# editcap specifics
editcap_SOURCES = \
editcap.c \
- epan/crypt-md5.c
+ epan/crypt/crypt-md5.c
# dftest specifics
dftest_SOURCES = \
/OUT:capinfos.exe $(conflags) $(conlibsdll) $(LDFLAGS) /SUBSYSTEM:console capinfos.obj getopt.obj $(capinfos_LIBS) image\capinfos.res
<<
-editcap.exe : config.h editcap.obj getopt.obj strptime.obj epan\crypt-md5.obj wiretap\wiretap-$(WTAP_VERSION).lib image\editcap.res
+editcap.exe : config.h editcap.obj getopt.obj strptime.obj epan\crypt\crypt-md5.obj wiretap\wiretap-$(WTAP_VERSION).lib image\editcap.res
@echo Linking $@
$(LINK) @<<
/OUT:editcap.exe $(conflags) $(conlibsdll) $(LDFLAGS) /SUBSYSTEM:console editcap.obj getopt.obj strptime.obj epan\crypt-md5.obj $(editcap_LIBS) image\editcap.res
#include "packet-x509if.h"
#include <epan/sha1.h>
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
#define PNAME "Cryptographic Message Syntax"
#define PSNAME "CMS"
sha1_starts(&sha1_ctx);
- sha1_update(&sha1_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
+ sha1_update(&sha1_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
tvb_length(content));
sha1_finish(&sha1_ctx, digest_buf);
md5_init(&md5_ctx);
- md5_append(&md5_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
+ md5_append(&md5_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
tvb_length(content));
-
+
md5_finish(&md5_ctx, digest_buf);
buffer_size = MD5_BUFFER_SIZE;
}
if(buffer_size) {
- /* compare our computed hash with what we have received */
+ /* compare our computed hash with what we have received */
if(tvb_bytes_exist(tvb, offset, buffer_size) &&
- (memcmp(tvb_get_ptr(tvb, offset, buffer_size), digest_buf, buffer_size) != 0)) {
+ (memcmp(tvb_get_ptr(tvb, offset, buffer_size), digest_buf, buffer_size) != 0)) {
proto_item_append_text(pi, " [incorrect, should be ");
for(i = 0; i < buffer_size; i++)
proto_item_append_text(pi, "%02X", digest_buf[i]);
#include "packet-spnego-fn.c"
/*
* This is the SPNEGO KRB5 dissector. It is not true KRB5, but some ASN.1
- * wrapped blob with an OID, USHORT token ID, and a Ticket, that is also
+ * wrapped blob with an OID, USHORT token ID, and a Ticket, that is also
* ASN.1 wrapped by the looks of it. It conforms to RFC1964.
- */
+ */
#define KRB_TOKEN_AP_REQ 0x0001
#define KRB_TOKEN_AP_REP 0x0002
gint32 tag;
guint32 len;
- item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, offset,
+ item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, offset,
-1, FALSE);
subtree = proto_item_add_subtree(item, ett_spnego_krb5);
* [APPLICATION 0] {
* OID,
* USHORT (0x0001 == AP-REQ, 0x0002 == AP-REP, 0x0003 == ERROR),
- * OCTET STRING }
+ * OCTET STRING }
*
* However, for some protocols, the KRB5 blob starts at the SHORT
* and has no DER encoded header etc.
case KRB_TOKEN_AP_REQ:
case KRB_TOKEN_AP_REP:
case KRB_TOKEN_AP_ERR:
- krb5_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ krb5_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset = dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE, NULL);
break;
case KRB_TOKEN_GETMIC:
- offset = dissect_spnego_krb5_getmic_base(tvb, offset, pinfo, subtree);
+ offset = dissect_spnego_krb5_getmic_base(tvb, offset, pinfo, subtree);
break;
case KRB_TOKEN_WRAP:
}
#ifdef HAVE_KERBEROS
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
#ifndef KEYTYPE_ARCFOUR_56
# define KEYTYPE_ARCFOUR_56 24
memcpy(L40 + 10, T, sizeof(T));
md5_hmac(
- L40, 14,
+ L40, 14,
key_data,
- key_size,
+ key_size,
k5_data);
memset(&k5_data[7], 0xAB, 9);
} else {
md5_hmac(
- T, 4,
+ T, 4,
key_data,
key_size,
k5_data);
}
md5_hmac(
- cksum_data, cksum_size,
+ cksum_data, cksum_size,
k5_data,
- 16,
+ 16,
key6_data);
return 0;
unsigned char digest[16];
int rc4_usage;
guint8 cksum[16];
-
+
rc4_usage=usage2arcfour(usage);
- md5_hmac(signature, sizeof(signature),
- key_data, key_length,
+ md5_hmac(signature, sizeof(signature),
+ key_data, key_length,
ksign_c);
md5_init(&ms);
t[0] = (rc4_usage >> 0) & 0xFF;
* Verify padding of a gss wrapped message and return its length.
*/
static int
-gssapi_verify_pad(unsigned char *wrapped_data, int wrapped_length,
+gssapi_verify_pad(unsigned char *wrapped_data, int wrapped_length,
size_t datalen,
size_t *padlen)
{
{
rc4_state_struct rc4_state;
-
+
crypt_rc4_init(&rc4_state, k6_data, sizeof(k6_data));
memcpy(SND_SEQ, (unsigned char *)tvb_get_ptr(pinfo->gssapi_wrap_tvb, 8, 8), 8);
crypt_rc4(&rc4_state, SND_SEQ, 8);
memcpy(output_message_buffer, input_message_buffer, datalen);
crypt_rc4(&rc4_state, output_message_buffer, datalen);
} else {
- memcpy(Confounder,
- tvb_get_ptr(pinfo->gssapi_wrap_tvb, 24, 8),
+ memcpy(Confounder,
+ tvb_get_ptr(pinfo->gssapi_wrap_tvb, 24, 8),
8); /* Confounder */
- memcpy(output_message_buffer,
- input_message_buffer,
+ memcpy(output_message_buffer,
+ input_message_buffer,
datalen);
}
memset(k6_data, 0, sizeof(k6_data));
if(pinfo->decrypt_gssapi_tvb==DECRYPT_GSSAPI_NORMAL){
ret = arcfour_mic_cksum(key_value, key_size,
KRB5_KU_USAGE_SEAL,
- cksum_data,
+ cksum_data,
tvb_get_ptr(pinfo->gssapi_wrap_tvb, 0, 8), 8,
Confounder, sizeof(Confounder),
- output_message_buffer,
+ output_message_buffer,
datalen + padlen);
if (ret) {
return -10;
}
- cmp = memcmp(cksum_data,
+ cmp = memcmp(cksum_data,
tvb_get_ptr(pinfo->gssapi_wrap_tvb, 16, 8),
8); /* SGN_CKSUM */
if (cmp) {
/*
* The KRB5 blob conforms to RFC1964:
* USHORT (0x0102 == GSS_Wrap)
- * and so on }
+ * and so on }
*/
/* Now, the sign and seal algorithms ... */
int len;
len=tvb_reported_length_remaining(tvb,offset);
if(len>tvb_length_remaining(tvb, offset)){
- /* no point in trying to decrypt,
+ /* no point in trying to decrypt,
we dont have the full pdu.
*/
return offset;
pinfo->gssapi_encrypted_tvb = tvb_new_subset(
tvb, offset, len, len);
}
-
+
/* if this is KRB5 wrapped rc4-hmac */
if((token_id==KRB_TOKEN_WRAP)
&&(sgn_alg==KRB_SGN_ALG_HMAC)
23 /* rc4-hmac */);
#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
}
- }
+ }
#endif
/*
* Return the offset past the checksum, so that we know where
* the data we're wrapped around starts. Also, set the length
* of our top-level item to that offset, so it doesn't cover
* the data we're wrapped around.
- *
+ *
* Note that for DCERPC the GSSAPI blobs comes after the data it wraps,
* not before.
*/
/*
* The KRB5 blob conforms to RFC1964:
* USHORT (0x0101 == GSS_GetMIC)
- * and so on }
+ * and so on }
*/
/* Now, the sign algorithm ... */
/*
* The KRB5 blob conforms to RFC1964:
* USHORT (0x0102 == GSS_Wrap)
- * and so on }
+ * and so on }
*/
/* First, the token ID ... */
*/
- item = proto_tree_add_item(tree, hf_spnego, tvb, offset,
+ item = proto_tree_add_item(tree, hf_spnego, tvb, offset,
-1, FALSE);
subtree = proto_item_add_subtree(item, ett_spnego);
pinfo->destport, 0);
if (conversation) {
- next_level_value = conversation_get_proto_data(conversation,
+ next_level_value = conversation_get_proto_data(conversation,
proto_spnego);
if (next_level_value)
p_add_proto_data(pinfo->fd, proto_spnego, next_level_value);
}
}
- item = proto_tree_add_item(parent_tree, hf_spnego, tvb, offset,
+ item = proto_tree_add_item(parent_tree, hf_spnego, tvb, offset,
-1, FALSE);
subtree = proto_item_add_subtree(item, ett_spnego);
{ "krb5_blob", "spnego.krb5.blob", FT_BYTES,
BASE_NONE, NULL, 0, "krb5_blob", HFILL }},
{ &hf_spnego_krb5_oid,
- { "KRB5 OID", "spnego.krb5_oid", FT_STRING,
+ { "KRB5 OID", "spnego.krb5_oid", FT_STRING,
BASE_NONE, NULL, 0, "KRB5 OID", HFILL }},
{ &hf_spnego_krb5_tok_id,
{ "krb5_tok_id", "spnego.krb5.tok_id", FT_UINT16, BASE_HEX,
BSD & BSD-like
--------------
-epan/crypt-md5.c:
-epan/crypt-md5.h:
+epan/crypt/crypt-md5.c:
+epan/crypt/crypt-md5.h:
* Copyright (C) 1999, 2000, 2002 Aladdin Enterprises. All rights reserved.
