pointer;	/* Octet just to be decoded */
	unsigned char *begin;	/* First octet */
	unsigned char *end;	/* Octet after last octet */
};

/*
 * Octet string (not null terminated)
 */
struct asn1_octstr {
	unsigned char *data;
	unsigned int len;
};

static void
asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
{
	ctx->begin = buf;
	ctx->end = buf + len;
	ctx->pointer = buf;
	ctx->error = ASN1_ERR_NOERROR;
}

static unsigned char
asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
{
	if (ctx->pointer >= ctx->end) {
		ctx->error = ASN1_ERR_DEC_EMPTY;
		return 0;
	}
	*ch = *(ctx->pointer)++;
	return 1;
}

static unsigned char
asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
{
	unsigned char ch;

	*tag = 0;

	do {
		if (!asn1_octet_decode(ctx, &ch))
			return 0;
		*tag <<= 7;
		*tag |= ch & 0x7F;
	} while ((ch & 0x80) == 0x80);
	return 1;
}

static unsigned char
asn1_id_decode(struct asn1_ctx *ctx,
	       unsigned int *cls, unsigned int *con, unsigned int *tag)
{
	unsigned char ch;

	if (!asn1_octet_decode(ctx, &ch))
		return 0;

	*cls = (ch & 0xC0) >> 6;
	*con = (ch & 0x20) >> 5;
	*tag = (ch & 0x1F);

	if (*tag == 0x1F) {
		if (!asn1_tag_decode(ctx, tag))
			return 0;
	}
	return 1;
}

static unsigned char
asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
{
	unsigned char ch, cnt;

	if (!asn1_octet_decode(ctx, &ch))
		return 0;

	if (ch == 0x80)
		*def = 0;
	else {
		*def = 1;

		if (ch < 0x80)
			*len = ch;
		else {
			cnt = (unsigned char) (ch & 0x7F);
			*len = 0;

			while (cnt > 0) {
				if (!asn1_octet_decode(ctx, &ch))
					return 0;
				*len <<= 8;
				*len |= ch;
				cnt--;
			}
		}
	}

	/* don't trust len bigger than ctx buffer */
	if (*len > ctx->end - ctx->pointer)
		return 0;

	return 1;
}

static unsigned char
asn1_header_decode(struct asn1_ctx *ctx,
		   unsigned char **eoc,
		   unsigned int *cls, unsigned int *con, unsigned int *tag)
{
	unsigned int def = 0;
	unsigned int len = 0;

	if (!asn1_id_decode(ctx, cls, con, tag))
		return 0;

	if (!asn1_length_decode(ctx, &def, &len))
		return 0;

	/* primitive shall be definite, indefinite shall be constructed */
	if (*con == ASN1_PRI && !def)
		return 0;

	if (def)
		*eoc = ctx->pointer + len;
	else
		*eoc = NULL;
	return 1;
}

static unsigned char
asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
{
	unsigned char ch;

	if (eoc == NULL) {
		if (!asn1_octet_decode(ctx, &ch))
			return 0;

		if (ch != 0x00) {
			ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
			return 0;
		}

		if (!asn1_octet_decode(ctx, &ch))
			return 0;

		if (ch != 0x00) {
			ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
			return 0;
		}
		return 1;
	} else {
		if (ctx->pointer != eoc) {
			ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
			return 0;
		}
		return 1;
	}
}

/* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
				      unsigned char *eoc)
{
	ctx->pointer = eoc;
	return 1;
}

static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
				      unsigned char *eoc, long *integer)
{
	unsigned char ch;
	unsigned int len;

	if (!asn1_octet_decode(ctx, &ch))
		return 0;

	*integer = (signed char) ch;
	len = 1;

	while (ctx->pointer < eoc) {
		if (++len > sizeof(long)) {
			ctx->error = ASN1_ERR_DEC_BADVALUE;
			return 0;
		}

		if (!asn1_octet_decode(ctx, &ch))
			return 0;

		*integer <<= 8;
		*integer |= ch;
	}
	return 1;
}

static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
				      unsigned char *eoc,
				      unsigned int *integer)
{
	unsigned char ch;
	unsigned int len;

	if (!asn1_octet_decode(ctx, &ch))
		return 0;

