xref: /freebsd/crypto/krb5/src/lib/krb5/asn.1/ldap_key_seq.c (revision 7f2fe78b9dd5f51c821d771b63d2e096f6fd49e9)
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* ... copyright ... */
3 
4 /*
5  * Novell key-format scheme:
6  *
7  * KrbKeySet ::= SEQUENCE {
8  * attribute-major-vno       [0] UInt16,
9  * attribute-minor-vno       [1] UInt16,
10  * kvno                      [2] UInt32,
11  * mkvno                     [3] UInt32 OPTIONAL,
12  * keys                      [4] SEQUENCE OF KrbKey,
13  * ...
14  * }
15  *
16  * KrbKey ::= SEQUENCE {
17  * salt      [0] KrbSalt OPTIONAL,
18  * key       [1] EncryptionKey,
19  * s2kparams [2] OCTET STRING OPTIONAL,
20  *  ...
21  * }
22  *
23  * KrbSalt ::= SEQUENCE {
24  * type      [0] Int32,
25  * salt      [1] OCTET STRING OPTIONAL
26  * }
27  *
28  * EncryptionKey ::= SEQUENCE {
29  * keytype   [0] Int32,
30  * keyvalue  [1] OCTET STRING
31  * }
32  *
33  */
34 
35 #include <k5-int.h>
36 #include <kdb.h>
37 
38 #include "krbasn1.h"
39 #include "asn1_encode.h"
40 
41 #ifdef ENABLE_LDAP
42 
43 /************************************************************************/
44 /* Encode the Principal's keys                                          */
45 /************************************************************************/
46 
47 /*
48  * Imports from asn1_k_encode.c.
49  * XXX Must be manually synchronized for now.
50  */
51 IMPORT_TYPE(int32, int32_t);
52 
53 DEFINTTYPE(int16, int16_t);
54 DEFINTTYPE(uint16, uint16_t);
55 
56 DEFCOUNTEDSTRINGTYPE(ui2_octetstring, uint8_t *, uint16_t,
57                      k5_asn1_encode_bytestring, k5_asn1_decode_bytestring,
58                      ASN1_OCTETSTRING);
59 
60 static int
is_value_present(const void * p)61 is_value_present(const void *p)
62 {
63     const krb5_key_data *val = p;
64     return (val->key_data_length[1] != 0);
65 }
66 DEFCOUNTEDTYPE(krbsalt_salt, krb5_key_data, key_data_contents[1],
67                key_data_length[1], ui2_octetstring);
68 DEFOPTIONALTYPE(krbsalt_salt_if_present, is_value_present, NULL, krbsalt_salt);
69 DEFFIELD(krbsalt_0, krb5_key_data, key_data_type[1], 0, int16);
70 DEFCTAGGEDTYPE(krbsalt_1, 1, krbsalt_salt_if_present);
71 static const struct atype_info *krbsalt_fields[] = {
72     &k5_atype_krbsalt_0, &k5_atype_krbsalt_1
73 };
74 DEFSEQTYPE(krbsalt, krb5_key_data, krbsalt_fields);
75 
76 DEFFIELD(encryptionkey_0, krb5_key_data, key_data_type[0], 0, int16);
77 DEFCNFIELD(encryptionkey_1, krb5_key_data, key_data_contents[0],
78            key_data_length[0], 1, ui2_octetstring);
79 static const struct atype_info *encryptionkey_fields[] = {
80     &k5_atype_encryptionkey_0, &k5_atype_encryptionkey_1
81 };
82 DEFSEQTYPE(encryptionkey, krb5_key_data, encryptionkey_fields);
83 
84 static int
is_salt_present(const void * p)85 is_salt_present(const void *p)
86 {
87     const krb5_key_data *val = p;
88     return val->key_data_ver > 1;
89 }
90 static void
no_salt(void * p)91 no_salt(void *p)
92 {
93     krb5_key_data *val = p;
94     val->key_data_ver = 1;
95 }
96 DEFOPTIONALTYPE(key_data_salt_if_present, is_salt_present, no_salt, krbsalt);
97 DEFCTAGGEDTYPE(key_data_0, 0, key_data_salt_if_present);
98 DEFCTAGGEDTYPE(key_data_1, 1, encryptionkey);
99 static const struct atype_info *key_data_fields[] = {
100     &k5_atype_key_data_0, &k5_atype_key_data_1
101 };
102 DEFSEQTYPE(key_data, krb5_key_data, key_data_fields);
103 DEFPTRTYPE(ptr_key_data, key_data);
104 DEFCOUNTEDSEQOFTYPE(cseqof_key_data, int16_t, ptr_key_data);
105 
106 DEFINT_IMMEDIATE(one, 1, ASN1_BAD_FORMAT);
107 DEFCTAGGEDTYPE(ldap_key_seq_0, 0, one);
108 DEFCTAGGEDTYPE(ldap_key_seq_1, 1, one);
109 DEFFIELD(ldap_key_seq_2, ldap_seqof_key_data, kvno, 2, uint16);
110 DEFFIELD(ldap_key_seq_3, ldap_seqof_key_data, mkvno, 3, int32);
111 DEFCNFIELD(ldap_key_seq_4, ldap_seqof_key_data, key_data, n_key_data, 4,
112            cseqof_key_data);
113 static const struct atype_info *ldap_key_seq_fields[] = {
114     &k5_atype_ldap_key_seq_0, &k5_atype_ldap_key_seq_1,
115     &k5_atype_ldap_key_seq_2, &k5_atype_ldap_key_seq_3,
116     &k5_atype_ldap_key_seq_4
117 };
118 DEFSEQTYPE(ldap_key_seq, ldap_seqof_key_data, ldap_key_seq_fields);
119 
120 /* Export a function to do the whole encoding.  */
121 MAKE_ENCODER(krb5int_ldap_encode_sequence_of_keys, ldap_key_seq);
122 MAKE_DECODER(krb5int_ldap_decode_sequence_of_keys, ldap_key_seq);
123 
124 #endif
125