*
* This software is provided 'as-is', without any express or implied
# include "strptime.h"
#endif
-#include "epan/crypt-md5.h"
+#include "epan/crypt/crypt-md5.h"
#include "svnversion.h"
struct tm starttm;
memset(&starttm,0,sizeof(struct tm));
-
+
if(!strptime(optarg,"%F %T",&starttm)) {
fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n",
optarg);
check_startstop = TRUE;
starttm.tm_isdst = -1;
-
+
starttime = mktime(&starttm);
break;
}
crcdrm.c \
crypt-des.c \
crypt-md4.c \
- crypt-md5.c \
crypt-rc4.c \
dtd_grammar.c \
dtd_parse.c \
crcdrm.h \
crypt-des.h \
crypt-md4.h \
- crypt-md5.h \
crypt-rc4.h \
dtd.h \
dtd_grammar.h \
airpdcap.c \
airpdcap_ccmp.c \
airpdcap_debug.c \
- airpdcap_md5.c \
airpdcap_rijndael.c \
airpdcap_sha1.c \
airpdcap_tkip.c \
- airpdcap_wep.c
+ airpdcap_wep.c \
+ crypt-md5.c
LIBAIRPDCAP_INCLUDES = \
airpdcap_ccmp.h \
airpdcap_debug.h \
airpdcap_interop.h \
airpdcap_int.h \
- airpdcap_md5.h \
airpdcap_rijndael.h \
airpdcap_sha1.h \
airpdcap_system.h \
airpdcap_user.h \
airpdcap_wep.h \
airpdcap_ws.h \
+ crypt-md5.h \
wep-wpadefs.h
#include "airpdcap_wep.h"
#include "airpdcap_sha1.h"
+#include "crypt-md5.h"
#include "airpdcap_debug.h"
INT AirPDcapRsnaMicCheck(
UCHAR *eapol,
- const USHORT eapol_len,
- const UCHAR KCK[AIRPDCAP_WPA_KCK_LEN],
- const USHORT key_ver)
+ USHORT eapol_len,
+ UCHAR KCK[AIRPDCAP_WPA_KCK_LEN],
+ USHORT key_ver)
;
/**
/* check if the packet as an LLC header and the packet is 802.1X authentication (IEEE 802.1X-2004, pg. 24) */
if (data[offset]==0xAA && /* DSAP=SNAP */
- data[offset+1]==0xAA && /* SSAP=SNAP */
- data[offset+2]==0x03 && /* Control field=Unnumbered frame */
- data[offset+3]==0x00 && /* Org. code=encaps. Ethernet */
+ data[offset+1]==0xAA && /* SSAP=SNAP */
+ data[offset+2]==0x03 && /* Control field=Unnumbered frame */
+ data[offset+3]==0x00 && /* Org. code=encaps. Ethernet */
data[offset+4]==0x00 &&
data[offset+5]==0x00 &&
- data[offset+6]==0x88 && /* Type: 802.1X authentication */
+ data[offset+6]==0x88 && /* Type: 802.1X authentication */
data[offset+7]==0x8E) {
AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapPacketProcess", "Authentication: EAPOL packet", AIRPDCAP_DEBUG_LEVEL_3);
INT AirPDcapRsnaMicCheck(
UCHAR *eapol,
- const USHORT eapol_len,
- const UCHAR KCK[AIRPDCAP_WPA_KCK_LEN],
- const USHORT key_ver)
+ USHORT eapol_len,
+ UCHAR KCK[AIRPDCAP_WPA_KCK_LEN],
+ USHORT key_ver)
{
UCHAR mic[AIRPDCAP_WPA_MICKEY_LEN];
- UCHAR c_mic[20]; /* MIC 16 byte, the HMAC-SHA1 use a buffer of 20 bytes */
+ UCHAR c_mic[20]; /* MIC 16 byte, the HMAC-SHA1 use a buffer of 20 bytes */
/* copy the MIC from the EAPOL packet */
memcpy(mic, eapol+AIRPDCAP_WPA_MICKEY_OFFSET+4, AIRPDCAP_WPA_MICKEY_LEN);
- /* set to 0 the MIC in the EAPOL packet (to calculate the MIC) */
+ /* set to 0 the MIC in the EAPOL packet (to calculate the MIC) */
memset(eapol+AIRPDCAP_WPA_MICKEY_OFFSET+4, 0, AIRPDCAP_WPA_MICKEY_LEN);
if (key_ver==AIRPDCAP_WPA_KEY_VER_CCMP) {
- /* use HMAC-MD5 for the EAPOL-Key MIC */
- AirPDcapAlgHmacMd5((UCHAR *)KCK, AIRPDCAP_WPA_KCK_LEN, eapol, eapol_len, c_mic);
+ /* use HMAC-MD5 for the EAPOL-Key MIC */
+ md5_hmac(eapol, eapol_len, KCK, AIRPDCAP_WPA_KCK_LEN, c_mic);
} else if (key_ver==AIRPDCAP_WPA_KEY_VER_AES_CCMP) {
- /* use HMAC-SHA1-128 for the EAPOL-Key MIC */
+ /* use HMAC-SHA1-128 for the EAPOL-Key MIC */
AirPDcapAlgHmacSha1(KCK, AIRPDCAP_WPA_KCK_LEN, eapol, eapol_len, c_mic);
} else
- /* key descriptor version not recognized */
+ /* key descriptor version not recognized */
return AIRPDCAP_RET_UNSUCCESS;
- /* compare calculated MIC with the Key MIC and return result (0 means success) */
+ /* compare calculated MIC with the Key MIC and return result (0 means success) */
return memcmp(mic, c_mic, AIRPDCAP_WPA_MICKEY_LEN);
}
+++ /dev/null
-/******************************************************************************/
-/* File includes */
-/* */
-#include "airpdcap_system.h"
-#include "airpdcap_int.h"
-
-#include "airpdcap_debug.h"
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* NOTE: All the code listed here has been taken from IETF RFC 1321 (MD5 */
-/* functions) and IETF RFC 2104 (HMAC_MD5 function). Refer to that */
-/* standard for any further information. */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Internal definitions */
-/* */
-#define S11 7
-#define S12 12
-#define S13 17
-#define S14 22
-#define S21 5
-#define S22 9
-#define S23 14
-#define S24 20
-#define S31 4
-#define S32 11
-#define S33 16
-#define S34 23
-#define S41 6
-#define S42 10
-#define S43 15
-#define S44 21
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Internal macros */
-/* */
-/* F, G, H and I are basic MD5 functions.
-*/
-#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
-#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
-#define H(x, y, z) ((x) ^ (y) ^ (z))
-#define I(x, y, z) ((y) ^ ((x) | (~z)))
-
-/* ROTATE_LEFT rotates x left n bits.
-*/
-#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
-
-/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
-Rotation is separate from addition to prevent recomputation.
-*/
-#define FF(a, b, c, d, x, s, ac) { \
- (a) += F ((b), (c), (d)) + (x) + (ULONG)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define GG(a, b, c, d, x, s, ac) { \
- (a) += G ((b), (c), (d)) + (x) + (ULONG)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define HH(a, b, c, d, x, s, ac) { \
- (a) += H ((b), (c), (d)) + (x) + (ULONG)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define II(a, b, c, d, x, s, ac) { \
- (a) += I ((b), (c), (d)) + (x) + (ULONG)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Internal type definitions */
-/* */
-/* MD5 context. */
-typedef struct {
- ULONG state[4]; /* state (ABCD) */
- ULONG count[2]; /* number of bits, modulo 2^64 (lsb first) */
- UCHAR buffer[64]; /* input buffer */
-} MD5_CTX;
-
-
-static UCHAR PADDING[64] = {
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Internal function prototypes declarations */
-/* */
-void MD5Final(
- UCHAR digest[16],
- MD5_CTX *context)
- ;
-void MD5Update(
- MD5_CTX *context,
- UCHAR *input,
- UINT inputLen)
- ;
-void MD5Init(
- MD5_CTX *context)
- ;
-static void MD5_memset(
- UCHAR *output,
- INT value,
- UINT len)
- ;
-static void MD5_memcpy(
- UCHAR *output,
- UCHAR *input,
- UINT len)
- ;
-static void Decode(
- ULONG *output,
- UCHAR *input,
- UINT len)
- ;
-static void Encode(
- UCHAR *output,
- ULONG *input,
- UINT len)
- ;
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Function definitions */
-/* */
-/* Encodes input (ULONG) into output (UCHAR). Assumes len is
-a multiple of 4.
