summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2016-11-04 18:12:49 +0000
committerjsing <>2016-11-04 18:12:49 +0000
commit3b007660bd04b1ebd97816eb1f5c5949de969c45 (patch)
tree0dee99ac45b28b247f5c786568af6bdbec2abb72 /src/lib
parent95c92d8519666cd42fcb0aaea340ec1d508fafcd (diff)
downloadopenbsd-3b007660bd04b1ebd97816eb1f5c5949de969c45.tar.gz
openbsd-3b007660bd04b1ebd97816eb1f5c5949de969c45.tar.bz2
openbsd-3b007660bd04b1ebd97816eb1f5c5949de969c45.zip
Nuke the KRB5 ASN.1 code from orbit.
ok beck@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/Makefile7
-rw-r--r--src/lib/libcrypto/krb5/krb5_asn.c722
-rw-r--r--src/lib/libcrypto/krb5/krb5_asn.h256
3 files changed, 1 insertions, 984 deletions
diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index c85d72bdaf..0517d8ab08 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.9 2016/11/04 13:57:38 miod Exp $ 1# $OpenBSD: Makefile,v 1.10 2016/11/04 18:12:49 jsing Exp $
2 2
3LIB= crypto 3LIB= crypto
4 4
@@ -161,9 +161,6 @@ SRCS+= hmac.c hm_ameth.c hm_pmeth.c
161# idea/ 161# idea/
162SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c 162SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
163 163
164# krb5/
165SRCS+= krb5_asn.c
166
167# lhash/ 164# lhash/
168SRCS+= lhash.c lh_stats.c 165SRCS+= lhash.c lh_stats.c
169 166
@@ -277,7 +274,6 @@ SRCS+= pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
277 ${LCRYPTO_SRC}/gost \ 274 ${LCRYPTO_SRC}/gost \
278 ${LCRYPTO_SRC}/hmac \ 275 ${LCRYPTO_SRC}/hmac \
279 ${LCRYPTO_SRC}/idea \ 276 ${LCRYPTO_SRC}/idea \
280 ${LCRYPTO_SRC}/krb5 \
281 ${LCRYPTO_SRC}/lhash \ 277 ${LCRYPTO_SRC}/lhash \
282 ${LCRYPTO_SRC}/md4 \ 278 ${LCRYPTO_SRC}/md4 \
283 ${LCRYPTO_SRC}/md5 \ 279 ${LCRYPTO_SRC}/md5 \
@@ -334,7 +330,6 @@ HDRS=\
334 ${LCRYPTO_SRC}/gost/gost.h \ 330 ${LCRYPTO_SRC}/gost/gost.h \
335 ${LCRYPTO_SRC}/hmac/hmac.h \ 331 ${LCRYPTO_SRC}/hmac/hmac.h \
336 ${LCRYPTO_SRC}/idea/idea.h \ 332 ${LCRYPTO_SRC}/idea/idea.h \
337 ${LCRYPTO_SRC}/krb5/krb5_asn.h \
338 ${LCRYPTO_SRC}/lhash/lhash.h \ 333 ${LCRYPTO_SRC}/lhash/lhash.h \
339 ${LCRYPTO_SRC}/md4/md4.h \ 334 ${LCRYPTO_SRC}/md4/md4.h \
340 ${LCRYPTO_SRC}/md5/md5.h \ 335 ${LCRYPTO_SRC}/md5/md5.h \
diff --git a/src/lib/libcrypto/krb5/krb5_asn.c b/src/lib/libcrypto/krb5/krb5_asn.c
deleted file mode 100644
index 4713fce37b..0000000000
--- a/src/lib/libcrypto/krb5/krb5_asn.c
+++ /dev/null
@@ -1,722 +0,0 @@
1/* $OpenBSD: krb5_asn.c,v 1.4 2015/07/25 14:49:45 jsing Exp $ */
2/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
3** using ocsp/{*.h,*asn*.c} as a starting point
4*/
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#include <openssl/asn1.h>
59#include <openssl/asn1t.h>
60#include <openssl/krb5_asn.h>
61
62
63static const ASN1_TEMPLATE KRB5_ENCDATA_seq_tt[] = {
64 {
65 .flags = ASN1_TFLG_EXPLICIT,
66 .tag = 0,
67 .offset = offsetof(KRB5_ENCDATA, etype),
68 .field_name = "etype",
69 .item = &ASN1_INTEGER_it,
70 },
71 {
72 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
73 .tag = 1,
74 .offset = offsetof(KRB5_ENCDATA, kvno),
75 .field_name = "kvno",
