diff options
author | Erik de Jong <erikdejong@gmail.com> | 2017-02-13 19:31:26 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2017-03-02 23:58:05 +0000 |
commit | f1c75cf6ef7e9f9de1ec7fd798df941b972ec71c (patch) | |
tree | 7d7c2f66bf7595e010026d6f4d3b3a53175af824 /epan/dissectors/packet-corosync-totemnet.c | |
parent | 4bd3c4d44ddcdf8e98fdf08a425e3a68e9b18395 (diff) |
Rewrite dissectors to use Libgcrypt functions.
As discussed on the mailinglist, rewriting dissectors to use Libgcrypt
functions as Libgcrypt will be mandatory after change 20030.
Removal of following functions:
- crypt_md4
- crypt_rc4*
- aes_cmac_encrypt_*
- md5_*
- sha1_*
- sha256_*
Further candidates:
- aes_*
- rijndael_*
- ...
Added functions:
- ws_hmac_buffer
Added const macros:
- HASH_MD5_LENGTH
- HASH_SHA1_LENGTH
Changes on epan/crypt/* verified with captures from
https://wiki.wireshark.org/HowToDecrypt802.11
Changes on packet-snmp.c and packet-radius.c verified with captures from
https://wiki.wireshark.org/SampleCapture
Changes on packet-tacacs.c verified with capture from
http://ccie-in-3-months.blogspot.nl/2009/04/decoding-login-credentials-regardless.html
Change-Id: Iea6ba2bf207cf0f1bf2117068fb1abcfeaafaa46
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-corosync-totemnet.c')
-rw-r--r-- | epan/dissectors/packet-corosync-totemnet.c | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/epan/dissectors/packet-corosync-totemnet.c b/epan/dissectors/packet-corosync-totemnet.c index 9932df087f..a0e5df2460 100644 --- a/epan/dissectors/packet-corosync-totemnet.c +++ b/epan/dissectors/packet-corosync-totemnet.c @@ -26,7 +26,7 @@ #include <epan/packet.h> #include <epan/prefs.h> -#include <wsutil/sha1.h> +#include <wsutil/wsgcrypt.h> #include <wsutil/sober128.h> static dissector_handle_t corosync_totemsrp_handle; @@ -62,8 +62,7 @@ static gchar** corosync_totemnet_private_keys_list = NULL; /* Initialize the subtree pointers */ static gint ett_corosync_totemnet_security_header = -1; - -#define SALT_SIZE 16 +#define SALT_SIZE 16 #define TOTEM_CRYPTO_SOBER 0 #define TOTEM_CRYPTO_NSS 1 @@ -95,10 +94,10 @@ dissect_corosync_totemnet_security_header(tvbuff_t *tvb, proto_tree_add_item(tree, hf_corosync_totemnet_security_header_hash_digest, - tvb, 0, SHA1_DIGEST_LEN, ENC_NA); + tvb, 0, HASH_SHA1_LENGTH, ENC_NA); proto_tree_add_item(tree, hf_corosync_totemnet_security_header_salt, - tvb, SHA1_DIGEST_LEN, SALT_SIZE, ENC_NA); + tvb, HASH_SHA1_LENGTH, SALT_SIZE, ENC_NA); if (check_crypt_type) { @@ -114,7 +113,7 @@ dissect_corosync_totemnet_security_header(tvbuff_t *tvb, PROTO_ITEM_SET_GENERATED(key_item); } } - return SHA1_DIGEST_LEN + SALT_SIZE; + return HASH_SHA1_LENGTH + SALT_SIZE; } /* About totemnet.c of corosync cluster engine: @@ -258,12 +257,12 @@ dissect_corosynec_totemnet_with_decryption(tvbuff_t *tvb, const gchar* key_for_trial) { unsigned char keys[48]; - sober128_prng keygen_prng_state; - sober128_prng stream_prng_state; + sober128_prng keygen_prng_state; + sober128_prng stream_prng_state; unsigned char *hmac_key = &keys[32]; unsigned char *cipher_key = &keys[16]; unsigned char *initial_vector = &keys[0]; - unsigned char digest_comparison[SHA1_DIGEST_LEN]; + unsigned char digest_comparison[HASH_SHA1_LENGTH]; int io_len; guint8 *io_base; @@ -275,7 +274,7 @@ dissect_corosynec_totemnet_with_decryption(tvbuff_t *tvb, unsigned char* salt; io_len = tvb_reported_length(tvb) - (check_crypt_type? 1: 0); - if (io_len < SHA1_DIGEST_LEN + SALT_SIZE) { + if (io_len < HASH_SHA1_LENGTH + SALT_SIZE) { return 0; } @@ -286,7 +285,7 @@ dissect_corosynec_totemnet_with_decryption(tvbuff_t *tvb, } hash_digest = io_base; - salt = io_base + SHA1_DIGEST_LEN; + salt = io_base + HASH_SHA1_LENGTH; memset(private_key, 0, sizeof(private_key)); @@ -314,19 +313,19 @@ dissect_corosynec_totemnet_with_decryption(tvbuff_t *tvb, /* * Authenticate contents of message */ - sha1_hmac(hmac_key, 16, - io_base + SHA1_DIGEST_LEN, io_len - SHA1_DIGEST_LEN, - digest_comparison); + if (ws_hmac_buffer(GCRY_MD_SHA1, digest_comparison, io_base + HASH_SHA1_LENGTH, io_len - HASH_SHA1_LENGTH, hmac_key, 16)) { + return 0; + } - if (memcmp (digest_comparison, hash_digest, SHA1_DIGEST_LEN) != 0) + if (memcmp (digest_comparison, hash_digest, HASH_SHA1_LENGTH) != 0) return 0; /* * Decrypt the contents of the message with the cipher key */ - sober128_read (io_base + SHA1_DIGEST_LEN + SALT_SIZE, - io_len - (SHA1_DIGEST_LEN + SALT_SIZE), + sober128_read (io_base + HASH_SHA1_LENGTH + SALT_SIZE, + io_len - (HASH_SHA1_LENGTH + SALT_SIZE), &stream_prng_state); @@ -348,11 +347,11 @@ dissect_corosynec_totemnet_with_decryption(tvbuff_t *tvb, check_crypt_type, key_for_trial); next_tvb = tvb_new_subset_length_caplen(decrypted_tvb, - SHA1_DIGEST_LEN + SALT_SIZE, - io_len - (SHA1_DIGEST_LEN + SALT_SIZE), - io_len - (SHA1_DIGEST_LEN + SALT_SIZE)); + HASH_SHA1_LENGTH + SALT_SIZE, + io_len - (HASH_SHA1_LENGTH + SALT_SIZE), + io_len - (HASH_SHA1_LENGTH + SALT_SIZE)); - return call_dissector(corosync_totemsrp_handle, next_tvb, pinfo, parent_tree) + SHA1_DIGEST_LEN + SALT_SIZE; + return call_dissector(corosync_totemsrp_handle, next_tvb, pinfo, parent_tree) + HASH_SHA1_LENGTH + SALT_SIZE; } } |