-*/
-static void Encode(
- UCHAR *output,
- ULONG *input,
- UINT len)
-{
- UINT i, j;
-
- for (i = 0, j = 0; j < len; i++, j += 4) {
- output[j] = (UCHAR)(input[i] & 0xff);
- output[j+1] = (UCHAR)((input[i] >> 8) & 0xff);
- output[j+2] = (UCHAR)((input[i] >> 16) & 0xff);
- output[j+3] = (UCHAR)((input[i] >> 24) & 0xff);
- }
-}
-
-/* Decodes input (UCHAR) into output (ULONG). Assumes len is
-a multiple of 4.
-*/
-static void Decode(
- ULONG *output,
- UCHAR *input,
- UINT len)
-{
- UINT i, j;
-
- for (i = 0, j = 0; j < len; i++, j += 4)
- output[i] = ((ULONG)input[j]) | (((ULONG)input[j+1]) << 8) |
- (((ULONG)input[j+2]) << 16) | (((ULONG)input[j+3]) << 24);
-}
-
-/* Note: Replace "for loop" with standard memcpy if possible.
-*/
-
-static void MD5_memcpy(
- UCHAR *output,
- UCHAR *input,
- UINT len)
-{
- UINT i;
-
- for (i = 0; i < len; i++)
- output[i] = input[i];
-}
-
-/* Note: Replace "for loop" with standard memset if possible.
-*/
-static void MD5_memset(
- UCHAR *output,
- INT value,
- UINT len)
-{
- UINT i;
-
- for (i = 0; i < len; i++)
- ((CHAR *)output)[i] = (CHAR)value;
-}
-
-/* MD5 basic transformation. Transforms state based on block.
-*/
-static void MD5Transform(
- ULONG state[4],
- UCHAR block[64])
-{
- ULONG a = state[0], b = state[1], c = state[2], d = state[3], x[16];
-
- Decode (x, block, 64);
-
- /* Round 1 */
- FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
- FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
- FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
- FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
- FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
- FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
- FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
- FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
- FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
- FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
- FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
- FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
- FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
- FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
- FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
- FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-
- /* Round 2 */
- GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
- GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
- GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
- GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
- GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
- GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
- GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
- GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
- GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
- GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
- GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
- GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
- GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
- GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
- GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
- GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-
- /* Round 3 */
- HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
- HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
- HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
- HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
- HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
- HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
- HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
- HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
- HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
- HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
- HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
- HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
- HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
- HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
- HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
- HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
-
- /* Round 4 */
- II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
- II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
- II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
- II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
- II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
- II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
- II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
- II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
- II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
- II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
- II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
- II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
- II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
- II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
- II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
- II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
-
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
-
- /* Zeroize sensitive information.
- */
- MD5_memset ((UCHAR *)x, 0, sizeof (x));
-}
-
-/* MD5 initialization. Begins an MD5 operation, writing a new context.
-*/
-void MD5Init(
- MD5_CTX *context)
-{
- memset(context, 0, sizeof(context));
-
- context->count[0] = context->count[1] = 0;
- /* Load magic initialization constants.
- */
- context->state[0] = 0x67452301;
- context->state[1] = 0xefcdab89;
- context->state[2] = 0x98badcfe;
- context->state[3] = 0x10325476;
-}
-
-/* MD5 block update operation. Continues an MD5 message-digest
-operation, processing another message block, and updating the
-context.
-*/
-void MD5Update(
- MD5_CTX *context,
- UCHAR *input,
- UINT inputLen)
-{
- UINT i, index, partLen;
-
- /* Compute number of bytes mod 64 */
- index = (UINT)((context->count[0] >> 3) & 0x3F);
-
- /* Update number of bits */
- if ((context->count[0] += ((ULONG)inputLen << 3))
- < ((ULONG)inputLen << 3))
- context->count[1]++;
- context->count[1] += ((ULONG)inputLen >> 29);
-
- partLen = 64 - index;
-
- /* Transform as many times as possible.
- */
- if (inputLen >= partLen) {
- MD5_memcpy
- ((UCHAR *)&context->buffer[index], (UCHAR *)input, partLen);
- MD5Transform (context->state, context->buffer);
-
- for (i = partLen; i + 63 < inputLen; i += 64)
- MD5Transform (context->state, &input[i]);
-
- index = 0;
- }
- else
- i = 0;
-
- /* Buffer remaining input */
- MD5_memcpy
- ((UCHAR *)&context->buffer[index], (UCHAR *)&input[i],
- inputLen-i);
-}
-
-/* MD5 finalization. Ends an MD5 message-digest operation, writing the
-the message digest and zeroizing the context.
-*/
-void MD5Final(
- UCHAR digest[16],
- MD5_CTX *context)
-{
- UCHAR bits[8];
- UINT index, padLen;
-
- /* Save number of bits */
- Encode (bits, context->count, 8);
-
- /* Pad out to 56 mod 64.
- */
- index = (UINT)((context->count[0] >> 3) & 0x3f);
- padLen = (index < 56) ? (56 - index) : (120 - index);
- MD5Update (context, PADDING, padLen);
-
- /* Append length (before padding) */
- MD5Update (context, bits, 8);
-
- /* Store state in digest */
- Encode (digest, context->state, 16);
-
- /* Zeroize sensitive information.
- */
- MD5_memset ((UCHAR *)context, 0, sizeof (*context));
-}
-
-void AirPDcapAlgHmacMd5(
- UCHAR *key, /* pointer to authentication key */
- INT key_len, /* length of authentication key */
- const UCHAR *text, /* pointer to data stream */
- const INT text_len, /* length of data stream */
- UCHAR *digest) /* caller digest to be filled in */
-{
- MD5_CTX context;
- UCHAR k_ipad[65]; /* inner padding -
- * key XORd with ipad
- */
- UCHAR k_opad[65]; /* outer padding -
- * key XORd with opad
- */
- UCHAR tk[16];
- INT i;
- /* if key is longer than 64 bytes reset it to key=MD5(key) */
- if (key_len > 64) {
-
- MD5_CTX tctx;
-
- MD5Init(&tctx);
- MD5Update(&tctx, key, key_len);
- MD5Final(tk, &tctx);
-
- key = tk;
- key_len = 16;
- }
-
- /*
- * the HMAC_MD5 transform looks like:
- *
- * MD5(K XOR opad, MD5(K XOR ipad, text))
- *
- * where K is an n byte key
- * ipad is the byte 0x36 repeated 64 times
- * opad is the byte 0x5c repeated 64 times
- * and text is the data being protected
- */
-
- /* start out by storing key in pads */
- memset( k_ipad, 0, sizeof k_ipad);
- memset( k_opad, 0, sizeof k_opad);
- memcpy( k_ipad, key, key_len);
- memcpy( k_opad, key, key_len);
-
- /* XOR key with ipad and opad values */
- for (i=0; i<64; i++) {
- k_ipad[i] ^= 0x36;
- k_opad[i] ^= 0x5c;
- }
- /*
- * perform inner MD5
- */
- MD5Init(&context); /* init context for 1st
- * pass */
- MD5Update(&context, k_ipad, 64); /* start with inner pad */
- MD5Update(&context, (UCHAR *)text, text_len); /* then text of datagram */
- MD5Final(digest, &context); /* finish up 1st pass */
- /*
- * perform outer MD5
- */
- MD5Init(&context); /* init context for 2nd
- * pass */
- MD5Update(&context, k_opad, 64); /* start with outer pad */
- MD5Update(&context, digest, 16); /* then results of 1st
- * hash */
- MD5Final(digest, &context); /* finish up 2nd pass */
-}
-/* */
-/******************************************************************************/
#ifndef _AIRPDCAP_SYSTEM_H
#define _AIRPDCAP_SYSTEM_H
-/******************************************************************************/
-/* File includes */
-/* */
+/************************************************************************/
+/* File includes */
+
#include "airpdcap_interop.h"
#include "airpdcap_user.h"
-/* */
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Constant definitions */
-/* */
-/* General definitions */
+
+/************************************************************************/
+/* Constant definitions */
+
+/* General definitions */
#ifndef TRUE
#define TRUE 1
#endif
#define AIRPDCAP_MAX_KEYS_NR 64
#define AIRPDCAP_MAX_SEC_ASSOCIATIONS_NR 256
-/* Decryption algorithms fields size definition (bytes) */
+/* Decryption algorithms fields size definition (bytes) */
#define AIRPDCAP_WPA_NONCE_LEN 32
#define AIRPDCAP_WPA_PTK_LEN 64 /* TKIP uses 48 bytes, CCMP uses 64 bytes */
#define AIRPDCAP_WPA_MICKEY_LEN 16
#define AIRPDCAP_WEP_128_KEY_LEN 16 /* 128 bits */
-/* General 802.11 constants */
+/* General 802.11 constants */
#define AIRPDCAP_MAC_LEN 6
#define AIRPDCAP_RADIOTAP_HEADER_LEN 24
#define AIRPDCAP_TK_LEN 16
-/* Max length of capture data */
+/* Max length of capture data */
#define AIRPDCAP_MAX_CAPLEN 8192
#define AIRPDCAP_WEP_IVLEN 3 /* 24bit */
#define AIRPDCAP_WEP_TRAILER AIRPDCAP_WEP_ICV
/*
-* 802.11i defines an extended IV for use with non-WEP ciphers.