76 .item = &ASN1_INTEGER_it,
77 },
78 {
79 .flags = ASN1_TFLG_EXPLICIT,
80 .tag = 2,
81 .offset = offsetof(KRB5_ENCDATA, cipher),
82 .field_name = "cipher",
83 .item = &ASN1_OCTET_STRING_it,
84 },
85};
86
87const ASN1_ITEM KRB5_ENCDATA_it = {
88 .itype = ASN1_ITYPE_SEQUENCE,
89 .utype = V_ASN1_SEQUENCE,
90 .templates = KRB5_ENCDATA_seq_tt,
91 .tcount = sizeof(KRB5_ENCDATA_seq_tt) / sizeof(ASN1_TEMPLATE),
92 .funcs = NULL,
93 .size = sizeof(KRB5_ENCDATA),
94 .sname = "KRB5_ENCDATA",
95};
96
97
98KRB5_ENCDATA *
99d2i_KRB5_ENCDATA(KRB5_ENCDATA **a, const unsigned char **in, long len)
100{
101 return (KRB5_ENCDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
102 &KRB5_ENCDATA_it);
103}
104
105int
106i2d_KRB5_ENCDATA(KRB5_ENCDATA *a, unsigned char **out)
107{
108 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_ENCDATA_it);
109}
110
111KRB5_ENCDATA *
112KRB5_ENCDATA_new(void)
113{
114 return (KRB5_ENCDATA *)ASN1_item_new(&KRB5_ENCDATA_it);
115}
116
117void
118KRB5_ENCDATA_free(KRB5_ENCDATA *a)
119{
120 ASN1_item_free((ASN1_VALUE *)a, &KRB5_ENCDATA_it);
121}
122
123
124static const ASN1_TEMPLATE KRB5_PRINCNAME_seq_tt[] = {
125 {
126 .flags = ASN1_TFLG_EXPLICIT,
127 .tag = 0,
128 .offset = offsetof(KRB5_PRINCNAME, nametype),
129 .field_name = "nametype",
130 .item = &ASN1_INTEGER_it,
131 },
132 {
133 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF,
134 .tag = 1,
135 .offset = offsetof(KRB5_PRINCNAME, namestring),
136 .field_name = "namestring",
137 .item = &ASN1_GENERALSTRING_it,
138 },
139};
140
141const ASN1_ITEM KRB5_PRINCNAME_it = {
142 .itype = ASN1_ITYPE_SEQUENCE,
143 .utype = V_ASN1_SEQUENCE,
144 .templates = KRB5_PRINCNAME_seq_tt,
145 .tcount = sizeof(KRB5_PRINCNAME_seq_tt) / sizeof(ASN1_TEMPLATE),
146 .funcs = NULL,
147 .size = sizeof(KRB5_PRINCNAME),
148 .sname = "KRB5_PRINCNAME",
149};
150
151
152KRB5_PRINCNAME *
153d2i_KRB5_PRINCNAME(KRB5_PRINCNAME **a, const unsigned char **in, long len)
154{
155 return (KRB5_PRINCNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
156 &KRB5_PRINCNAME_it);
157}
158
159int
160i2d_KRB5_PRINCNAME(KRB5_PRINCNAME *a, unsigned char **out)
161{
162 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_PRINCNAME_it);
163}
164
165KRB5_PRINCNAME *
166KRB5_PRINCNAME_new(void)
167{
168 return (KRB5_PRINCNAME *)ASN1_item_new(&KRB5_PRINCNAME_it);
169}
170
171void
172KRB5_PRINCNAME_free(KRB5_PRINCNAME *a)
173{
174 ASN1_item_free((ASN1_VALUE *)a, &KRB5_PRINCNAME_it);
175}
176
177
178/* [APPLICATION 1] = 0x61 */
179static const ASN1_TEMPLATE KRB5_TKTBODY_seq_tt[] = {
180 {
181 .flags = ASN1_TFLG_EXPLICIT,
182 .tag = 0,
183 .offset = offsetof(KRB5_TKTBODY, tktvno),
184 .field_name = "tktvno",
185 .item = &ASN1_INTEGER_it,
186 },
187 {
188 .flags = ASN1_TFLG_EXPLICIT,
189 .tag = 1,
190 .offset = offsetof(KRB5_TKTBODY, realm),
191 .field_name = "realm",
192 .item = &ASN1_GENERALSTRING_it,
193 },
194 {
195 .flags = ASN1_TFLG_EXPLICIT,
196 .tag = 2,
197 .offset = offsetof(KRB5_TKTBODY, sname),
198 .field_name = "sname",
199 .item = &KRB5_PRINCNAME_it,
200 },
201 {
