search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
exportfs: remove old methods
[wrt350n-kernel.git] / fs / cifs / asn1.c
blob2a01f3ef96a0503332da509b81e4c788f07113c2
1 /*
2 * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
3 * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
4 *
5 * Copyright (c) 2000 RP Internet (www.rpi.net.au).
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20 #include <linux/module.h>
21 #include <linux/types.h>
22 #include <linux/kernel.h>
23 #include <linux/mm.h>
24 #include <linux/slab.h>
25 #include "cifspdu.h"
26 #include "cifsglob.h"
27 #include "cifs_debug.h"
28 #include "cifsproto.h"
29
30 /*****************************************************************************
31 *
32 * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
33 *
34 *****************************************************************************/
35
36 /* Class */
37 #define ASN1_UNI 0 /* Universal */
38 #define ASN1_APL 1 /* Application */
39 #define ASN1_CTX 2 /* Context */
40 #define ASN1_PRV 3 /* Private */
41
42 /* Tag */
43 #define ASN1_EOC 0 /* End Of Contents or N/A */
44 #define ASN1_BOL 1 /* Boolean */
45 #define ASN1_INT 2 /* Integer */
46 #define ASN1_BTS 3 /* Bit String */
47 #define ASN1_OTS 4 /* Octet String */
48 #define ASN1_NUL 5 /* Null */
49 #define ASN1_OJI 6 /* Object Identifier */
50 #define ASN1_OJD 7 /* Object Description */
51 #define ASN1_EXT 8 /* External */
52 #define ASN1_SEQ 16 /* Sequence */
53 #define ASN1_SET 17 /* Set */
54 #define ASN1_NUMSTR 18 /* Numerical String */
55 #define ASN1_PRNSTR 19 /* Printable String */
56 #define ASN1_TEXSTR 20 /* Teletext String */
57 #define ASN1_VIDSTR 21 /* Video String */
58 #define ASN1_IA5STR 22 /* IA5 String */
59 #define ASN1_UNITIM 23 /* Universal Time */
60 #define ASN1_GENTIM 24 /* General Time */
61 #define ASN1_GRASTR 25 /* Graphical String */
62 #define ASN1_VISSTR 26 /* Visible String */
63 #define ASN1_GENSTR 27 /* General String */
64
65 /* Primitive / Constructed methods*/
66 #define ASN1_PRI 0 /* Primitive */
67 #define ASN1_CON 1 /* Constructed */
68
69 /*
70 * Error codes.
71 */
72 #define ASN1_ERR_NOERROR 0
73 #define ASN1_ERR_DEC_EMPTY 2
74 #define ASN1_ERR_DEC_EOC_MISMATCH 3
75 #define ASN1_ERR_DEC_LENGTH_MISMATCH 4
76 #define ASN1_ERR_DEC_BADVALUE 5
77
78 #define SPNEGO_OID_LEN 7
79 #define NTLMSSP_OID_LEN 10
80 static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
81 static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
82
83 /*
84 * ASN.1 context.
85 */
86 struct asn1_ctx {
87 int error; /* Error condition */
88 unsigned char *pointer; /* Octet just to be decoded */
89 unsigned char *begin; /* First octet */
90 unsigned char *end; /* Octet after last octet */
91 };
92
93 /*
94 * Octet string (not null terminated)
95 */
96 struct asn1_octstr {
97 unsigned char *data;
98 unsigned int len;
99 };
100
101 static void
102 asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
103 {
104 ctx->begin = buf;
105 ctx->end = buf + len;
106 ctx->pointer = buf;
107 ctx->error = ASN1_ERR_NOERROR;
108 }
109
110 static unsigned char
111 asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
112 {
113 if (ctx->pointer >= ctx->end) {
114 ctx->error = ASN1_ERR_DEC_EMPTY;
115 return 0;
116 }
117 *ch = *(ctx->pointer)++;
118 return 1;
119 }
120
121 static unsigned char
122 asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
123 {
124 unsigned char ch;
125
126 *tag = 0;
127
128 do {
129 if (!asn1_octet_decode(ctx, &ch))
130 return 0;
131 *tag <<= 7;
132 *tag |= ch & 0x7F;
133 } while ((ch & 0x80) == 0x80);
134 return 1;
135 }
136
137 static unsigned char
138 asn1_id_decode(struct asn1_ctx *ctx,
139 unsigned int *cls, unsigned int *con, unsigned int *tag)
140 {
141 unsigned char ch;
142
143 if (!asn1_octet_decode(ctx, &ch))
144 return 0;
145
146 *cls = (ch & 0xC0) >> 6;
147 *con = (ch & 0x20) >> 5;
148 *tag = (ch & 0x1F);
149
150 if (*tag == 0x1F) {
151 if (!asn1_tag_decode(ctx, tag))
152 return 0;
153 }
154 return 1;
155 }
156
157 static unsigned char
158 asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
159 {
160 unsigned char ch, cnt;
161
162 if (!asn1_octet_decode(ctx, &ch))
163 return 0;
164
165 if (ch == 0x80)
166 *def = 0;
167 else {
168 *def = 1;
169
170 if (ch < 0x80)
171 *len = ch;
172 else {
173 cnt = (unsigned char) (ch & 0x7F);
174 *len = 0;
175
176 while (cnt > 0) {
177 if (!asn1_octet_decode(ctx, &ch))
178 return 0;
179 *len <<= 8;
180 *len |= ch;
181 cnt--;
182 }
183 }
184 }
185 return 1;
186 }
187
188 static unsigned char
189 asn1_header_decode(struct asn1_ctx *ctx,
190 unsigned char **eoc,
191 unsigned int *cls, unsigned int *con, unsigned int *tag)
192 {
193 unsigned int def = 0;
194 unsigned int len = 0;
195
196 if (!asn1_id_decode(ctx, cls, con, tag))
197 return 0;
198
199 if (!asn1_length_decode(ctx, &def, &len))
200 return 0;
201
202 if (def)
203 *eoc = ctx->pointer + len;
204 else
205 *eoc = NULL;
206 return 1;
207 }
208
209 static unsigned char
210 asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
211 {
212 unsigned char ch;
213
214 if (eoc == NULL) {
215 if (!asn1_octet_decode(ctx, &ch))
216 return 0;
217
218 if (ch != 0x00) {
219 ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
220 return 0;
221 }
222
223 if (!asn1_octet_decode(ctx, &ch))
224 return 0;
225
226 if (ch != 0x00) {
227 ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
228 return 0;
229 }
230 return 1;
231 } else {
232 if (ctx->pointer != eoc) {
233 ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
234 return 0;
235 }
236 return 1;
237 }
238 }
239
240 /* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
241 unsigned char *eoc)
242 {
243 ctx->pointer = eoc;
244 return 1;
245 }
246
247 static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
248 unsigned char *eoc, long *integer)
249 {
250 unsigned char ch;
251 unsigned int len;
252
253 if (!asn1_octet_decode(ctx, &ch))
254 return 0;
255
256 *integer = (signed char) ch;
257 len = 1;
258
259 while (ctx->pointer < eoc) {
260 if (++len > sizeof(long)) {
261 ctx->error = ASN1_ERR_DEC_BADVALUE;
262 return 0;
263 }
264
265 if (!asn1_octet_decode(ctx, &ch))
266 return 0;
267
268 *integer <<= 8;
269 *integer |= ch;
270 }
271 return 1;
272 }
273
274 static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
275 unsigned char *eoc,
276 unsigned int *integer)
277 {
278 unsigned char ch;
279 unsigned int len;
280
281 if (!asn1_octet_decode(ctx, &ch))
282 return 0;
283
284 *integer = ch;
285 if (ch == 0)