	*integer = ch;
	if (ch == 0)
		len = 0;
	else
		len = 1;

	while (ctx->pointer < eoc) {
		if (++len > sizeof(unsigned int)) {
			ctx->error = ASN1_ERR_DEC_BADVALUE;
			return 0;
		}

		if (!asn1_octet_decode(ctx, &ch))
			return 0;

		*integer <<= 8;
		*integer |= ch;
	}
	return 1;
}

static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
				       unsigned char *eoc,
				       unsigned long *integer)
{
	unsigned char ch;
	unsigned int len;

	if (!asn1_octet_decode(ctx, &ch))
		return 0;

	*integer = ch;
	if (ch == 0)
		len = 0;
	else
		len = 1;

	while (ctx->pointer < eoc) {
		if (++len > sizeof(unsigned long)) {
			ctx->error = ASN1_ERR_DEC_BADVALUE;
			return 0;
		}

		if (!asn1_octet_decode(ctx, &ch))
			return 0;

		*integer <<= 8;
		*integer |= ch;
	}
	return 1;
}

static unsigned char
asn1_octets_decode(struct asn1_ctx *ctx,
		   unsigned char *eoc,
		   unsigned char **octets, unsigned int *len)
{
	unsigned char *ptr;

	*len = 0;

	*octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
	if (*octets == NULL) {
		return 0;
	}

	ptr = *octets;
	while (ctx->pointer < eoc) {
		if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
			kfree(*octets);
			*octets = NULL;
			return 0;
		}
		(*len)++;
	}
	return 1;
} */

static unsigned char
asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
{
	unsigned char ch;

	*subid = 0;

	do {
		if (!asn1_octet_decode(ctx, &ch))
			return 0;

		*subid <<= 7;
		*subid |= ch & 0x7F;
	} while ((ch & 0x80) == 0x80);
	return 1;
}

static int
asn1_oid_decode(struct asn1_ctx *ctx,
		unsigned char *eoc, unsigned long **oid, unsigned int *len)
{
	unsigned long subid;
	unsigned int size;
	unsigned long *optr;

	size = eoc - ctx->pointer + 1;

	/* first subid actually encodes first two subids */
	if (size < 2 || size > UINT_MAX/sizeof(unsigned long))
		return 0;

	*oid = kmalloc(size * sizeof(unsigned long), GFP_ATOMIC);
	if (*oid == NULL)
		return 0;

	optr = *oid;

	if (!asn1_subid_decode(ctx, &subid)) {
		kfree(*oid);
		*oid = NULL;
		return 0;
	}

	if (subid < 40) {
		optr[0] = 0;
		optr[1] = subid;
	} else if (subid < 80) {
		optr[0] = 1;
		optr[1] = subid - 40;
	} else {
		optr[0] = 2;
		optr[1] = subid - 80;
	}

	*len = 2;
	optr += 2;

	while (ctx->pointer < eoc) {
		if (++(*len) > size) {
			ctx->error = ASN1_ERR_DEC_BADVALUE;
			kfree(*oid);
			*oid = NULL;
			return 0;
		}

		if (!asn1_subid_decode(ctx, optr++)) {
			kfree(*oid);
			*oid = NULL;
			return 0;
		}
	}
	return 1;
}

static int
compare_oid(unsigned long *oid1, unsigned int oid1len,
	    unsigned long *oid2, unsigned int oid2len)
{
	unsigned int i;

	if (oid1len != oid2len)
		return 0;
	else {
		for (i = 0; i < oid1len; i++) {
			if (oid1[i] != oid2[i])
				return 0;
		}
		return 1;
	}
}

	/* BB check for endian conversion issues here */

int
decode_negTokenInit(unsigned char *security_blob, int length,
		    enum securityEnum *secType)
{
	struct asn1_ctx ctx;
	unsigned char *end;
	unsigned char *sequence_end;
	unsigned long *oid = NULL;
	unsigned int cls, con, tag, oidlen, rc;
	bool use_ntlmssp = false;
	bool use_kerberos = false;
	bool use_mskerberos = false;

	*secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/

	/* cifs_dump_mem(" Received SecBlob ", security_blob, length); */

	asn1_open(&ctx, security_blob, length);

	/* GSSAPI header */
	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding negTokenInit header"));
		return 0;
	} else if ((cls != ASN1_APL) || (con != ASN1_CON)
		   || (tag != ASN1_EOC)) {
		cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
		return 0;
	}