202 .flags = ASN1_TFLG_EXPLICIT,
203 .tag = 3,
204 .offset = offsetof(KRB5_TKTBODY, encdata),
205 .field_name = "encdata",
206 .item = &KRB5_ENCDATA_it,
207 },
208};
209
210const ASN1_ITEM KRB5_TKTBODY_it = {
211 .itype = ASN1_ITYPE_SEQUENCE,
212 .utype = V_ASN1_SEQUENCE,
213 .templates = KRB5_TKTBODY_seq_tt,
214 .tcount = sizeof(KRB5_TKTBODY_seq_tt) / sizeof(ASN1_TEMPLATE),
215 .funcs = NULL,
216 .size = sizeof(KRB5_TKTBODY),
217 .sname = "KRB5_TKTBODY",
218};
219
220
221KRB5_TKTBODY *
222d2i_KRB5_TKTBODY(KRB5_TKTBODY **a, const unsigned char **in, long len)
223{
224 return (KRB5_TKTBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
225 &KRB5_TKTBODY_it);
226}
227
228int
229i2d_KRB5_TKTBODY(KRB5_TKTBODY *a, unsigned char **out)
230{
231 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_TKTBODY_it);
232}
233
234KRB5_TKTBODY *
235KRB5_TKTBODY_new(void)
236{
237 return (KRB5_TKTBODY *)ASN1_item_new(&KRB5_TKTBODY_it);
238}
239
240void
241KRB5_TKTBODY_free(KRB5_TKTBODY *a)
242{
243 ASN1_item_free((ASN1_VALUE *)a, &KRB5_TKTBODY_it);
244}
245
246
247static const ASN1_TEMPLATE KRB5_TICKET_item_tt = {
248 .flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION,
249 .tag = 1,
250 .offset = 0,
251 .field_name = "KRB5_TICKET",
252 .item = &KRB5_TKTBODY_it,
253};
254
255const ASN1_ITEM KRB5_TICKET_it = {
256 .itype = ASN1_ITYPE_PRIMITIVE,
257 .utype = -1,
258 .templates = &KRB5_TICKET_item_tt,
259 .tcount = 0,
260 .funcs = NULL,
261 .size = 0,
262 .sname = "KRB5_TICKET",
263};
264
265
266KRB5_TICKET *
267d2i_KRB5_TICKET(KRB5_TICKET **a, const unsigned char **in, long len)
268{
269 return (KRB5_TICKET *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
270 &KRB5_TICKET_it);
271}
272
273int
274i2d_KRB5_TICKET(KRB5_TICKET *a, unsigned char **out)
275{
276 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_TICKET_it);
277}
278
279KRB5_TICKET *
280KRB5_TICKET_new(void)
281{
282 return (KRB5_TICKET *)ASN1_item_new(&KRB5_TICKET_it);
283}
284
285void
286KRB5_TICKET_free(KRB5_TICKET *a)
287{
288 ASN1_item_free((ASN1_VALUE *)a, &KRB5_TICKET_it);
289}
290
291
292/* [APPLICATION 14] = 0x6e */
293static const ASN1_TEMPLATE KRB5_APREQBODY_seq_tt[] = {
294 {
295 .flags = ASN1_TFLG_EXPLICIT,
296 .tag = 0,
297 .offset = offsetof(KRB5_APREQBODY, pvno),
298 .field_name = "pvno",
299 .item = &ASN1_INTEGER_it,
300 },
301 {
302 .flags = ASN1_TFLG_EXPLICIT,
303 .tag = 1,
304 .offset = offsetof(KRB5_APREQBODY, msgtype),
305 .field_name = "msgtype",
306 .item = &ASN1_INTEGER_it,
307 },
308 {
309 .flags = ASN1_TFLG_EXPLICIT,
310 .tag = 2,
311 .offset = offsetof(KRB5_APREQBODY, apoptions),
312 .field_name = "apoptions",
313 .item = &ASN1_BIT_STRING_it,
314 },
315 {
316 .flags = ASN1_TFLG_EXPLICIT,
317 .tag = 3,
318 .offset = offsetof(KRB5_APREQBODY, ticket),
319 .field_name = "ticket",
320 .item = &KRB5_TICKET_it,
321 },
322 {
323 .flags = ASN1_TFLG_EXPLICIT,
324 .tag = 4,
325 .offset = offsetof(KRB5_APREQBODY, authenticator),
326 .field_name = "authenticator",
327 .item = &KRB5_ENCDATA_it,
328 },
329};
330
331const ASN1_ITEM KRB5_APREQBODY_it = {