-* When the EXTIV bit is set in the key id byte an additional
-* 4 bytes immediately follow the IV for TKIP. For CCMP the
-* EXTIV bit is likewise set but the 8 bytes represent the
-* CCMP header rather than IV+extended-IV.
-*/
+ * 802.11i defines an extended IV for use with non-WEP ciphers.
+ * When the EXTIV bit is set in the key id byte an additional
+ * 4 bytes immediately follow the IV for TKIP. For CCMP the
+ * EXTIV bit is likewise set but the 8 bytes represent the
+ * CCMP header rather than IV+extended-IV.
+ */
#define AIRPDCAP_RSNA_EXTIV 0x20
#define AIRPDCAP_RSNA_EXTIVLEN 4 /* extended IV length */
#define AIRPDCAP_RSNA_MICLEN 8 /* trailing MIC */
#define AIRPDCAP_TKIP_TRAILER AIRPDCAP_RSNA_MICLEN + AIRPDCAP_WEP_ICV
#define AIRPDCAP_CRC_LEN 4
-/* */
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Macro definitions */
-/* */
-/* */
-/* */
-/******************************************************************************/
-
-/******************************************************************************/
-/* Type definitions */
-/* */
+
+/************************************************************************/
+/* Macro definitions */
+
+/************************************************************************/
+/* Type definitions */
+
typedef struct _AIRPDCAP_SEC_ASSOCIATION_ID {
UCHAR bssid[AIRPDCAP_MAC_LEN];
UCHAR sta[AIRPDCAP_MAC_LEN];
} AIRPDCAP_SEC_ASSOCIATION_ID, *PAIRPDCAP_SEC_ASSOCIATION_ID;
typedef struct _AIRPDCAP_SEC_ASSOCIATION {
- /*!
- This flag define whether this item is used or not. Accepted values are TRUE and FALSE
- */
+ /**
+ * This flag define whether this item is used or not. Accepted
+ * values are TRUE and FALSE
+ */
UINT8 used;
AIRPDCAP_SEC_ASSOCIATION_ID saId;
AIRPDCAP_KEY_ITEM *key;
struct {
UINT8 key_ver; /* Key descriptor version */
- UINT64 pn; /* only used with CCMP AES -if needed replay check- */
+ UINT64 pn; /* only used with CCMP AES -if needed replay check- */
UCHAR nonce[AIRPDCAP_WPA_NONCE_LEN];
- /* used to derive PTK, ANonce stored, SNonce taken */
- /* the 2nd packet of the 4W handshake */
+ /* used to derive PTK, ANonce stored, SNonce taken */
+ /* the 2nd packet of the 4W handshake */
UCHAR ptk[AIRPDCAP_WPA_PTK_LEN]; /* session key used in decryption algorithm */
} wpa;
INT first_free_index;
INT last_stored_index;
} AIRPDCAP_CONTEXT, *PAIRPDCAP_CONTEXT;
-/* */
-/* */
-/******************************************************************************/
-/******************************************************************************/
-/* Function prototype declarations */
-/* */
+/************************************************************************/
+/* Function prototype declarations */
+
#ifdef __cplusplus
extern "C" {
#endif
UCHAR TA[AIRPDCAP_MAC_LEN],
UCHAR TK[AIRPDCAP_TK_LEN])
;
-extern void AirPDcapAlgHmacMd5(
- UCHAR *key, /* pointer to authentication key */
- INT key_len, /* length of authentication key */
- const UCHAR *text, /* pointer to data stream */
- const INT text_len, /* length of data stream */
- UCHAR *digest) /* caller digest to be filled in */
- ;
extern void AirPDcapAlgHmacSha1(
const UCHAR *key_len,
const size_t keylen,
#ifdef __cplusplus
}
#endif
-/* */
-/* */
-/******************************************************************************/
#endif /* _AIRPDCAP_SYSTEM_H */
#include <string.h>
#include <glib.h> /* for g_malloc() */
-#include <epan/crypt-md5.h>
+#include "crypt-md5.h"
#undef BYTE_ORDER /* 1 = big-endian, -1 = little-endian, 0 = unknown */
#ifdef WORDS_BIGENDIAN
}
void
-md5_hmac(const md5_byte_t *data,
- int len,
+md5_hmac(const md5_byte_t *data,
+ int len,
md5_byte_t *key_data,
int key_length,
md5_byte_t digest[16])
md5_byte_t opad[80];
int key_len;
int i;
-
+
ipad = g_malloc(64 + len);
if (ipad == NULL)
g_assert_not_reached();
ipad,
64+len,
digest);
- memcpy(opad + 64, digest,
+ memcpy(opad + 64, digest,
16);
md5_checksum(
opad,
} md5_state_t;
#ifdef __cplusplus
-extern "C"
+extern "C"
{
#endif
void md5_finish(md5_state_t *pms, md5_byte_t digest[16]);
/* compute the MD5 HMAC */
-void md5_hmac(const md5_byte_t *data, int len, md5_byte_t *key_data, int key_length, md5_byte_t digest[16]);
+void md5_hmac(const md5_byte_t *data, int len, md5_byte_t *key_data, int key_length, md5_byte_t digest[16]);
#ifdef __cplusplus
} /* end extern "C" */
{ 0, NULL }
};
-/* General settings TAB */
+/* General settings TAB */
static const value_string njack_dhcpcontrol[] = {
{ 0, "Disable" },
{ 1, "Enable" },
{ 0, NULL }
};
-/* End General settings TAB */
+/* End General settings TAB */
/* Port settings TAB */
static const true_false_string tfs_port_state = {
}
#if 0
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
static gboolean
verify_password(tvbuff_t *tvb, const char *password)
fprintf(stderr, "%02X", digest[i]); /* debugging */
if (digest[i] != *(packetdata + 12 + i)) {
is_valid = FALSE;
- break;
+ break;
}
}
fprintf(stderr, " (%d)\n", is_valid); /* debugging */
test_njack(tvbuff_t *tvb)
{
/* We need at least 'NJ200' + 1 Byte packet type */
- if ( !tvb_bytes_exist(tvb, 0, 6) ||
+ if ( !tvb_bytes_exist(tvb, 0, 6) ||
g_strncasecmp((const char *)tvb_get_ptr(tvb, 0, 5), "NJ200", 5) ) {
return FALSE;
}
#include "packet-x509if.h"
#include <epan/sha1.h>
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
#define PNAME "Cryptographic Message Syntax"
#define PSNAME "CMS"
sha1_starts(&sha1_ctx);
- sha1_update(&sha1_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
+ sha1_update(&sha1_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
tvb_length(content));
sha1_finish(&sha1_ctx, digest_buf);
md5_init(&md5_ctx);
- md5_append(&md5_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
+ md5_append(&md5_ctx, tvb_get_ptr(content, 0, tvb_length(content)),
tvb_length(content));
-
+
md5_finish(&md5_ctx, digest_buf);
buffer_size = MD5_BUFFER_SIZE;
}
if(buffer_size) {
- /* compare our computed hash with what we have received */
+ /* compare our computed hash with what we have received */
if(tvb_bytes_exist(tvb, offset, buffer_size) &&
- (memcmp(tvb_get_ptr(tvb, offset, buffer_size), digest_buf, buffer_size) != 0)) {
+ (memcmp(tvb_get_ptr(tvb, offset, buffer_size), digest_buf, buffer_size) != 0)) {
proto_item_append_text(pi, " [incorrect, should be ");
for(i = 0; i < buffer_size; i++)
proto_item_append_text(pi, "%02X", digest_buf[i]);
pdu_offset = get_ber_identifier(tvb, pdu_offset, &class, &pc, &tag);
content_offset = pdu_offset = get_ber_length(tree, tvb, pdu_offset, &len, &ind);
pdu_offset = call_ber_oid_callback(object_identifier_id, tvb, pdu_offset, pinfo, top_tree ? top_tree : tree);
-
+
content_tvb = tvb_new_subset(tvb, content_offset, len, -1);
if(object_identifier_id) {
name = get_oid_str_name(object_identifier_id);
- proto_item_append_text(tree, " (%s)", name ? name : object_identifier_id);
+ proto_item_append_text(tree, " (%s)", name ? name : object_identifier_id);
}
offset = dissect_ber_octet_string(implicit_tag, pinfo, tree, tvb, offset, hf_index,
NULL);
-
+
pi = get_ber_last_created_item();
/* move past TLV */
old_offset = get_ber_identifier(tvb, old_offset, NULL, NULL, NULL);
old_offset = get_ber_length(tree, tvb, old_offset, NULL, NULL);
- if(content_tvb)
+ if(content_tvb)
cms_verify_msg_digest(pi, content_tvb, x509af_get_last_algorithm_id(), tvb, old_offset);
#include <nettle/des.h>
#include <nettle/cbc.h>
#endif
-#include "crypt-md5.h"
+#include <epan/crypt/crypt-md5.h>
#include <sys/stat.h> /* For keyfile manipulation */
#endif
dissect_krb5_PW_SALT(packet_info *pinfo _U_, proto_tree *tree, tvbuff_t *tvb, int offset)
{
/* Microsoft stores a special 12 byte blob here
- * guint32 NT_status
+ * guint32 NT_status
* guint32 unknown
* guint32 unknown
* decode everything as this blob for now until we see if anyone
tree=proto_item_add_subtree(item, ett_krb_PAC_LOGON_INFO);
}
- /* skip the first 16 bytes, they are some magic created by the idl
+ /* skip the first 16 bytes, they are some magic created by the idl
* compiler the first 4 bytes might be flags?
