1// Copyright (C) 2002 Microsoft Corporation
2// All rights reserved.
3//
4// THIS CODE AND INFORMATION IS PROVIDED "AS IS"
5// WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
6// OR IMPLIED, INCLUDING BUT NOT LIMITED
7// TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY
8// AND/OR FITNESS FOR A PARTICULAR PURPOSE.
9//
10// Date    - 10/08/2002
11// Author  - Sanj Surati
12
13/////////////////////////////////////////////////////////////
14//
15// DERPARSE.H
16//
17// SPNEGO Token Handler Header File
18//
19// Contains the definitions required to properly parse the
20// SPNEGO DER encoding.
21//
22/////////////////////////////////////////////////////////////
23
24#pragma ident	"%Z%%M%	%I%	%E% SMI"
25
26#ifndef __DERPARSE_H__
27#define __DERPARSE_H__
28
29// C++ Specific
30#if defined(__cplusplus)
31extern "C"
32{
33#endif
34
35/* Identifier Types */
36#define  IDENTIFIER_MASK               0xC0  // Bits 7 and 8
37#define  IDENTIFIER_UNIVERSAL          0x00  // 00 = universal
38#define  IDENTIFIER_APPLICATION        0x40  // 01 = application
39#define  IDENTIFIER_CONTEXT_SPECIFIC   0x80  // 10 = context specific
40#define  IDENTIFIER_PRIVATE            0xC0  // 11 = Private
41
42/* Encoding type */
43
44#define FORM_MASK       0x20    /* Bit 6 */
45#define PRIMITIVE       0x00    /* 0 = primitive */
46#define CONSTRUCTED     0x20    /* 1 = constructed */
47
48/* Universal tags */
49
50#define TAG_MASK        0x1F    /* Bits 5 - 1 */
51#define BOOLEAN         0x01    /*  1: TRUE or FALSE */
52#define INTEGER         0x02    /*  2: Arbitrary precision integer */
53#define BITSTRING       0x03    /*  2: Sequence of bits */
54#define OCTETSTRING     0x04    /*  4: Sequence of bytes */
55#define NULLTAG         0x05    /*  5: NULL */
56#define OID             0x06    /*  6: Object Identifier (numeric sequence) */
57#define OBJDESCRIPTOR   0x07    /*  7: Object Descriptor (human readable) */
58#define EXTERNAL        0x08    /*  8: External / Instance Of */
59#define REAL            0x09    /*  9: Real (Mantissa * Base^Exponent) */
60#define ENUMERATED      0x0A    /* 10: Enumerated */
61#define EMBEDDED_PDV    0x0B    /* 11: Embedded Presentation Data Value */
62#define SEQUENCE        0x10    /* 16: Constructed Sequence / Sequence Of */
63#define SET             0x11    /* 17: Constructed Set / Set Of */
64#define NUMERICSTR      0x12    /* 18: Numeric String (digits only) */
65#define PRINTABLESTR    0x13    /* 19: Printable String */
66#define T61STR          0x14    /* 20: T61 String (Teletex) */
67#define VIDEOTEXSTR     0x15    /* 21: Videotex String */
68#define IA5STR          0x16    /* 22: IA5 String */
69#define UTCTIME         0x17    /* 23: UTC Time */
70#define GENERALIZEDTIME 0x18    /* 24: Generalized Time */
71#define GRAPHICSTR      0x19    /* 25: Graphic String */
72#define VISIBLESTR      0x1A    /* 26: Visible String (ISO 646) */
73#define GENERALSTR      0x1B    /* 27: General String */
74#define UNIVERSALSTR    0x1C    /* 28: Universal String */
75#define BMPSTR          0x1E    /* 30: Basic Multilingual Plane String */
76
77/* Length encoding */
78
79#define LEN_XTND  0x80      /* Indefinite or long form */
80#define LEN_MASK  0x7f      /* Bits 7 - 1 */
81
82#define SEQ_ELM(n) (IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED | ((n)&TAG_MASK))
83
84//
85// SPNEGO Token Parsing Constants
86//
87
88
89// Fixed Length of NegTokenInit ReqFlags field
90#define  SPNEGO_NEGINIT_MAXLEN_REQFLAGS   2
91
92// Difference in bits for ReqFlags token
93#define  SPNEGO_NEGINIT_REQFLAGS_BITDIFF  1
94
95// Fixed Length of NegTokenTarg NegResult field
96#define  SPNEGO_NEGTARG_MAXLEN_NEGRESULT  1
97
98// Application Specific Construct - Always at the start of a NegTokenInit
99#define  SPNEGO_NEGINIT_APP_CONSTRUCT     ( IDENTIFIER_APPLICATION | CONSTRUCTED ) // 0x60
100
101// Constructed Sequence token - after the actual token identifier token
102#define  SPNEGO_CONSTRUCTED_SEQUENCE      ( SEQUENCE | CONSTRUCTED )
103
104// MechList Type Identifier
105#define  SPNEGO_MECHLIST_TYPE      ( SEQUENCE | CONSTRUCTED | OID )