332 .itype = ASN1_ITYPE_SEQUENCE,
333 .utype = V_ASN1_SEQUENCE,
334 .templates = KRB5_APREQBODY_seq_tt,
335 .tcount = sizeof(KRB5_APREQBODY_seq_tt) / sizeof(ASN1_TEMPLATE),
336 .funcs = NULL,
337 .size = sizeof(KRB5_APREQBODY),
338 .sname = "KRB5_APREQBODY",
339};
340
341
342KRB5_APREQBODY *
343d2i_KRB5_APREQBODY(KRB5_APREQBODY **a, const unsigned char **in, long len)
344{
345 return (KRB5_APREQBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
346 &KRB5_APREQBODY_it);
347}
348
349int
350i2d_KRB5_APREQBODY(KRB5_APREQBODY *a, unsigned char **out)
351{
352 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_APREQBODY_it);
353}
354
355KRB5_APREQBODY *
356KRB5_APREQBODY_new(void)
357{
358 return (KRB5_APREQBODY *)ASN1_item_new(&KRB5_APREQBODY_it);
359}
360
361void
362KRB5_APREQBODY_free(KRB5_APREQBODY *a)
363{
364 ASN1_item_free((ASN1_VALUE *)a, &KRB5_APREQBODY_it);
365}
366
367static const ASN1_TEMPLATE KRB5_APREQ_item_tt = {
368 .flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION,
369 .tag = 14,
370 .offset = 0,
371 .field_name = "KRB5_APREQ",
372 .item = &KRB5_APREQBODY_it,
373};
374
375const ASN1_ITEM KRB5_APREQ_it = {
376 .itype = ASN1_ITYPE_PRIMITIVE,
377 .utype = -1,
378 .templates = &KRB5_APREQ_item_tt,
379 .tcount = 0,
380 .funcs = NULL,
381 .size = 0,
382 .sname = "KRB5_APREQ",
383};
384
385
386KRB5_APREQ *
387d2i_KRB5_APREQ(KRB5_APREQ **a, const unsigned char **in, long len)
388{
389 return (KRB5_APREQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
390 &KRB5_APREQ_it);
391}
392
393int
394i2d_KRB5_APREQ(KRB5_APREQ *a, unsigned char **out)
395{
396 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_APREQ_it);
397}
398
399KRB5_APREQ *
400KRB5_APREQ_new(void)
401{
402 return (KRB5_APREQ *)ASN1_item_new(&KRB5_APREQ_it);
403}
404
405void
406KRB5_APREQ_free(KRB5_APREQ *a)
407{
408 ASN1_item_free((ASN1_VALUE *)a, &KRB5_APREQ_it);
409}
410
411
412/* Authenticator stuff */
413
414static const ASN1_TEMPLATE KRB5_CHECKSUM_seq_tt[] = {
415 {
416 .flags = ASN1_TFLG_EXPLICIT,
417 .tag = 0,
418 .offset = offsetof(KRB5_CHECKSUM, ctype),
419 .field_name = "ctype",
420 .item = &ASN1_INTEGER_it,
421 },
422 {
423 .flags = ASN1_TFLG_EXPLICIT,
424 .tag = 1,
425 .offset = offsetof(KRB5_CHECKSUM, checksum),
426 .field_name = "checksum",
427 .item = &ASN1_OCTET_STRING_it,
428 },
429};
430
431const ASN1_ITEM KRB5_CHECKSUM_it = {
432 .itype = ASN1_ITYPE_SEQUENCE,
433 .utype = V_ASN1_SEQUENCE,
434 .templates = KRB5_CHECKSUM_seq_tt,
435 .tcount = sizeof(KRB5_CHECKSUM_seq_tt) / sizeof(ASN1_TEMPLATE),
436 .funcs = NULL,
437 .size = sizeof(KRB5_CHECKSUM),
438 .sname = "KRB5_CHECKSUM",
439};
440
441
442KRB5_CHECKSUM *
443d2i_KRB5_CHECKSUM(KRB5_CHECKSUM **a, const unsigned char **in, long len)
444{
445 return (KRB5_CHECKSUM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
446 &KRB5_CHECKSUM_it);
447}
448
449int
450i2d_KRB5_CHECKSUM(KRB5_CHECKSUM *a, unsigned char **out)
451{
452 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_CHECKSUM_it);
453}
454
455KRB5_CHECKSUM *
456KRB5_CHECKSUM_new(void)
