epan/dissectors/packet-kerberos.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179

/* Do not modify this file. Changes will be overwritten.                      */
/* Generated automatically by the ASN.1 to Wireshark dissector compiler       */
/* packet-kerberos.h                                                          */
/* asn2wrs.py -b -p kerberos -c ./kerberos.cnf -s ./packet-kerberos-template -D . -O ../.. KerberosV5Spec2.asn k5.asn RFC3244.asn */

/* Input file: packet-kerberos-template.h */

#line 1 "./asn1/kerberos/packet-kerberos-template.h"
/* packet-kerberos.h
 * Routines for kerberos packet dissection
 * Copyright 2007, Anders Broman <anders.broman@ericsson.com>
 *
 * Wireshark - Network traffic analyzer
 * By Gerald Combs <gerald@wireshark.org>
 * Copyright 1998 Gerald Combs
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

#ifndef __PACKET_KERBEROS_H
#define __PACKET_KERBEROS_H

#include "ws_symbol_export.h"

#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */

/* This is a list of callback functions a caller can use to specify that
   octet strings in kerberos to be passed back to application specific
   dissectors, outside of kerberos.
   This is used for dissection of application specific data for PacketCable
   KRB_SAFE user data and eventually to pass kerberos session keys
   to future DCERPC decryption and other uses.
   The list is terminated by {0, NULL }
*/
#define KRB_CBTAG_SAFE_USER_DATA	        1
#define KRB_CBTAG_PRIV_USER_DATA	        2
typedef struct _kerberos_callbacks {
	int tag;
	int (*callback)(packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree);
} kerberos_callbacks;

/* Function prototypes */

gint
dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean do_col_info, kerberos_callbacks *cb);

int
dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);

int
dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);

int dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
int dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
guint32 kerberos_output_keytype(void);

guint get_krb_pdu_len(packet_info *, tvbuff_t *tvb, int offset, void *data _U_);

gint kerberos_rm_to_reclen(guint krb_rm);

void
show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm);

#ifdef HAVE_KERBEROS
#define KRB_MAX_ORIG_LEN	256

#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
typedef struct _enc_key_t {
	struct _enc_key_t	*next;
	int keytype;
	int keylength;
	char *keyvalue;
	char 			key_origin[KRB_MAX_ORIG_LEN+1];
	int fd_num; /* remember where we learned a key */
} enc_key_t;
extern enc_key_t *enc_key_list;

guint8 *
decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
			int usage,
			tvbuff_t *crypototvb,
			int keytype,
			int *datalen);

#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */

extern gboolean krb_decrypt;

WS_DLL_PUBLIC
void read_keytab_file(const char *);

WS_DLL_PUBLIC
void read_keytab_file_from_preferences(void);

#endif /* HAVE_KERBEROS */

/* encryption type constants */
#define KRB5_ENCTYPE_NULL		0
#define KRB5_ENCTYPE_DES_CBC_CRC	1
#define KRB5_ENCTYPE_DES_CBC_MD4	2
#define KRB5_ENCTYPE_DES_CBC_MD5	3
#define KRB5_ENCTYPE_DES_CBC_RAW	4
#define KRB5_ENCTYPE_DES3_CBC_SHA	5
#define KRB5_ENCTYPE_DES3_CBC_RAW	6
#define KRB5_ENCTYPE_DES_HMAC_SHA1	8
#define KRB5_ENCTYPE_DSA_SHA1_CMS	9
#define KRB5_ENCTYPE_RSA_MD5_CMS	10
#define KRB5_ENCTYPE_RSA_SHA1_CMS	11
#define KRB5_ENCTYPE_RC2_CBC_ENV	12
#define KRB5_ENCTYPE_RSA_ENV		13
#define KRB5_ENCTYPE_RSA_ES_OEAP_ENV	14
#define KRB5_ENCTYPE_DES_EDE3_CBC_ENV	15
#define KRB5_ENCTYPE_DES3_CBC_SHA1	16
#define KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 17
#define KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 18
#define KRB5_ENCTYPE_DES_CBC_MD5_NT	20
#define KERB_ENCTYPE_RC4_HMAC		23
#define KERB_ENCTYPE_RC4_HMAC_EXP	24
#define KRB5_ENCTYPE_UNKNOWN		0x1ff
#define KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1	0x7007
#define KRB5_ENCTYPE_RC4_PLAIN_EXP	0xffffff73
#define KRB5_ENCTYPE_RC4_PLAIN		0xffffff74
#define KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP	0xffffff78
#define KRB5_ENCTYPE_RC4_HMAC_OLD_EXP	0xffffff79
#define KRB5_ENCTYPE_RC4_PLAIN_OLD	0xffffff7a
#define KRB5_ENCTYPE_RC4_HMAC_OLD	0xffffff7b
#define KRB5_ENCTYPE_DES_PLAIN		0xffffff7c
#define KRB5_ENCTYPE_RC4_SHA		0xffffff7d
#define KRB5_ENCTYPE_RC4_LM		0xffffff7e
#define KRB5_ENCTYPE_RC4_PLAIN2		0xffffff7f
#define KRB5_ENCTYPE_RC4_MD4		0xffffff80


/*--- Included file: packet-kerberos-exp.h ---*/
#line 1 "./asn1/kerberos/packet-kerberos-exp.h"

/* enumerated values for Applications */
#define KERBEROS_APPLICATIONS_TICKET   1
#define KERBEROS_APPLICATIONS_AUTHENTICATOR   2
#define KERBEROS_APPLICATIONS_ENCTICKETPART   3
#define KERBEROS_APPLICATIONS_AS_REQ  10
#define KERBEROS_APPLICATIONS_AS_REP  11
#define KERBEROS_APPLICATIONS_TGS_REQ  12
#define KERBEROS_APPLICATIONS_TGS_REP  13
#define KERBEROS_APPLICATIONS_AP_REQ  14
#define KERBEROS_APPLICATIONS_AP_REP  15
#define KERBEROS_APPLICATIONS_KRB_SAFE  20
#define KERBEROS_APPLICATIONS_KRB_PRIV  21
#define KERBEROS_APPLICATIONS_KRB_CRED  22
#define KERBEROS_APPLICATIONS_ENCASREPPART  25
#define KERBEROS_APPLICATIONS_ENCTGSREPPART  26
#define KERBEROS_APPLICATIONS_ENCAPREPPART  27
#define KERBEROS_APPLICATIONS_ENCKRBPRIVPART  28
#define KERBEROS_APPLICATIONS_ENCKRBCREDPART  29
#define KERBEROS_APPLICATIONS_KRB_ERROR  30
int dissect_kerberos_ChangePasswdData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);

/*--- End of included file: packet-kerberos-exp.h ---*/
#line 140 "./asn1/kerberos/packet-kerberos-template.h"

#ifdef __cplusplus
}
#endif /* __cplusplus */

#endif  /* __PACKET_KERBEROS_H */