diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2016-11-04 18:12:50 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2016-11-04 18:12:50 +0000 |
commit | 41cd744964d935feb4c08ba78e9b2e0b85dc7b76 (patch) | |
tree | 15fe437ce7b1e7b477dea2c9b2d658cb736019d7 | |
parent | 03692c82a96deb0f287ab03f0b730afe33a0dbdd (diff) |
Nuke the KRB5 ASN.1 code from orbit.
ok beck@
-rw-r--r-- | lib/libcrypto/Makefile | 7 | ||||
-rw-r--r-- | lib/libcrypto/krb5/krb5_asn.c | 722 | ||||
-rw-r--r-- | lib/libcrypto/krb5/krb5_asn.h | 256 |
3 files changed, 1 insertions, 984 deletions
diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index c85d72bdafc..0517d8ab088 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.9 2016/11/04 13:57:38 miod Exp $ +# $OpenBSD: Makefile,v 1.10 2016/11/04 18:12:49 jsing Exp $ LIB= crypto @@ -161,9 +161,6 @@ SRCS+= hmac.c hm_ameth.c hm_pmeth.c # idea/ SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c -# krb5/ -SRCS+= krb5_asn.c - # lhash/ SRCS+= lhash.c lh_stats.c @@ -277,7 +274,6 @@ SRCS+= pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c ${LCRYPTO_SRC}/gost \ ${LCRYPTO_SRC}/hmac \ ${LCRYPTO_SRC}/idea \ - ${LCRYPTO_SRC}/krb5 \ ${LCRYPTO_SRC}/lhash \ ${LCRYPTO_SRC}/md4 \ ${LCRYPTO_SRC}/md5 \ @@ -334,7 +330,6 @@ HDRS=\ ${LCRYPTO_SRC}/gost/gost.h \ ${LCRYPTO_SRC}/hmac/hmac.h \ ${LCRYPTO_SRC}/idea/idea.h \ - ${LCRYPTO_SRC}/krb5/krb5_asn.h \ ${LCRYPTO_SRC}/lhash/lhash.h \ ${LCRYPTO_SRC}/md4/md4.h \ ${LCRYPTO_SRC}/md5/md5.h \ diff --git a/lib/libcrypto/krb5/krb5_asn.c b/lib/libcrypto/krb5/krb5_asn.c deleted file mode 100644 index 4713fce37b3..00000000000 --- a/lib/libcrypto/krb5/krb5_asn.c +++ /dev/null @@ -1,722 +0,0 @@ -/* $OpenBSD: krb5_asn.c,v 1.4 2015/07/25 14:49:45 jsing Exp $ */ -/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, -** using ocsp/{*.h,*asn*.c} as a starting point -*/ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#include <openssl/asn1.h> -#include <openssl/asn1t.h> -#include <openssl/krb5_asn.h> - - -static const ASN1_TEMPLATE KRB5_ENCDATA_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_ENCDATA, etype), - .field_name = "etype", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(KRB5_ENCDATA, kvno), - .field_name = "kvno", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 2, - .offset = offsetof(KRB5_ENCDATA, cipher), - .field_name = "cipher", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM KRB5_ENCDATA_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_ENCDATA_seq_tt, - .tcount = sizeof(KRB5_ENCDATA_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_ENCDATA), - .sname = "KRB5_ENCDATA", -}; - - -KRB5_ENCDATA * -d2i_KRB5_ENCDATA(KRB5_ENCDATA **a, const unsigned char **in, long len) -{ - return (KRB5_ENCDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_ENCDATA_it); -} - -int -i2d_KRB5_ENCDATA(KRB5_ENCDATA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_ENCDATA_it); -} - -KRB5_ENCDATA * -KRB5_ENCDATA_new(void) -{ - return (KRB5_ENCDATA *)ASN1_item_new(&KRB5_ENCDATA_it); -} - -void -KRB5_ENCDATA_free(KRB5_ENCDATA *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_ENCDATA_it); -} - - -static const ASN1_TEMPLATE KRB5_PRINCNAME_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_PRINCNAME, nametype), - .field_name = "nametype", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF, - .tag = 1, - .offset = offsetof(KRB5_PRINCNAME, namestring), - .field_name = "namestring", - .item = &ASN1_GENERALSTRING_it, - }, -}; - -const ASN1_ITEM KRB5_PRINCNAME_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_PRINCNAME_seq_tt, - .tcount = sizeof(KRB5_PRINCNAME_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_PRINCNAME), - .sname = "KRB5_PRINCNAME", -}; - - -KRB5_PRINCNAME * -d2i_KRB5_PRINCNAME(KRB5_PRINCNAME **a, const unsigned char **in, long len) -{ - return (KRB5_PRINCNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_PRINCNAME_it); -} - -int -i2d_KRB5_PRINCNAME(KRB5_PRINCNAME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_PRINCNAME_it); -} - -KRB5_PRINCNAME * -KRB5_PRINCNAME_new(void) -{ - return (KRB5_PRINCNAME *)ASN1_item_new(&KRB5_PRINCNAME_it); -} - -void -KRB5_PRINCNAME_free(KRB5_PRINCNAME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_PRINCNAME_it); -} - - -/* [APPLICATION 1] = 0x61 */ -static const ASN1_TEMPLATE KRB5_TKTBODY_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_TKTBODY, tktvno), - .field_name = "tktvno", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(KRB5_TKTBODY, realm), - .field_name = "realm", - .item = &ASN1_GENERALSTRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 2, - .offset = offsetof(KRB5_TKTBODY, sname), - .field_name = "sname", - .item = &KRB5_PRINCNAME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 3, - .offset = offsetof(KRB5_TKTBODY, encdata), - .field_name = "encdata", - .item = &KRB5_ENCDATA_it, - }, -}; - -const ASN1_ITEM KRB5_TKTBODY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_TKTBODY_seq_tt, - .tcount = sizeof(KRB5_TKTBODY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_TKTBODY), - .sname = "KRB5_TKTBODY", -}; - - -KRB5_TKTBODY * -d2i_KRB5_TKTBODY(KRB5_TKTBODY **a, const unsigned char **in, long len) -{ - return (KRB5_TKTBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_TKTBODY_it); -} - -int -i2d_KRB5_TKTBODY(KRB5_TKTBODY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_TKTBODY_it); -} - -KRB5_TKTBODY * -KRB5_TKTBODY_new(void) -{ - return (KRB5_TKTBODY *)ASN1_item_new(&KRB5_TKTBODY_it); -} - -void -KRB5_TKTBODY_free(KRB5_TKTBODY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_TKTBODY_it); -} - - -static const ASN1_TEMPLATE KRB5_TICKET_item_tt = { - .flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION, - .tag = 1, - .offset = 0, - .field_name = "KRB5_TICKET", - .item = &KRB5_TKTBODY_it, -}; - -const ASN1_ITEM KRB5_TICKET_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &KRB5_TICKET_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "KRB5_TICKET", -}; - - -KRB5_TICKET * -d2i_KRB5_TICKET(KRB5_TICKET **a, const unsigned char **in, long len) -{ - return (KRB5_TICKET *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_TICKET_it); -} - -int -i2d_KRB5_TICKET(KRB5_TICKET *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_TICKET_it); -} - -KRB5_TICKET * -KRB5_TICKET_new(void) -{ - return (KRB5_TICKET *)ASN1_item_new(&KRB5_TICKET_it); -} - -void -KRB5_TICKET_free(KRB5_TICKET *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_TICKET_it); -} - - -/* [APPLICATION 14] = 0x6e */ -static const ASN1_TEMPLATE KRB5_APREQBODY_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_APREQBODY, pvno), - .field_name = "pvno", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(KRB5_APREQBODY, msgtype), - .field_name = "msgtype", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 2, - .offset = offsetof(KRB5_APREQBODY, apoptions), - .field_name = "apoptions", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 3, - .offset = offsetof(KRB5_APREQBODY, ticket), - .field_name = "ticket", - .item = &KRB5_TICKET_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 4, - .offset = offsetof(KRB5_APREQBODY, authenticator), - .field_name = "authenticator", - .item = &KRB5_ENCDATA_it, - }, -}; - -const ASN1_ITEM KRB5_APREQBODY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_APREQBODY_seq_tt, - .tcount = sizeof(KRB5_APREQBODY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_APREQBODY), - .sname = "KRB5_APREQBODY", -}; - - -KRB5_APREQBODY * -d2i_KRB5_APREQBODY(KRB5_APREQBODY **a, const unsigned char **in, long len) -{ - return (KRB5_APREQBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_APREQBODY_it); -} - -int -i2d_KRB5_APREQBODY(KRB5_APREQBODY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_APREQBODY_it); -} - -KRB5_APREQBODY * -KRB5_APREQBODY_new(void) -{ - return (KRB5_APREQBODY *)ASN1_item_new(&KRB5_APREQBODY_it); -} - -void -KRB5_APREQBODY_free(KRB5_APREQBODY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_APREQBODY_it); -} - -static const ASN1_TEMPLATE KRB5_APREQ_item_tt = { - .flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION, - .tag = 14, - .offset = 0, - .field_name = "KRB5_APREQ", - .item = &KRB5_APREQBODY_it, -}; - -const ASN1_ITEM KRB5_APREQ_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &KRB5_APREQ_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "KRB5_APREQ", -}; - - -KRB5_APREQ * -d2i_KRB5_APREQ(KRB5_APREQ **a, const unsigned char **in, long len) -{ - return (KRB5_APREQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_APREQ_it); -} - -int -i2d_KRB5_APREQ(KRB5_APREQ *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_APREQ_it); -} - -KRB5_APREQ * -KRB5_APREQ_new(void) -{ - return (KRB5_APREQ *)ASN1_item_new(&KRB5_APREQ_it); -} - -void -KRB5_APREQ_free(KRB5_APREQ *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_APREQ_it); -} - - -/* Authenticator stuff */ - -static const ASN1_TEMPLATE KRB5_CHECKSUM_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_CHECKSUM, ctype), - .field_name = "ctype", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(KRB5_CHECKSUM, checksum), - .field_name = "checksum", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM KRB5_CHECKSUM_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_CHECKSUM_seq_tt, - .tcount = sizeof(KRB5_CHECKSUM_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_CHECKSUM), - .sname = "KRB5_CHECKSUM", -}; - - -KRB5_CHECKSUM * -d2i_KRB5_CHECKSUM(KRB5_CHECKSUM **a, const unsigned char **in, long len) -{ - return (KRB5_CHECKSUM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_CHECKSUM_it); -} - -int -i2d_KRB5_CHECKSUM(KRB5_CHECKSUM *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_CHECKSUM_it); -} - -KRB5_CHECKSUM * -KRB5_CHECKSUM_new(void) -{ - return (KRB5_CHECKSUM *)ASN1_item_new(&KRB5_CHECKSUM_it); -} - -void -KRB5_CHECKSUM_free(KRB5_CHECKSUM *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_CHECKSUM_it); -} - - -static const ASN1_TEMPLATE KRB5_ENCKEY_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_ENCKEY, ktype), - .field_name = "ktype", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(KRB5_ENCKEY, keyvalue), - .field_name = "keyvalue", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM KRB5_ENCKEY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_ENCKEY_seq_tt, - .tcount = sizeof(KRB5_ENCKEY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_ENCKEY), - .sname = "KRB5_ENCKEY", -}; - - -KRB5_ENCKEY * -d2i_KRB5_ENCKEY(KRB5_ENCKEY **a, const unsigned char **in, long len) -{ - return (KRB5_ENCKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_ENCKEY_it); -} - -int -i2d_KRB5_ENCKEY(KRB5_ENCKEY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_ENCKEY_it); -} - -KRB5_ENCKEY * -KRB5_ENCKEY_new(void) -{ - return (KRB5_ENCKEY *)ASN1_item_new(&KRB5_ENCKEY_it); -} - -void -KRB5_ENCKEY_free(KRB5_ENCKEY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_ENCKEY_it); -} - - -/* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */ -static const ASN1_TEMPLATE KRB5_AUTHDATA_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_AUTHDATA, adtype), - .field_name = "adtype", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(KRB5_AUTHDATA, addata), - .field_name = "addata", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM KRB5_AUTHDATA_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_AUTHDATA_seq_tt, - .tcount = sizeof(KRB5_AUTHDATA_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_AUTHDATA), - .sname = "KRB5_AUTHDATA", -}; - - -KRB5_AUTHDATA * -d2i_KRB5_AUTHDATA(KRB5_AUTHDATA **a, const unsigned char **in, long len) -{ - return (KRB5_AUTHDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_AUTHDATA_it); -} - -int -i2d_KRB5_AUTHDATA(KRB5_AUTHDATA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHDATA_it); -} - -KRB5_AUTHDATA * -KRB5_AUTHDATA_new(void) -{ - return (KRB5_AUTHDATA *)ASN1_item_new(&KRB5_AUTHDATA_it); -} - -void -KRB5_AUTHDATA_free(KRB5_AUTHDATA *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHDATA_it); -} - - -/* [APPLICATION 2] = 0x62 */ -static const ASN1_TEMPLATE KRB5_AUTHENTBODY_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(KRB5_AUTHENTBODY, avno), - .field_name = "avno", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(KRB5_AUTHENTBODY, crealm), - .field_name = "crealm", - .item = &ASN1_GENERALSTRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 2, - .offset = offsetof(KRB5_AUTHENTBODY, cname), - .field_name = "cname", - .item = &KRB5_PRINCNAME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 3, - .offset = offsetof(KRB5_AUTHENTBODY, cksum), - .field_name = "cksum", - .item = &KRB5_CHECKSUM_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 4, - .offset = offsetof(KRB5_AUTHENTBODY, cusec), - .field_name = "cusec", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 5, - .offset = offsetof(KRB5_AUTHENTBODY, ctime), - .field_name = "ctime", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 6, - .offset = offsetof(KRB5_AUTHENTBODY, subkey), - .field_name = "subkey", - .item = &KRB5_ENCKEY_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 7, - .offset = offsetof(KRB5_AUTHENTBODY, seqnum), - .field_name = "seqnum", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 8, - .offset = offsetof(KRB5_AUTHENTBODY, authorization), - .field_name = "authorization", - .item = &KRB5_AUTHDATA_it, - }, -}; - -const ASN1_ITEM KRB5_AUTHENTBODY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = KRB5_AUTHENTBODY_seq_tt, - .tcount = sizeof(KRB5_AUTHENTBODY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(KRB5_AUTHENTBODY), - .sname = "KRB5_AUTHENTBODY", -}; - - -KRB5_AUTHENTBODY * -d2i_KRB5_AUTHENTBODY(KRB5_AUTHENTBODY **a, const unsigned char **in, long len) -{ - return (KRB5_AUTHENTBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_AUTHENTBODY_it); -} - -int -i2d_KRB5_AUTHENTBODY(KRB5_AUTHENTBODY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHENTBODY_it); -} - -KRB5_AUTHENTBODY * -KRB5_AUTHENTBODY_new(void) -{ - return (KRB5_AUTHENTBODY *)ASN1_item_new(&KRB5_AUTHENTBODY_it); -} - -void -KRB5_AUTHENTBODY_free(KRB5_AUTHENTBODY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHENTBODY_it); -} - -static const ASN1_TEMPLATE KRB5_AUTHENT_item_tt = { - .flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION, - .tag = 2, - .offset = 0, - .field_name = "KRB5_AUTHENT", - .item = &KRB5_AUTHENTBODY_it, -}; - -const ASN1_ITEM KRB5_AUTHENT_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &KRB5_AUTHENT_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "KRB5_AUTHENT", -}; - - -KRB5_AUTHENT * -d2i_KRB5_AUTHENT(KRB5_AUTHENT **a, const unsigned char **in, long len) -{ - return (KRB5_AUTHENT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &KRB5_AUTHENT_it); -} - -int -i2d_KRB5_AUTHENT(KRB5_AUTHENT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHENT_it); -} - -KRB5_AUTHENT * -KRB5_AUTHENT_new(void) -{ - return (KRB5_AUTHENT *)ASN1_item_new(&KRB5_AUTHENT_it); -} - -void -KRB5_AUTHENT_free(KRB5_AUTHENT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHENT_it); -} diff --git a/lib/libcrypto/krb5/krb5_asn.h b/lib/libcrypto/krb5/krb5_asn.h deleted file mode 100644 index a5326e10579..00000000000 --- a/lib/libcrypto/krb5/krb5_asn.h +++ /dev/null @@ -1,256 +0,0 @@ -/* $OpenBSD: krb5_asn.h,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ -/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, -** using ocsp/{*.h,*asn*.c} as a starting point -*/ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_KRB5_ASN_H -#define HEADER_KRB5_ASN_H - -/* -#include <krb5.h> -*/ -#include <openssl/safestack.h> - -#ifdef __cplusplus -extern "C" { -#endif - - -/* ASN.1 from Kerberos RFC 1510 -*/ - -/* EncryptedData ::= SEQUENCE { -** etype[0] INTEGER, -- EncryptionType -** kvno[1] INTEGER OPTIONAL, -** cipher[2] OCTET STRING -- ciphertext -** } -*/ -typedef struct krb5_encdata_st - { - ASN1_INTEGER *etype; - ASN1_INTEGER *kvno; - ASN1_OCTET_STRING *cipher; - } KRB5_ENCDATA; - -DECLARE_STACK_OF(KRB5_ENCDATA) - -/* PrincipalName ::= SEQUENCE { -** name-type[0] INTEGER, -** name-string[1] SEQUENCE OF GeneralString -** } -*/ -typedef struct krb5_princname_st - { - ASN1_INTEGER *nametype; - STACK_OF(ASN1_GENERALSTRING) *namestring; - } KRB5_PRINCNAME; - -DECLARE_STACK_OF(KRB5_PRINCNAME) - - -/* Ticket ::= [APPLICATION 1] SEQUENCE { -** tkt-vno[0] INTEGER, -** realm[1] Realm, -** sname[2] PrincipalName, -** enc-part[3] EncryptedData -** } -*/ -typedef struct krb5_tktbody_st - { - ASN1_INTEGER *tktvno; - ASN1_GENERALSTRING *realm; - KRB5_PRINCNAME *sname; - KRB5_ENCDATA *encdata; - } KRB5_TKTBODY; - -typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET; -DECLARE_STACK_OF(KRB5_TKTBODY) - - -/* AP-REQ ::= [APPLICATION 14] SEQUENCE { -** pvno[0] INTEGER, -** msg-type[1] INTEGER, -** ap-options[2] APOptions, -** ticket[3] Ticket, -** authenticator[4] EncryptedData -** } -** -** APOptions ::= BIT STRING { -** reserved(0), use-session-key(1), mutual-required(2) } -*/ -typedef struct krb5_ap_req_st - { - ASN1_INTEGER *pvno; - ASN1_INTEGER *msgtype; - ASN1_BIT_STRING *apoptions; - KRB5_TICKET *ticket; - KRB5_ENCDATA *authenticator; - } KRB5_APREQBODY; - -typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ; -DECLARE_STACK_OF(KRB5_APREQBODY) - - -/* Authenticator Stuff */ - - -/* Checksum ::= SEQUENCE { -** cksumtype[0] INTEGER, -** checksum[1] OCTET STRING -** } -*/ -typedef struct krb5_checksum_st - { - ASN1_INTEGER *ctype; - ASN1_OCTET_STRING *checksum; - } KRB5_CHECKSUM; - -DECLARE_STACK_OF(KRB5_CHECKSUM) - - -/* EncryptionKey ::= SEQUENCE { -** keytype[0] INTEGER, -** keyvalue[1] OCTET STRING -** } -*/ -typedef struct krb5_encryptionkey_st - { - ASN1_INTEGER *ktype; - ASN1_OCTET_STRING *keyvalue; - } KRB5_ENCKEY; - -DECLARE_STACK_OF(KRB5_ENCKEY) - - -/* AuthorizationData ::= SEQUENCE OF SEQUENCE { -** ad-type[0] INTEGER, -** ad-data[1] OCTET STRING -** } -*/ -typedef struct krb5_authorization_st - { - ASN1_INTEGER *adtype; - ASN1_OCTET_STRING *addata; - } KRB5_AUTHDATA; - -DECLARE_STACK_OF(KRB5_AUTHDATA) - - -/* -- Unencrypted authenticator -** Authenticator ::= [APPLICATION 2] SEQUENCE { -** authenticator-vno[0] INTEGER, -** crealm[1] Realm, -** cname[2] PrincipalName, -** cksum[3] Checksum OPTIONAL, -** cusec[4] INTEGER, -** ctime[5] KerberosTime, -** subkey[6] EncryptionKey OPTIONAL, -** seq-number[7] INTEGER OPTIONAL, -** authorization-data[8] AuthorizationData OPTIONAL -** } -*/ -typedef struct krb5_authenticator_st - { - ASN1_INTEGER *avno; - ASN1_GENERALSTRING *crealm; - KRB5_PRINCNAME *cname; - KRB5_CHECKSUM *cksum; - ASN1_INTEGER *cusec; - ASN1_GENERALIZEDTIME *ctime; - KRB5_ENCKEY *subkey; - ASN1_INTEGER *seqnum; - KRB5_AUTHDATA *authorization; - } KRB5_AUTHENTBODY; - -typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT; -DECLARE_STACK_OF(KRB5_AUTHENTBODY) - - -/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) = -** type *name##_new(void); -** void name##_free(type *a); -** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = -** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = -** type *d2i_##name(type **a, const unsigned char **in, long len); -** int i2d_##name(type *a, unsigned char **out); -** DECLARE_ASN1_ITEM(itname) = extern const ASN1_ITEM itname##_it -*/ - -DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA) -DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME) -DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY) -DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY) -DECLARE_ASN1_FUNCTIONS(KRB5_TICKET) -DECLARE_ASN1_FUNCTIONS(KRB5_APREQ) - -DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM) -DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY) -DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA) -DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY) -DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT) - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -#ifdef __cplusplus -} -#endif -#endif - |