457{
458 return (KRB5_CHECKSUM *)ASN1_item_new(&KRB5_CHECKSUM_it);
459}
460
461void
462KRB5_CHECKSUM_free(KRB5_CHECKSUM *a)
463{
464 ASN1_item_free((ASN1_VALUE *)a, &KRB5_CHECKSUM_it);
465}
466
467
468static const ASN1_TEMPLATE KRB5_ENCKEY_seq_tt[] = {
469 {
470 .flags = ASN1_TFLG_EXPLICIT,
471 .tag = 0,
472 .offset = offsetof(KRB5_ENCKEY, ktype),
473 .field_name = "ktype",
474 .item = &ASN1_INTEGER_it,
475 },
476 {
477 .flags = ASN1_TFLG_EXPLICIT,
478 .tag = 1,
479 .offset = offsetof(KRB5_ENCKEY, keyvalue),
480 .field_name = "keyvalue",
481 .item = &ASN1_OCTET_STRING_it,
482 },
483};
484
485const ASN1_ITEM KRB5_ENCKEY_it = {
486 .itype = ASN1_ITYPE_SEQUENCE,
487 .utype = V_ASN1_SEQUENCE,
488 .templates = KRB5_ENCKEY_seq_tt,
489 .tcount = sizeof(KRB5_ENCKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
490 .funcs = NULL,
491 .size = sizeof(KRB5_ENCKEY),
492 .sname = "KRB5_ENCKEY",
493};
494
495
496KRB5_ENCKEY *
497d2i_KRB5_ENCKEY(KRB5_ENCKEY **a, const unsigned char **in, long len)
498{
499 return (KRB5_ENCKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
500 &KRB5_ENCKEY_it);
501}
502
503int
504i2d_KRB5_ENCKEY(KRB5_ENCKEY *a, unsigned char **out)
505{
506 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_ENCKEY_it);
507}
508
509KRB5_ENCKEY *
510KRB5_ENCKEY_new(void)
511{
512 return (KRB5_ENCKEY *)ASN1_item_new(&KRB5_ENCKEY_it);
513}
514
515void
516KRB5_ENCKEY_free(KRB5_ENCKEY *a)
517{
518 ASN1_item_free((ASN1_VALUE *)a, &KRB5_ENCKEY_it);
519}
520
521
522/* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */
523static const ASN1_TEMPLATE KRB5_AUTHDATA_seq_tt[] = {
524 {
525 .flags = ASN1_TFLG_EXPLICIT,
526 .tag = 0,
527 .offset = offsetof(KRB5_AUTHDATA, adtype),
528 .field_name = "adtype",
529 .item = &ASN1_INTEGER_it,
530 },
531 {
532 .flags = ASN1_TFLG_EXPLICIT,
533 .tag = 1,
534 .offset = offsetof(KRB5_AUTHDATA, addata),
535 .field_name = "addata",
536 .item = &ASN1_OCTET_STRING_it,
537 },
538};
539
540const ASN1_ITEM KRB5_AUTHDATA_it = {
541 .itype = ASN1_ITYPE_SEQUENCE,
542 .utype = V_ASN1_SEQUENCE,
543 .templates = KRB5_AUTHDATA_seq_tt,
544 .tcount = sizeof(KRB5_AUTHDATA_seq_tt) / sizeof(ASN1_TEMPLATE),
545 .funcs = NULL,
546 .size = sizeof(KRB5_AUTHDATA),
547 .sname = "KRB5_AUTHDATA",
548};
549
550
551KRB5_AUTHDATA *
552d2i_KRB5_AUTHDATA(KRB5_AUTHDATA **a, const unsigned char **in, long len)
553{
554 return (KRB5_AUTHDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
555 &KRB5_AUTHDATA_it);
556}
557
558int
559i2d_KRB5_AUTHDATA(KRB5_AUTHDATA *a, unsigned char **out)
560{
561 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHDATA_it);
562}
563
564KRB5_AUTHDATA *
565KRB5_AUTHDATA_new(void)
566{
567 return (KRB5_AUTHDATA *)ASN1_item_new(&KRB5_AUTHDATA_it);
568}
569
570void
571KRB5_AUTHDATA_free(KRB5_AUTHDATA *a)
572{
573 ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHDATA_it);
574}
575
576
577/* [APPLICATION 2] = 0x62 */
578static const ASN1_TEMPLATE KRB5_AUTHENTBODY_seq_tt[] = {
579 {
580 .flags = ASN1_TFLG_EXPLICIT,
581 .tag = 0,
582 .offset = offsetof(KRB5_AUTHENTBODY, avno),