286 len = 0;
287 else
288 len = 1;
289
290 while (ctx->pointer < eoc) {
291 if (++len > sizeof(unsigned int)) {
292 ctx->error = ASN1_ERR_DEC_BADVALUE;
293 return 0;
294 }
295
296 if (!asn1_octet_decode(ctx, &ch))
297 return 0;
298
299 *integer <<= 8;
300 *integer |= ch;
301 }
302 return 1;
303 }
304
305 static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
306 unsigned char *eoc,
307 unsigned long *integer)
308 {
309 unsigned char ch;
310 unsigned int len;
311
312 if (!asn1_octet_decode(ctx, &ch))
313 return 0;
314
315 *integer = ch;
316 if (ch == 0)
317 len = 0;
318 else
319 len = 1;
320
321 while (ctx->pointer < eoc) {
322 if (++len > sizeof(unsigned long)) {
323 ctx->error = ASN1_ERR_DEC_BADVALUE;
324 return 0;
325 }
326
327 if (!asn1_octet_decode(ctx, &ch))
328 return 0;
329
330 *integer <<= 8;
331 *integer |= ch;
332 }
333 return 1;
334 }
335
336 static unsigned char
337 asn1_octets_decode(struct asn1_ctx *ctx,
338 unsigned char *eoc,
339 unsigned char **octets, unsigned int *len)
340 {
341 unsigned char *ptr;
342
343 *len = 0;
344
345 *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
346 if (*octets == NULL) {
347 return 0;
348 }
349
350 ptr = *octets;
351 while (ctx->pointer < eoc) {
352 if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
353 kfree(*octets);
354 *octets = NULL;
355 return 0;
356 }
357 (*len)++;
358 }
359 return 1;
360 } */
361
362 static unsigned char
363 asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
364 {
365 unsigned char ch;
366
367 *subid = 0;
368
369 do {
370 if (!asn1_octet_decode(ctx, &ch))
371 return 0;
372
373 *subid <<= 7;
374 *subid |= ch & 0x7F;
375 } while ((ch & 0x80) == 0x80);
376 return 1;
377 }
378
379 static int
380 asn1_oid_decode(struct asn1_ctx *ctx,
381 unsigned char *eoc, unsigned long **oid, unsigned int *len)
382 {
383 unsigned long subid;
384 unsigned int size;
385 unsigned long *optr;
386
387 size = eoc - ctx->pointer + 1;
388 *oid = kmalloc(size * sizeof(unsigned long), GFP_ATOMIC);
389 if (*oid == NULL)
390 return 0;
391
392 optr = *oid;
393
394 if (!asn1_subid_decode(ctx, &subid)) {
395 kfree(*oid);
396 *oid = NULL;
397 return 0;
398 }
399
400 if (subid < 40) {
401 optr[0] = 0;
402 optr[1] = subid;
403 } else if (subid < 80) {
404 optr[0] = 1;
405 optr[1] = subid - 40;
406 } else {
407 optr[0] = 2;
408 optr[1] = subid - 80;
409 }
410
411 *len = 2;
412 optr += 2;
413
414 while (ctx->pointer < eoc) {
415 if (++(*len) > size) {
416 ctx->error = ASN1_ERR_DEC_BADVALUE;
417 kfree(*oid);
418 *oid = NULL;
419 return 0;
420 }
421
422 if (!asn1_subid_decode(ctx, optr++)) {
423 kfree(*oid);
424 *oid = NULL;
425 return 0;
426 }
427 }
428 return 1;
429 }
430
431 static int
432 compare_oid(unsigned long *oid1, unsigned int oid1len,
433 unsigned long *oid2, unsigned int oid2len)
434 {
435 unsigned int i;
436
437 if (oid1len != oid2len)
438 return 0;
439 else {
440 for (i = 0; i < oid1len; i++) {
441 if (oid1[i] != oid2[i])
442 return 0;
443 }
444 return 1;
445 }
446 }
447
448 /* BB check for endian conversion issues here */
449
450 int
451 decode_negTokenInit(unsigned char *security_blob, int length,
452 enum securityEnum *secType)
453 {
454 struct asn1_ctx ctx;
455 unsigned char *end;
456 unsigned char *sequence_end;
457 unsigned long *oid = NULL;
458 unsigned int cls, con, tag, oidlen, rc;
459 int use_ntlmssp = FALSE;
460
461 *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/
462
463 /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
464
465 asn1_open(&ctx, security_blob, length);
466
467 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
468 cFYI(1, ("Error decoding negTokenInit header"));
469 return 0;
470 } else if ((cls != ASN1_APL) || (con != ASN1_CON)
471 || (tag != ASN1_EOC)) {
472 cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
473 return 0;
474 } else {
475 /* remember to free obj->oid */
476 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
477 if (rc) {
478 if ((tag == ASN1_OJI) && (cls == ASN1_PRI)) {
