osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

packet-dcerpc-netlogon: split out uncrypt_sequence_strong() 

Change-Id: Ie58377b319632c74ad61c2df42e690466b5c5608
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35590
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Stefan Metzmacher 2019-08-14 14:55:14 +02:00 committed by Anders Broman
parent 371c2d1bd6
commit 2a8a604a1d
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
epan/dissectors/packet-dcerpc-netlogon.c
View File

@ -7651,7 +7651,7 @@ static int get_seal_key(const guint8 *session_key,int key_len,guint64 sequence,g
}
static guint64 uncrypt_sequence(guint8* session_key,guint64 checksum,guint64 enc_seq,unsigned char is_server _U_)
static guint64 uncrypt_sequence_strong(guint8* session_key,guint64 checksum,guint64 enc_seq,unsigned char is_server _U_)
{
guint8 zeros[4] = { 0 };
guint8 buf[HASH_MD5_LENGTH];
@ -7685,6 +7685,20 @@ static guint64 uncrypt_sequence(guint8* session_key,guint64 checksum,guint64 enc
return enc_seq;
}
static guint64 uncrypt_sequence(guint32 flags, guint8* session_key,guint64 checksum,guint64 enc_seq,unsigned char is_server _U_)
{
if (flags & NETLOGON_FLAG_AES) {
/* TODO */
return 0;
}
if (flags & NETLOGON_FLAG_STRONGKEY) {
return uncrypt_sequence_strong(session_key, checksum, enc_seq, is_server);
}
return 0;
}
static tvbuff_t *
dissect_packet_data(tvbuff_t *tvb ,tvbuff_t *auth_tvb _U_,
int offset , packet_info *pinfo ,dcerpc_auth_info *auth_info _U_,unsigned char is_server)
@ -7813,7 +7827,7 @@ dissect_secchan_verf(tvbuff_t *tvb, int offset, packet_info *pinfo,
else {
if(update_vars) {
vars->confounder = confounder;
vars->seq = uncrypt_sequence(vars->session_key,digest,encrypted_seq,is_server);
vars->seq = uncrypt_sequence(vars->flags,vars->session_key,digest,encrypted_seq,is_server);
}
if(get_seal_key(vars->session_key,16,vars->seq,vars->encryption_key))