Wireshark  4.3.0
The Wireshark network protocol analyzer
packet-kerberos.h
1 /* Do not modify this file. Changes will be overwritten. */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler */
3 /* packet-kerberos.h */
4 /* asn2wrs.py -b -L -p kerberos -c ./kerberos.cnf -s ./packet-kerberos-template -D . -O ../.. KerberosV5Spec2.asn k5.asn RFC3244.asn RFC6113.asn SPAKE.asn */
5 
6 /* packet-kerberos.h
7  * Routines for kerberos packet dissection
8  * Copyright 2007, Anders Broman <anders.broman@ericsson.com>
9  *
10  * Wireshark - Network traffic analyzer
11  * By Gerald Combs <gerald@wireshark.org>
12  * Copyright 1998 Gerald Combs
13  *
14  * SPDX-License-Identifier: GPL-2.0-or-later
15  */
16 
17 #ifndef __PACKET_KERBEROS_H
18 #define __PACKET_KERBEROS_H
19 
20 #include "ws_symbol_export.h"
21 
22 #ifdef __cplusplus
23 extern "C" {
24 #endif /* __cplusplus */
25 
26 #ifndef KRB5_KU_USAGE_ACCEPTOR_SEAL
27 #define KRB5_KU_USAGE_ACCEPTOR_SEAL 22
28 #endif
29 #ifndef KRB5_KU_USAGE_ACCEPTOR_SIGN
30 #define KRB5_KU_USAGE_ACCEPTOR_SIGN 23
31 #endif
32 #ifndef KRB5_KU_USAGE_INITIATOR_SEAL
33 #define KRB5_KU_USAGE_INITIATOR_SEAL 24
34 #endif
35 #ifndef KRB5_KU_USAGE_INITIATOR_SIGN
36 #define KRB5_KU_USAGE_INITIATOR_SIGN 25
37 #endif
38 
39 /* This is a list of callback functions a caller can use to specify that
40  octet strings in kerberos to be passed back to application specific
41  dissectors, outside of kerberos.
42  This is used for dissection of application specific data for PacketCable
43  KRB_SAFE user data and eventually to pass kerberos session keys
44  to future DCERPC decryption and other uses.
45  The list is terminated by {0, NULL }
46 */
47 #define KRB_CBTAG_SAFE_USER_DATA 1
48 #define KRB_CBTAG_PRIV_USER_DATA 2
49 typedef struct _kerberos_callbacks {
50  int tag;
51  int (*callback)(packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree);
53 
54 /* Function prototypes */
55 
56 gboolean
57 kerberos_is_win2k_pkinit(asn1_ctx_t *actx);
58 
59 gint
60 dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean do_col_info, kerberos_callbacks *cb);
61 
62 int
63 dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
64 
65 int
66 dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
67 
68 int dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
69 int dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
70 guint32 kerberos_output_keytype(void);
71 
72 guint get_krb_pdu_len(packet_info *, tvbuff_t *tvb, int offset, void *data _U_);
73 
74 gint kerberos_rm_to_reclen(guint krb_rm);
75 
76 void
77 show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm);
78 
79 int
80 dissect_kerberos_KERB_TICKET_LOGON(tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree);
81 
82 #ifdef HAVE_KERBEROS
83 #define KRB_MAX_ORIG_LEN 256
84 #define KRB_MAX_KEY_LENGTH 32
85 /*
86  * "18446744073709551615.18446744073709551615"
87  * sizeof("18446744073709551615") includes '\0',
88  * which is used once for '.' and then for '\0'.
89  */
90 #define KRB_MAX_ID_STR_LEN (sizeof("18446744073709551615")*2)
91 
92 #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
93 typedef struct _enc_key_t {
94  struct _enc_key_t *next;
95  int keytype;
96  int keylength;
97  guint8 keyvalue[KRB_MAX_KEY_LENGTH];
98  char key_origin[KRB_MAX_ORIG_LEN+1];
99  int fd_num; /* remember where we learned a key */
100  guint id; /* a unique id of the key, relative to fd_num */
101  char id_str[KRB_MAX_ID_STR_LEN+1];
102  struct _enc_key_t *same_list;
103  guint num_same;
104  struct _enc_key_t *src1;
105  struct _enc_key_t *src2;
106 } enc_key_t;
107 extern enc_key_t *enc_key_list;
108 extern wmem_map_t *kerberos_longterm_keys;
109 
110 guint8 *
111 decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
112  int usage,
113  tvbuff_t *crypototvb,
114  int keytype,
115  int *datalen);
116 
117 tvbuff_t *
118 decrypt_krb5_krb_cfx_dce(proto_tree *tree,
119  packet_info *pinfo,
120  int usage,
121  int keytype,
122  tvbuff_t *gssapi_header_tvb,
123  tvbuff_t *gssapi_encrypted_tvb,
124  tvbuff_t *gssapi_trailer_tvb,
125  tvbuff_t *checksum_tvb);
126 
127 #endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
128 
129 extern gboolean krb_decrypt;
130 
131 #endif /* HAVE_KERBEROS */
132 
133 #ifdef __cplusplus
134 }
135 #endif /* __cplusplus */
136 
137 
138 /* enumerated values for Applications */
139 #define KERBEROS_APPLICATIONS_TICKET 1
140 #define KERBEROS_APPLICATIONS_AUTHENTICATOR 2
141 #define KERBEROS_APPLICATIONS_ENCTICKETPART 3
142 #define KERBEROS_APPLICATIONS_AS_REQ 10
143 #define KERBEROS_APPLICATIONS_AS_REP 11
144 #define KERBEROS_APPLICATIONS_TGS_REQ 12
145 #define KERBEROS_APPLICATIONS_TGS_REP 13
146 #define KERBEROS_APPLICATIONS_AP_REQ 14
147 #define KERBEROS_APPLICATIONS_AP_REP 15
148 #define KERBEROS_APPLICATIONS_KRB_SAFE 20
149 #define KERBEROS_APPLICATIONS_KRB_PRIV 21
150 #define KERBEROS_APPLICATIONS_KRB_CRED 22
151 #define KERBEROS_APPLICATIONS_ENCASREPPART 25
152 #define KERBEROS_APPLICATIONS_ENCTGSREPPART 26
153 #define KERBEROS_APPLICATIONS_ENCAPREPPART 27
154 #define KERBEROS_APPLICATIONS_ENCKRBPRIVPART 28
155 #define KERBEROS_APPLICATIONS_ENCKRBCREDPART 29
156 #define KERBEROS_APPLICATIONS_KRB_ERROR 30
157 int dissect_kerberos_TGT_REQ(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
158 int dissect_kerberos_TGT_REP(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
159 int dissect_kerberos_ChangePasswdData(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
160 
161 #endif /* __PACKET_KERBEROS_H */
Definition: asn1.h:65
Definition: packet-kerberos.h:49
Definition: packet_info.h:44
Definition: proto.h:897
Definition: wmem_map.c:44
Definition: tvbuff-int.h:35