	/* Check for SPNEGO OID -- remember to free obj->oid */
	rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
	if (rc) {
		if ((tag == ASN1_OJI) && (con == ASN1_PRI) &&
		    (cls == ASN1_UNI)) {
			rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
			if (rc) {
				rc = compare_oid(oid, oidlen, SPNEGO_OID,
						 SPNEGO_OID_LEN);
				kfree(oid);
			}
		} else
			rc = 0;
	}

	/* SPNEGO OID not present or garbled -- bail out */
	if (!rc) {
		cFYI(1, ("Error decoding negTokenInit header"));
		return 0;
	}

	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding negTokenInit"));
		return 0;
	} else if ((cls != ASN1_CTX) || (con != ASN1_CON)
		   || (tag != ASN1_EOC)) {
		cFYI(1,
		     ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
		      cls, con, tag, end, *end));
		return 0;
	}

	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding negTokenInit"));
		return 0;
	} else if ((cls != ASN1_UNI) || (con != ASN1_CON)
		   || (tag != ASN1_SEQ)) {
		cFYI(1,
		     ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
		      cls, con, tag, end, *end));
		return 0;
	}

	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding 2nd part of negTokenInit"));
		return 0;
	} else if ((cls != ASN1_CTX) || (con != ASN1_CON)
		   || (tag != ASN1_EOC)) {
		cFYI(1,
		     ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
		      cls, con, tag, end, *end));
		return 0;
	}

	if (asn1_header_decode
	    (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding 2nd part of negTokenInit"));
		return 0;
	} else if ((cls != ASN1_UNI) || (con != ASN1_CON)
		   || (tag != ASN1_SEQ)) {
		cFYI(1,
		     ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
		      cls, con, tag, end, *end));
		return 0;
	}

	while (!asn1_eoc_decode(&ctx, sequence_end)) {
		rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
		if (!rc) {
			cFYI(1,
			     ("Error decoding negTokenInit hdr exit2"));
			return 0;
		}
		if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
			if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {

				cFYI(1, ("OID len = %d oid = 0x%lx 0x%lx "
					 "0x%lx 0x%lx", oidlen, *oid,
					 *(oid + 1), *(oid + 2), *(oid + 3)));

				if (compare_oid(oid, oidlen, MSKRB5_OID,
						MSKRB5_OID_LEN) &&
						!use_kerberos)
					use_mskerberos = true;
				else if (compare_oid(oid, oidlen, KRB5_OID,
						     KRB5_OID_LEN) &&
						     !use_mskerberos)
					use_kerberos = true;
				else if (compare_oid(oid, oidlen, NTLMSSP_OID,
						     NTLMSSP_OID_LEN))
					use_ntlmssp = true;

				kfree(oid);
			}
		} else {
			cFYI(1, ("Should be an oid what is going on?"));
		}
	}

	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding last part negTokenInit exit3"));
		return 0;
	} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
		/* tag = 3 indicating mechListMIC */
		cFYI(1, ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
			 cls, con, tag, end, *end));
		return 0;
	}
	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding last part negTokenInit exit5"));
		return 0;
	} else if ((cls != ASN1_UNI) || (con != ASN1_CON)
		   || (tag != ASN1_SEQ)) {
		cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)",
			cls, con, tag, end, *end));
	}

	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding last part negTokenInit exit 7"));
		return 0;
	} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
		cFYI(1, ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
			 cls, con, tag, end, *end));
		return 0;
	}
	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
		cFYI(1, ("Error decoding last part negTokenInit exit9"));
		return 0;
	} else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
		   || (tag != ASN1_GENSTR)) {
		cFYI(1, ("Exit10 cls = %d con = %d tag = %d end = %p (%d)",
			 cls, con, tag, end, *end));
		return 0;
	}
	cFYI(1, ("Need to call asn1_octets_decode() function for %s",
		 ctx.pointer));	/* is this UTF-8 or ASCII? */

	if (use_kerberos)
		*secType = Kerberos;
	else if (use_mskerberos)
		*secType = MSKerberos;
	else if (use_ntlmssp)
		*secType = NTLMSSP;