*/
proto_tree_add_text(tree, tvb, offset, 16, "unknown blob");
tree=proto_item_add_subtree(item, ett_krb_PAC_CONSTRAINED_DELEGATION);
}
- /* skip the first 16 bytes, they are some magic created by the idl
+ /* skip the first 16 bytes, they are some magic created by the idl
* compiler the first 4 bytes might be flags?
*/
proto_tree_add_text(tree, tvb, offset, 16, "unknown blob");
proto_tree_add_item(tree, hf_krb_gssapi_c_flag_mutual, tvb, offset, 4, TRUE);
proto_tree_add_item(tree, hf_krb_gssapi_c_flag_deleg, tvb, offset, 4, TRUE);
offset += 4;
-
+
/* the next fields are optional so we have to check that we have
* more data in our buffers */
if(tvb_length_remaining(tvb, offset)<2){
/* this should now be a KRB_CRED message */
offset=dissect_ber_choice(pinfo, tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
-
+
return offset;
}
return (dissect_kerberos_common(tvb, pinfo, tree, do_col_info, FALSE, FALSE, cb));
}
-guint32
+guint32
kerberos_output_keytype(void)
{
return keytype;
dissect_kerberos_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
/* Some weird kerberos implementation apparently do krb4 on the krb5 port.
- Since all (except weirdo transarc krb4 stuff) use
+ Since all (except weirdo transarc krb4 stuff) use
an opcode <=16 in the first byte, use this to see if it might
be krb4.
All krb5 commands start with an APPL tag and thus is >=0x60
so if first byte is <=16 just blindly assume it is krb4 then
*/
if(tvb_bytes_exist(tvb, 0, 1) && tvb_get_guint8(tvb, 0)<=0x10){
- if(krb4_handle){
+ if(krb4_handle){
gboolean res;
res=call_dissector_only(krb4_handle, tvb, pinfo, tree);
show_krb_recordmark(kerberos_tree, tvb, offset, krb_rm);
offset += 4;
} else {
- /* Do some sanity checking here,
+ /* Do some sanity checking here,
* All krb5 packets start with a TAG class that is BER_CLASS_APP
* and a tag value that is either of the values below:
* If it doesnt look like kerberos, return 0 and let someone else have
#include <epan/packet.h>
#include <epan/prefs.h>
#include <epan/report_err.h>
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
#include <epan/sminmpec.h>
#include <epan/filesystem.h>
#include <epan/conversation.h>
if (key1->code == RADIUS_CHANGE_FILTER_REQUEST && ( key2->code == RADIUS_CHANGE_FILTER_REQUEST_ACK || key2->code == RADIUS_CHANGE_FILTER_REQUEST_NAK ) )
return 1;
- }
+ }
return 0;
}
len = tvb_length(tvb);
if (len != 4)
return "[wrong length for IP address]";
-
+
ip=tvb_get_ipv4(tvb,0);
ip_h=g_ntohl(ip);
len = tvb_length(tvb);
if (len != 4)
return "[wrong length for IP address]";
-
+
ip=tvb_get_ipv4(tvb,0);
ip_h=g_ntohl(ip);
len = tvb_length(tvb);
if (len != 4)
return "[wrong length for IPX network]";
-
+
net=tvb_get_ntohl(tvb,0);
if (net == 0xFFFFFFFE)
static const gchar* dissect_cosine_vpvc(proto_tree* tree, tvbuff_t* tvb) {
guint vpi, vci;
-
+
if ( tvb_length(tvb) != 4 )
return "[Wrong Length for VP/VC AVP]";
-
+
vpi = tvb_get_ntohs(tvb,0);
vci = tvb_get_ntohs(tvb,2);
-
+
proto_tree_add_uint(tree,hf_radius_cosine_vpi,tvb,0,2,vpi);
proto_tree_add_uint(tree,hf_radius_cosine_vci,tvb,2,2,vci);
- return ep_strdup_printf("%u/%u",vpi,vci);
+ return ep_strdup_printf("%u/%u",vpi,vci);
}
static void
size_t totlen, returned_length;
const guint8 *pd;
guchar c;
-
+
DISSECTOR_ASSERT(dest_len > 2); /* \"\"\0 */
dest[0] = '"';
dest[1] = '\0';
md5_append(&md_ctx,(const guint8*)shared_secret,strlen(shared_secret));
md5_append(&md_ctx,authenticator, AUTHENTICATOR_LENGTH);
md5_finish(&md_ctx,digest);
-
+
pd = tvb_get_ptr(tvb,offset,length);
for( i = 0 ; i < AUTHENTICATOR_LENGTH && i < length ; i++ ) {
c = pd[i] ^ digest[i];
proto_item_append_text(avp_item, "Encrypted");
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
} else {
- gchar *buffer;
+ gchar *buffer;
buffer=ep_alloc(1024); /* an AVP value can be at most 253 bytes */
radius_decrypt_avp(buffer,1024,tvb,offset,len);
proto_item_append_text(avp_item, "Decrypted: %s", buffer);
void radius_ipaddr(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
guint32 ip;
gchar buf[16];
-
+
if (len != 4) {
proto_item_append_text(avp_item, "[wrong length for IP address]");
return;
}
-
+
ip=tvb_get_ipv4(tvb,offset);
-
+
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
ip_to_str_buf((guint8 *)&ip, buf);
proto_item_append_text(avp_item, "[wrong length for IPv6 address]");
return;
}
-
+
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
-
+
tvb_get_ipv6(tvb, offset, &ipv6_buff);
ip6_to_str_buf(&ipv6_buff, txtbuf);
proto_item_append_text(avp_item, "%s", txtbuf);
void radius_ipxnet(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
guint32 net;
-
+
if (len != 4) {
proto_item_append_text(avp_item, "[wrong length for IPX network]");
return;
}
-
+
net=tvb_get_ntohl(tvb,offset);
-
+
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
proto_item_append_text(avp_item, "0x%08X", net);
}
void radius_date(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
- nstime_t time_ptr;
+ nstime_t time_ptr;
if (len != 4) {
proto_item_append_text(avp_item, "[wrong length for timestamp]");
}
time_ptr.secs = tvb_get_ntohl(tvb,offset);
time_ptr.nsecs = 0;
-
+
proto_tree_add_time(tree, a->hf, tvb, offset, len, &time_ptr);
proto_item_append_text(avp_item, "%s", abs_time_to_str(&time_ptr));
}
proto_item_append_text(avp_item, "%s", tvb_bytes_to_str(tvb, offset, len));
}
-void radius_ifid(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
+void radius_ifid(radius_attr_info_t* a, proto_tree* tree, packet_info *pinfo _U_, tvbuff_t* tvb, int offset, int len, proto_item* avp_item) {
proto_tree_add_item(tree, a->hf, tvb, offset, len, FALSE);
proto_item_append_text(avp_item, "%s", tvb_bytes_to_str(tvb, offset, len));
}
if (dictionary_entry->tagged) {
guint tag;
-
+
if (avp_length < 3) {
pi = proto_tree_add_text(avp_tree, tvb, offset,
0, "AVP too short for tag");
PROTO_ITEM_SET_GENERATED(pi);
return;
}
-
+
tag = tvb_get_guint8(tvb, offset);
-
+
