📄 spnegoparse.c
字号:
int FindMechOIDInMechList( SPNEGO_ELEMENT* pSpnegoElement, SPNEGO_MECH_OID MechOID, int * piMechTypeIndex ){ int nReturn = SPNEGO_E_NOT_FOUND; int nCtr = 0; long nLength = 0L; long nBoundaryLength = pSpnegoElement->nDatalength; unsigned char* pbMechListData = pSpnegoElement->pbData; while( SPNEGO_E_SUCCESS != nReturn && nBoundaryLength > 0L ) { // Use the helper function to check the OID if ( ( nReturn = ASNDerCheckOID( pbMechListData, MechOID, nBoundaryLength, &nLength ) ) == SPNEGO_E_SUCCESS ) { *piMechTypeIndex = nCtr; } // Adjust for the current OID pbMechListData += nLength; nBoundaryLength -= nLength; nCtr++; } // WHILE enuming OIDs LOG(("FindMechOIDInMechList returned %d\n",nReturn)); return nReturn;}///////////////////////////////////////////////////////////////////////////////// Function:// ValidateMechList//// Parameters:// [in] pbMechListData - Pointer to binary MechList data// [in] nBoundaryLength - Length we must not exceed//// Returns:// int Success - SPNEGO_E_SUCCESS// Failure - SPNEGO API Error code//// Comments :// Checks the data at pbMechListData to see if it looks like a MechList.// As part of this, we walk the list and ensure that none of the OIDs// have a length that takes us outside of nBoundaryLength.//////////////////////////////////////////////////////////////////////////////int ValidateMechList( unsigned char* pbMechListData, long nBoundaryLength ){ int nReturn = SPNEGO_E_SUCCESS; long nLength = 0L; long nTokenLength = 0L; while( SPNEGO_E_SUCCESS == nReturn && nBoundaryLength > 0L ) { // Verify that we have something that at least *looks* like an OID - in other // words it has an OID identifier and specifies a length that doesn't go beyond // the size of the list. nReturn = ASNDerCheckToken( pbMechListData, OID, 0L, nBoundaryLength, &nLength, &nTokenLength ); // Adjust for the current OID pbMechListData += ( nLength + nTokenLength ); nBoundaryLength -= ( nLength + nTokenLength ); } // WHILE enuming OIDs LOG(("ValidateMechList returned %d\n",nReturn)); return nReturn;}///////////////////////////////////////////////////////////////////////////////// Function:// IsValidMechOid//// Parameters:// [in] mechOid - mechOID id enumeration//// Returns:// int Success - 1// Failure - 0//// Comments :// Checks for a valid mechOid value.//////////////////////////////////////////////////////////////////////////////int IsValidMechOid( SPNEGO_MECH_OID mechOid ){ LOG(("IsValidMechOid returned %d\n",mechOid >= spnego_mech_oid_Kerberos_V5_Legacy && mechOid <= spnego_mech_oid_Spnego)); return ( mechOid >= spnego_mech_oid_Kerberos_V5_Legacy && mechOid <= spnego_mech_oid_Spnego );}///////////////////////////////////////////////////////////////////////////////// Function:// IsValidContextFlags//// Parameters:// [in] ucContextFlags - ContextFlags value//// Returns:// int Success - 1// Failure - 0//// Comments :// Checks for a valid ContextFlags value.//////////////////////////////////////////////////////////////////////////////int IsValidContextFlags( unsigned char ucContextFlags ){ // Mask out our valid bits. If there is anything leftover, this // is not a valid value for Context Flags LOG(("IsValidContextFlags returned %d\n",(( ucContextFlags & ~SPNEGO_NEGINIT_CONTEXT_MASK ) == 0))); return ( ( ucContextFlags & ~SPNEGO_NEGINIT_CONTEXT_MASK ) == 0 );}///////////////////////////////////////////////////////////////////////////////// Function:// IsValidNegResult//// Parameters:// [in] negResult - NegResult value//// Returns:// int Success - 1// Failure - 0//// Comments :// Checks for a valid NegResult value.//////////////////////////////////////////////////////////////////////////////int IsValidNegResult( SPNEGO_NEGRESULT negResult ){ LOG(("IsValidNegResult returned %d\n",negResult >= spnego_negresult_success && negResult <= spnego_negresult_rejected )); return ( negResult >= spnego_negresult_success && negResult <= spnego_negresult_rejected );}///////////////////////////////////////////////////////////////////////////////// Function:// IsValidSpnegoToken//// Parameters:// [in] pSpnegoToken - Points to SPNEGO_TOKEN data structure//// Returns:// int Success - 1// Failure - 0//// Comments :// Performs simple heuristic on location pointed to by pSpnegoToken.