17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * src/lib/krb5/asn.1/krb5_decode.c
3*55fea89dSDan Cross  *
47c478bd9Sstevel@tonic-gate  * Copyright 1994 by the Massachusetts Institute of Technology.
57c478bd9Sstevel@tonic-gate  * All Rights Reserved.
67c478bd9Sstevel@tonic-gate  *
77c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may
87c478bd9Sstevel@tonic-gate  *   require a specific license from the United States Government.
97c478bd9Sstevel@tonic-gate  *   It is the responsibility of any person or organization contemplating
107c478bd9Sstevel@tonic-gate  *   export to obtain such a license before exporting.
11*55fea89dSDan Cross  *
127c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
137c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
147c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
157c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
167c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
177c478bd9Sstevel@tonic-gate  * the name of M.I.T. not be used in advertising or publicity pertaining
187c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
197c478bd9Sstevel@tonic-gate  * permission.  Furthermore if you modify this software you must label
207c478bd9Sstevel@tonic-gate  * your software as modified software and not distribute it in such a
217c478bd9Sstevel@tonic-gate  * fashion that it might be confused with the original M.I.T. software.
227c478bd9Sstevel@tonic-gate  * M.I.T. makes no representations about the suitability of
237c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
247c478bd9Sstevel@tonic-gate  * or implied warranty.
257c478bd9Sstevel@tonic-gate  */
267c478bd9Sstevel@tonic-gate 
27159d09a2SMark Phalan #include "k5-int.h"
287c478bd9Sstevel@tonic-gate #include "krbasn1.h"
297c478bd9Sstevel@tonic-gate #include "asn1_k_decode.h"
307c478bd9Sstevel@tonic-gate #include "asn1_decode.h"
317c478bd9Sstevel@tonic-gate #include "asn1_get.h"
327c478bd9Sstevel@tonic-gate 
337c478bd9Sstevel@tonic-gate /* setup *********************************************************/
347c478bd9Sstevel@tonic-gate /* set up variables */
357c478bd9Sstevel@tonic-gate /* the setup* macros can return, but are always used at function start
367c478bd9Sstevel@tonic-gate    and thus need no malloc cleanup */
377c478bd9Sstevel@tonic-gate #define setup_buf_only()\
387c478bd9Sstevel@tonic-gate asn1_error_code retval;\
397c478bd9Sstevel@tonic-gate asn1buf buf;\
407c478bd9Sstevel@tonic-gate \
417c478bd9Sstevel@tonic-gate retval = asn1buf_wrap_data(&buf,code);\
427c478bd9Sstevel@tonic-gate if(retval) return retval
437c478bd9Sstevel@tonic-gate 
447c478bd9Sstevel@tonic-gate #define setup_no_tagnum()\
457c478bd9Sstevel@tonic-gate asn1_class asn1class;\
467c478bd9Sstevel@tonic-gate asn1_construction construction;\
477c478bd9Sstevel@tonic-gate setup_buf_only()
487c478bd9Sstevel@tonic-gate 
497c478bd9Sstevel@tonic-gate #define setup_no_length()\
507c478bd9Sstevel@tonic-gate asn1_tagnum tagnum;\
517c478bd9Sstevel@tonic-gate setup_no_tagnum()
527c478bd9Sstevel@tonic-gate 
537c478bd9Sstevel@tonic-gate #define setup()\
547c478bd9Sstevel@tonic-gate unsigned int length;\
557c478bd9Sstevel@tonic-gate setup_no_length()
567c478bd9Sstevel@tonic-gate 
577c478bd9Sstevel@tonic-gate /* helper macros for cleanup */
587c478bd9Sstevel@tonic-gate #define clean_return(val) { retval = val; goto error_out; }
597c478bd9Sstevel@tonic-gate 
607c478bd9Sstevel@tonic-gate /* alloc_field is the first thing to allocate storage that may need cleanup */
617c478bd9Sstevel@tonic-gate #define alloc_field(var,type)\
627c478bd9Sstevel@tonic-gate var = (type*)calloc(1,sizeof(type));\
637c478bd9Sstevel@tonic-gate if((var) == NULL) clean_return(ENOMEM)
647c478bd9Sstevel@tonic-gate 
657c478bd9Sstevel@tonic-gate /* process encoding header ***************************************/
667c478bd9Sstevel@tonic-gate /* decode tag and check that it == [APPLICATION tagnum] */
677c478bd9Sstevel@tonic-gate #define check_apptag(tagexpect)						\
687c478bd9Sstevel@tonic-gate {									\
697c478bd9Sstevel@tonic-gate     taginfo t1;								\
707c478bd9Sstevel@tonic-gate     retval = asn1_get_tag_2(&buf, &t1);					\
717c478bd9Sstevel@tonic-gate     if (retval) clean_return (retval);					\
727c478bd9Sstevel@tonic-gate     if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED)	\
737c478bd9Sstevel@tonic-gate 	clean_return(ASN1_BAD_ID);					\
747c478bd9Sstevel@tonic-gate     if (t1.tagnum != (tagexpect)) clean_return(KRB5_BADMSGTYPE);	\
757c478bd9Sstevel@tonic-gate     asn1class = t1.asn1class;						\
767c478bd9Sstevel@tonic-gate     construction = t1.construction;					\
777c478bd9Sstevel@tonic-gate     tagnum = t1.tagnum;							\
787c478bd9Sstevel@tonic-gate }
797c478bd9Sstevel@tonic-gate 
807c478bd9Sstevel@tonic-gate 
817c478bd9Sstevel@tonic-gate 
827c478bd9Sstevel@tonic-gate /* process a structure *******************************************/
837c478bd9Sstevel@tonic-gate 
847c478bd9Sstevel@tonic-gate /* decode an explicit tag and place the number in tagnum */
857c478bd9Sstevel@tonic-gate #define next_tag()				\
867c478bd9Sstevel@tonic-gate { taginfo t2;					\
877c478bd9Sstevel@tonic-gate   retval = asn1_get_tag_2(&subbuf, &t2);	\
887c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);		\
897c478bd9Sstevel@tonic-gate   asn1class = t2.asn1class;			\
907c478bd9Sstevel@tonic-gate   construction = t2.construction;		\
917c478bd9Sstevel@tonic-gate   tagnum = t2.tagnum;				\
927c478bd9Sstevel@tonic-gate   indef = t2.indef;				\
937c478bd9Sstevel@tonic-gate   taglen = t2.length;				\
947c478bd9Sstevel@tonic-gate }
957c478bd9Sstevel@tonic-gate 
967c478bd9Sstevel@tonic-gate #define get_eoc()						\
977c478bd9Sstevel@tonic-gate {								\
987c478bd9Sstevel@tonic-gate     taginfo t3;							\
997c478bd9Sstevel@tonic-gate     retval = asn1_get_tag_2(&subbuf, &t3);			\
1007c478bd9Sstevel@tonic-gate     if (retval) return retval;					\
1017c478bd9Sstevel@tonic-gate     if (t3.asn1class != UNIVERSAL || t3.tagnum || t3.indef)	\
1027c478bd9Sstevel@tonic-gate         return ASN1_MISSING_EOC;				\
1037c478bd9Sstevel@tonic-gate     asn1class = t3.asn1class;					\
1047c478bd9Sstevel@tonic-gate     construction = t3.construction;				\
1057c478bd9Sstevel@tonic-gate     tagnum = t3.tagnum;						\
1067c478bd9Sstevel@tonic-gate     indef = t3.indef;						\
1077c478bd9Sstevel@tonic-gate }
1087c478bd9Sstevel@tonic-gate 
1097c478bd9Sstevel@tonic-gate /* decode sequence header and initialize tagnum with the first field */
1107c478bd9Sstevel@tonic-gate #define begin_structure()\
1117c478bd9Sstevel@tonic-gate unsigned int taglen;\
1127c478bd9Sstevel@tonic-gate asn1buf subbuf;\
1137c478bd9Sstevel@tonic-gate int seqindef;\
1147c478bd9Sstevel@tonic-gate int indef;\
1157c478bd9Sstevel@tonic-gate retval = asn1_get_sequence(&buf,&length,&seqindef);\
1167c478bd9Sstevel@tonic-gate if(retval) clean_return(retval);\
1177c478bd9Sstevel@tonic-gate retval = asn1buf_imbed(&subbuf,&buf,length,seqindef);\
1187c478bd9Sstevel@tonic-gate if(retval) clean_return(retval);\
1197c478bd9Sstevel@tonic-gate next_tag()
1207c478bd9Sstevel@tonic-gate 
1217c478bd9Sstevel@tonic-gate #define end_structure()\
1227c478bd9Sstevel@tonic-gate retval = asn1buf_sync(&buf,&subbuf,asn1class,tagnum,length,indef,seqindef);\
1237c478bd9Sstevel@tonic-gate if (retval) clean_return(retval)
1247c478bd9Sstevel@tonic-gate 
1257c478bd9Sstevel@tonic-gate /* process fields *******************************************/
1267c478bd9Sstevel@tonic-gate /* normal fields ************************/
1277c478bd9Sstevel@tonic-gate #define get_field_body(var,decoder)\
1287c478bd9Sstevel@tonic-gate retval = decoder(&subbuf,&(var));\
1297c478bd9Sstevel@tonic-gate if(retval) clean_return(retval);\
1307c478bd9Sstevel@tonic-gate if (indef) { get_eoc(); }\
1317c478bd9Sstevel@tonic-gate next_tag()
1327c478bd9Sstevel@tonic-gate 
1337c478bd9Sstevel@tonic-gate /* decode a field (<[UNIVERSAL id]> <length> <contents>)
1347c478bd9Sstevel@tonic-gate     check that the id number == tagexpect then
1357c478bd9Sstevel@tonic-gate     decode into var
1367c478bd9Sstevel@tonic-gate     get the next tag */
1377c478bd9Sstevel@tonic-gate #define get_field(var,tagexpect,decoder)\
1387c478bd9Sstevel@tonic-gate if(tagnum > (tagexpect)) clean_return(ASN1_MISSING_FIELD);\
1397c478bd9Sstevel@tonic-gate if(tagnum < (tagexpect)) clean_return(ASN1_MISPLACED_FIELD);\
1407c478bd9Sstevel@tonic-gate if(asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
1417c478bd9Sstevel@tonic-gate   clean_return(ASN1_BAD_ID);\
1427c478bd9Sstevel@tonic-gate get_field_body(var,decoder)
1437c478bd9Sstevel@tonic-gate 
1447c478bd9Sstevel@tonic-gate /* decode (or skip, if not present) an optional field */
1457c478bd9Sstevel@tonic-gate #define opt_field(var,tagexpect,decoder)				\
1467c478bd9Sstevel@tonic-gate   if (asn1buf_remains(&subbuf, seqindef)) {				\
1477c478bd9Sstevel@tonic-gate     if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)	\
1487c478bd9Sstevel@tonic-gate       clean_return(ASN1_BAD_ID);					\
1497c478bd9Sstevel@tonic-gate     if (tagnum == (tagexpect)) {					\
1507c478bd9Sstevel@tonic-gate       get_field_body(var,decoder);					\
1517c478bd9Sstevel@tonic-gate     }									\
1527c478bd9Sstevel@tonic-gate   }
1537c478bd9Sstevel@tonic-gate 
1547c478bd9Sstevel@tonic-gate /* field w/ accompanying length *********/
1557c478bd9Sstevel@tonic-gate #define get_lenfield_body(len,var,decoder)\
1567c478bd9Sstevel@tonic-gate retval = decoder(&subbuf,&(len),&(var));\
1577c478bd9Sstevel@tonic-gate if(retval) clean_return(retval);\
1587c478bd9Sstevel@tonic-gate if (indef) { get_eoc(); }\
1597c478bd9Sstevel@tonic-gate next_tag()
1607c478bd9Sstevel@tonic-gate 
1617c478bd9Sstevel@tonic-gate /* decode a field w/ its length (for string types) */
1627c478bd9Sstevel@tonic-gate #define get_lenfield(len,var,tagexpect,decoder)\
1637c478bd9Sstevel@tonic-gate if(tagnum > (tagexpect)) clean_return(ASN1_MISSING_FIELD);\
1647c478bd9Sstevel@tonic-gate if(tagnum < (tagexpect)) clean_return(ASN1_MISPLACED_FIELD);\
1657c478bd9Sstevel@tonic-gate if(asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
1667c478bd9Sstevel@tonic-gate   clean_return(ASN1_BAD_ID);\
1677c478bd9Sstevel@tonic-gate get_lenfield_body(len,var,decoder)
1687c478bd9Sstevel@tonic-gate 
1697c478bd9Sstevel@tonic-gate /* decode an optional field w/ length */
1707c478bd9Sstevel@tonic-gate #define opt_lenfield(len,var,tagexpect,decoder)				\
1717c478bd9Sstevel@tonic-gate   if (asn1buf_remains(&subbuf, seqindef)) {				\
1727c478bd9Sstevel@tonic-gate     if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)	\
1737c478bd9Sstevel@tonic-gate       clean_return(ASN1_BAD_ID);					\
1747c478bd9Sstevel@tonic-gate     if (tagnum == (tagexpect)) {					\
1757c478bd9Sstevel@tonic-gate       get_lenfield_body(len,var,decoder);				\
1767c478bd9Sstevel@tonic-gate     }									\
1777c478bd9Sstevel@tonic-gate   }
178*55fea89dSDan Cross 
1797c478bd9Sstevel@tonic-gate 
1807c478bd9Sstevel@tonic-gate /* clean up ******************************************************/
1817c478bd9Sstevel@tonic-gate /* finish up */
1827c478bd9Sstevel@tonic-gate /* to make things less painful, assume the cleanup is passed rep */
1837c478bd9Sstevel@tonic-gate #define cleanup(cleanup_routine)\
1847c478bd9Sstevel@tonic-gate    return 0; \
1857c478bd9Sstevel@tonic-gate error_out: \
1867c478bd9Sstevel@tonic-gate    if (rep && *rep) { \
1877c478bd9Sstevel@tonic-gate 	cleanup_routine(*rep); \
1887c478bd9Sstevel@tonic-gate 	*rep = NULL; \
1897c478bd9Sstevel@tonic-gate    } \
1907c478bd9Sstevel@tonic-gate    return retval;
1917c478bd9Sstevel@tonic-gate 
1927c478bd9Sstevel@tonic-gate #define cleanup_none()\
1937c478bd9Sstevel@tonic-gate    return 0; \
1947c478bd9Sstevel@tonic-gate error_out: \
1957c478bd9Sstevel@tonic-gate    return retval;
196*55fea89dSDan Cross 
1977c478bd9Sstevel@tonic-gate #define cleanup_manual()\
1987c478bd9Sstevel@tonic-gate    return 0;
1997c478bd9Sstevel@tonic-gate 
2007c478bd9Sstevel@tonic-gate #define free_field(rep,f) if ((rep)->f) free((rep)->f)
2017c478bd9Sstevel@tonic-gate #define clear_field(rep,f) (*(rep))->f = 0
2027c478bd9Sstevel@tonic-gate 
decode_krb5_authenticator(const krb5_data * code,krb5_authenticator ** rep)2037c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authenticator **rep)
2047c478bd9Sstevel@tonic-gate {
2057c478bd9Sstevel@tonic-gate   setup();
2067c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_authenticator);
2077c478bd9Sstevel@tonic-gate   clear_field(rep,subkey);
2087c478bd9Sstevel@tonic-gate   clear_field(rep,checksum);
2097c478bd9Sstevel@tonic-gate   clear_field(rep,client);
2107c478bd9Sstevel@tonic-gate 
2117c478bd9Sstevel@tonic-gate   check_apptag(2);
2127c478bd9Sstevel@tonic-gate   { begin_structure();
2137c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
2147c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
2157c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
2167c478bd9Sstevel@tonic-gate     alloc_field((*rep)->client,krb5_principal_data);
2177c478bd9Sstevel@tonic-gate     get_field((*rep)->client,1,asn1_decode_realm);
2187c478bd9Sstevel@tonic-gate     get_field((*rep)->client,2,asn1_decode_principal_name);
2197c478bd9Sstevel@tonic-gate     if(tagnum == 3){
2207c478bd9Sstevel@tonic-gate       alloc_field((*rep)->checksum,krb5_checksum);
2217c478bd9Sstevel@tonic-gate       get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
2227c478bd9Sstevel@tonic-gate     get_field((*rep)->cusec,4,asn1_decode_int32);
2237c478bd9Sstevel@tonic-gate     get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
2247c478bd9Sstevel@tonic-gate     if(tagnum == 6){ alloc_field((*rep)->subkey,krb5_keyblock); }
2257c478bd9Sstevel@tonic-gate     opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
2267c478bd9Sstevel@tonic-gate     opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
2277c478bd9Sstevel@tonic-gate     opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
2287c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_AUTHENTICATOR;
2297c478bd9Sstevel@tonic-gate     end_structure();
2307c478bd9Sstevel@tonic-gate   }
2317c478bd9Sstevel@tonic-gate   cleanup_manual();
2327c478bd9Sstevel@tonic-gate error_out:
2337c478bd9Sstevel@tonic-gate   if (rep && *rep) {
2347c478bd9Sstevel@tonic-gate       free_field(*rep,subkey);
2357c478bd9Sstevel@tonic-gate       free_field(*rep,checksum);
2367c478bd9Sstevel@tonic-gate       free_field(*rep,client);
2377c478bd9Sstevel@tonic-gate       free(*rep);
238505d05c7Sgtb       *rep = NULL;
2397c478bd9Sstevel@tonic-gate   }
2407c478bd9Sstevel@tonic-gate   return retval;
2417c478bd9Sstevel@tonic-gate }
2427c478bd9Sstevel@tonic-gate 
2437c478bd9Sstevel@tonic-gate krb5_error_code
2447c478bd9Sstevel@tonic-gate KRB5_CALLCONV
krb5_decode_ticket(const krb5_data * code,krb5_ticket ** rep)2457c478bd9Sstevel@tonic-gate krb5_decode_ticket(const krb5_data *code, krb5_ticket **rep)
2467c478bd9Sstevel@tonic-gate {
2477c478bd9Sstevel@tonic-gate     return decode_krb5_ticket(code, rep);
2487c478bd9Sstevel@tonic-gate }
2497c478bd9Sstevel@tonic-gate 
decode_krb5_ticket(const krb5_data * code,krb5_ticket ** rep)2507c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep)
2517c478bd9Sstevel@tonic-gate {
2527c478bd9Sstevel@tonic-gate   setup();
2537c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_ticket);
2547c478bd9Sstevel@tonic-gate   clear_field(rep,server);
255*55fea89dSDan Cross 
2567c478bd9Sstevel@tonic-gate   check_apptag(1);
2577c478bd9Sstevel@tonic-gate   { begin_structure();
2587c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
2597c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
2607c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
2617c478bd9Sstevel@tonic-gate     }
2627c478bd9Sstevel@tonic-gate     alloc_field((*rep)->server,krb5_principal_data);
2637c478bd9Sstevel@tonic-gate     get_field((*rep)->server,1,asn1_decode_realm);
2647c478bd9Sstevel@tonic-gate     get_field((*rep)->server,2,asn1_decode_principal_name);
2657c478bd9Sstevel@tonic-gate     get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
2667c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_TICKET;
2677c478bd9Sstevel@tonic-gate     end_structure();
2687c478bd9Sstevel@tonic-gate   }
2697c478bd9Sstevel@tonic-gate   cleanup_manual();
2707c478bd9Sstevel@tonic-gate error_out:
2717c478bd9Sstevel@tonic-gate   if (rep && *rep) {
2727c478bd9Sstevel@tonic-gate       free_field(*rep,server);
2737c478bd9Sstevel@tonic-gate       free(*rep);
274505d05c7Sgtb       *rep = NULL;
2757c478bd9Sstevel@tonic-gate   }
2767c478bd9Sstevel@tonic-gate   return retval;
2777c478bd9Sstevel@tonic-gate }
2787c478bd9Sstevel@tonic-gate 
decode_krb5_encryption_key(const krb5_data * code,krb5_keyblock ** rep)2797c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_encryption_key(const krb5_data *code, krb5_keyblock **rep)
2807c478bd9Sstevel@tonic-gate {
2817c478bd9Sstevel@tonic-gate   setup();
2827c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_keyblock);
2837c478bd9Sstevel@tonic-gate 
2847c478bd9Sstevel@tonic-gate   { begin_structure();
2857c478bd9Sstevel@tonic-gate     get_field((*rep)->enctype,0,asn1_decode_enctype);
2867c478bd9Sstevel@tonic-gate     get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
2877c478bd9Sstevel@tonic-gate     end_structure();
2887c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_KEYBLOCK;
2897c478bd9Sstevel@tonic-gate   }
2907c478bd9Sstevel@tonic-gate   cleanup(free);
2917c478bd9Sstevel@tonic-gate }
2927c478bd9Sstevel@tonic-gate 
decode_krb5_enc_tkt_part(const krb5_data * code,krb5_enc_tkt_part ** rep)2937c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_tkt_part(const krb5_data *code, krb5_enc_tkt_part **rep)
2947c478bd9Sstevel@tonic-gate {
2957c478bd9Sstevel@tonic-gate   setup();
2967c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_enc_tkt_part);
2977c478bd9Sstevel@tonic-gate   clear_field(rep,session);
2987c478bd9Sstevel@tonic-gate   clear_field(rep,client);
2997c478bd9Sstevel@tonic-gate 
3007c478bd9Sstevel@tonic-gate   check_apptag(3);
3017c478bd9Sstevel@tonic-gate   { begin_structure();
3027c478bd9Sstevel@tonic-gate     get_field((*rep)->flags,0,asn1_decode_ticket_flags);
3037c478bd9Sstevel@tonic-gate     alloc_field((*rep)->session,krb5_keyblock);
3047c478bd9Sstevel@tonic-gate     get_field(*((*rep)->session),1,asn1_decode_encryption_key);
3057c478bd9Sstevel@tonic-gate     alloc_field((*rep)->client,krb5_principal_data);
3067c478bd9Sstevel@tonic-gate     get_field((*rep)->client,2,asn1_decode_realm);
3077c478bd9Sstevel@tonic-gate     get_field((*rep)->client,3,asn1_decode_principal_name);
3087c478bd9Sstevel@tonic-gate     get_field((*rep)->transited,4,asn1_decode_transited_encoding);
3097c478bd9Sstevel@tonic-gate     get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
3107c478bd9Sstevel@tonic-gate     if (tagnum == 6)
3117c478bd9Sstevel@tonic-gate       { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
3127c478bd9Sstevel@tonic-gate     else
3137c478bd9Sstevel@tonic-gate       (*rep)->times.starttime=(*rep)->times.authtime;
3147c478bd9Sstevel@tonic-gate     get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
3157c478bd9Sstevel@tonic-gate     opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
3167c478bd9Sstevel@tonic-gate     opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
3177c478bd9Sstevel@tonic-gate     opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
3187c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_ENC_TKT_PART;
3197c478bd9Sstevel@tonic-gate     end_structure();
3207c478bd9Sstevel@tonic-gate   }
3217c478bd9Sstevel@tonic-gate   cleanup_manual();
3227c478bd9Sstevel@tonic-gate error_out:
3237c478bd9Sstevel@tonic-gate   if (rep && *rep) {
3247c478bd9Sstevel@tonic-gate       free_field(*rep,session);
3257c478bd9Sstevel@tonic-gate       free_field(*rep,client);
3267c478bd9Sstevel@tonic-gate       free(*rep);
327505d05c7Sgtb       *rep = NULL;
3287c478bd9Sstevel@tonic-gate   }
3297c478bd9Sstevel@tonic-gate   return retval;
3307c478bd9Sstevel@tonic-gate }
3317c478bd9Sstevel@tonic-gate 
decode_krb5_enc_kdc_rep_part(const krb5_data * code,krb5_enc_kdc_rep_part ** rep)3327c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_kdc_rep_part(const krb5_data *code, krb5_enc_kdc_rep_part **rep)
3337c478bd9Sstevel@tonic-gate {
3347c478bd9Sstevel@tonic-gate   taginfo t4;
3357c478bd9Sstevel@tonic-gate   setup_buf_only();
3367c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_enc_kdc_rep_part);
3377c478bd9Sstevel@tonic-gate 
3387c478bd9Sstevel@tonic-gate   retval = asn1_get_tag_2(&buf, &t4);
3397c478bd9Sstevel@tonic-gate   if (retval) clean_return(retval);
3407c478bd9Sstevel@tonic-gate   if (t4.asn1class != APPLICATION || t4.construction != CONSTRUCTED) clean_return(ASN1_BAD_ID);
3417c478bd9Sstevel@tonic-gate   if (t4.tagnum == 25) (*rep)->msg_type = KRB5_AS_REP;
3427c478bd9Sstevel@tonic-gate   else if(t4.tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP;
3437c478bd9Sstevel@tonic-gate   else clean_return(KRB5_BADMSGTYPE);
3447c478bd9Sstevel@tonic-gate 
3457c478bd9Sstevel@tonic-gate   retval = asn1_decode_enc_kdc_rep_part(&buf,*rep);
3467c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
3477c478bd9Sstevel@tonic-gate 
3487c478bd9Sstevel@tonic-gate   cleanup(free);
3497c478bd9Sstevel@tonic-gate }
3507c478bd9Sstevel@tonic-gate 
decode_krb5_as_rep(const krb5_data * code,krb5_kdc_rep ** rep)3517c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_as_rep(const krb5_data *code, krb5_kdc_rep **rep)
3527c478bd9Sstevel@tonic-gate {
3537c478bd9Sstevel@tonic-gate   setup_no_length();
3547c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_kdc_rep);
3557c478bd9Sstevel@tonic-gate 
3567c478bd9Sstevel@tonic-gate   check_apptag(11);
3577c478bd9Sstevel@tonic-gate   retval = asn1_decode_kdc_rep(&buf,*rep);
3587c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
3597c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
3607c478bd9Sstevel@tonic-gate   if((*rep)->msg_type != KRB5_AS_REP)
3617c478bd9Sstevel@tonic-gate     clean_return(KRB5_BADMSGTYPE);
3627c478bd9Sstevel@tonic-gate #endif
3637c478bd9Sstevel@tonic-gate 
3647c478bd9Sstevel@tonic-gate   cleanup(free);
3657c478bd9Sstevel@tonic-gate }
3667c478bd9Sstevel@tonic-gate 
decode_krb5_tgs_rep(const krb5_data * code,krb5_kdc_rep ** rep)3677c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_tgs_rep(const krb5_data *code, krb5_kdc_rep **rep)
3687c478bd9Sstevel@tonic-gate {
3697c478bd9Sstevel@tonic-gate   setup_no_length();
3707c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_kdc_rep);
3717c478bd9Sstevel@tonic-gate 
3727c478bd9Sstevel@tonic-gate   check_apptag(13);
3737c478bd9Sstevel@tonic-gate   retval = asn1_decode_kdc_rep(&buf,*rep);
3747c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
3757c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
3767c478bd9Sstevel@tonic-gate   if((*rep)->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE);
3777c478bd9Sstevel@tonic-gate #endif
3787c478bd9Sstevel@tonic-gate 
3797c478bd9Sstevel@tonic-gate   cleanup(free);
3807c478bd9Sstevel@tonic-gate }
3817c478bd9Sstevel@tonic-gate 
decode_krb5_ap_req(const krb5_data * code,krb5_ap_req ** rep)3827c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **rep)
3837c478bd9Sstevel@tonic-gate {
3847c478bd9Sstevel@tonic-gate   setup();
3857c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_ap_req);
3867c478bd9Sstevel@tonic-gate   clear_field(rep,ticket);
3877c478bd9Sstevel@tonic-gate 
3887c478bd9Sstevel@tonic-gate   check_apptag(14);
3897c478bd9Sstevel@tonic-gate   { begin_structure();
3907c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
3917c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
3927c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
3937c478bd9Sstevel@tonic-gate     { krb5_msgtype msg_type;
3947c478bd9Sstevel@tonic-gate       get_field(msg_type,1,asn1_decode_msgtype);
3957c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
3967c478bd9Sstevel@tonic-gate       if(msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
3977c478bd9Sstevel@tonic-gate #endif
3987c478bd9Sstevel@tonic-gate     }
3997c478bd9Sstevel@tonic-gate     get_field((*rep)->ap_options,2,asn1_decode_ap_options);
4007c478bd9Sstevel@tonic-gate     alloc_field((*rep)->ticket,krb5_ticket);
4017c478bd9Sstevel@tonic-gate     get_field(*((*rep)->ticket),3,asn1_decode_ticket);
4027c478bd9Sstevel@tonic-gate     get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
4037c478bd9Sstevel@tonic-gate     end_structure();
4047c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_AP_REQ;
4057c478bd9Sstevel@tonic-gate   }
4067c478bd9Sstevel@tonic-gate   cleanup_manual();
4077c478bd9Sstevel@tonic-gate error_out:
4087c478bd9Sstevel@tonic-gate   if (rep && *rep) {
4097c478bd9Sstevel@tonic-gate       free_field(*rep,ticket);
4107c478bd9Sstevel@tonic-gate       free(*rep);
411505d05c7Sgtb       *rep = NULL;
4127c478bd9Sstevel@tonic-gate   }
4137c478bd9Sstevel@tonic-gate   return retval;
4147c478bd9Sstevel@tonic-gate }
4157c478bd9Sstevel@tonic-gate 
decode_krb5_ap_rep(const krb5_data * code,krb5_ap_rep ** rep)4167c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **rep)
4177c478bd9Sstevel@tonic-gate {
4187c478bd9Sstevel@tonic-gate   setup();
4197c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_ap_rep);
4207c478bd9Sstevel@tonic-gate 
4217c478bd9Sstevel@tonic-gate   check_apptag(15);
4227c478bd9Sstevel@tonic-gate   { begin_structure();
4237c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
4247c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
4257c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
4267c478bd9Sstevel@tonic-gate     { krb5_msgtype msg_type;
4277c478bd9Sstevel@tonic-gate       get_field(msg_type,1,asn1_decode_msgtype);
4287c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
4297c478bd9Sstevel@tonic-gate       if(msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
4307c478bd9Sstevel@tonic-gate #endif
4317c478bd9Sstevel@tonic-gate     }
4327c478bd9Sstevel@tonic-gate     get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
4337c478bd9Sstevel@tonic-gate     end_structure();
4347c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_AP_REP;
4357c478bd9Sstevel@tonic-gate   }
4367c478bd9Sstevel@tonic-gate   cleanup(free);
4377c478bd9Sstevel@tonic-gate }
4387c478bd9Sstevel@tonic-gate 
decode_krb5_ap_rep_enc_part(const krb5_data * code,krb5_ap_rep_enc_part ** rep)4397c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_ap_rep_enc_part(const krb5_data *code, krb5_ap_rep_enc_part **rep)
4407c478bd9Sstevel@tonic-gate {
4417c478bd9Sstevel@tonic-gate   setup();
4427c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_ap_rep_enc_part);
4437c478bd9Sstevel@tonic-gate   clear_field(rep,subkey);
4447c478bd9Sstevel@tonic-gate 
4457c478bd9Sstevel@tonic-gate   check_apptag(27);
4467c478bd9Sstevel@tonic-gate   { begin_structure();
4477c478bd9Sstevel@tonic-gate     get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
4487c478bd9Sstevel@tonic-gate     get_field((*rep)->cusec,1,asn1_decode_int32);
4497c478bd9Sstevel@tonic-gate     if(tagnum == 2){ alloc_field((*rep)->subkey,krb5_keyblock); }
4507c478bd9Sstevel@tonic-gate     opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
4517c478bd9Sstevel@tonic-gate     opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
4527c478bd9Sstevel@tonic-gate     end_structure();
4537c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_AP_REP_ENC_PART;
4547c478bd9Sstevel@tonic-gate   }
4557c478bd9Sstevel@tonic-gate   cleanup_manual();
4567c478bd9Sstevel@tonic-gate error_out:
4577c478bd9Sstevel@tonic-gate   if (rep && *rep) {
4587c478bd9Sstevel@tonic-gate       free_field(*rep,subkey);
4597c478bd9Sstevel@tonic-gate       free(*rep);
460505d05c7Sgtb       *rep = NULL;
4617c478bd9Sstevel@tonic-gate   }
4627c478bd9Sstevel@tonic-gate   return retval;
4637c478bd9Sstevel@tonic-gate }
4647c478bd9Sstevel@tonic-gate 
decode_krb5_as_req(const krb5_data * code,krb5_kdc_req ** rep)4657c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_as_req(const krb5_data *code, krb5_kdc_req **rep)
4667c478bd9Sstevel@tonic-gate {
4677c478bd9Sstevel@tonic-gate   setup_no_length();
4687c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_kdc_req);
4697c478bd9Sstevel@tonic-gate 
4707c478bd9Sstevel@tonic-gate   check_apptag(10);
4717c478bd9Sstevel@tonic-gate   retval = asn1_decode_kdc_req(&buf,*rep);
4727c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
4737c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
4747c478bd9Sstevel@tonic-gate   if((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
4757c478bd9Sstevel@tonic-gate #endif
476*55fea89dSDan Cross 
4777c478bd9Sstevel@tonic-gate   cleanup(free);
4787c478bd9Sstevel@tonic-gate }
4797c478bd9Sstevel@tonic-gate 
decode_krb5_tgs_req(const krb5_data * code,krb5_kdc_req ** rep)4807c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_tgs_req(const krb5_data *code, krb5_kdc_req **rep)
4817c478bd9Sstevel@tonic-gate {
4827c478bd9Sstevel@tonic-gate   setup_no_length();
4837c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_kdc_req);
4847c478bd9Sstevel@tonic-gate 
4857c478bd9Sstevel@tonic-gate   check_apptag(12);
4867c478bd9Sstevel@tonic-gate   retval = asn1_decode_kdc_req(&buf,*rep);
4877c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
4887c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
4897c478bd9Sstevel@tonic-gate   if((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
4907c478bd9Sstevel@tonic-gate #endif
491*55fea89dSDan Cross 
4927c478bd9Sstevel@tonic-gate   cleanup(free);
4937c478bd9Sstevel@tonic-gate }
4947c478bd9Sstevel@tonic-gate 
decode_krb5_kdc_req_body(const krb5_data * code,krb5_kdc_req ** rep)4957c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **rep)
4967c478bd9Sstevel@tonic-gate {
4977c478bd9Sstevel@tonic-gate   setup_buf_only();
4987c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_kdc_req);
4997c478bd9Sstevel@tonic-gate 
5007c478bd9Sstevel@tonic-gate   retval = asn1_decode_kdc_req_body(&buf,*rep);
5017c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
5027c478bd9Sstevel@tonic-gate 
5037c478bd9Sstevel@tonic-gate   cleanup(free);
5047c478bd9Sstevel@tonic-gate }
5057c478bd9Sstevel@tonic-gate 
5067c478bd9Sstevel@tonic-gate /*
5077c478bd9Sstevel@tonic-gate  * decode_krb5_safe_with_body
5087c478bd9Sstevel@tonic-gate  *
5097c478bd9Sstevel@tonic-gate  * Like decode_krb5_safe(), but grabs the encoding of the
5107c478bd9Sstevel@tonic-gate  * KRB-SAFE-BODY as well, in case re-encoding would produce a
5117c478bd9Sstevel@tonic-gate  * different encoding.  (Yes, we're using DER, but there's this
5127c478bd9Sstevel@tonic-gate  * annoying problem with pre-1.3.x code using signed sequence numbers,
5137c478bd9Sstevel@tonic-gate  * which we permissively decode and cram into unsigned 32-bit numbers.
5147c478bd9Sstevel@tonic-gate  * When they're re-encoded, they're no longer negative if they started
5157c478bd9Sstevel@tonic-gate  * out negative, so checksum verification fails.)
5167c478bd9Sstevel@tonic-gate  *
5177c478bd9Sstevel@tonic-gate  * This does *not* perform any copying; the returned pointer to the
5187c478bd9Sstevel@tonic-gate  * encoded KRB-SAFE-BODY points into the input buffer.
5197c478bd9Sstevel@tonic-gate  */
decode_krb5_safe_with_body(const krb5_data * code,krb5_safe ** rep,krb5_data * body)5207c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_safe_with_body(
5217c478bd9Sstevel@tonic-gate   const krb5_data *code,
5227c478bd9Sstevel@tonic-gate   krb5_safe **rep,
5237c478bd9Sstevel@tonic-gate   krb5_data *body)
5247c478bd9Sstevel@tonic-gate {
5257c478bd9Sstevel@tonic-gate   krb5_data tmpbody;
5267c478bd9Sstevel@tonic-gate   setup();
5277c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_safe);
5287c478bd9Sstevel@tonic-gate   clear_field(rep,checksum);
529159d09a2SMark Phalan   tmpbody.magic = 0;
5307c478bd9Sstevel@tonic-gate 
5317c478bd9Sstevel@tonic-gate   check_apptag(20);
5327c478bd9Sstevel@tonic-gate   { begin_structure();
5337c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
5347c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
5357c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
5367c478bd9Sstevel@tonic-gate     { krb5_msgtype msg_type;
5377c478bd9Sstevel@tonic-gate       get_field(msg_type,1,asn1_decode_msgtype);
5387c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
5397c478bd9Sstevel@tonic-gate       if(msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
5407c478bd9Sstevel@tonic-gate #endif
5417c478bd9Sstevel@tonic-gate     }
5427c478bd9Sstevel@tonic-gate     /*
5437c478bd9Sstevel@tonic-gate      * Gross kludge to extract pointer to encoded safe-body.  Relies
5447c478bd9Sstevel@tonic-gate      * on tag prefetch done by next_tag().  Don't handle indefinite
5457c478bd9Sstevel@tonic-gate      * encoding, as it's too much work.
5467c478bd9Sstevel@tonic-gate      */
5477c478bd9Sstevel@tonic-gate     if (!indef) {
5487c478bd9Sstevel@tonic-gate       tmpbody.length = taglen;
5497c478bd9Sstevel@tonic-gate       tmpbody.data = subbuf.next;
5507c478bd9Sstevel@tonic-gate     } else {
5517c478bd9Sstevel@tonic-gate       tmpbody.length = 0;
5527c478bd9Sstevel@tonic-gate       tmpbody.data = NULL;
5537c478bd9Sstevel@tonic-gate     }
5547c478bd9Sstevel@tonic-gate     get_field(**rep,2,asn1_decode_krb_safe_body);
5557c478bd9Sstevel@tonic-gate     alloc_field((*rep)->checksum,krb5_checksum);
5567c478bd9Sstevel@tonic-gate     get_field(*((*rep)->checksum),3,asn1_decode_checksum);
5577c478bd9Sstevel@tonic-gate   (*rep)->magic = KV5M_SAFE;
5587c478bd9Sstevel@tonic-gate     end_structure();
5597c478bd9Sstevel@tonic-gate   }
5607c478bd9Sstevel@tonic-gate   if (body != NULL)
5617c478bd9Sstevel@tonic-gate     *body = tmpbody;
5627c478bd9Sstevel@tonic-gate   cleanup_manual();
5637c478bd9Sstevel@tonic-gate error_out:
5647c478bd9Sstevel@tonic-gate   if (rep && *rep) {
5657c478bd9Sstevel@tonic-gate       free_field(*rep,checksum);
5667c478bd9Sstevel@tonic-gate       free(*rep);
567505d05c7Sgtb       *rep = NULL;
5687c478bd9Sstevel@tonic-gate   }
5697c478bd9Sstevel@tonic-gate   return retval;
5707c478bd9Sstevel@tonic-gate }
5717c478bd9Sstevel@tonic-gate 
decode_krb5_safe(const krb5_data * code,krb5_safe ** rep)5727c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep)
5737c478bd9Sstevel@tonic-gate {
5747c478bd9Sstevel@tonic-gate   return decode_krb5_safe_with_body(code, rep, NULL);
5757c478bd9Sstevel@tonic-gate }
5767c478bd9Sstevel@tonic-gate 
decode_krb5_priv(const krb5_data * code,krb5_priv ** rep)5777c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep)
5787c478bd9Sstevel@tonic-gate {
5797c478bd9Sstevel@tonic-gate   setup();
5807c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_priv);
5817c478bd9Sstevel@tonic-gate 
5827c478bd9Sstevel@tonic-gate   check_apptag(21);
5837c478bd9Sstevel@tonic-gate   { begin_structure();
5847c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
5857c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
5867c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
5877c478bd9Sstevel@tonic-gate     { krb5_msgtype msg_type;
5887c478bd9Sstevel@tonic-gate       get_field(msg_type,1,asn1_decode_msgtype);
5897c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
5907c478bd9Sstevel@tonic-gate       if(msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
5917c478bd9Sstevel@tonic-gate #endif
5927c478bd9Sstevel@tonic-gate     }
5937c478bd9Sstevel@tonic-gate     get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
5947c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_PRIV;
5957c478bd9Sstevel@tonic-gate     end_structure();
5967c478bd9Sstevel@tonic-gate   }
5977c478bd9Sstevel@tonic-gate   cleanup(free);
5987c478bd9Sstevel@tonic-gate }
5997c478bd9Sstevel@tonic-gate 
decode_krb5_enc_priv_part(const krb5_data * code,krb5_priv_enc_part ** rep)6007c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_part **rep)
6017c478bd9Sstevel@tonic-gate {
6027c478bd9Sstevel@tonic-gate   setup();
6037c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_priv_enc_part);
6047c478bd9Sstevel@tonic-gate   clear_field(rep,r_address);
6057c478bd9Sstevel@tonic-gate   clear_field(rep,s_address);
6067c478bd9Sstevel@tonic-gate 
6077c478bd9Sstevel@tonic-gate   check_apptag(28);
6087c478bd9Sstevel@tonic-gate   { begin_structure();
6097c478bd9Sstevel@tonic-gate     get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
6107c478bd9Sstevel@tonic-gate     opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
6117c478bd9Sstevel@tonic-gate     opt_field((*rep)->usec,2,asn1_decode_int32);
6127c478bd9Sstevel@tonic-gate     opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
6137c478bd9Sstevel@tonic-gate     alloc_field((*rep)->s_address,krb5_address);
6147c478bd9Sstevel@tonic-gate     get_field(*((*rep)->s_address),4,asn1_decode_host_address);
6157c478bd9Sstevel@tonic-gate     if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
6167c478bd9Sstevel@tonic-gate     opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
6177c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_PRIV_ENC_PART;
6187c478bd9Sstevel@tonic-gate     end_structure();
6197c478bd9Sstevel@tonic-gate   }
6207c478bd9Sstevel@tonic-gate   cleanup_manual();
6217c478bd9Sstevel@tonic-gate error_out:
6227c478bd9Sstevel@tonic-gate   if (rep && *rep) {
6237c478bd9Sstevel@tonic-gate       free_field(*rep,r_address);
6247c478bd9Sstevel@tonic-gate       free_field(*rep,s_address);
6257c478bd9Sstevel@tonic-gate       free(*rep);
626505d05c7Sgtb       *rep = NULL;
6277c478bd9Sstevel@tonic-gate   }
6287c478bd9Sstevel@tonic-gate   return retval;
6297c478bd9Sstevel@tonic-gate }
6307c478bd9Sstevel@tonic-gate 
decode_krb5_cred(const krb5_data * code,krb5_cred ** rep)6317c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **rep)
6327c478bd9Sstevel@tonic-gate {
6337c478bd9Sstevel@tonic-gate   setup();
6347c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_cred);
6357c478bd9Sstevel@tonic-gate 
6367c478bd9Sstevel@tonic-gate   check_apptag(22);
6377c478bd9Sstevel@tonic-gate   { begin_structure();
6387c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
6397c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
6407c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
6417c478bd9Sstevel@tonic-gate     { krb5_msgtype msg_type;
6427c478bd9Sstevel@tonic-gate       get_field(msg_type,1,asn1_decode_msgtype);
6437c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
6447c478bd9Sstevel@tonic-gate       if(msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
6457c478bd9Sstevel@tonic-gate #endif
6467c478bd9Sstevel@tonic-gate     }
6477c478bd9Sstevel@tonic-gate     get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
6487c478bd9Sstevel@tonic-gate     get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
6497c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_CRED;
6507c478bd9Sstevel@tonic-gate     end_structure();
6517c478bd9Sstevel@tonic-gate   }
6527c478bd9Sstevel@tonic-gate   cleanup(free);
6537c478bd9Sstevel@tonic-gate }
6547c478bd9Sstevel@tonic-gate 
decode_krb5_enc_cred_part(const krb5_data * code,krb5_cred_enc_part ** rep)6557c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_cred_part(const krb5_data *code, krb5_cred_enc_part **rep)
6567c478bd9Sstevel@tonic-gate {
6577c478bd9Sstevel@tonic-gate   setup();
6587c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_cred_enc_part);
6597c478bd9Sstevel@tonic-gate   clear_field(rep,r_address);
6607c478bd9Sstevel@tonic-gate   clear_field(rep,s_address);
6617c478bd9Sstevel@tonic-gate 
6627c478bd9Sstevel@tonic-gate   check_apptag(29);
6637c478bd9Sstevel@tonic-gate   { begin_structure();
6647c478bd9Sstevel@tonic-gate     get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
6657c478bd9Sstevel@tonic-gate     opt_field((*rep)->nonce,1,asn1_decode_int32);
6667c478bd9Sstevel@tonic-gate     opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
6677c478bd9Sstevel@tonic-gate     opt_field((*rep)->usec,3,asn1_decode_int32);
6687c478bd9Sstevel@tonic-gate     if(tagnum == 4){ alloc_field((*rep)->s_address,krb5_address); }
6697c478bd9Sstevel@tonic-gate     opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
6707c478bd9Sstevel@tonic-gate     if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
6717c478bd9Sstevel@tonic-gate     opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
6727c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_CRED_ENC_PART;
6737c478bd9Sstevel@tonic-gate     end_structure();
6747c478bd9Sstevel@tonic-gate   }
6757c478bd9Sstevel@tonic-gate   cleanup_manual();
6767c478bd9Sstevel@tonic-gate error_out:
6777c478bd9Sstevel@tonic-gate   if (rep && *rep) {
6787c478bd9Sstevel@tonic-gate       free_field(*rep,r_address);
6797c478bd9Sstevel@tonic-gate       free_field(*rep,s_address);
6807c478bd9Sstevel@tonic-gate       free(*rep);
681505d05c7Sgtb       *rep = NULL;
6827c478bd9Sstevel@tonic-gate   }
6837c478bd9Sstevel@tonic-gate   return retval;
6847c478bd9Sstevel@tonic-gate }
6857c478bd9Sstevel@tonic-gate 
6867c478bd9Sstevel@tonic-gate 
decode_krb5_error(const krb5_data * code,krb5_error ** rep)6877c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_error(const krb5_data *code, krb5_error **rep)
6887c478bd9Sstevel@tonic-gate {
6897c478bd9Sstevel@tonic-gate   setup();
6907c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_error);
6917c478bd9Sstevel@tonic-gate   clear_field(rep,server);
6927c478bd9Sstevel@tonic-gate   clear_field(rep,client);
693*55fea89dSDan Cross 
6947c478bd9Sstevel@tonic-gate   check_apptag(30);
6957c478bd9Sstevel@tonic-gate   { begin_structure();
6967c478bd9Sstevel@tonic-gate     { krb5_kvno kvno;
6977c478bd9Sstevel@tonic-gate       get_field(kvno,0,asn1_decode_kvno);
6987c478bd9Sstevel@tonic-gate       if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
6997c478bd9Sstevel@tonic-gate     { krb5_msgtype msg_type;
7007c478bd9Sstevel@tonic-gate       get_field(msg_type,1,asn1_decode_msgtype);
7017c478bd9Sstevel@tonic-gate #ifdef KRB5_MSGTYPE_STRICT
7027c478bd9Sstevel@tonic-gate       if(msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
7037c478bd9Sstevel@tonic-gate #endif
7047c478bd9Sstevel@tonic-gate     }
7057c478bd9Sstevel@tonic-gate     opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
7067c478bd9Sstevel@tonic-gate     opt_field((*rep)->cusec,3,asn1_decode_int32);
7077c478bd9Sstevel@tonic-gate     get_field((*rep)->stime,4,asn1_decode_kerberos_time);
7087c478bd9Sstevel@tonic-gate     get_field((*rep)->susec,5,asn1_decode_int32);
7097c478bd9Sstevel@tonic-gate     get_field((*rep)->error,6,asn1_decode_ui_4);
7107c478bd9Sstevel@tonic-gate     if(tagnum == 7){ alloc_field((*rep)->client,krb5_principal_data); }
7117c478bd9Sstevel@tonic-gate     opt_field((*rep)->client,7,asn1_decode_realm);
7127c478bd9Sstevel@tonic-gate     opt_field((*rep)->client,8,asn1_decode_principal_name);
7137c478bd9Sstevel@tonic-gate     alloc_field((*rep)->server,krb5_principal_data);
7147c478bd9Sstevel@tonic-gate     get_field((*rep)->server,9,asn1_decode_realm);
7157c478bd9Sstevel@tonic-gate     get_field((*rep)->server,10,asn1_decode_principal_name);
7167c478bd9Sstevel@tonic-gate     opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
7177c478bd9Sstevel@tonic-gate     opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
7187c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_ERROR;
7197c478bd9Sstevel@tonic-gate     end_structure();
7207c478bd9Sstevel@tonic-gate   }
7217c478bd9Sstevel@tonic-gate   cleanup_manual();
7227c478bd9Sstevel@tonic-gate error_out:
7237c478bd9Sstevel@tonic-gate   if (rep && *rep) {
7247c478bd9Sstevel@tonic-gate       free_field(*rep,server);
7257c478bd9Sstevel@tonic-gate       free_field(*rep,client);
7267c478bd9Sstevel@tonic-gate       free(*rep);
727505d05c7Sgtb       *rep = NULL;
7287c478bd9Sstevel@tonic-gate   }
7297c478bd9Sstevel@tonic-gate   return retval;
7307c478bd9Sstevel@tonic-gate }
7317c478bd9Sstevel@tonic-gate 
decode_krb5_authdata(const krb5_data * code,krb5_authdata *** rep)7327c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_authdata(const krb5_data *code, krb5_authdata ***rep)
7337c478bd9Sstevel@tonic-gate {
7347c478bd9Sstevel@tonic-gate   setup_buf_only();
7357c478bd9Sstevel@tonic-gate   *rep = 0;
7367c478bd9Sstevel@tonic-gate   retval = asn1_decode_authorization_data(&buf,rep);
7377c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
7387c478bd9Sstevel@tonic-gate   cleanup_none();		/* we're not allocating anything here... */
7397c478bd9Sstevel@tonic-gate }
7407c478bd9Sstevel@tonic-gate 
decode_krb5_pwd_sequence(const krb5_data * code,passwd_phrase_element ** rep)7417c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **rep)
7427c478bd9Sstevel@tonic-gate {
7437c478bd9Sstevel@tonic-gate   setup_buf_only();
7447c478bd9Sstevel@tonic-gate   alloc_field(*rep,passwd_phrase_element);
7457c478bd9Sstevel@tonic-gate   retval = asn1_decode_passwdsequence(&buf,*rep);
7467c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
7477c478bd9Sstevel@tonic-gate   cleanup(free);
7487c478bd9Sstevel@tonic-gate }
7497c478bd9Sstevel@tonic-gate 
decode_krb5_pwd_data(const krb5_data * code,krb5_pwd_data ** rep)7507c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_pwd_data(const krb5_data *code, krb5_pwd_data **rep)
7517c478bd9Sstevel@tonic-gate {
7527c478bd9Sstevel@tonic-gate   setup();
7537c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_pwd_data);
7547c478bd9Sstevel@tonic-gate   { begin_structure();
7557c478bd9Sstevel@tonic-gate     get_field((*rep)->sequence_count,0,asn1_decode_int);
7567c478bd9Sstevel@tonic-gate     get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
7577c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_PWD_DATA;
7587c478bd9Sstevel@tonic-gate     end_structure (); }
7597c478bd9Sstevel@tonic-gate   cleanup(free);
7607c478bd9Sstevel@tonic-gate }
7617c478bd9Sstevel@tonic-gate 
decode_krb5_padata_sequence(const krb5_data * code,krb5_pa_data *** rep)7627c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_padata_sequence(const krb5_data *code, krb5_pa_data ***rep)
7637c478bd9Sstevel@tonic-gate {
7647c478bd9Sstevel@tonic-gate   setup_buf_only();
7657c478bd9Sstevel@tonic-gate   *rep = 0;
7667c478bd9Sstevel@tonic-gate   retval = asn1_decode_sequence_of_pa_data(&buf,rep);
7677c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
7687c478bd9Sstevel@tonic-gate   cleanup_none();		/* we're not allocating anything here */
7697c478bd9Sstevel@tonic-gate }
7707c478bd9Sstevel@tonic-gate 
decode_krb5_alt_method(const krb5_data * code,krb5_alt_method ** rep)7717c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **rep)
7727c478bd9Sstevel@tonic-gate {
7737c478bd9Sstevel@tonic-gate   setup();
7747c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_alt_method);
7757c478bd9Sstevel@tonic-gate   { begin_structure();
7767c478bd9Sstevel@tonic-gate     get_field((*rep)->method,0,asn1_decode_int32);
7777c478bd9Sstevel@tonic-gate     if (tagnum == 1) {
7787c478bd9Sstevel@tonic-gate 	get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
7797c478bd9Sstevel@tonic-gate     } else {
7807c478bd9Sstevel@tonic-gate 	(*rep)->length = 0;
7817c478bd9Sstevel@tonic-gate 	(*rep)->data = 0;
7827c478bd9Sstevel@tonic-gate     }
7837c478bd9Sstevel@tonic-gate     (*rep)->magic = KV5M_ALT_METHOD;
7847c478bd9Sstevel@tonic-gate     end_structure();
7857c478bd9Sstevel@tonic-gate   }
7867c478bd9Sstevel@tonic-gate   cleanup(free);
7877c478bd9Sstevel@tonic-gate }
7887c478bd9Sstevel@tonic-gate 
decode_krb5_etype_info(const krb5_data * code,krb5_etype_info_entry *** rep)7897c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_entry ***rep)
7907c478bd9Sstevel@tonic-gate {
7917c478bd9Sstevel@tonic-gate   setup_buf_only();
7927c478bd9Sstevel@tonic-gate   *rep = 0;
7937c478bd9Sstevel@tonic-gate   retval = asn1_decode_etype_info(&buf,rep);
7947c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
7957c478bd9Sstevel@tonic-gate   cleanup_none();		/* we're not allocating anything here */
7967c478bd9Sstevel@tonic-gate }
7977c478bd9Sstevel@tonic-gate 
decode_krb5_etype_info2(const krb5_data * code,krb5_etype_info_entry *** rep)7987c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
7997c478bd9Sstevel@tonic-gate {
8007c478bd9Sstevel@tonic-gate     setup_buf_only();
8017c478bd9Sstevel@tonic-gate     *rep = 0;
8027c478bd9Sstevel@tonic-gate     retval = asn1_decode_etype_info2(&buf,rep, 0);
8037c478bd9Sstevel@tonic-gate     if (retval == ASN1_BAD_ID) {
8047c478bd9Sstevel@tonic-gate 	retval = asn1buf_wrap_data(&buf,code);
8057c478bd9Sstevel@tonic-gate 	if(retval) clean_return(retval);
8067c478bd9Sstevel@tonic-gate 	retval = asn1_decode_etype_info2(&buf, rep, 1);
8077c478bd9Sstevel@tonic-gate     }
8087c478bd9Sstevel@tonic-gate     if(retval) clean_return(retval);
8097c478bd9Sstevel@tonic-gate     cleanup_none();		/* we're not allocating anything here */
8107c478bd9Sstevel@tonic-gate }
8117c478bd9Sstevel@tonic-gate 
8127c478bd9Sstevel@tonic-gate 
decode_krb5_enc_data(const krb5_data * code,krb5_enc_data ** rep)8137c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **rep)
8147c478bd9Sstevel@tonic-gate {
8157c478bd9Sstevel@tonic-gate   setup_buf_only();
8167c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_enc_data);
8177c478bd9Sstevel@tonic-gate 
8187c478bd9Sstevel@tonic-gate   retval = asn1_decode_encrypted_data(&buf,*rep);
8197c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
8207c478bd9Sstevel@tonic-gate 
8217c478bd9Sstevel@tonic-gate   cleanup(free);
8227c478bd9Sstevel@tonic-gate }
8237c478bd9Sstevel@tonic-gate 
decode_krb5_pa_enc_ts(const krb5_data * code,krb5_pa_enc_ts ** rep)8247c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_pa_enc_ts(const krb5_data *code, krb5_pa_enc_ts **rep)
8257c478bd9Sstevel@tonic-gate {
8267c478bd9Sstevel@tonic-gate   setup();
8277c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_pa_enc_ts);
8287c478bd9Sstevel@tonic-gate   { begin_structure();
8297c478bd9Sstevel@tonic-gate     get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
8307c478bd9Sstevel@tonic-gate     if (tagnum == 1) {
8317c478bd9Sstevel@tonic-gate 	get_field((*rep)->pausec,1,asn1_decode_int32);
8327c478bd9Sstevel@tonic-gate     } else
8337c478bd9Sstevel@tonic-gate 	(*rep)->pausec = 0;
8347c478bd9Sstevel@tonic-gate     end_structure (); }
8357c478bd9Sstevel@tonic-gate   cleanup(free);
8367c478bd9Sstevel@tonic-gate }
8377c478bd9Sstevel@tonic-gate 
decode_krb5_sam_challenge(const krb5_data * code,krb5_sam_challenge ** rep)8387c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_sam_challenge(const krb5_data *code, krb5_sam_challenge **rep)
8397c478bd9Sstevel@tonic-gate {
8407c478bd9Sstevel@tonic-gate   setup_buf_only();
8417c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_sam_challenge);
8427c478bd9Sstevel@tonic-gate 
8437c478bd9Sstevel@tonic-gate   retval = asn1_decode_sam_challenge(&buf,*rep);
8447c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
8457c478bd9Sstevel@tonic-gate 
8467c478bd9Sstevel@tonic-gate   cleanup(free);
8477c478bd9Sstevel@tonic-gate }
8487c478bd9Sstevel@tonic-gate 
decode_krb5_sam_challenge_2(const krb5_data * code,krb5_sam_challenge_2 ** rep)8497c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_sam_challenge_2(const krb5_data *code, krb5_sam_challenge_2 **rep)
8507c478bd9Sstevel@tonic-gate {
8517c478bd9Sstevel@tonic-gate   setup_buf_only();
8527c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_sam_challenge_2);
8537c478bd9Sstevel@tonic-gate 
8547c478bd9Sstevel@tonic-gate   retval = asn1_decode_sam_challenge_2(&buf,*rep);
8557c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
8567c478bd9Sstevel@tonic-gate 
8577c478bd9Sstevel@tonic-gate   cleanup(free);
8587c478bd9Sstevel@tonic-gate }
8597c478bd9Sstevel@tonic-gate 
decode_krb5_sam_challenge_2_body(const krb5_data * code,krb5_sam_challenge_2_body ** rep)8607c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_sam_challenge_2_body(const krb5_data *code, krb5_sam_challenge_2_body **rep)
8617c478bd9Sstevel@tonic-gate {
8627c478bd9Sstevel@tonic-gate   setup_buf_only();
8637c478bd9Sstevel@tonic-gate   alloc_field(*rep, krb5_sam_challenge_2_body);
8647c478bd9Sstevel@tonic-gate 
8657c478bd9Sstevel@tonic-gate   retval = asn1_decode_sam_challenge_2_body(&buf, *rep);
8667c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
8677c478bd9Sstevel@tonic-gate 
8687c478bd9Sstevel@tonic-gate   cleanup(free);
8697c478bd9Sstevel@tonic-gate }
8707c478bd9Sstevel@tonic-gate 
decode_krb5_enc_sam_key(const krb5_data * code,krb5_sam_key ** rep)8717c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_sam_key(const krb5_data *code, krb5_sam_key **rep)
8727c478bd9Sstevel@tonic-gate {
8737c478bd9Sstevel@tonic-gate   setup_buf_only();
8747c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_sam_key);
8757c478bd9Sstevel@tonic-gate 
8767c478bd9Sstevel@tonic-gate   retval = asn1_decode_enc_sam_key(&buf,*rep);
8777c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
8787c478bd9Sstevel@tonic-gate 
8797c478bd9Sstevel@tonic-gate   cleanup(free);
8807c478bd9Sstevel@tonic-gate }
8817c478bd9Sstevel@tonic-gate 
decode_krb5_enc_sam_response_enc(const krb5_data * code,krb5_enc_sam_response_enc ** rep)8827c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_sam_response_enc(const krb5_data *code, krb5_enc_sam_response_enc **rep)
8837c478bd9Sstevel@tonic-gate {
8847c478bd9Sstevel@tonic-gate   setup_buf_only();
8857c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_enc_sam_response_enc);
8867c478bd9Sstevel@tonic-gate 
8877c478bd9Sstevel@tonic-gate   retval = asn1_decode_enc_sam_response_enc(&buf,*rep);
8887c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
8897c478bd9Sstevel@tonic-gate 
8907c478bd9Sstevel@tonic-gate   cleanup(free);
8917c478bd9Sstevel@tonic-gate }
8927c478bd9Sstevel@tonic-gate 
decode_krb5_enc_sam_response_enc_2(const krb5_data * code,krb5_enc_sam_response_enc_2 ** rep)8937c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_enc_sam_response_enc_2(const krb5_data *code, krb5_enc_sam_response_enc_2 **rep)
8947c478bd9Sstevel@tonic-gate {
8957c478bd9Sstevel@tonic-gate   setup_buf_only();
8967c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_enc_sam_response_enc_2);
8977c478bd9Sstevel@tonic-gate 
8987c478bd9Sstevel@tonic-gate   retval = asn1_decode_enc_sam_response_enc_2(&buf,*rep);
8997c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
9007c478bd9Sstevel@tonic-gate 
9017c478bd9Sstevel@tonic-gate   cleanup(free);
9027c478bd9Sstevel@tonic-gate }
9037c478bd9Sstevel@tonic-gate 
decode_krb5_sam_response(const krb5_data * code,krb5_sam_response ** rep)9047c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_sam_response(const krb5_data *code, krb5_sam_response **rep)
9057c478bd9Sstevel@tonic-gate {
9067c478bd9Sstevel@tonic-gate   setup_buf_only();
9077c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_sam_response);
9087c478bd9Sstevel@tonic-gate 
9097c478bd9Sstevel@tonic-gate   retval = asn1_decode_sam_response(&buf,*rep);
9107c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
9117c478bd9Sstevel@tonic-gate 
9127c478bd9Sstevel@tonic-gate   cleanup(free);
9137c478bd9Sstevel@tonic-gate }
9147c478bd9Sstevel@tonic-gate 
decode_krb5_sam_response_2(const krb5_data * code,krb5_sam_response_2 ** rep)9157c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_sam_response_2(const krb5_data *code, krb5_sam_response_2 **rep)
9167c478bd9Sstevel@tonic-gate {
9177c478bd9Sstevel@tonic-gate   setup_buf_only();
9187c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_sam_response_2);
9197c478bd9Sstevel@tonic-gate 
9207c478bd9Sstevel@tonic-gate   retval = asn1_decode_sam_response_2(&buf,*rep);
9217c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
9227c478bd9Sstevel@tonic-gate 
9237c478bd9Sstevel@tonic-gate   cleanup(free);
9247c478bd9Sstevel@tonic-gate }
9257c478bd9Sstevel@tonic-gate 
decode_krb5_predicted_sam_response(const krb5_data * code,krb5_predicted_sam_response ** rep)9267c478bd9Sstevel@tonic-gate krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_predicted_sam_response **rep)
9277c478bd9Sstevel@tonic-gate {
9287c478bd9Sstevel@tonic-gate   setup_buf_only();		/* preallocated */
9297c478bd9Sstevel@tonic-gate   alloc_field(*rep,krb5_predicted_sam_response);
9307c478bd9Sstevel@tonic-gate 
9317c478bd9Sstevel@tonic-gate   retval = asn1_decode_predicted_sam_response(&buf,*rep);
9327c478bd9Sstevel@tonic-gate   if(retval) clean_return(retval);
9337c478bd9Sstevel@tonic-gate 
9347c478bd9Sstevel@tonic-gate   cleanup(free);
9357c478bd9Sstevel@tonic-gate }
9367c478bd9Sstevel@tonic-gate 
decode_krb5_pa_pk_as_req(const krb5_data * code,krb5_pa_pk_as_req ** rep)937159d09a2SMark Phalan krb5_error_code decode_krb5_pa_pk_as_req(const krb5_data *code, krb5_pa_pk_as_req **rep)
938159d09a2SMark Phalan {
939159d09a2SMark Phalan   setup_buf_only();
940159d09a2SMark Phalan   alloc_field(*rep, krb5_pa_pk_as_req);
941159d09a2SMark Phalan 
942159d09a2SMark Phalan   retval = asn1_decode_pa_pk_as_req(&buf, *rep);
943159d09a2SMark Phalan   if (retval) clean_return(retval);
944159d09a2SMark Phalan 
945159d09a2SMark Phalan   cleanup(free);
946159d09a2SMark Phalan }
947159d09a2SMark Phalan 
decode_krb5_pa_pk_as_req_draft9(const krb5_data * code,krb5_pa_pk_as_req_draft9 ** rep)948159d09a2SMark Phalan krb5_error_code decode_krb5_pa_pk_as_req_draft9(const krb5_data *code, krb5_pa_pk_as_req_draft9 **rep)
949159d09a2SMark Phalan {
950159d09a2SMark Phalan   setup_buf_only();
951159d09a2SMark Phalan   alloc_field(*rep, krb5_pa_pk_as_req_draft9);
952159d09a2SMark Phalan 
953159d09a2SMark Phalan   retval = asn1_decode_pa_pk_as_req_draft9(&buf, *rep);
954159d09a2SMark Phalan   if (retval) clean_return(retval);
955159d09a2SMark Phalan 
956159d09a2SMark Phalan   cleanup(free);
957159d09a2SMark Phalan }
958159d09a2SMark Phalan 
decode_krb5_pa_pk_as_rep(const krb5_data * code,krb5_pa_pk_as_rep ** rep)959159d09a2SMark Phalan krb5_error_code decode_krb5_pa_pk_as_rep(const krb5_data *code, krb5_pa_pk_as_rep **rep)
960159d09a2SMark Phalan {
961159d09a2SMark Phalan   setup_buf_only();
962159d09a2SMark Phalan   alloc_field(*rep, krb5_pa_pk_as_rep);
963159d09a2SMark Phalan 
964159d09a2SMark Phalan   retval = asn1_decode_pa_pk_as_rep(&buf, *rep);
965159d09a2SMark Phalan   if (retval) clean_return(retval);
966159d09a2SMark Phalan 
967159d09a2SMark Phalan   cleanup(free);
968159d09a2SMark Phalan }
969159d09a2SMark Phalan 
decode_krb5_pa_pk_as_rep_draft9(const krb5_data * code,krb5_pa_pk_as_rep_draft9 ** rep)970159d09a2SMark Phalan krb5_error_code decode_krb5_pa_pk_as_rep_draft9(const krb5_data *code, krb5_pa_pk_as_rep_draft9 **rep)
971159d09a2SMark Phalan {
972159d09a2SMark Phalan   setup_buf_only();
973159d09a2SMark Phalan   alloc_field(*rep, krb5_pa_pk_as_rep_draft9);
974159d09a2SMark Phalan 
975159d09a2SMark Phalan   retval = asn1_decode_pa_pk_as_rep_draft9(&buf, *rep);
976159d09a2SMark Phalan   if (retval) clean_return(retval);
977159d09a2SMark Phalan 
978159d09a2SMark Phalan   cleanup(free);
979159d09a2SMark Phalan }
980159d09a2SMark Phalan 
decode_krb5_auth_pack(const krb5_data * code,krb5_auth_pack ** rep)981159d09a2SMark Phalan krb5_error_code decode_krb5_auth_pack(const krb5_data *code, krb5_auth_pack **rep)
982159d09a2SMark Phalan {
983159d09a2SMark Phalan   setup_buf_only();
984159d09a2SMark Phalan   alloc_field(*rep, krb5_auth_pack);
985159d09a2SMark Phalan 
986159d09a2SMark Phalan   retval = asn1_decode_auth_pack(&buf, *rep);
987159d09a2SMark Phalan   if (retval) clean_return(retval);
988159d09a2SMark Phalan 
989159d09a2SMark Phalan   cleanup(free);
990159d09a2SMark Phalan }
991159d09a2SMark Phalan 
decode_krb5_auth_pack_draft9(const krb5_data * code,krb5_auth_pack_draft9 ** rep)992159d09a2SMark Phalan krb5_error_code decode_krb5_auth_pack_draft9(const krb5_data *code, krb5_auth_pack_draft9 **rep)
993159d09a2SMark Phalan {
994159d09a2SMark Phalan   setup_buf_only();
995159d09a2SMark Phalan   alloc_field(*rep, krb5_auth_pack_draft9);
996159d09a2SMark Phalan 
997159d09a2SMark Phalan   retval = asn1_decode_auth_pack_draft9(&buf, *rep);
998159d09a2SMark Phalan   if (retval) clean_return(retval);
999159d09a2SMark Phalan 
1000159d09a2SMark Phalan   cleanup(free);
1001159d09a2SMark Phalan }
1002159d09a2SMark Phalan 
decode_krb5_kdc_dh_key_info(const krb5_data * code,krb5_kdc_dh_key_info ** rep)1003159d09a2SMark Phalan krb5_error_code decode_krb5_kdc_dh_key_info(const krb5_data *code, krb5_kdc_dh_key_info **rep)
1004159d09a2SMark Phalan {
1005159d09a2SMark Phalan   setup_buf_only();
1006159d09a2SMark Phalan   alloc_field(*rep, krb5_kdc_dh_key_info);
1007159d09a2SMark Phalan 
1008159d09a2SMark Phalan   retval = asn1_decode_kdc_dh_key_info(&buf, *rep);
1009159d09a2SMark Phalan   if (retval) clean_return(retval);
1010159d09a2SMark Phalan 
1011159d09a2SMark Phalan   cleanup(free);
1012159d09a2SMark Phalan }
1013159d09a2SMark Phalan 
decode_krb5_principal_name(const krb5_data * code,krb5_principal_data ** rep)1014*55fea89dSDan Cross krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep)
1015159d09a2SMark Phalan {
1016159d09a2SMark Phalan   setup_buf_only();
1017159d09a2SMark Phalan   alloc_field(*rep, krb5_principal_data);
1018159d09a2SMark Phalan 
1019159d09a2SMark Phalan   retval = asn1_decode_krb5_principal_name(&buf, rep);
1020159d09a2SMark Phalan   if (retval) clean_return(retval);
1021159d09a2SMark Phalan 
1022159d09a2SMark Phalan   cleanup(free);
1023159d09a2SMark Phalan }
1024159d09a2SMark Phalan 
decode_krb5_reply_key_pack(const krb5_data * code,krb5_reply_key_pack ** rep)1025159d09a2SMark Phalan krb5_error_code decode_krb5_reply_key_pack(const krb5_data *code, krb5_reply_key_pack **rep)
1026159d09a2SMark Phalan {
1027159d09a2SMark Phalan   setup_buf_only();
1028159d09a2SMark Phalan   alloc_field(*rep, krb5_reply_key_pack);
1029159d09a2SMark Phalan 
1030159d09a2SMark Phalan   retval = asn1_decode_reply_key_pack(&buf, *rep);
1031159d09a2SMark Phalan   if (retval)
1032159d09a2SMark Phalan     goto error_out;
1033159d09a2SMark Phalan 
1034159d09a2SMark Phalan   cleanup_manual();
1035159d09a2SMark Phalan error_out:
1036159d09a2SMark Phalan   if (rep && *rep) {
1037159d09a2SMark Phalan     if ((*rep)->replyKey.contents)
1038159d09a2SMark Phalan 	free((*rep)->replyKey.contents);
1039159d09a2SMark Phalan     if ((*rep)->asChecksum.contents)
1040159d09a2SMark Phalan       free((*rep)->asChecksum.contents);
1041159d09a2SMark Phalan     free(*rep);
1042159d09a2SMark Phalan     *rep = NULL;
1043159d09a2SMark Phalan   }
1044159d09a2SMark Phalan   return retval;
1045159d09a2SMark Phalan }
1046159d09a2SMark Phalan 
decode_krb5_reply_key_pack_draft9(const krb5_data * code,krb5_reply_key_pack_draft9 ** rep)1047159d09a2SMark Phalan krb5_error_code decode_krb5_reply_key_pack_draft9(const krb5_data *code, krb5_reply_key_pack_draft9 **rep)
1048159d09a2SMark Phalan {
1049159d09a2SMark Phalan   setup_buf_only();
1050159d09a2SMark Phalan   alloc_field(*rep, krb5_reply_key_pack_draft9);
1051159d09a2SMark Phalan 
1052159d09a2SMark Phalan   retval = asn1_decode_reply_key_pack_draft9(&buf, *rep);
1053159d09a2SMark Phalan   if (retval) clean_return(retval);
1054159d09a2SMark Phalan 
1055159d09a2SMark Phalan   cleanup(free);
1056159d09a2SMark Phalan }
1057159d09a2SMark Phalan 
decode_krb5_typed_data(const krb5_data * code,krb5_typed_data *** rep)1058159d09a2SMark Phalan krb5_error_code decode_krb5_typed_data(const krb5_data *code, krb5_typed_data ***rep)
1059159d09a2SMark Phalan {
1060159d09a2SMark Phalan   setup_buf_only();
1061159d09a2SMark Phalan   retval = asn1_decode_sequence_of_typed_data(&buf, rep);
1062159d09a2SMark Phalan   if (retval) clean_return(retval);
1063159d09a2SMark Phalan 
1064159d09a2SMark Phalan   cleanup(free);
1065159d09a2SMark Phalan }
1066159d09a2SMark Phalan 
decode_krb5_td_trusted_certifiers(const krb5_data * code,krb5_external_principal_identifier *** rep)1067159d09a2SMark Phalan krb5_error_code decode_krb5_td_trusted_certifiers(const krb5_data *code, krb5_external_principal_identifier ***rep)
1068159d09a2SMark Phalan {
1069159d09a2SMark Phalan   setup_buf_only();
1070159d09a2SMark Phalan   retval = asn1_decode_sequence_of_external_principal_identifier(&buf, rep);
1071159d09a2SMark Phalan   if (retval) clean_return(retval);
1072159d09a2SMark Phalan 
1073159d09a2SMark Phalan   cleanup(free);
1074159d09a2SMark Phalan }
1075159d09a2SMark Phalan 
decode_krb5_td_dh_parameters(const krb5_data * code,krb5_algorithm_identifier *** rep)1076159d09a2SMark Phalan krb5_error_code decode_krb5_td_dh_parameters(const krb5_data *code, krb5_algorithm_identifier ***rep)
1077159d09a2SMark Phalan {
1078159d09a2SMark Phalan   setup_buf_only();
1079159d09a2SMark Phalan   retval = asn1_decode_sequence_of_algorithm_identifier(&buf, rep);
1080159d09a2SMark Phalan   if (retval) clean_return(retval);
1081159d09a2SMark Phalan 
1082159d09a2SMark Phalan   cleanup(free);
1083159d09a2SMark Phalan }
1084