decryption and dissection of PA_ENC_TIMESTAMP
svn path=/trunk/; revision=10604
This commit is contained in:
parent
08b916c983
commit
09e902f53b
|
@ -21,7 +21,7 @@
|
||||||
*
|
*
|
||||||
* http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-03.txt
|
* http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-03.txt
|
||||||
*
|
*
|
||||||
* $Id: packet-kerberos.c,v 1.56 2004/04/15 07:47:47 sahlberg Exp $
|
* $Id: packet-kerberos.c,v 1.57 2004/04/15 08:34:21 sahlberg Exp $
|
||||||
*
|
*
|
||||||
* Ethereal - Network traffic analyzer
|
* Ethereal - Network traffic analyzer
|
||||||
* By Gerald Combs <gerald@ethereal.com>
|
* By Gerald Combs <gerald@ethereal.com>
|
||||||
|
@ -120,6 +120,8 @@ static gint hf_krb_lr_type = -1;
|
||||||
static gint hf_krb_from = -1;
|
static gint hf_krb_from = -1;
|
||||||
static gint hf_krb_till = -1;
|
static gint hf_krb_till = -1;
|
||||||
static gint hf_krb_authtime = -1;
|
static gint hf_krb_authtime = -1;
|
||||||
|
static gint hf_krb_patimestamp = -1;
|
||||||
|
static gint hf_krb_pausec = -1;
|
||||||
static gint hf_krb_lr_time = -1;
|
static gint hf_krb_lr_time = -1;
|
||||||
static gint hf_krb_starttime = -1;
|
static gint hf_krb_starttime = -1;
|
||||||
static gint hf_krb_endtime = -1;
|
static gint hf_krb_endtime = -1;
|
||||||
|
@ -1070,6 +1072,18 @@ dissect_krb5_AP_REP_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, i
|
||||||
}
|
}
|
||||||
return offset;
|
return offset;
|
||||||
}
|
}
|
||||||
|
static guint32 PA_ENC_TIMESTAMP_etype;
|
||||||
|
static int
|
||||||
|
dissect_krb5_PA_ENC_TIMESTAMP_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
|
||||||
|
{
|
||||||
|
offset=dissect_ber_integer(pinfo, tree, tvb, offset, hf_krb_etype, &PA_ENC_TIMESTAMP_etype);
|
||||||
|
if(tree){
|
||||||
|
proto_item_append_text(tree, " %s",
|
||||||
|
val_to_str(PA_ENC_TIMESTAMP_etype, krb5_encryption_types,
|
||||||
|
"%#x"));
|
||||||
|
}
|
||||||
|
return offset;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -1314,17 +1328,73 @@ dissect_krb5_seq_number(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef HAVE_KERBEROS
|
||||||
|
static int
|
||||||
|
dissect_krb5_pausec(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
|
||||||
|
{
|
||||||
|
offset=dissect_ber_integer(pinfo, tree, tvb, offset, hf_krb_pausec, NULL);
|
||||||
|
return offset;
|
||||||
|
}
|
||||||
|
static int
|
||||||
|
dissect_krb5_patimestamp(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
|
||||||
|
{
|
||||||
|
offset=dissect_ber_generalized_time(pinfo, tree, tvb, offset, hf_krb_patimestamp);
|
||||||
|
return offset;
|
||||||
|
}
|
||||||
|
static const ber_sequence PA_ENC_TS_ENC_sequence[] = {
|
||||||
|
{ BER_CLASS_CON, 0, 0, dissect_krb5_patimestamp },
|
||||||
|
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_krb5_pausec },
|
||||||
|
{ 0, 0, 0, NULL }
|
||||||
|
};
|
||||||
|
static int
|
||||||
|
dissect_krb5_decrypt_PA_ENC_TIMESTAMP (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
|
||||||
|
{
|
||||||
|
guint8 *plaintext=NULL;
|
