From: Sam Hartman Date: Thu, 26 Mar 2009 05:36:20 +0000 (+0000) Subject: pa_fx_fast_reply is a choice of sequence of encrypted data X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2d40e832e1c933445940025e54180ce47aa6cf17;p=thirdparty%2Fkrb5.git pa_fx_fast_reply is a choice of sequence of encrypted data There is a decryption step that needs to go between unwrapping the fx_fast_reply and decoding the fast_response. Expose the necessary encoders and decoders? git-svn-id: svn://anonsvn.mit.edu/krb5/branches/fast@22118 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/k5-int.h b/src/include/k5-int.h index c72544cd0f..bf7cc567dd 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -1612,7 +1612,7 @@ krb5_error_code encode_krb5_pa_fx_fast_request krb5_error_code encode_krb5_fast_req (const krb5_fast_req *, krb5_data **); krb5_error_code encode_krb5_pa_fx_fast_reply -(const krb5_fast_response *, krb5_data **); +(const krb5_enc_data *, krb5_data **); /************************************************************************* * End of prototypes for krb5_encode.c @@ -1781,6 +1781,9 @@ krb5_error_code decode_krb5_fast_req krb5_error_code decode_krb5_pa_fx_fast_reply +(const krb5_data *, krb5_enc_data **); + +krb5_error_code decode_krb5_fast_response (const krb5_data *, krb5_fast_response **); struct _krb5_key_data; /* kdb.h */ diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c index bcec13817e..73da21ae91 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.c +++ b/src/lib/krb5/asn.1/asn1_k_encode.c @@ -1244,8 +1244,13 @@ static unsigned int fast_response_optional (const void *p) } DEFSEQTYPE( fast_response, krb5_fast_response, fast_response_fields, fast_response_optional); -DEFFIELDTYPE(pa_fx_fast_reply, krb5_fast_response, - FIELDOF_ENCODEAS(krb5_fast_response, fast_response, 0)); +static const struct field_info fast_rep_fields[] = { + FIELDOF_ENCODEAS(krb5_enc_data, encrypted_data, 0), +}; +DEFSEQTYPE(fast_rep, krb5_enc_data, fast_rep_fields, 0); + +DEFFIELDTYPE(pa_fx_fast_reply, krb5_enc_data, + FIELDOF_ENCODEAS(krb5_enc_data, fast_rep, 0)); @@ -1319,6 +1324,7 @@ MAKE_FULL_ENCODER(encode_krb5_etype_list, etype_list); MAKE_FULL_ENCODER(encode_krb5_pa_fx_fast_request, pa_fx_fast_request); MAKE_FULL_ENCODER( encode_krb5_fast_req, fast_req); MAKE_FULL_ENCODER( encode_krb5_pa_fx_fast_reply, pa_fx_fast_reply); +MAKE_FULL_ENCODER(encode_krb5_fast_response, fast_response); diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index 68ab751e52..caa52f34f1 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -1121,29 +1121,42 @@ krb5_error_code decode_krb5_fast_req cleanup(free); } -krb5_error_code decode_krb5_pa_fx_fast_reply +krb5_error_code decode_krb5_fast_response (const krb5_data *code, krb5_fast_response **repptr) { - setup(krb5_fast_response *); + setup(krb5_fast_response *); - alloc_field(rep); - clear_field(rep, finished); - clear_field(rep, padata); - clear_field(rep,rep_key); - { - int indef; - unsigned int taglen; - next_tag_from_buf(buf); - if (tagnum != 0) - clean_return(ASN1_BAD_ID); - } - {begin_structure(); - get_field(rep->padata, 0, asn1_decode_sequence_of_pa_data); - opt_field(rep->rep_key, 1, asn1_decode_encryption_key_ptr); - opt_field(rep->finished, 2, asn1_decode_fast_finished_ptr); - end_structure(); } - rep->magic = KV5M_FAST_RESPONSE; - cleanup(free); + alloc_field(rep); + clear_field(rep, finished); + clear_field(rep, padata); + clear_field(rep,rep_key); + {begin_structure(); + get_field(rep->padata, 0, asn1_decode_sequence_of_pa_data); + opt_field(rep->rep_key, 1, asn1_decode_encryption_key_ptr); + opt_field(rep->finished, 2, asn1_decode_fast_finished_ptr); + end_structure(); } + rep->magic = KV5M_FAST_RESPONSE; + cleanup(free); +} + +krb5_error_code decode_krb5_pa_fx_fast_reply +(const krb5_data *code, krb5_enc_data **repptr) +{ + setup(krb5_enc_data *); + alloc_field(rep); + { + int indef; + unsigned int taglen; + next_tag_from_buf(buf); + if (tagnum != 0) + clean_return(ASN1_BAD_ID); + } + {begin_structure(); + get_field(*rep, 0, asn1_decode_encrypted_data); + end_structure(); + } + + cleanup(free); }