	return 1;
}
Commit	Line	Data
50c2f753	1	/*
1da177e4 LT	2	* The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
1da177e4 LT	3	* turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
50c2f753	4	*
1da177e4 LT	5	* Copyright (c) 2000 RP Internet (www.rpi.net.au).
	6	*
	7	* This program is free software; you can redistribute it and/or modify
	8	* it under the terms of the GNU General Public License as published by
	9	* the Free Software Foundation; either version 2 of the License, or
	10	* (at your option) any later version.
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	* You should have received a copy of the GNU General Public License
	16	* along with this program; if not, write to the Free Software
	17	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	18	*/
	19
1da177e4 LT	20	#include <linux/module.h>
	21	#include <linux/types.h>
	22	#include <linux/kernel.h>
	23	#include <linux/mm.h>
	24	#include <linux/slab.h>
	25	#include "cifspdu.h"
	26	#include "cifsglob.h"
	27	#include "cifs_debug.h"
	28	#include "cifsproto.h"
	29
	30	/*****************************************************************************
	31	*
	32	* Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
	33	*
	34	*****************************************************************************/
	35
	36	/* Class */
	37	#define ASN1_UNI 0 /* Universal */
	38	#define ASN1_APL 1 /* Application */
	39	#define ASN1_CTX 2 /* Context */
	40	#define ASN1_PRV 3 /* Private */
	41
	42	/* Tag */
	43	#define ASN1_EOC 0 /* End Of Contents or N/A */
	44	#define ASN1_BOL 1 /* Boolean */
	45	#define ASN1_INT 2 /* Integer */
	46	#define ASN1_BTS 3 /* Bit String */
	47	#define ASN1_OTS 4 /* Octet String */
	48	#define ASN1_NUL 5 /* Null */
	49	#define ASN1_OJI 6 /* Object Identifier */
	50	#define ASN1_OJD 7 /* Object Description */
	51	#define ASN1_EXT 8 /* External */
	52	#define ASN1_SEQ 16 /* Sequence */
	53	#define ASN1_SET 17 /* Set */
	54	#define ASN1_NUMSTR 18 /* Numerical String */
	55	#define ASN1_PRNSTR 19 /* Printable String */
	56	#define ASN1_TEXSTR 20 /* Teletext String */
	57	#define ASN1_VIDSTR 21 /* Video String */
	58	#define ASN1_IA5STR 22 /* IA5 String */
	59	#define ASN1_UNITIM 23 /* Universal Time */
	60	#define ASN1_GENTIM 24 /* General Time */
	61	#define ASN1_GRASTR 25 /* Graphical String */
	62	#define ASN1_VISSTR 26 /* Visible String */
	63	#define ASN1_GENSTR 27 /* General String */
	64
	65	/* Primitive / Constructed methods*/
	66	#define ASN1_PRI 0 /* Primitive */
	67	#define ASN1_CON 1 /* Constructed */
	68
	69	/*
	70	* Error codes.
	71	*/
	72	#define ASN1_ERR_NOERROR 0
	73	#define ASN1_ERR_DEC_EMPTY 2
	74	#define ASN1_ERR_DEC_EOC_MISMATCH 3
	75	#define ASN1_ERR_DEC_LENGTH_MISMATCH 4
	76	#define ASN1_ERR_DEC_BADVALUE 5
	77
	78	#define SPNEGO_OID_LEN 7
	79	#define NTLMSSP_OID_LEN 10
e545937a JL	80	#define KRB5_OID_LEN 7
e545937a JL	81	#define MSKRB5_OID_LEN 7
1da177e4 LT	82	static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
1da177e4 LT	83	static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
e545937a JL	84	static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 };
e545937a JL	85	static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 };
1da177e4	86
50c2f753	87	/*
1da177e4 LT	88	* ASN.1 context.
	89	*/
	90	struct asn1_ctx {
	91	int error; /* Error condition */
	92	unsigned char pointer; / Octet just to be decoded */
	93	unsigned char begin; / First octet */
