Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
packet-kerberos.h
1/* Do not modify this file. Changes will be overwritten. */
2/* Generated automatically by the ASN.1 to Wireshark dissector compiler */
3/* packet-kerberos.h */
4/* asn2wrs.py -b -q -L -p kerberos -c ./kerberos.cnf -s ./packet-kerberos-template -D . -O ../.. KerberosV5Spec2.asn k5.asn RFC3244.asn RFC6113.asn SPAKE.asn */
5
6/* packet-kerberos.h
7 * Routines for kerberos packet dissection
8 * Copyright 2007, Anders Broman <[email protected]>
9 *
10 * Wireshark - Network traffic analyzer
11 * By Gerald Combs <[email protected]>
12 * Copyright 1998 Gerald Combs
13 *
14 * SPDX-License-Identifier: GPL-2.0-or-later
15 */
16
17#ifndef __PACKET_KERBEROS_H
18#define __PACKET_KERBEROS_H
19
20#include "ws_symbol_export.h"
21
22#ifdef __cplusplus
23extern "C" {
24#endif /* __cplusplus */
25
26#ifndef KRB5_KU_USAGE_ACCEPTOR_SEAL
27#define KRB5_KU_USAGE_ACCEPTOR_SEAL 22
28#endif
29#ifndef KRB5_KU_USAGE_ACCEPTOR_SIGN
30#define KRB5_KU_USAGE_ACCEPTOR_SIGN 23
31#endif
32#ifndef KRB5_KU_USAGE_INITIATOR_SEAL
33#define KRB5_KU_USAGE_INITIATOR_SEAL 24
34#endif
35#ifndef KRB5_KU_USAGE_INITIATOR_SIGN
36#define KRB5_KU_USAGE_INITIATOR_SIGN 25
37#endif
38
39/* This is a list of callback functions a caller can use to specify that
40 octet strings in kerberos to be passed back to application specific
41 dissectors, outside of kerberos.
42 This is used for dissection of application specific data for PacketCable
43 KRB_SAFE user data and eventually to pass kerberos session keys
44 to future DCERPC decryption and other uses.
45 The list is terminated by {0, NULL }
46*/
47#define KRB_CBTAG_SAFE_USER_DATA 1
48#define KRB_CBTAG_PRIV_USER_DATA 2
49typedef struct _kerberos_callbacks {
50 int tag;
51 int (*callback)(packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree);
53
54/* Function prototypes */
55
56bool
57kerberos_is_win2k_pkinit(asn1_ctx_t *actx);
58
59int
60dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, bool do_col_info, kerberos_callbacks *cb);
61
62int
63dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
64
65int
66dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
67
68int dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
69int dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
70uint32_t kerberos_output_keytype(void);
71
72unsigned get_krb_pdu_len(packet_info *, tvbuff_t *tvb, int offset, void *data _U_);
73
74int kerberos_rm_to_reclen(unsigned krb_rm);
75
76void
77show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, int start, uint32_t krb_rm);
78
79int
80dissect_kerberos_KERB_TICKET_LOGON(tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree);
81
82#ifdef HAVE_KERBEROS
83#define KRB_MAX_ORIG_LEN 256
84#define KRB_MAX_KEY_LENGTH 32
85/*
86 * "18446744073709551615.18446744073709551615"
87 * sizeof("18446744073709551615") includes '\0',
88 * which is used once for '.' and then for '\0'.
89 */
90#define KRB_MAX_ID_STR_LEN (sizeof("18446744073709551615")*2)
91
92#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
93typedef struct _enc_key_t {
94 struct _enc_key_t *next;
95 int keytype;
96 int keylength;
97 uint8_t keyvalue[KRB_MAX_KEY_LENGTH];
98 char key_origin[KRB_MAX_ORIG_LEN+1];
99 int fd_num; /* remember where we learned a key */
100 unsigned id; /* a unique id of the key, relative to fd_num */
101 char id_str[KRB_MAX_ID_STR_LEN+1];
102 /* EncTicketPart_key */
103 bool is_ticket_key;
104 /* EncAPRepPart_subkey */
105 bool is_ap_rep_key;
106 /*
107 * for now taken from dissect_krb5_PAC_UPN_DNS_INFO,
108 * we could also use dissect_krb5_PAC_LOGON_INFO if needed
109 *
110 * we get device_sid from dissect_krb5_PAC_DEVICE_INFO if available.
111 *
112 * We remember these from the PAC and
113 * attach it to EncTicketPart_key so it
114 * might be valid if is_ticket_key is true.
115 *
116 * When learning a EncAPRepPart_subkey
117 * we copy the details from the EncTicketPart_key,
118 * so when is_ap_rep_key is true we may also have it.
119 *
120 * So application protocols like SMB2 could use the
121 * is_ap_rep_key=true key details in order to identify
122 * the authenticated user.
123 */
124 struct {
125 const char *account_name;
126 const char *account_domain;
127 const char *account_sid;
128 const char *device_sid;
129 } pac_names;
130 struct _enc_key_t *same_list;
131 unsigned num_same;
132 struct _enc_key_t *src1;
133 struct _enc_key_t *src2;
134} enc_key_t;
135extern enc_key_t *enc_key_list;
136extern wmem_map_t *kerberos_longterm_keys;
137
138uint8_t *
139decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
140 int usage,
141 tvbuff_t *crypototvb,
142 int keytype,
143 int *datalen);
144
145tvbuff_t *
146decrypt_krb5_krb_cfx_dce(proto_tree *tree,
147 packet_info *pinfo,
148 int usage,
149 int keytype,
150 tvbuff_t *gssapi_header_tvb,
151 tvbuff_t *gssapi_encrypted_tvb,
152 tvbuff_t *gssapi_trailer_tvb,
153 tvbuff_t *checksum_tvb);
154
155#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
156
157extern bool krb_decrypt;
158
159#endif /* HAVE_KERBEROS */
160
161#ifdef __cplusplus
162}
163#endif /* __cplusplus */
164
165
166/* enumerated values for Applications */
167#define KERBEROS_APPLICATIONS_TICKET 1
168#define KERBEROS_APPLICATIONS_AUTHENTICATOR 2
169#define KERBEROS_APPLICATIONS_ENCTICKETPART 3
170#define KERBEROS_APPLICATIONS_AS_REQ 10
171#define KERBEROS_APPLICATIONS_AS_REP 11
172#define KERBEROS_APPLICATIONS_TGS_REQ 12
173#define KERBEROS_APPLICATIONS_TGS_REP 13
174#define KERBEROS_APPLICATIONS_AP_REQ 14
175#define KERBEROS_APPLICATIONS_AP_REP 15
176#define KERBEROS_APPLICATIONS_KRB_SAFE 20
177#define KERBEROS_APPLICATIONS_KRB_PRIV 21
178#define KERBEROS_APPLICATIONS_KRB_CRED 22
179#define KERBEROS_APPLICATIONS_ENCASREPPART 25
180#define KERBEROS_APPLICATIONS_ENCTGSREPPART 26
181#define KERBEROS_APPLICATIONS_ENCAPREPPART 27
182#define KERBEROS_APPLICATIONS_ENCKRBPRIVPART 28
183#define KERBEROS_APPLICATIONS_ENCKRBCREDPART 29
184#define KERBEROS_APPLICATIONS_KRB_ERROR 30
185int dissect_kerberos_TGT_REQ(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
186int dissect_kerberos_TGT_REP(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
187int dissect_kerberos_ChangePasswdData(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
188
189#endif /* __PACKET_KERBEROS_H */
Definition asn1.h:65
Definition packet-kerberos.h:49
Definition packet_info.h:43
Definition proto.h:901
Definition wmem_map.c:44
Definition tvbuff-int.h:35