583 .field_name = "avno",
584 .item = &ASN1_INTEGER_it,
585 },
586 {
587 .flags = ASN1_TFLG_EXPLICIT,
588 .tag = 1,
589 .offset = offsetof(KRB5_AUTHENTBODY, crealm),
590 .field_name = "crealm",
591 .item = &ASN1_GENERALSTRING_it,
592 },
593 {
594 .flags = ASN1_TFLG_EXPLICIT,
595 .tag = 2,
596 .offset = offsetof(KRB5_AUTHENTBODY, cname),
597 .field_name = "cname",
598 .item = &KRB5_PRINCNAME_it,
599 },
600 {
601 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
602 .tag = 3,
603 .offset = offsetof(KRB5_AUTHENTBODY, cksum),
604 .field_name = "cksum",
605 .item = &KRB5_CHECKSUM_it,
606 },
607 {
608 .flags = ASN1_TFLG_EXPLICIT,
609 .tag = 4,
610 .offset = offsetof(KRB5_AUTHENTBODY, cusec),
611 .field_name = "cusec",
612 .item = &ASN1_INTEGER_it,
613 },
614 {
615 .flags = ASN1_TFLG_EXPLICIT,
616 .tag = 5,
617 .offset = offsetof(KRB5_AUTHENTBODY, ctime),
618 .field_name = "ctime",
619 .item = &ASN1_GENERALIZEDTIME_it,
620 },
621 {
622 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
623 .tag = 6,
624 .offset = offsetof(KRB5_AUTHENTBODY, subkey),
625 .field_name = "subkey",
626 .item = &KRB5_ENCKEY_it,
627 },
628 {
629 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
630 .tag = 7,
631 .offset = offsetof(KRB5_AUTHENTBODY, seqnum),
632 .field_name = "seqnum",
633 .item = &ASN1_INTEGER_it,
634 },
635 {
636 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
637 .tag = 8,
638 .offset = offsetof(KRB5_AUTHENTBODY, authorization),
639 .field_name = "authorization",
640 .item = &KRB5_AUTHDATA_it,
641 },
642};
643
644const ASN1_ITEM KRB5_AUTHENTBODY_it = {
645 .itype = ASN1_ITYPE_SEQUENCE,
646 .utype = V_ASN1_SEQUENCE,
647 .templates = KRB5_AUTHENTBODY_seq_tt,
648 .tcount = sizeof(KRB5_AUTHENTBODY_seq_tt) / sizeof(ASN1_TEMPLATE),
649 .funcs = NULL,
650 .size = sizeof(KRB5_AUTHENTBODY),
651 .sname = "KRB5_AUTHENTBODY",
652};
653
654
655KRB5_AUTHENTBODY *
656d2i_KRB5_AUTHENTBODY(KRB5_AUTHENTBODY **a, const unsigned char **in, long len)
657{
658 return (KRB5_AUTHENTBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
659 &KRB5_AUTHENTBODY_it);
660}
661
662int
663i2d_KRB5_AUTHENTBODY(KRB5_AUTHENTBODY *a, unsigned char **out)
664{
665 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHENTBODY_it);
666}
667
668KRB5_AUTHENTBODY *
669KRB5_AUTHENTBODY_new(void)
670{
671 return (KRB5_AUTHENTBODY *)ASN1_item_new(&KRB5_AUTHENTBODY_it);
672}
673
674void
675KRB5_AUTHENTBODY_free(KRB5_AUTHENTBODY *a)
676{
677 ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHENTBODY_it);
678}
679
680static const ASN1_TEMPLATE KRB5_AUTHENT_item_tt = {
681 .flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION,
682 .tag = 2,
683 .offset = 0,
684 .field_name = "KRB5_AUTHENT",
685 .item = &KRB5_AUTHENTBODY_it,
686};
687
688const ASN1_ITEM KRB5_AUTHENT_it = {
689 .itype = ASN1_ITYPE_PRIMITIVE,
690 .utype = -1,
691 .templates = &KRB5_AUTHENT_item_tt,
692 .tcount = 0,
693 .funcs = NULL,
694 .size = 0,
695 .sname = "KRB5_AUTHENT",
696};
697
698
699KRB5_AUTHENT *
700d2i_KRB5_AUTHENT(KRB5_AUTHENT **a, const unsigned char **in, long len)
701{
702 return (KRB5_AUTHENT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
703 &KRB5_AUTHENT_it);
704}
705
706int
707i2d_KRB5_AUTHENT(KRB5_AUTHENT *a, unsigned char **out)
708{
709 return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHENT_it);
710}
711
712KRB5_AUTHENT *
713KRB5_AUTHENT_new(void)
714{
715 return (KRB5_AUTHENT *)ASN1_item_new(&KRB5_AUTHENT_it);
716}
717
718void
719KRB5_AUTHENT_free(KRB5_AUTHENT *a)
720{
721 ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHENT_it);
722}
diff --git a/src/lib/libcrypto/krb5/krb5_asn.h b/src/lib/libcrypto/krb5/krb5_asn.h
deleted file mode 100644
index a5326e1057..0000000000
--- a/src/lib/libcrypto/krb5/krb5_asn.h
+++ /dev/null
@@ -1,256 +0,0 @@
1/* $OpenBSD: krb5_asn.h,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
2/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
3** using ocsp/{*.h,*asn*.c} as a starting point
4*/
5
6/* ====================================================================
7 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@openssl.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60#ifndef HEADER_KRB5_ASN_H
61#define HEADER_KRB5_ASN_H
62
63/*
64#include <krb5.h>
65*/
66#include <openssl/safestack.h>
67
68#ifdef __cplusplus
69extern "C" {
70#endif
71
72
73/* ASN.1 from Kerberos RFC 1510
74*/
75
76/* EncryptedData ::= SEQUENCE {
77** etype[0] INTEGER, -- EncryptionType
78** kvno[1] INTEGER OPTIONAL,
79** cipher[2] OCTET STRING -- ciphertext
80** }
81*/
82typedef struct krb5_encdata_st
83 {
84 ASN1_INTEGER *etype;
85 ASN1_INTEGER *kvno;
86 ASN1_OCTET_STRING *cipher;
87 } KRB5_ENCDATA;
88
89DECLARE_STACK_OF(KRB5_ENCDATA)
90
91/* PrincipalName ::= SEQUENCE {
92** name-type[0] INTEGER,
93** name-string[1] SEQUENCE OF GeneralString
94** }
95*/
96typedef struct krb5_princname_st
97 {
98 ASN1_INTEGER *nametype;
99 STACK_OF(ASN1_GENERALSTRING) *namestring;
100 } KRB5_PRINCNAME;
101
102DECLARE_STACK_OF(KRB5_PRINCNAME)
103
104
105/* Ticket ::= [APPLICATION 1] SEQUENCE {
106** tkt-vno[0] INTEGER,
107** realm[1] Realm,
108** sname[2] PrincipalName,
109** enc-part[3] EncryptedData
110** }
111*/
112typedef struct krb5_tktbody_st
113 {
114 ASN1_INTEGER *tktvno;
115 ASN1_GENERALSTRING *realm;
116 KRB5_PRINCNAME *sname;
117 KRB5_ENCDATA *encdata;
118 } KRB5_TKTBODY;
119
120typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
121DECLARE_STACK_OF(KRB5_TKTBODY)
122
123
124/* AP-REQ ::= [APPLICATION 14] SEQUENCE {
125** pvno[0] INTEGER,
126** msg-type[1] INTEGER,
127** ap-options[2] APOptions,
128** ticket[3] Ticket,
129** authenticator[4] EncryptedData
130** }
131**
132** APOptions ::= BIT STRING {
133** reserved(0), use-session-key(1), mutual-required(2) }
134*/
135typedef struct krb5_ap_req_st
136 {
137 ASN1_INTEGER *pvno;
138 ASN1_INTEGER *msgtype;
139 ASN1_BIT_STRING *apoptions;
140 KRB5_TICKET *ticket;
141 KRB5_ENCDATA *authenticator;
142 } KRB5_APREQBODY;
143
144typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
145DECLARE_STACK_OF(KRB5_APREQBODY)
146
147
148/* Authenticator Stuff */
149
150
151/* Checksum ::= SEQUENCE {