	94	unsigned char end; / Octet after last octet */
	95	};
	96
	97	/*
	98	* Octet string (not null terminated)
	99	*/
	100	struct asn1_octstr {
	101	unsigned char *data;
	102	unsigned int len;
	103	};
	104
	105	static void
	106	asn1_open(struct asn1_ctx ctx, unsigned char buf, unsigned int len)
	107	{
	108	ctx->begin = buf;
	109	ctx->end = buf + len;
	110	ctx->pointer = buf;
	111	ctx->error = ASN1_ERR_NOERROR;
	112	}
	113
	114	static unsigned char
	115	asn1_octet_decode(struct asn1_ctx ctx, unsigned char ch)
	116	{
	117	if (ctx->pointer >= ctx->end) {
	118	ctx->error = ASN1_ERR_DEC_EMPTY;
	119	return 0;
	120	}
	121	ch = (ctx->pointer)++;
	122	return 1;
	123	}
	124
	125	static unsigned char
	126	asn1_tag_decode(struct asn1_ctx ctx, unsigned int tag)
	127	{
	128	unsigned char ch;
	129
	130	*tag = 0;
	131
	132	do {
	133	if (!asn1_octet_decode(ctx, &ch))
	134	return 0;
	135	*tag <<= 7;
	136	*tag \|= ch & 0x7F;
	137	} while ((ch & 0x80) == 0x80);
	138	return 1;
	139	}
	140
	141	static unsigned char
	142	asn1_id_decode(struct asn1_ctx *ctx,
	143	unsigned int cls, unsigned int con, unsigned int *tag)
	144	{
	145	unsigned char ch;
	146
	147	if (!asn1_octet_decode(ctx, &ch))
	148	return 0;
	149
	150	*cls = (ch & 0xC0) >> 6;
	151	*con = (ch & 0x20) >> 5;
152	*tag = (ch & 0x1F);
153
154	if (*tag == 0x1F) {
155	if (!asn1_tag_decode(ctx, tag))
156	return 0;
157	}
158	return 1;
159	}
160
161	static unsigned char
162	asn1_length_decode(struct asn1_ctx ctx, unsigned int def, unsigned int *len)
163	{
164	unsigned char ch, cnt;
165
166	if (!asn1_octet_decode(ctx, &ch))
167	return 0;
168
169	if (ch == 0x80)
170	*def = 0;
171	else {
172	*def = 1;
173
174	if (ch < 0x80)
175	*len = ch;
176	else {
177	cnt = (unsigned char) (ch & 0x7F);
178	*len = 0;
179
180	while (cnt > 0) {
181	if (!asn1_octet_decode(ctx, &ch))
182	return 0;
183	*len <<= 8;
184	*len \|= ch;
185	cnt--;
186	}
187	}
188	}
ddb2c435 CW	189
	190	/* don't trust len bigger than ctx buffer */
	191	if (*len > ctx->end - ctx->pointer)
	192	return 0;
	193
1da177e4 LT	194	return 1;
	195	}
	196
	197	static unsigned char
	198	asn1_header_decode(struct asn1_ctx *ctx,
	199	unsigned char **eoc,
	200	unsigned int cls, unsigned int con, unsigned int *tag)
	201	{
50c2f753	202	unsigned int def = 0;
ab2f218f	203	unsigned int len = 0;
1da177e4 LT	204
	205	if (!asn1_id_decode(ctx, cls, con, tag))
	206	return 0;
	207
	208	if (!asn1_length_decode(ctx, &def, &len))
	209	return 0;
	210
ddb2c435 CW	211	/* primitive shall be definite, indefinite shall be constructed */
	212	if (*con == ASN1_PRI && !def)
	213	return 0;
	214
1da177e4 LT	215	if (def)
	216	*eoc = ctx->pointer + len;
	217	else
	218	*eoc = NULL;
	219	return 1;
	220	}
	221
	222	static unsigned char
	223	asn1_eoc_decode(struct asn1_ctx ctx, unsigned char eoc)
	224	{
	225	unsigned char ch;
	226
	227	if (eoc == NULL) {
	228	if (!asn1_octet_decode(ctx, &ch))
	229	return 0;
	230
	231	if (ch != 0x00) {
	232	ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
	233	return 0;
	234	}
	235
	236	if (!asn1_octet_decode(ctx, &ch))
	237	return 0;
	238
	239	if (ch != 0x00) {
	240	ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
	241	return 0;
	242	}
	243	return 1;
	244	} else {
	245	if (ctx->pointer != eoc) {
	246	ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
	247	return 0;
	248	}
	249	return 1;
	250	}
	251	}
	252
	253	/* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
	254	unsigned char *eoc)