if (tag <= 0x1f) {
proto_tree_add_uint(avp_tree,
dictionary_entry->hf_tag,
tvb, offset, 1, tag);
-
+
proto_item_append_text(avp_item,
" Tag=0x%.2x", tag);
-
+
offset++;
avp_length--;
}
}
-
+
if ( dictionary_entry->dissector ) {
tvbuff_t* tvb_value;
const gchar* str;
-
+
tvb_value = tvb_new_subset(tvb, offset, avp_length, (gint) avp_length);
-
+
str = dictionary_entry->dissector(avp_tree,tvb_value);
-
+
proto_item_append_text(avp_item, ": %s",str);
} else {
proto_item_append_text(avp_item, ": ");
-
+
dictionary_entry->type(dictionary_entry,avp_tree,pinfo,tvb,offset,avp_length,avp_item);
}
}
proto_item* avp_item;
proto_item* avp_len_item;
proto_tree* avp_tree;
-
+
if (length < 2) {
item = proto_tree_add_text(tree, tvb, offset, 0,
"Not enough room in packet for AVP header");
PROTO_ITEM_SET_GENERATED(item);
return;
}
-
+
length -= avp_length;
dictionary_entry = g_hash_table_lookup(dict->attrs_by_id,GUINT_TO_POINTER(avp_type));
-
+
if (! dictionary_entry ) {
dictionary_entry = &no_dictionary_entry;
}
-
+
avp_item = proto_tree_add_text(tree, tvb, offset, avp_length,
"AVP: l=%u t=%s(%u)", avp_length,
dictionary_entry->name, avp_type);
-
+
avp_length -= 2;
offset += 2;
const gchar* vendor_str;
/* XXX TODO: handle 2 byte codes for USR */
-
+
if (avp_length < 4) {
proto_item_append_text(avp_item, " [AVP too short; no room for vendor ID]");
offset += avp_length;
continue;
}
vendor_id = tvb_get_ntohl(tvb,offset);
-
+
avp_length -= 4;
offset += 4;
-
+
vendor = g_hash_table_lookup(dict->vendors_by_id,GUINT_TO_POINTER(vendor_id));
if (vendor) {
vendor_str = vendor->name;
}
proto_item_append_text(avp_item, " v=%s(%u)", vendor_str,
vendor_id);
-
+
vendor_tree = proto_item_add_subtree(avp_item,vendor->ett);
-
+
while (offset < max_offset) {
guint32 avp_vsa_type = tvb_get_guint8(tvb,offset++);
guint32 avp_vsa_len = tvb_get_guint8(tvb,offset++);
-
-
+
+
if (avp_vsa_len < 2) {
proto_tree_add_text(tree, tvb, offset+1, 1,
"[VSA too short]");
return;
}
-
+
avp_vsa_len -= 2;
-
+
dictionary_entry = g_hash_table_lookup(vendor->attrs_by_id,GUINT_TO_POINTER(avp_vsa_type));
-
+
if ( !dictionary_entry ) {
dictionary_entry = &no_dictionary_entry;
}
-
+
avp_item = proto_tree_add_text(vendor_tree,tvb,offset-2,avp_vsa_len+2,
"VSA: l=%u t=%s(%u)",
avp_vsa_len+2, dictionary_entry->name, avp_vsa_type);
-
+
avp_tree = proto_item_add_subtree(avp_item,dictionary_entry->ett);
if (show_length) {
tvb,0,0,avp_length);
PROTO_ITEM_SET_GENERATED(avp_len_item);
}
-
+
add_avp_to_tree(avp_tree, avp_item, pinfo, tvb, dictionary_entry, avp_vsa_len, offset);
-
+
offset += avp_vsa_len;
};
continue;
}
avp_tree = proto_item_add_subtree(avp_item,dictionary_entry->ett);
-
+
if (show_length) {
avp_len_item = proto_tree_add_uint(avp_tree,
dictionary_entry->hf_len,
tvb,0,0,avp_length);
PROTO_ITEM_SET_GENERATED(avp_len_item);
}
-
+
tvb_len = tvb_length_remaining(tvb, offset);
-
+
if ((gint)avp_length < tvb_len)
tvb_len = avp_length;
-
+
if (avp_type == RADIUS_EAP_MESSAGE_CODE) {
eap_seg_num++;
if ( tvb_bytes_exist(tvb, offset + avp_length + 1, 1) ) {
guint8 next_type = tvb_get_guint8(tvb, offset + avp_length);
-
+
if ( next_type != RADIUS_EAP_MESSAGE_CODE ) {
/* Non-EAP-Message attribute */
last_eap = TRUE;
eap_seg_num);
eap_tree = proto_item_add_subtree(avp_item,ett_eap);
-
+
eap_tvb = tvb_new_real_data(eap_buffer,
eap_tot_len_captured,
eap_tot_len);
* it's associated with a tvbuff.
*/
eap_buffer = NULL;
-
+
/*
* Set the columns non-writable,
* so that the packet list shows
eap_seg_num);
}
}
-
+
offset += avp_length;
} else {
add_avp_to_tree(avp_tree, avp_item, pinfo, tvb, dictionary_entry,
avp_length, offset);
offset += avp_length;
}
-
+
}
/*
col_set_str(pinfo->cinfo, COL_PROTOCOL, "RADIUS");
if (check_col(pinfo->cinfo, COL_INFO))
col_clear(pinfo->cinfo, COL_INFO);
-
+
tvb_memcpy(tvb,(guint8 *)&rh,0,sizeof(e_radiushdr));
-
+
rhcode = rh.rh_code;
rhident = rh.rh_ident;
rhlength = g_ntohs(rh.rh_pktlength);
* silently discarded. The minimum length is 20 and maximum length
* is 4096.
*/
-
+
/* tap stat info */
rad_info.code = rhcode;
rad_info.ident = rhident;
val_to_str(rhcode,radius_vals,"Unknown Packet"),
rhcode, rhident, rhlength);
}
-
+
if (tree)
{
ti = proto_tree_add_item(tree,proto_radius, tvb, 0, rhlength, FALSE);
-
+
radius_tree = proto_item_add_subtree(ti, ett_radius);
-
+
proto_tree_add_uint(radius_tree,hf_radius_code, tvb, 0, 1, rh.rh_code);
-
+
proto_tree_add_uint_format(radius_tree,hf_radius_id, tvb, 1, 1, rh.rh_ident,
"Packet identifier: 0x%01x (%d)", rhident,rhident);
}
{
proto_tree_add_uint(radius_tree, hf_radius_length, tvb,
2, 2, rhlength);
-
+
proto_tree_add_item(radius_tree, hf_radius_authenticator, tvb, 4,AUTHENTICATOR_LENGTH,FALSE);
}
tvb_memcpy(tvb,authenticator,4,AUTHENTICATOR_LENGTH);
proto_tree_add_boolean_hidden(radius_tree, hf_radius_req, tvb, 0, 0, TRUE);
/* Keep track of the address and port whence the call came
* so that we can match up requests with replies.
- *
+ *
* Because it is UDP and the reply can come from any IP
- * and port (not necessarly the request dest), we only
- * track the source IP and port of the request to match
- * the reply.
+ * and port (not necessarly the request dest), we only
+ * track the source IP and port of the request to match
+ * the reply.
*/
/*
radius_call = g_hash_table_lookup(radius_calls, &radius_call_key);
if (radius_call != NULL)
{
- /* We've seen a request with this ID, with the same
+ /* We've seen a request with this ID, with the same
destination, before - but was it *this* request? */
if (pinfo->fd->num != radius_call->req_num)
{
* port and address that the call came from.
*
* Because it is UDP and the reply can come from any IP
- * and port (not necessarly the request dest), we only
- * track the source IP and port of the request to match
- * the reply.
+ * and port (not necessarly the request dest), we only
+ * track the source IP and port of the request to match
+ * the reply.
*/
/* XXX - can we just use NO_ADDR_B? Unfortunately,
default:
break;
}
-
+
if (radius_call)
{
rad_info.req_time.secs = radius_call->req_time.secs;
avptf = proto_tree_add_text(radius_tree, tvb, HDR_LENGTH,
avplength, "Attribute Value Pairs");
avptree = proto_item_add_subtree(avptf, ett_radius_avp);
-
+
dissect_attribute_value_pairs(avptree, pinfo, tvb, HDR_LENGTH,
avplength);
}
}
tap_queue_packet(radius_tap, pinfo, &rad_info);
-}
+}
static void register_attrs(gpointer k _U_, gpointer v, gpointer p) {
{ NULL, { NULL,NULL, FT_NONE, BASE_NONE, NULL, 0x0, "", HFILL }},
{ NULL, { NULL,NULL, FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
{ NULL, { NULL,NULL, FT_NONE, BASE_NONE, NULL, 0x0, "", HFILL }},
- { NULL, { NULL,NULL, FT_NONE, BASE_NONE, NULL, 0x0, "", HFILL }}
+ { NULL, { NULL,NULL, FT_NONE, BASE_NONE, NULL, 0x0, "", HFILL }}
};
guint len_hf = 2;
hfett_t* ri = p;
-
+
for(i=0; abbrev[i]; i++) {
if(abbrev[i] == '-') abbrev[i] = '_';
if(abbrev[i] == '/') abbrev[i] = '_';
}
-
+
hfri[0].p_id = &(a->hf);
hfri[1].p_id = &(a->hf_len);
-
+
hfri[0].hfinfo.name = a->name;
hfri[0].hfinfo.abbrev = abbrev;
hfri[1].hfinfo.name = "Length";
hfri[1].hfinfo.abbrev = g_strdup_printf("%s.len",abbrev);
hfri[1].hfinfo.blurb = g_strdup_printf("%s Length",a->name);
-
+
if (a->type == radius_integer) {
hfri[0].hfinfo.type = FT_UINT32;
hfri[0].hfinfo.display = BASE_DEC;
hfri[2].hfinfo.abbrev = abbrev;
hfri[2].hfinfo.type = FT_UINT64;
hfri[2].hfinfo.display = BASE_DEC;
-
+
if (a->vs) {
hfri[0].hfinfo.strings = VALS(a->vs);
}
-
+
len_hf++;
-
+
} else if (a->type == radius_string) {
hfri[0].hfinfo.type = FT_STRING;
hfri[0].hfinfo.display = BASE_NONE;
hfri[0].hfinfo.type = FT_BYTES;
hfri[0].hfinfo.display = BASE_NONE;
}
-
+
if (a->tagged) {
hfri[len_hf].p_id = &(a->hf_tag);
hfri[len_hf].hfinfo.name = "Tag";
hfri[len_hf].hfinfo.display = BASE_HEX;
len_hf++;
}
-
+
g_array_append_vals(ri->hf,hfri,len_hf);
g_array_append_val(ri->ett,ett);
-
+
}
static void register_vendors(gpointer k _U_, gpointer v, gpointer p) {
hfett_t* ri = p;
value_string vnd_vs;
gint* ett_p = &(vnd->ett);
-
+
vnd_vs.value = vnd->code;
vnd_vs.strptr = vnd->name;
-
+
g_array_append_val(ri->vend_vs,vnd_vs);
g_array_append_val(ri->ett,ett_p);
g_hash_table_foreach(vnd->attrs_by_id,register_attrs,ri);
-
+
}
extern void radius_register_avp_dissector(guint32 vendor_id, guint32 attribute_id, radius_avp_dissector_t radius_avp_dissector) {
radius_vendor_info_t* vendor;
radius_attr_info_t* dictionary_entry;
GHashTable* by_id;
-
+
g_assert(radius_avp_dissector != NULL);
-
+
if (vendor_id) {
vendor = g_hash_table_lookup(dict->vendors_by_id,GUINT_TO_POINTER(vendor_id));
-
+
if ( ! vendor ) {
vendor = g_malloc(sizeof(radius_vendor_info_t));
-
+
vendor->name = g_strdup_printf("%s-%u",val_to_str(vendor_id, sminmpec_values, "Unknown"),vendor_id);
vendor->code = vendor_id;
vendor->attrs_by_id = g_hash_table_new(g_direct_hash,g_direct_equal);
vendor->ett = no_vendor.ett;
-
+
g_hash_table_insert(dict->vendors_by_id,GUINT_TO_POINTER(vendor->code),vendor);
g_hash_table_insert(dict->vendors_by_name,(gpointer)(vendor->name),vendor);
}
-
+
dictionary_entry = g_hash_table_lookup(vendor->attrs_by_id,GUINT_TO_POINTER(attribute_id));
by_id = vendor->attrs_by_id;
} else {
dictionary_entry = g_hash_table_lookup(dict->attrs_by_id,GUINT_TO_POINTER(attribute_id));
by_id = dict->attrs_by_id;
}
-
+
if (!dictionary_entry) {
dictionary_entry = g_malloc(sizeof(radius_attr_info_t));;
-
+
dictionary_entry->name = g_strdup_printf("Unknown-Attribute-%u",attribute_id);
dictionary_entry->code = attribute_id;
dictionary_entry->encrypt = FALSE;
dictionary_entry->hf = no_dictionary_entry.hf;
dictionary_entry->hf_len = no_dictionary_entry.hf_len;
dictionary_entry->ett = no_dictionary_entry.ett;
-
+
g_hash_table_insert(by_id,GUINT_TO_POINTER(dictionary_entry->code),dictionary_entry);
}
-
+
dictionary_entry->dissector = radius_avp_dissector;
}
static void reinit_radius(void) {
if ( alt_port_pref != alt_port ) {
-
+
if (alt_port)
dissector_delete("udp.port", alt_port, radius_handle);
-
+
if (alt_port_pref)
dissector_add("udp.port", alt_port_pref, radius_handle);
-
+
alt_port = alt_port_pref;
- }
+ }
}
/* Discard and init any state we've saved */
-static void
+static void
radius_init_protocol(void)
{
if (radius_calls != NULL)
{ &hf_radius_code,
{ "Code","radius.code", FT_UINT8, BASE_DEC, VALS(radius_vals), 0x0,
"", HFILL }},
-
+
{ &hf_radius_id,
{ "Identifier", "radius.id", FT_UINT8, BASE_DEC, NULL, 0x0,
"", HFILL }},
-
+
{ &hf_radius_authenticator,
{ "Authenticator", "radius.authenticator", FT_BYTES, BASE_HEX, NULL, 0x0,
"", HFILL }},
-
+
{ &hf_radius_length,
{ "Length","radius.length", FT_UINT16, BASE_DEC, NULL, 0x0,
"", HFILL }},
-
+
{ &(no_dictionary_entry.hf),
{ "Unknown-Attribute","radius.Unknown_Attribute", FT_BYTES, BASE_HEX, NULL, 0x0,
"", HFILL }},
{ &(no_dictionary_entry.hf_len),
{ "Unknown-Attribute Length","radius.Unknown_Attribute.length", FT_UINT8, BASE_DEC, NULL, 0x0,
"", HFILL }},
-
+
{ &hf_radius_framed_ip_address,
{ "Framed-IP-Address","radius.Framed-IP-Address", FT_IPv4, BASE_NONE, NULL, 0x0,
"", HFILL }},
"Duplicate Response", HFILL }},
};
-
+
gint *base_ett[] = {
&ett_radius,
&ett_radius_avp,
&(no_dictionary_entry.ett),
&(no_vendor.ett),
};
-
+
module_t *radius_module;
hfett_t ri;
char* dir = NULL;
gchar* dict_err_str = NULL;
-
+
ri.hf = g_array_new(FALSE,TRUE,sizeof(hf_register_info));
ri.ett = g_array_new(FALSE,TRUE,sizeof(gint *));
ri.vend_vs = g_array_new(TRUE,TRUE,sizeof(value_string));
-
+
g_array_append_vals(ri.hf, base_hf, array_length(base_hf));
g_array_append_vals(ri.ett, base_ett, array_length(base_ett));
-
+
dir = get_persconffile_path("radius", FALSE);
-
+
if (test_for_directory(dir) != EISDIR) {
/* Although dir isn't a directory it may still use memory */
g_free(dir);
-
+
dir = get_datafile_path("radius");
-
+
if (test_for_directory(dir) != EISDIR) {
g_free(dir);
dir = NULL;
}
}
-
+
if (dir) {
dict = radius_load_dictionary(dir,"dictionary",&dict_err_str);
} else {
dict = NULL;
dict_err_str = g_strdup("Could not find the radius directory");
}
-
+
g_free(dir);
-
+
if (dict_err_str) {
g_warning("radius: %s",dict_err_str);
g_free(dict_err_str);
}
-
+
if (dict) {
g_hash_table_foreach(dict->attrs_by_id,register_attrs,&ri);
g_hash_table_foreach(dict->vendors_by_id,register_vendors,&ri);
} else {
/* XXX: TODO load a default dictionary */
dict = g_malloc(sizeof(radius_dictionary_t));
-
+
dict->attrs_by_id = g_hash_table_new(g_direct_hash,g_direct_equal);
dict->attrs_by_name = g_hash_table_new(g_str_hash,g_str_equal);
dict->vendors_by_id = g_hash_table_new(g_direct_hash,g_direct_equal);
dict->vendors_by_name = g_hash_table_new(g_str_hash,g_str_equal);
}
-
+
radius_vendors = (value_string*) ri.vend_vs->data;
-
+
proto_radius = proto_register_protocol("Radius Protocol", "RADIUS", "radius");
register_dissector("radius", dissect_radius, proto_radius);
-
+
proto_register_field_array(proto_radius,(hf_register_info*)(ri.hf->data),ri.hf->len);
proto_register_subtree_array((gint**)(ri.ett->data), ri.ett->len);
g_array_free(ri.hf,FALSE);
g_array_free(ri.ett,FALSE);
g_array_free(ri.vend_vs,FALSE);
-
+
radius_module = prefs_register_protocol(proto_radius,reinit_radius);
prefs_register_string_preference(radius_module,"shared_secret","Shared Secret",
"Shared secret used to decode User Passwords",
"An alternate UDP port to decode as RADIUS", 10, &alt_port_pref);
no_vendor.attrs_by_id = g_hash_table_new(g_direct_hash,g_direct_equal);
-
+
radius_tap = register_tap("radius");
}
void
proto_reg_handoff_radius(void)
{
-
+
eap_handle = find_dissector("eap");
-
+
radius_handle = create_dissector_handle(dissect_radius, proto_radius);
-
+
dissector_add("udp.port", UDP_PORT_RADIUS, radius_handle);
dissector_add("udp.port", UDP_PORT_RADIUS_NEW, radius_handle);
dissector_add("udp.port", UDP_PORT_RADACCT, radius_handle);
dissector_add("udp.port", UDP_PORT_RADACCT_NEW, radius_handle);
-
+
radius_register_avp_dissector(0,8,dissect_framed_ip_address);
radius_register_avp_dissector(0,14,dissect_login_ip_host);
radius_register_avp_dissector(0,23,dissect_framed_ipx_network);
radius_register_avp_dissector(VENDOR_COSINE,5,dissect_cosine_vpvc);
-
+
}
#line 100 "packet-spnego-template.c"
/*
* This is the SPNEGO KRB5 dissector. It is not true KRB5, but some ASN.1
- * wrapped blob with an OID, USHORT token ID, and a Ticket, that is also
+ * wrapped blob with an OID, USHORT token ID, and a Ticket, that is also
* ASN.1 wrapped by the looks of it. It conforms to RFC1964.
- */
+ */
#define KRB_TOKEN_AP_REQ 0x0001
#define KRB_TOKEN_AP_REP 0x0002
gint32 tag;
guint32 len;
- item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, offset,
+ item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, offset,
-1, FALSE);
subtree = proto_item_add_subtree(item, ett_spnego_krb5);
* [APPLICATION 0] {
* OID,
* USHORT (0x0001 == AP-REQ, 0x0002 == AP-REP, 0x0003 == ERROR),
- * OCTET STRING }
+ * OCTET STRING }
*
* However, for some protocols, the KRB5 blob starts at the SHORT
* and has no DER encoded header etc.
case KRB_TOKEN_AP_REQ:
case KRB_TOKEN_AP_REP:
case KRB_TOKEN_AP_ERR:
- krb5_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ krb5_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset = dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE, NULL);
break;
case KRB_TOKEN_GETMIC:
- offset = dissect_spnego_krb5_getmic_base(tvb, offset, pinfo, subtree);
+ offset = dissect_spnego_krb5_getmic_base(tvb, offset, pinfo, subtree);
break;
case KRB_TOKEN_WRAP:
}
#ifdef HAVE_KERBEROS
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
#ifndef KEYTYPE_ARCFOUR_56
# define KEYTYPE_ARCFOUR_56 24
memcpy(L40 + 10, T, sizeof(T));
md5_hmac(
- L40, 14,
+ L40, 14,
key_data,
- key_size,
+ key_size,
k5_data);
memset(&k5_data[7], 0xAB, 9);
} else {
md5_hmac(
- T, 4,
+ T, 4,
key_data,
key_size,
k5_data);
}
md5_hmac(
- cksum_data, cksum_size,
+ cksum_data, cksum_size,
k5_data,
- 16,
+ 16,
key6_data);
return 0;
unsigned char digest[16];
int rc4_usage;
guint8 cksum[16];
-
+
rc4_usage=usage2arcfour(usage);
- md5_hmac(signature, sizeof(signature),
- key_data, key_length,
+ md5_hmac(signature, sizeof(signature),
+ key_data, key_length,
ksign_c);
md5_init(&ms);
t[0] = (rc4_usage >> 0) & 0xFF;
* Verify padding of a gss wrapped message and return its length.
*/
static int
-gssapi_verify_pad(unsigned char *wrapped_data, int wrapped_length,
+gssapi_verify_pad(unsigned char *wrapped_data, int wrapped_length,
size_t datalen,
size_t *padlen)
{
{
rc4_state_struct rc4_state;
-
+
crypt_rc4_init(&rc4_state, k6_data, sizeof(k6_data));
memcpy(SND_SEQ, (unsigned char *)tvb_get_ptr(pinfo->gssapi_wrap_tvb, 8, 8), 8);
crypt_rc4(&rc4_state, SND_SEQ, 8);
memcpy(output_message_buffer, input_message_buffer, datalen);
crypt_rc4(&rc4_state, output_message_buffer, datalen);
} else {
- memcpy(Confounder,
- tvb_get_ptr(pinfo->gssapi_wrap_tvb, 24, 8),
+ memcpy(Confounder,
+ tvb_get_ptr(pinfo->gssapi_wrap_tvb, 24, 8),
8); /* Confounder */
- memcpy(output_message_buffer,
- input_message_buffer,
+ memcpy(output_message_buffer,
+ input_message_buffer,
datalen);
}
memset(k6_data, 0, sizeof(k6_data));
if(pinfo->decrypt_gssapi_tvb==DECRYPT_GSSAPI_NORMAL){
ret = arcfour_mic_cksum(key_value, key_size,
KRB5_KU_USAGE_SEAL,
- cksum_data,
+ cksum_data,
tvb_get_ptr(pinfo->gssapi_wrap_tvb, 0, 8), 8,
Confounder, sizeof(Confounder),
- output_message_buffer,
+ output_message_buffer,
datalen + padlen);
if (ret) {
return -10;
}
- cmp = memcmp(cksum_data,
+ cmp = memcmp(cksum_data,
tvb_get_ptr(pinfo->gssapi_wrap_tvb, 16, 8),
8); /* SGN_CKSUM */
if (cmp) {
/*
* The KRB5 blob conforms to RFC1964:
* USHORT (0x0102 == GSS_Wrap)
- * and so on }
+ * and so on }
*/
/* Now, the sign and seal algorithms ... */
int len;
len=tvb_reported_length_remaining(tvb,offset);
if(len>tvb_length_remaining(tvb, offset)){
- /* no point in trying to decrypt,
+ /* no point in trying to decrypt,
we dont have the full pdu.
*/
return offset;
pinfo->gssapi_encrypted_tvb = tvb_new_subset(
tvb, offset, len, len);
}
-
+
/* if this is KRB5 wrapped rc4-hmac */
if((token_id==KRB_TOKEN_WRAP)
&&(sgn_alg==KRB_SGN_ALG_HMAC)
23 /* rc4-hmac */);
#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
}
- }
+ }
#endif
/*
* Return the offset past the checksum, so that we know where
* the data we're wrapped around starts. Also, set the length
* of our top-level item to that offset, so it doesn't cover
* the data we're wrapped around.
- *
+ *
* Note that for DCERPC the GSSAPI blobs comes after the data it wraps,
* not before.
*/
/*
* The KRB5 blob conforms to RFC1964:
* USHORT (0x0101 == GSS_GetMIC)
- * and so on }
+ * and so on }
*/
/* Now, the sign algorithm ... */
/*
* The KRB5 blob conforms to RFC1964:
* USHORT (0x0102 == GSS_Wrap)
- * and so on }
+ * and so on }
*/
/* First, the token ID ... */
*/
- item = proto_tree_add_item(tree, hf_spnego, tvb, offset,
+ item = proto_tree_add_item(tree, hf_spnego, tvb, offset,
-1, FALSE);
subtree = proto_item_add_subtree(item, ett_spnego);
pinfo->destport, 0);
if (conversation) {
- next_level_value = conversation_get_proto_data(conversation,
+ next_level_value = conversation_get_proto_data(conversation,
proto_spnego);
if (next_level_value)
p_add_proto_data(pinfo->fd, proto_spnego, next_level_value);
}
}
- item = proto_tree_add_item(parent_tree, hf_spnego, tvb, offset,
+ item = proto_tree_add_item(parent_tree, hf_spnego, tvb, offset,
-1, FALSE);
subtree = proto_item_add_subtree(item, ett_spnego);
{ "krb5_blob", "spnego.krb5.blob", FT_BYTES,
BASE_NONE, NULL, 0, "krb5_blob", HFILL }},
{ &hf_spnego_krb5_oid,
- { "KRB5 OID", "spnego.krb5_oid", FT_STRING,
+ { "KRB5 OID", "spnego.krb5_oid", FT_STRING,
BASE_NONE, NULL, 0, "KRB5 OID", HFILL }},
{ &hf_spnego_krb5_tok_id,
{ "krb5_tok_id", "spnego.krb5.tok_id", FT_UINT16, BASE_HEX,
#include <epan/packet.h>
#include <epan/prefs.h>
-#include <epan/crypt-md5.h>
+#include <epan/crypt/crypt-md5.h>
#include <epan/emem.h>
#include "packet-tacacs.h"
git.samba.org / metze / wireshark / wip.git / commitdiff