//////////////////////////////////////////////////////////////////////////////int IsValidSpnegoToken( SPNEGO_TOKEN* pSpnegoToken ){ int nReturn = 0; // Parameter should be non-NULL if ( NULL != pSpnegoToken ) { // Length should be at least the size defined in the header if ( pSpnegoToken->nStructSize >= SPNEGO_TOKEN_SIZE ) { // Number of elements should be >= our maximum - if it's greater, that's // okay, since we'll only be accessing the elements up to MAX_NUM_TOKEN_ELEMENTS if ( pSpnegoToken->nNumElements >= MAX_NUM_TOKEN_ELEMENTS ) { // Check for proper token type if ( SPNEGO_TOKEN_INIT == pSpnegoToken->ucTokenType || SPNEGO_TOKEN_TARG == pSpnegoToken->ucTokenType ) { nReturn = 1; } } } // IF struct size makes sense } // IF non-NULL spnego Token LOG(("IsValidSpnegoToken returned %d\n",nReturn)); return nReturn;}///////////////////////////////////////////////////////////////////////////////// Function:// IsValidSpnegoElement//// Parameters:// [in] pSpnegoToken - Points to SPNEGO_TOKEN data structure// [in] spnegoElement - spnegoElement Type from enumeration//// Returns:// int Success - 1// Failure - 0//// Comments :// Checks that spnegoElement has a valid value and is appropriate for// the SPNEGO token encapsulated by pSpnegoToken.//////////////////////////////////////////////////////////////////////////////int IsValidSpnegoElement( SPNEGO_TOKEN* pSpnegoToken,SPNEGO_ELEMENT_TYPE spnegoElement ){ int nReturn = 0; // Check boundaries if ( spnegoElement > spnego_element_min && spnegoElement < spnego_element_max ) { // Check for appropriateness to token type if ( SPNEGO_TOKEN_INIT == pSpnegoToken->ucTokenType ) { nReturn = ( spnegoElement >= spnego_init_mechtypes && spnegoElement <= spnego_init_mechListMIC ); } else { nReturn = ( spnegoElement >= spnego_targ_negResult && spnegoElement <= spnego_targ_mechListMIC ); } } // IF boundary conditions are met LOG(("IsValidSpnegoElement returned %d\n",nReturn)); return nReturn;}///////////////////////////////////////////////////////////////////////////////// Function:// CalculateElementArrayIndex//// Parameters:// [in] pSpnegoToken - Points to SPNEGO_TOKEN data structure// [in] spnegoElement - spnegoElement Type from enumeration//// Returns:// int index in the SPNEGO_TOKEN element array that the element can// can be found//// Comments :// Based on the Token Type, calculates the index in the element array// at which the specified element can be found.//////////////////////////////////////////////////////////////////////////////int CalculateElementArrayIndex( SPNEGO_TOKEN* pSpnegoToken,SPNEGO_ELEMENT_TYPE spnegoElement ){ int nReturn = 0; // Offset is difference between value and initial element identifier // (these differ based on ucTokenType) if ( SPNEGO_TOKEN_INIT == pSpnegoToken->ucTokenType ) { nReturn = spnegoElement - spnego_init_mechtypes; } else { nReturn = spnegoElement - spnego_targ_negResult; } LOG(("CalculateElementArrayIndex returned %d\n",nReturn)); return nReturn;}///////////////////////////////////////////////////////////////////////////////// Function:// InitTokenFromBinary//// Parameters:// [in] ucCopyData - Flag indicating if data should be copied// [in] ulFlags - Flags value for structure// [in] pnTokenData - Binary Token Data// [in] ulLength - Length of the data// [out] ppSpnegoToken - Pointer to call allocated SPNEGO Token// data structure//// Returns:// int Success - SPNEGO_E_SUCCESS// Failure - SPNEGO API Error code//// Comments :// Allocates a SPNEGO_TOKEN data structure and fills it out as// appropriate based in the flags passed into the function.//////////////////////////////////////////////////////////////////////////////// Initializes SPNEGO_TOKEN structure from DER encoded binary dataint InitTokenFromBinary( unsigned char ucCopyData, unsigned long ulFlags, unsigned char* pbTokenData, unsigned long ulLength, SPNEGO_TOKEN** ppSpnegoToken ){ int nReturn = SPNEGO_E_INVALID_PARAMETER; SPNEGO_TOKEN* pSpnegoToken = NULL; unsigned char* pbFirstElement = NULL; long nTokenLength = 0L; long nRemainingTokenLength = 0L; // Basic Parameter Validation if ( NULL != pbTokenData && NULL != ppSpnegoToken && 0L != ulLength ) { // // Allocate the empty token, then initialize the data structure. // pSpnegoToken = AllocEmptySpnegoToken( ucCopyData, ulFlags, pbTokenData, ulLength ); if ( NULL != pSpnegoToken ) { // Copy the binary data locally // Initialize the token type if ( ( nReturn = InitSpnegoTokenType( pSpnegoToken, &nTokenLength, &nRemainingTokenLength, &pbFirstElement ) ) == SPNEGO_E_SUCCESS ) { // Initialize the element array if ( ( nReturn = InitSpnegoTokenElements( pSpnegoToken, pbFirstElement, nRemainingTokenLength ) ) == SPNEGO_E_SUCCESS ) { *ppSpnegoToken = pSpnegoToken; } } // IF Init Token Type // Cleanup on error condition if ( SPNEGO_E_SUCCESS != nReturn ) { spnegoFreeData( pSpnegoToken ); } } else { nReturn = SPNEGO_E_OUT_OF_MEMORY; } } // IF Valid parameters LOG(("InitTokenFromBinary returned %d\n",nReturn)); return nReturn;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -