📄 spnegoparse.c
字号:
// Copyright (C) 2002 Microsoft Corporation// All rights reserved.//// THIS CODE AND INFORMATION IS PROVIDED "AS IS"// WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED// OR IMPLIED, INCLUDING BUT NOT LIMITED// TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY// AND/OR FITNESS FOR A PARTICULAR PURPOSE.//// Date - 10/08/2002// Author - Sanj Surati///////////////////////////////////////////////////////////////// SPNEGOPARSE.C//// SPNEGO Token Handler Source File//// Contains implementation of SPNEGO Token parsing functions.///////////////////////////////////////////////////////////////#include <stdlib.h>#include <stdio.h>#include <memory.h>#include "spnego.h"#include "derparse.h"#include "spnegoparse.h"//// Defined in DERPARSE.C//extern MECH_OID g_stcMechOIDList [];/**********************************************************************//** **//** **//** **//** **//** Local SPNEGO Helper definitions **//** **//** **//** **//** **//**********************************************************************////////////////////////////////////////////////////////////////////////////////// Function:// CalculateMinSpnegoInitTokenSize//// Parameters:// [in] nMechTokenLength - Length of the MechToken Element// [in] nMechListMICLength - Length of the MechListMIC Element// [in] mechOID - OID for MechList// [in] nReqFlagsAvailable - Is ContextFlags element available// [out] pnTokenSize - Filled out with total size of token// [out] pnInternalTokenLength - Filled out with length minus length// for initial token.//// Returns:// int Success - SPNEGO_E_SUCCESS// Failure - SPNEGO API Error code//// Comments :// Calculates the required length for a SPNEGO NegTokenInit token based// on the supplied variable length values and which elements are present.// Note that because the lengths can be represented by an arbitrary// number of bytes in DER encodings, we actually calculate the lengths// backwards, so we always know how many bytes we will potentially be// writing out.//////////////////////////////////////////////////////////////////////////////int CalculateMinSpnegoInitTokenSize( long nMechTokenLength, long nMechListMICLength, SPNEGO_MECH_OID mechOid, int nReqFlagsAvailable, long* pnTokenSize, long* pnInternalTokenLength ){ int nReturn = SPNEGO_E_INVALID_LENGTH; // Start at 0. long nTotalLength = 0; long nTempLength= 0L; // We will calculate this by walking the token backwards // Start with MIC Element if ( nMechListMICLength > 0L ) { nTempLength = ASNDerCalcElementLength( nMechListMICLength, NULL ); // Check for rollover error if ( nTempLength < nMechListMICLength ) { goto xEndTokenInitLength; } nTotalLength += nTempLength; } // Next is the MechToken if ( nMechTokenLength > 0L ) { nTempLength += ASNDerCalcElementLength( nMechTokenLength, NULL ); // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } nTotalLength = nTempLength; } // Next is the ReqFlags if ( nReqFlagsAvailable ) { nTempLength += ASNDerCalcElementLength( SPNEGO_NEGINIT_MAXLEN_REQFLAGS, NULL ); // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } nTotalLength = nTempLength; } // Next is the MechList - This is REQUIRED nTempLength += ASNDerCalcMechListLength( mechOid, NULL ); // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } nTotalLength = nTempLength; // Following four fields are the basic header tokens // Sequence Token nTempLength += ASNDerCalcTokenLength( nTotalLength, 0L ); // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } nTotalLength = nTempLength; // Neg Token Identifier Token nTempLength += ASNDerCalcTokenLength( nTotalLength, 0L ); // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } nTotalLength = nTempLength; // SPNEGO OID Token nTempLength += g_stcMechOIDList[spnego_mech_oid_Spnego].iLen; // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } nTotalLength = nTempLength; // App Constructed Token nTempLength += ASNDerCalcTokenLength( nTotalLength, 0L ); // Check for rollover error if ( nTempLength < nTotalLength ) { goto xEndTokenInitLength; } // The internal length doesn't include the number of bytes // for the initial token *pnInternalTokenLength = nTotalLength; nTotalLength = nTempLength; // We're done *pnTokenSize = nTotalLength; nReturn = SPNEGO_E_SUCCESS;xEndTokenInitLength: LOG(("CalculateMinSpnegoInitTokenSize returned %d\n",nReturn)); return nReturn;}///////////////////////////////////////////////////////////////////////////////// Function:// CreateSpnegoInitToken//// Parameters:// [in] MechType - OID in MechList// [in] ucContextFlags - ContextFlags value// [in] pbMechToken - Mech Token Binary Data// [in] ulMechTokenLen - Length of Mech Token// [in] pbMechListMIC - MechListMIC Binary Data// [in] ulMechListMICn - Length of MechListMIC// [out] pbTokenData - Buffer to write token into.// [in] nTokenLength - Length of pbTokenData buffer// [in] nInternalTokenLength - Length of full token without leading// token bytes.//// Returns:// int Success - SPNEGO_E_SUCCESS// Failure - SPNEGO API Error code//// Comments :// Uses DER to fill out pbTokenData with a SPNEGO NegTokenInit Token// Note that because the lengths can be represented by an arbitrary// number of bytes in DER encodings, we actually calculate the lengths// backwards, so we always know how many bytes we will potentially be// writing out.//////////////////////////////////////////////////////////////////////////////int CreateSpnegoInitToken( SPNEGO_MECH_OID MechType, unsigned char ucContextFlags, unsigned char* pbMechToken, unsigned long ulMechTokenLen, unsigned char* pbMechListMIC, unsigned long ulMechListMICLen, unsigned char* pbTokenData, long nTokenLength, long nInternalTokenLength ){ int nReturn = SPNEGO_E_INVALID_LENGTH; // Start at 0. long nTempLength= 0L; long nTotalBytesWritten = 0L; long nInternalLength = 0L; unsigned char* pbWriteTokenData = pbTokenData + nTokenLength; // Temporary buffer to hold the REQ Flags as BIT String Data unsigned char abTempReqFlags[SPNEGO_NEGINIT_MAXLEN_REQFLAGS]; // We will write the token out backwards to properly handle the cases // where the length bytes become adjustable // Start with MIC Element if ( ulMechListMICLen > 0L ) { nTempLength = ASNDerCalcElementLength( ulMechListMICLen, &nInternalLength ); // Decrease the pbWriteTokenData, now we know the length and // write it out. pbWriteTokenData -= nTempLength; nTempLength = ASNDerWriteElement( pbWriteTokenData, SPNEGO_NEGINIT_ELEMENT_MECHLISTMIC, OCTETSTRING, pbMechListMIC, ulMechListMICLen ); // Adjust Values and sanity check nTotalBytesWritten += nTempLength; nInternalTokenLength -= nTempLength; if ( nTotalBytesWritten > nTokenLength || nInternalTokenLength < 0 ) { goto xEndWriteNegTokenInit; } } // IF MechListMIC is present // Next is the MechToken if ( ulMechTokenLen > 0L ) { nTempLength = ASNDerCalcElementLength( ulMechTokenLen, &nInternalLength ); // Decrease the pbWriteTokenData, now we know the length and // write it out. pbWriteTokenData -= nTempLength; nTempLength = ASNDerWriteElement( pbWriteTokenData, SPNEGO_NEGINIT_ELEMENT_MECHTOKEN, OCTETSTRING, pbMechToken, ulMechTokenLen ); // Adjust Values and sanity check nTotalBytesWritten += nTempLength; nInternalTokenLength -= nTempLength; if ( nTotalBytesWritten > nTokenLength || nInternalTokenLength < 0 ) { goto xEndWriteNegTokenInit; } } // IF MechToken Length is present // Next is the ReqFlags if ( ucContextFlags > 0L ) { nTempLength = ASNDerCalcElementLength( SPNEGO_NEGINIT_MAXLEN_REQFLAGS, &nInternalLength ); // We need a byte that indicates how many bits difference between the number // of bits used in final octet (we only have one) and the max (8) abTempReqFlags[0] = SPNEGO_NEGINIT_REQFLAGS_BITDIFF; abTempReqFlags[1] = ucContextFlags; // Decrease the pbWriteTokenData, now we know the length and // write it out. pbWriteTokenData -= nTempLength; nTempLength = ASNDerWriteElement( pbWriteTokenData, SPNEGO_NEGINIT_ELEMENT_REQFLAGS, BITSTRING, abTempReqFlags, SPNEGO_NEGINIT_MAXLEN_REQFLAGS ); // Adjust Values and sanity check nTotalBytesWritten += nTempLength; nInternalTokenLength -= nTempLength; if ( nTotalBytesWritten > nTokenLength || nInternalTokenLength < 0 ) { goto xEndWriteNegTokenInit; } } // IF ContextFlags // Next is the MechList - This is REQUIRED nTempLength = ASNDerCalcMechListLength( MechType, &nInternalLength ); // Decrease the pbWriteTokenData, now we know the length and // write it out. pbWriteTokenData -= nTempLength; nTempLength = ASNDerWriteMechList( pbWriteTokenData, MechType ); // Adjust Values and sanity check nTotalBytesWritten += nTempLength; nInternalTokenLength -= nTempLength; if ( nTotalBytesWritten > nTokenLength || nInternalTokenLength < 0 ) { goto xEndWriteNegTokenInit; } // The next tokens we're writing out reflect the total number of bytes // we have actually written out. // Sequence Token nTempLength = ASNDerCalcTokenLength( nTotalBytesWritten, 0L ); // Decrease the pbWriteTokenData, now we know the length and // write it out. pbWriteTokenData -= nTempLength; nTempLength = ASNDerWriteToken( pbWriteTokenData, SPNEGO_CONSTRUCTED_SEQUENCE, NULL, nTotalBytesWritten ); // Adjust Values and sanity check nTotalBytesWritten += nTempLength; nInternalTokenLength -= nTempLength; if ( nTotalBytesWritten > nTokenLength || nInternalTokenLength < 0 ) { goto xEndWriteNegTokenInit; } // Neg Init Token Identifier Token nTempLength = ASNDerCalcTokenLength( nTotalBytesWritten, 0L ); // Decrease the pbWriteTokenData, now we know the length and // write it out. pbWriteTokenData -= nTempLength; nTempLength = ASNDerWriteToken( pbWriteTokenData, SPNEGO_NEGINIT_TOKEN_IDENTIFIER, NULL, nTotalBytesWritten ); // Adjust Values and sanity check nTotalBytesWritten += nTempLength; nInternalTokenLength -= nTempLength;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -