svn rev #22118: branches/fast/src/ include/ lib/krb5/asn.1/

hartmans@MIT.EDU hartmans at MIT.EDU
Thu Mar 26 01:36:21 EDT 2009 

http://src.mit.edu/fisheye/changelog/krb5/?cs=22118
Commit By: hartmans
Log Message:
pa_fx_fast_reply is a choice of sequence of encrypted data

There is a decryption step that needs to go between unwrapping the
fx_fast_reply and decoding the fast_response.  Expose the necessary
encoders and decoders?


Changed Files:
U   branches/fast/src/include/k5-int.h
U   branches/fast/src/lib/krb5/asn.1/asn1_k_encode.c
U   branches/fast/src/lib/krb5/asn.1/krb5_decode.c
Modified: branches/fast/src/include/k5-int.h
===================================================================
--- branches/fast/src/include/k5-int.h	2009-03-26 05:36:17 UTC (rev 22117)
+++ branches/fast/src/include/k5-int.h	2009-03-26 05:36:20 UTC (rev 22118)
@@ -1612,7 +1612,7 @@
 krb5_error_code encode_krb5_fast_req
 (const krb5_fast_req *, krb5_data **);
 krb5_error_code encode_krb5_pa_fx_fast_reply
-(const krb5_fast_response *, krb5_data **);
+(const krb5_enc_data *, krb5_data **);
 
 /*************************************************************************
  * End of prototypes for krb5_encode.c
@@ -1781,6 +1781,9 @@
 
 
 krb5_error_code decode_krb5_pa_fx_fast_reply
+(const krb5_data *, krb5_enc_data **);
+
+krb5_error_code decode_krb5_fast_response
 (const krb5_data *, krb5_fast_response **);
 
 struct _krb5_key_data;		/* kdb.h */

Modified: branches/fast/src/lib/krb5/asn.1/asn1_k_encode.c
===================================================================
--- branches/fast/src/lib/krb5/asn.1/asn1_k_encode.c	2009-03-26 05:36:17 UTC (rev 22117)
+++ branches/fast/src/lib/krb5/asn.1/asn1_k_encode.c	2009-03-26 05:36:20 UTC (rev 22118)
@@ -1244,12 +1244,17 @@
 }
 DEFSEQTYPE( fast_response, krb5_fast_response, fast_response_fields, fast_response_optional);
 
-DEFFIELDTYPE(pa_fx_fast_reply, krb5_fast_response,
-             FIELDOF_ENCODEAS(krb5_fast_response, fast_response, 0));
+static const struct field_info fast_rep_fields[] = {
+  FIELDOF_ENCODEAS(krb5_enc_data, encrypted_data, 0),
+};
+DEFSEQTYPE(fast_rep, krb5_enc_data, fast_rep_fields, 0);
 
+DEFFIELDTYPE(pa_fx_fast_reply, krb5_enc_data,
+             FIELDOF_ENCODEAS(krb5_enc_data, fast_rep, 0));
 
 
 
+
 /* Exported complete encoders -- these produce a krb5_data with
    the encoding in the correct byte order.  */
 
@@ -1319,6 +1324,7 @@
 MAKE_FULL_ENCODER(encode_krb5_pa_fx_fast_request, pa_fx_fast_request);
 MAKE_FULL_ENCODER( encode_krb5_fast_req, fast_req);
 MAKE_FULL_ENCODER( encode_krb5_pa_fx_fast_reply, pa_fx_fast_reply);
+MAKE_FULL_ENCODER(encode_krb5_fast_response, fast_response);
 
 
 

Modified: branches/fast/src/lib/krb5/asn.1/krb5_decode.c
===================================================================
--- branches/fast/src/lib/krb5/asn.1/krb5_decode.c	2009-03-26 05:36:17 UTC (rev 22117)
+++ branches/fast/src/lib/krb5/asn.1/krb5_decode.c	2009-03-26 05:36:20 UTC (rev 22118)
@@ -1121,31 +1121,44 @@
   cleanup(free);
 }
 
-krb5_error_code decode_krb5_pa_fx_fast_reply
+krb5_error_code decode_krb5_fast_response
 (const krb5_data *code, krb5_fast_response **repptr)
 {
-  setup(krb5_fast_response *);
+    setup(krb5_fast_response *);
 
-  alloc_field(rep);
-  clear_field(rep, finished);
-  clear_field(rep, padata);
-  clear_field(rep,rep_key);
-  {
-      int indef;
-      unsigned int taglen;
-      next_tag_from_buf(buf);
-      if (tagnum != 0)
-          clean_return(ASN1_BAD_ID);
-  }
-  {begin_structure();
-  get_field(rep->padata, 0, asn1_decode_sequence_of_pa_data);
-  opt_field(rep->rep_key, 1, asn1_decode_encryption_key_ptr);
-  opt_field(rep->finished, 2, asn1_decode_fast_finished_ptr);
-  end_structure(); }
-  rep->magic = KV5M_FAST_RESPONSE;
-  cleanup(free);
+    alloc_field(rep);
+    clear_field(rep, finished);
+    clear_field(rep, padata);
+    clear_field(rep,rep_key);
+    {begin_structure();
+    get_field(rep->padata, 0, asn1_decode_sequence_of_pa_data);
+    opt_field(rep->rep_key, 1, asn1_decode_encryption_key_ptr);
+    opt_field(rep->finished, 2, asn1_decode_fast_finished_ptr);
+    end_structure(); }
+    rep->magic = KV5M_FAST_RESPONSE;
+    cleanup(free);
 }
 
+krb5_error_code decode_krb5_pa_fx_fast_reply
+(const krb5_data *code, krb5_enc_data **repptr)
+{
+    setup(krb5_enc_data *);
+    alloc_field(rep);
+    {
+        int indef;
+        unsigned int taglen;
+        next_tag_from_buf(buf);
+        if (tagnum != 0)
+            clean_return(ASN1_BAD_ID);
+    }
+    {begin_structure();
+    get_field(*rep, 0, asn1_decode_encrypted_data);
+    end_structure();
+    }
+
+    cleanup(free);
+}
+
   
 #ifndef DISABLE_PKINIT
 krb5_error_code

More information about the cvs-krb5 mailing list