	255	{
	256	ctx->pointer = eoc;
	257	return 1;
	258	}
	259
	260	static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
	261	unsigned char eoc, long integer)
	262	{
	263	unsigned char ch;
	264	unsigned int len;
	265
	266	if (!asn1_octet_decode(ctx, &ch))
	267	return 0;
	268
	269	*integer = (signed char) ch;
	270	len = 1;
	271
	272	while (ctx->pointer < eoc) {
	273	if (++len > sizeof(long)) {
	274	ctx->error = ASN1_ERR_DEC_BADVALUE;
	275	return 0;
	276	}
	277
	278	if (!asn1_octet_decode(ctx, &ch))
279	return 0;
280
281	*integer <<= 8;
282	*integer \|= ch;
283	}
284	return 1;
285	}
286
287	static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
288	unsigned char *eoc,
289	unsigned int *integer)
290	{
291	unsigned char ch;
292	unsigned int len;
293
294	if (!asn1_octet_decode(ctx, &ch))
295	return 0;
296
297	*integer = ch;
298	if (ch == 0)
299	len = 0;
300	else
301	len = 1;
302
303	while (ctx->pointer < eoc) {
304	if (++len > sizeof(unsigned int)) {
305	ctx->error = ASN1_ERR_DEC_BADVALUE;
306	return 0;
307	}
308
309	if (!asn1_octet_decode(ctx, &ch))
310	return 0;
311
312	*integer <<= 8;
313	*integer \|= ch;
314	}
315	return 1;
316	}
317
318	static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
319	unsigned char *eoc,
320	unsigned long *integer)
321	{
322	unsigned char ch;
323	unsigned int len;
324
325	if (!asn1_octet_decode(ctx, &ch))
326	return 0;
327
328	*integer = ch;
329	if (ch == 0)
330	len = 0;
331	else
332	len = 1;
333
334	while (ctx->pointer < eoc) {
335	if (++len > sizeof(unsigned long)) {
336	ctx->error = ASN1_ERR_DEC_BADVALUE;
337	return 0;
338	}
339
340	if (!asn1_octet_decode(ctx, &ch))
341	return 0;
342
343	*integer <<= 8;
344	*integer \|= ch;
345	}
346	return 1;
50c2f753	347	}
1da177e4 LT	348
	349	static unsigned char
	350	asn1_octets_decode(struct asn1_ctx *ctx,
	351	unsigned char *eoc,
	352	unsigned char *octets, unsigned int len)
	353	{
	354	unsigned char *ptr;
	355
	356	*len = 0;
	357
	358	*octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
	359	if (*octets == NULL) {
	360	return 0;
	361	}
	362
	363	ptr = *octets;
	364	while (ctx->pointer < eoc) {
	365	if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
	366	kfree(*octets);
	367	*octets = NULL;
	368	return 0;
	369	}
	370	(*len)++;
	371	}
	372	return 1;
	373	} */
	374
	375	static unsigned char
	376	asn1_subid_decode(struct asn1_ctx ctx, unsigned long subid)
	377	{
	378	unsigned char ch;
	379
	380	*subid = 0;
	381
	382	do {
	383	if (!asn1_octet_decode(ctx, &ch))
	384	return 0;
	385
	386	*subid <<= 7;
	387	*subid \|= ch & 0x7F;
	388	} while ((ch & 0x80) == 0x80);
	389	return 1;
	390	}
	391
50c2f753	392	static int
1da177e4 LT	393	asn1_oid_decode(struct asn1_ctx *ctx,
	394	unsigned char eoc, unsigned long oid, unsigned int len)
	395	{
	396	unsigned long subid;
	397	unsigned int size;
	398	unsigned long *optr;
	399
	400	size = eoc - ctx->pointer + 1;
ddb2c435 CW	401
ddb2c435 CW	402	/* first subid actually encodes first two subids */
04e1e0cc	403	if (size < 2 \|\| size > UINT_MAX/sizeof(unsigned long))
ddb2c435 CW	404	return 0;
ddb2c435 CW	405
26f57364 SF	406	oid = kmalloc(size sizeof(unsigned long), GFP_ATOMIC);
26f57364 SF	407	if (*oid == NULL)
1da177e4	408	return 0;
1da177e4 LT	409
	410	optr = *oid;
	411
	412	if (!asn1_subid_decode(ctx, &subid)) {
	413	kfree(*oid);
	414	*oid = NULL;
	415	return 0;
	416	}
	417
	418	if (subid < 40) {
	419	optr[0] = 0;
	420	optr[1] = subid;
	421	} else if (subid < 80) {
	422	optr[0] = 1;
	423	optr[1] = subid - 40;
	424	} else {
	425	optr[0] = 2;
	426	optr[1] = subid - 80;
	427	}
	428
	429	*len = 2;
	430	optr += 2;
	431
	432	while (ctx->pointer < eoc) {
	433	if (++(*len) > size) {
	434	ctx->error = ASN1_ERR_DEC_BADVALUE;
	435	kfree(*oid);
	436	*oid = NULL;
	437	return 0;
	438	}
	439
	440	if (!asn1_subid_decode(ctx, optr++)) {
	441	kfree(*oid);
	442	*oid = NULL;
	443	return 0;
	444	}
	445	}
	446	return 1;
	447	}
	448
	449	static int
	450	compare_oid(unsigned long *oid1, unsigned int oid1len,
	451	unsigned long *oid2, unsigned int oid2len)
	452	{
	453	unsigned int i;
	454
	455	if (oid1len != oid2len)
	456	return 0;
	457	else {
	458	for (i = 0; i < oid1len; i++) {
	459	if (oid1[i] != oid2[i])
	460	return 0;
	461	}
	462	return 1;
	463	}
	464	}
	465
	466	/* BB check for endian conversion issues here */
	467
	468	int
	469	decode_negTokenInit(unsigned char *security_blob, int length,
	470	enum securityEnum *secType)
	471	{
	472	struct asn1_ctx ctx;
473	unsigned char *end;
474	unsigned char *sequence_end;
475	unsigned long *oid = NULL;
476	unsigned int cls, con, tag, oidlen, rc;
4b18f2a9 SF	477	bool use_ntlmssp = false;
4b18f2a9 SF	478	bool use_kerberos = false;
c16fefa5	479	bool use_mskerberos = false;
1da177e4	480
50c2f753	481	secType = NTLM; / BB eventually make Kerberos or NLTMSSP the default*/
1da177e4 LT	482
	483	/* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
	484
	485	asn1_open(&ctx, security_blob, length);
	486
2f0e58ac	487	/* GSSAPI header */
1da177e4	488	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
26a21b98	489	cFYI(1, ("Error decoding negTokenInit header"));
1da177e4 LT	490	return 0;
	491	} else if ((cls != ASN1_APL) \|\| (con != ASN1_CON)
	492	\|\| (tag != ASN1_EOC)) {
	493	cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
	494	return 0;
2f0e58ac	495	}
1da177e4	496
2f0e58ac JL	497	/* Check for SPNEGO OID -- remember to free obj->oid */
	498	rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
	499	if (rc) {
	500	if ((tag == ASN1_OJI) && (con == ASN1_PRI) &&
	501	(cls == ASN1_UNI)) {
	502	rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
	503	if (rc) {
	504	rc = compare_oid(oid, oidlen, SPNEGO_OID,
	505	SPNEGO_OID_LEN);
	506	kfree(oid);
	507	}
	508	} else
	509	rc = 0;
	510	}
1da177e4	511
2f0e58ac JL	512	/* SPNEGO OID not present or garbled -- bail out */
	513	if (!rc) {
	514	cFYI(1, ("Error decoding negTokenInit header"));
	515	return 0;
	516	}
1da177e4	517
2f0e58ac JL	518	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	519	cFYI(1, ("Error decoding negTokenInit"));
	520	return 0;
	521	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)
	522	\|\| (tag != ASN1_EOC)) {
	523	cFYI(1,
	524	("cls = %d con = %d tag = %d end = %p (%d) exit 0",
	525	cls, con, tag, end, *end));
	526	return 0;
	527	}
1da177e4	528
2f0e58ac JL	529	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	530	cFYI(1, ("Error decoding negTokenInit"));
	531	return 0;
	532	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_CON)
	533	\|\| (tag != ASN1_SEQ)) {
	534	cFYI(1,
	535	("cls = %d con = %d tag = %d end = %p (%d) exit 1",
	536	cls, con, tag, end, *end));
	537	return 0;
	538	}
1da177e4	539
2f0e58ac JL	540	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	541	cFYI(1, ("Error decoding 2nd part of negTokenInit"));
	542	return 0;
	543	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)
	544	\|\| (tag != ASN1_EOC)) {
	545	cFYI(1,
	546	("cls = %d con = %d tag = %d end = %p (%d) exit 0",
	547	cls, con, tag, end, *end));
	548	return 0;
	549	}
1da177e4	550
2f0e58ac JL	551	if (asn1_header_decode
	552	(&ctx, &sequence_end, &cls, &con, &tag) == 0) {
	553	cFYI(1, ("Error decoding 2nd part of negTokenInit"));
	554	return 0;
	555	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_CON)
	556	\|\| (tag != ASN1_SEQ)) {
	557	cFYI(1,
	558	("cls = %d con = %d tag = %d end = %p (%d) exit 1",
	559	cls, con, tag, end, *end));
	560	return 0;
	561	}
1da177e4	562
2f0e58ac JL	563	while (!asn1_eoc_decode(&ctx, sequence_end)) {
	564	rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
	565	if (!rc) {
1da177e4	566	cFYI(1,
2f0e58ac	567	("Error decoding negTokenInit hdr exit2"));
1da177e4 LT	568	return 0;
1da177e4 LT	569	}
2f0e58ac JL	570	if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
	571	if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {
	572
	573	cFYI(1, ("OID len = %d oid = 0x%lx 0x%lx "
	574	"0x%lx 0x%lx", oidlen, *oid,
	575	(oid + 1), (oid + 2), *(oid + 3)));
	576
	577	if (compare_oid(oid, oidlen, MSKRB5_OID,
c16fefa5 SF	578	MSKRB5_OID_LEN) &&
	579	!use_kerberos)
	580	use_mskerberos = true;
2f0e58ac	581	else if (compare_oid(oid, oidlen, KRB5_OID,
c16fefa5 SF	582	KRB5_OID_LEN) &&
c16fefa5 SF	583	!use_mskerberos)
2f0e58ac JL	584	use_kerberos = true;
	585	else if (compare_oid(oid, oidlen, NTLMSSP_OID,
	586	NTLMSSP_OID_LEN))
	587	use_ntlmssp = true;
	588
	589	kfree(oid);
	590	}
	591	} else {
	592	cFYI(1, ("Should be an oid what is going on?"));
1da177e4	593	}
2f0e58ac	594	}
1da177e4	595
2f0e58ac JL	596	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	597	cFYI(1, ("Error decoding last part negTokenInit exit3"));
	598	return 0;
	599	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)) {
	600	/* tag = 3 indicating mechListMIC */
	601	cFYI(1, ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
	602	cls, con, tag, end, *end));
	603	return 0;
	604	}
	605	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	606	cFYI(1, ("Error decoding last part negTokenInit exit5"));
	607	return 0;
	608	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_CON)
	609	\|\| (tag != ASN1_SEQ)) {
	610	cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)",
	611	cls, con, tag, end, *end));
	612	}
	613
	614	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	615	cFYI(1, ("Error decoding last part negTokenInit exit 7"));
	616	return 0;
	617	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)) {
	618	cFYI(1, ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
	619	cls, con, tag, end, *end));
	620	return 0;
	621	}
	622	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	623	cFYI(1, ("Error decoding last part negTokenInit exit9"));
	624	return 0;
	625	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_PRI)
	626	\|\| (tag != ASN1_GENSTR)) {
	627	cFYI(1, ("Exit10 cls = %d con = %d tag = %d end = %p (%d)",
	628	cls, con, tag, end, *end));
	629	return 0;
1da177e4	630	}
2f0e58ac JL	631	cFYI(1, ("Need to call asn1_octets_decode() function for %s",
2f0e58ac JL	632	ctx.pointer)); /* is this UTF-8 or ASCII? */
1da177e4	633
e545937a JL	634	if (use_kerberos)
e545937a JL	635	*secType = Kerberos;
c16fefa5 SF	636	else if (use_mskerberos)
c16fefa5 SF	637	*secType = MSKerberos;
e545937a	638	else if (use_ntlmssp)
1da177e4	639	*secType = NTLMSSP;
1da177e4 LT	640
	641	return 1;
	642	}