152** cksumtype[0] INTEGER,
153** checksum[1] OCTET STRING
154** }
155*/
156typedef struct krb5_checksum_st
157 {
158 ASN1_INTEGER *ctype;
159 ASN1_OCTET_STRING *checksum;
160 } KRB5_CHECKSUM;
161
162DECLARE_STACK_OF(KRB5_CHECKSUM)
163
164
165/* EncryptionKey ::= SEQUENCE {
166** keytype[0] INTEGER,
167** keyvalue[1] OCTET STRING
168** }
169*/
170typedef struct krb5_encryptionkey_st
171 {
172 ASN1_INTEGER *ktype;
173 ASN1_OCTET_STRING *keyvalue;
174 } KRB5_ENCKEY;
175
176DECLARE_STACK_OF(KRB5_ENCKEY)
177
178
179/* AuthorizationData ::= SEQUENCE OF SEQUENCE {
180** ad-type[0] INTEGER,
181** ad-data[1] OCTET STRING
182** }
183*/
184typedef struct krb5_authorization_st
185 {
186 ASN1_INTEGER *adtype;
187 ASN1_OCTET_STRING *addata;
188 } KRB5_AUTHDATA;
189
190DECLARE_STACK_OF(KRB5_AUTHDATA)
191
192
193/* -- Unencrypted authenticator
194** Authenticator ::= [APPLICATION 2] SEQUENCE {
195** authenticator-vno[0] INTEGER,
196** crealm[1] Realm,
197** cname[2] PrincipalName,
198** cksum[3] Checksum OPTIONAL,
199** cusec[4] INTEGER,
200** ctime[5] KerberosTime,
201** subkey[6] EncryptionKey OPTIONAL,
202** seq-number[7] INTEGER OPTIONAL,
203** authorization-data[8] AuthorizationData OPTIONAL
204** }
205*/
206typedef struct krb5_authenticator_st
207 {
208 ASN1_INTEGER *avno;
209 ASN1_GENERALSTRING *crealm;
210 KRB5_PRINCNAME *cname;
211 KRB5_CHECKSUM *cksum;
212 ASN1_INTEGER *cusec;
213 ASN1_GENERALIZEDTIME *ctime;
214 KRB5_ENCKEY *subkey;
215 ASN1_INTEGER *seqnum;
216 KRB5_AUTHDATA *authorization;
217 } KRB5_AUTHENTBODY;
218
219typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
220DECLARE_STACK_OF(KRB5_AUTHENTBODY)
221
222
223/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
224** type *name##_new(void);
225** void name##_free(type *a);
226** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
227** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
228** type *d2i_##name(type **a, const unsigned char **in, long len);
229** int i2d_##name(type *a, unsigned char **out);
230** DECLARE_ASN1_ITEM(itname) = extern const ASN1_ITEM itname##_it
231*/
232
233DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
234DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
235DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
236DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
237DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
238DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
239
240DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
241DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
242DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
243DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
244DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
245
246
247/* BEGIN ERROR CODES */
248/* The following lines are auto generated by the script mkerr.pl. Any changes
249 * made after this point may be overwritten when the script is next run.
250 */
251
252#ifdef __cplusplus
253}
254#endif
255#endif
256
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 12:18:16 +0000