diff options
author | Erik de Jong <erikdejong@gmail.com> | 2017-02-13 19:31:26 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2017-03-02 23:58:05 +0000 |
commit | f1c75cf6ef7e9f9de1ec7fd798df941b972ec71c (patch) | |
tree | 7d7c2f66bf7595e010026d6f4d3b3a53175af824 /epan/dissectors/packet-tacacs.c | |
parent | 4bd3c4d44ddcdf8e98fdf08a425e3a68e9b18395 (diff) |
Rewrite dissectors to use Libgcrypt functions.
As discussed on the mailinglist, rewriting dissectors to use Libgcrypt
functions as Libgcrypt will be mandatory after change 20030.
Removal of following functions:
- crypt_md4
- crypt_rc4*
- aes_cmac_encrypt_*
- md5_*
- sha1_*
- sha256_*
Further candidates:
- aes_*
- rijndael_*
- ...
Added functions:
- ws_hmac_buffer
Added const macros:
- HASH_MD5_LENGTH
- HASH_SHA1_LENGTH
Changes on epan/crypt/* verified with captures from
https://wiki.wireshark.org/HowToDecrypt802.11
Changes on packet-snmp.c and packet-radius.c verified with captures from
https://wiki.wireshark.org/SampleCapture
Changes on packet-tacacs.c verified with capture from
http://ccie-in-3-months.blogspot.nl/2009/04/decoding-login-credentials-regardless.html
Change-Id: Iea6ba2bf207cf0f1bf2117068fb1abcfeaafaa46
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-tacacs.c')
-rw-r--r-- | epan/dissectors/packet-tacacs.c | 26 |
1 files changed, 9 insertions, 17 deletions
diff --git a/epan/dissectors/packet-tacacs.c b/epan/dissectors/packet-tacacs.c index ec90469db7..b1dc48be6a 100644 --- a/epan/dissectors/packet-tacacs.c +++ b/epan/dissectors/packet-tacacs.c @@ -38,7 +38,7 @@ #include <epan/prefs.h> #include <epan/expert.h> #include <epan/addr_resolv.h> -#include <wsutil/md5.h> +#include <wsutil/wsgcrypt.h> #include <wsutil/ws_printf.h> /* ws_debug_printf */ #include "packet-tacacs.h" @@ -1280,23 +1280,19 @@ proto_reg_handoff_tacplus(void) dissector_add_uint_with_preference("tcp.port", TCP_PORT_TACACS, tacplus_handle); } - -#define MD5_LEN 16 - static void md5_xor( guint8 *data, const char *key, int data_len, guint8 *session_id, guint8 version, guint8 seq_no ) { int i,j; size_t md5_len; - md5_byte_t *md5_buff; - md5_byte_t hash[MD5_LEN]; /* the md5 hash */ - md5_byte_t *mdp; - md5_state_t mdcontext; + guint8 *md5_buff; + guint8 hash[HASH_MD5_LENGTH]; /* the md5 hash */ + guint8 *mdp; md5_len = 4 /* sizeof(session_id) */ + strlen(key) + sizeof(version) + sizeof(seq_no); - md5_buff = (md5_byte_t*)wmem_alloc(wmem_packet_scope(), md5_len+MD5_LEN); + md5_buff = (guint8*)wmem_alloc(wmem_packet_scope(), md5_len + HASH_MD5_LENGTH); mdp = md5_buff; @@ -1308,10 +1304,8 @@ md5_xor( guint8 *data, const char *key, int data_len, guint8 *session_id, guint8 *mdp++ = seq_no; - md5_init(&mdcontext); - md5_append(&mdcontext, md5_buff, md5_len); - md5_finish(&mdcontext,hash); - md5_len += MD5_LEN; + gcry_md_hash_buffer(GCRY_MD_MD5, hash, md5_buff, md5_len); + md5_len += HASH_MD5_LENGTH; for (i = 0; i < data_len; i += 16) { for (j = 0; j < 16; j++) { @@ -1321,10 +1315,8 @@ md5_xor( guint8 *data, const char *key, int data_len, guint8 *session_id, guint8 } data[i + j] ^= hash[j]; } - memcpy(mdp, hash, MD5_LEN); - md5_init(&mdcontext); - md5_append(&mdcontext, md5_buff, md5_len); - md5_finish(&mdcontext,hash); + memcpy(mdp, hash, HASH_MD5_LENGTH); + gcry_md_hash_buffer(GCRY_MD_MD5, hash, md5_buff, md5_len); } } |