479 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
480 if (rc) {
481 rc = compare_oid(oid, oidlen,
482 SPNEGO_OID,
483 SPNEGO_OID_LEN);
484 kfree(oid);
485 }
486 } else
487 rc = 0;
488 }
489
490 if (!rc) {
491 cFYI(1, ("Error decoding negTokenInit header"));
492 return 0;
493 }
494
495 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
496 cFYI(1, ("Error decoding negTokenInit"));
497 return 0;
498 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
499 || (tag != ASN1_EOC)) {
500 cFYI(1,
501 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
502 cls, con, tag, end, *end));
503 return 0;
504 }
505
506 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
507 cFYI(1, ("Error decoding negTokenInit"));
508 return 0;
509 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
510 || (tag != ASN1_SEQ)) {
511 cFYI(1,
512 ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
513 cls, con, tag, end, *end));
514 return 0;
515 }
516
517 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
518 cFYI(1, ("Error decoding 2nd part of negTokenInit"));
519 return 0;
520 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
521 || (tag != ASN1_EOC)) {
522 cFYI(1,
523 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
524 cls, con, tag, end, *end));
525 return 0;
526 }
527
528 if (asn1_header_decode
529 (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
530 cFYI(1, ("Error decoding 2nd part of negTokenInit"));
531 return 0;
532 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
533 || (tag != ASN1_SEQ)) {
534 cFYI(1,
535 ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
536 cls, con, tag, end, *end));
537 return 0;
538 }
539
540 while (!asn1_eoc_decode(&ctx, sequence_end)) {
541 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
542 if (!rc) {
543 cFYI(1,
544 ("Error decoding negTokenInit hdr exit2"));
545 return 0;
546 }
547 if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
548 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
549 if (rc) {
550 cFYI(1,
551 ("OID len = %d oid = 0x%lx 0x%lx "
552 "0x%lx 0x%lx",
553 oidlen, *oid, *(oid + 1),
554 *(oid + 2), *(oid + 3)));
555 rc = compare_oid(oid, oidlen,
556 NTLMSSP_OID, NTLMSSP_OID_LEN);
557 kfree(oid);
558 if (rc)
559 use_ntlmssp = TRUE;
560 }
561 } else {
562 cFYI(1, ("Should be an oid what is going on?"));
563 }
564 }
565
566 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
567 cFYI(1,
568 ("Error decoding last part negTokenInit exit3"));
569 return 0;
570 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
571 /* tag = 3 indicating mechListMIC */
572 cFYI(1,
573 ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
574 cls, con, tag, end, *end));
575 return 0;
576 }
577 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
578 cFYI(1,
579 ("Error decoding last part negTokenInit exit5"));
580 return 0;
581 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
582 || (tag != ASN1_SEQ)) {
583 cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)",
584 cls, con, tag, end, *end));
585 }
586
587 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
588 cFYI(1,
589 ("Error decoding last part negTokenInit exit 7"));
590 return 0;
591 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
592 cFYI(1,
593 ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
594 cls, con, tag, end, *end));
595 return 0;
596 }
597 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
598 cFYI(1,
599 ("Error decoding last part negTokenInit exit9"));
600 return 0;
601 } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
602 || (tag != ASN1_GENSTR)) {
603 cFYI(1,
604 ("Exit10 cls = %d con = %d tag = %d end = %p (%d)",
605 cls, con, tag, end, *end));
606 return 0;
607 }
608 cFYI(1, ("Need to call asn1_octets_decode() function for %s",
609 ctx.pointer)); /* is this UTF-8 or ASCII? */
610 }
611
612 /* if (use_kerberos)
613 *secType = Kerberos
614 else */
615 if (use_ntlmssp) {
616 *secType = NTLMSSP;
617 }
618
619 return 1;
620 }
WRT350N Kernel Patches