diff options
author | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2004-04-05 00:49:32 +0000 |
---|---|---|
committer | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2004-04-05 00:49:32 +0000 |
commit | 4ca4500a35b51258d732abd25ea468bc05292ca9 (patch) | |
tree | 1103a92942c84376c5c044f1c2a8a3ecda8db76c /packet-kerberos.c | |
parent | 94fd6c83efbf5b0b00e11c07f1d5f9ce2710544f (diff) |
Add support to decrypt the encrypted part of AS/TSG -REP PDUs.
Now we only need application 25/26 to be dissected as well for it to be
useful ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10553 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'packet-kerberos.c')
-rw-r--r-- | packet-kerberos.c | 66 |
1 files changed, 62 insertions, 4 deletions
diff --git a/packet-kerberos.c b/packet-kerberos.c index 53034e7167..e7eb444b59 100644 --- a/packet-kerberos.c +++ b/packet-kerberos.c @@ -21,7 +21,7 @@ * * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-03.txt * - * $Id: packet-kerberos.c,v 1.54 2004/04/05 00:28:41 sahlberg Exp $ + * $Id: packet-kerberos.c,v 1.55 2004/04/05 00:49:32 sahlberg Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -2564,19 +2564,77 @@ dissect_krb5_AP_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int off +static guint32 KDC_REP_etype; +static int +dissect_krb5_KDC_REP_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +{ + offset=dissect_ber_integer(pinfo, tree, tvb, offset, hf_krb_etype, &KDC_REP_etype); + if(tree){ + proto_item_append_text(tree, " %s", + val_to_str(KDC_REP_etype, krb5_encryption_types, + "%#x")); + } + return offset; +} + +#ifdef HAVE_KERBEROS +static int +dissect_krb5_decrypt_KDC_REP_data (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +{ + guint8 *plaintext=NULL; + int length; + + length=tvb_length_remaining(tvb, offset); + + /* draft-ietf-krb-wg-kerberos-clarifications-05.txt : + * 7.5.1 + * ASREP/TGSREP encryptedparts are encrypted with usage + * == 3 or + * == 8 or + * == 9 + */ + if(!plaintext){ + plaintext=decrypt_krb5_data(pinfo, 3, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype); + } + if(!plaintext){ + plaintext=decrypt_krb5_data(pinfo, 8, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype); + } + if(!plaintext){ + plaintext=decrypt_krb5_data(pinfo, 9, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype); + } + + if(plaintext){ + tvbuff_t *next_tvb; + next_tvb = tvb_new_real_data (plaintext, + length, + length); + tvb_set_child_real_data_tvbuff(tvb, next_tvb); + + /* Add the decrypted data to the data source list. */ + add_new_data_source(pinfo, next_tvb, "Decrypted Krb5"); + + + offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1); + } + return offset; +} +#endif static int dissect_krb5_encrypted_KDC_REP_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) { - offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, NULL); +#ifdef HAVE_KERBEROS + offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, dissect_krb5_decrypt_KDC_REP_data); +#else + offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, NULL); +#endif return offset; -/*qqq*/ } static ber_sequence encrypted_KDC_REP_sequence[] = { { BER_CLASS_CON, 0, 0, - dissect_krb5_etype }, + dissect_krb5_KDC_REP_etype }, { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_krb5_kvno }, { BER_CLASS_CON, 2, 0, |