106
107//
108// NegTokenInit - Token Identifier and Elements
109//
110
111// NegTokenInit - 0xa0
112#define  SPNEGO_NEGINIT_TOKEN_IDENTIFIER  ( IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED |  \
113                                             SPNEGO_TOKEN_INIT )
114
115// Structure elements for NegTokenInit
116#define  SPNEGO_NEGINIT_MECHTYPES   0x0   // MechTypes is element 0
117#define  SPNEGO_NEGINIT_REQFLAGS    0x1   // ReqFlags is element 1
118#define  SPNEGO_NEGINIT_MECHTOKEN   0x2   // MechToken is element 2
119#define  SPNEGO_NEGINIT_MECHLISTMIC 0x3   // MechListMIC is element 3
120
121// MechTypes element is 0xa0
122#define SPNEGO_NEGINIT_ELEMENT_MECHTYPES    SEQ_ELM(SPNEGO_NEGINIT_MECHTYPES)
123// ReqFlags element is 0xa1
124#define SPNEGO_NEGINIT_ELEMENT_REQFLAGS     SEQ_ELM(SPNEGO_NEGINIT_REQFLAGS)
125// MechToken element is 0xa2
126#define SPNEGO_NEGINIT_ELEMENT_MECHTOKEN    SEQ_ELM(SPNEGO_NEGINIT_MECHTOKEN)
127// MechListMIC element is 0xa3
128#define  SPNEGO_NEGINIT_ELEMENT_MECHLISTMIC SEQ_ELM(SPNEGO_NEGINIT_MECHLISTMIC)
129
130//
131// NegTokenTarg - Token Identifier and Elements
132//
133
134// NegTokenTarg - 0xa1
135#define  SPNEGO_NEGTARG_TOKEN_IDENTIFIER  ( IDENTIFIER_CONTEXT_SPECIFIC | CONSTRUCTED |  \
136                                             SPNEGO_TOKEN_TARG )
137
138// Structure elements for NegTokenTarg
139#define  SPNEGO_NEGTARG_NEGRESULT         0x0   // NegResult is element 0
140#define  SPNEGO_NEGTARG_SUPPORTEDMECH     0x1   // SupportedMech is element 1
141#define  SPNEGO_NEGTARG_RESPONSETOKEN     0x2   // ResponseToken is element 2
142#define  SPNEGO_NEGTARG_MECHLISTMIC       0x3   // MechListMIC is element 3
143
144// NegResult element is 0xa0
145#define SPNEGO_NEGTARG_ELEMENT_NEGRESULT     SEQ_ELM(SPNEGO_NEGTARG_NEGRESULT)
146// SupportedMech element is 0xa1
147#define SPNEGO_NEGTARG_ELEMENT_SUPPORTEDMECH SEQ_ELM(SPNEGO_NEGTARG_SUPPORTEDMECH)
148// ResponseToken element is 0xa2
149#define SPNEGO_NEGTARG_ELEMENT_RESPONSETOKEN SEQ_ELM(SPNEGO_NEGTARG_RESPONSETOKEN)
150// MechListMIC element is 0xa3
151#define SPNEGO_NEGTARG_ELEMENT_MECHLISTMIC   SEQ_ELM(SPNEGO_NEGTARG_MECHLISTMIC)
152
153//
154// Defines a GSS Mechanism OID.  We keep a single static array
155// of these which we'll use for validation/searches/parsing.
156//
157
158typedef struct _mechOID
159{
160   unsigned char*    ucOid;            // Byte representation of OID
161   int               iLen;             // Length of the OID, length and identifier
162   int               iActualDataLen;   // Length of the actual OID
163   SPNEGO_MECH_OID   eMechanismOID;     // Which OID is this?
164} MECH_OID;
165
166
167//
168// ASN Der functions
169//
170
171int ASNDerGetLength( unsigned char* pbLengthData, long nBoundaryLength, long* pnLength,
172                    long* pnNumLengthBytes );
173int ASNDerCheckToken( unsigned char* pbTokenData, unsigned char nToken,
174                        long nCheckLength, long nBoundaryLength, long* pnLength,
175                        long* pnTokenLength );
176int ASNDerCheckOID( unsigned char* pbTokenData, SPNEGO_MECH_OID nMechOID, long nBoundaryLength,
177                     long* pnTokenLength );
178int ASNDerCalcNumLengthBytes( long nLength );
179long ASNDerCalcTokenLength( long nLength, long nDataLength );
180long ASNDerCalcElementLength( long nDataLength, long* pnInternalLength );
181long ASNDerCalcMechListLength( SPNEGO_MECH_OID mechoid, long* pnInternalLength );
182int ASNDerWriteLength( unsigned char* pbData, long nLength );
183int ASNDerWriteToken( unsigned char* pbData, unsigned char ucType,
184                     unsigned char* pbTokenValue, long nLength );
185int ASNDerWriteOID( unsigned char* pbData, SPNEGO_MECH_OID eMechOID );
186long ASNDerWriteMechList( unsigned char* pbData, SPNEGO_MECH_OID mechoid );
187int ASNDerWriteElement( unsigned char* pbData, unsigned char ucElementSequence,
188                        unsigned char ucType, unsigned char* pbTokenValue, long nLength );
189
190
191   // C++ Specific
192#if defined(__cplusplus)
193}
194#endif
195
196#endif
197