||||||
|
int length;
|
||||||
|
|
||||||
|
length=tvb_length_remaining(tvb, offset);
|
||||||
|
|
||||||
|
/* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
|
||||||
|
* 7.5.1
|
||||||
|
* AS-REQ PA_ENC_TIMESTAMP are encrypted with usage
|
||||||
|
* == 1
|
||||||
|
*/
|
||||||
|
if(!plaintext){
|
||||||
|
plaintext=decrypt_krb5_data(pinfo, 1, length, tvb_get_ptr(tvb, offset, length), PA_ENC_TIMESTAMP_etype);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(plaintext){
|
||||||
|
tvbuff_t *next_tvb;
|
||||||
|
next_tvb = tvb_new_real_data (plaintext,
|
||||||
|
length,
|
||||||
|
length);
|
||||||
|
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
|
||||||
|
|
||||||
|
/* Add the decrypted data to the data source list. */
|
||||||
|
add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
|
||||||
|
|
||||||
|
|
||||||
|
offset=dissect_ber_sequence(FALSE, pinfo, tree, next_tvb, 0, PA_ENC_TS_ENC_sequence, -1, -1);
|
||||||
|
|
||||||
|
}
|
||||||
|
return offset;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
dissect_krb5_encrypted_PA_ENC_TIMESTAMP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
|
dissect_krb5_encrypted_PA_ENC_TIMESTAMP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
|
||||||
{
|
{
|
||||||
offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, NULL);
|
#ifdef HAVE_KERBEROS
|
||||||
|
offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
|
||||||
|
#else
|
||||||
|
offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, NULL);
|
||||||
|
#endif
|
||||||
return offset;
|
return offset;
|
||||||
/*qqq*/
|
|
||||||
}
|
}
|
||||||
static ber_sequence PA_ENC_TIMESTAMP_sequence[] = {
|
static ber_sequence PA_ENC_TIMESTAMP_sequence[] = {
|
||||||
{ BER_CLASS_CON, 0, 0,
|
{ BER_CLASS_CON, 0, 0,
|
||||||
dissect_krb5_etype },
|
dissect_krb5_PA_ENC_TIMESTAMP_etype },
|
||||||
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
|
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
|
||||||
dissect_krb5_kvno },
|
dissect_krb5_kvno },
|
||||||
{ BER_CLASS_CON, 2, 0,
|
{ BER_CLASS_CON, 2, 0,
|
||||||
|
@ -3074,6 +3144,12 @@ proto_register_kerberos(void)
|
||||||
{ &hf_krb_authtime, {
|
{ &hf_krb_authtime, {
|
||||||
"Authtime", "kerberos.authtime", FT_STRING, BASE_NONE,
|
"Authtime", "kerberos.authtime", FT_STRING, BASE_NONE,
|
||||||
NULL, 0, "Time of initial authentication", HFILL }},
|
NULL, 0, "Time of initial authentication", HFILL }},
|
||||||
|
{ &hf_krb_patimestamp, {
|
||||||
|
"patimestamp", "kerberos.patimestamp", FT_STRING, BASE_NONE,
|
||||||
|
NULL, 0, "Time of client", HFILL }},
|
||||||
|
{ &hf_krb_pausec, {
|
||||||
|
"pausec", "kerberos.pausec", FT_UINT32, BASE_DEC,
|
||||||
|
NULL, 0, "Microsecond component of client time", HFILL }},
|
||||||
{ &hf_krb_lr_time, {
|
{ &hf_krb_lr_time, {
|
||||||
"Lr-time", "kerberos.lr_time", FT_STRING, BASE_NONE,
|
"Lr-time", "kerberos.lr_time", FT_STRING, BASE_NONE,
|
||||||
NULL, 0, "Time of LR-entry", HFILL }},
|
NULL, 0, "Time of LR-entry", HFILL }},
|
||||||
|
|
Loading…
Reference in New Issue