1 /* Do not modify this file. Changes will be overwritten. */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler */
3 /* packet-kerberos.c */
4 /* asn2wrs.py -b -p kerberos -c ./kerberos.cnf -s ./packet-kerberos-template -D . -O ../.. KerberosV5Spec2.asn k5.asn RFC3244.asn */
6 /* Input file: packet-kerberos-template.c */
8 #line 1 "./asn1/kerberos/packet-kerberos-template.c"
10 * Routines for Kerberos
11 * Wes Hardaker (c) 2000
12 * wjhardaker@ucdavis.edu
13 * Richard Sharpe (C) 2002, rsharpe@samba.org, modularized a bit more and
14 * added AP-REQ and AP-REP dissection
16 * Ronnie Sahlberg (C) 2004, major rewrite for new ASN.1/BER API.
17 * decryption of kerberos blobs if keytab is provided
19 * See RFC 1510, and various I-Ds and other documents showing additions,
20 * e.g. ones listed under
22 * http://www.isi.edu/people/bcn/krb-revisions/
26 * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
30 * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-05.txt
32 * Some structures from RFC2630
34 * Wireshark - Network traffic analyzer
35 * By Gerald Combs <gerald@wireshark.org>
36 * Copyright 1998 Gerald Combs
38 * This program is free software; you can redistribute it and/or
39 * modify it under the terms of the GNU General Public License
40 * as published by the Free Software Foundation; either version 2
41 * of the License, or (at your option) any later version.
43 * This program is distributed in the hope that it will be useful,
44 * but WITHOUT ANY WARRANTY; without even the implied warranty of
45 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
46 * GNU General Public License for more details.
48 * You should have received a copy of the GNU General Public License
49 * along with this program; if not, write to the Free Software
50 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
54 * Some of the development of the Kerberos protocol decoder was sponsored by
55 * Cable Television Laboratories, Inc. ("CableLabs") based upon proprietary
56 * CableLabs' specifications. Your license and use of this protocol decoder
57 * does not mean that you are licensed to use the CableLabs'
58 * specifications. If you have questions about this protocol, contact
59 * jf.mule [AT] cablelabs.com or c.stuart [AT] cablelabs.com for additional
67 #include <epan/packet.h>
68 #include <epan/exceptions.h>
69 #include <epan/strutil.h>
70 #include <epan/conversation.h>
71 #include <epan/asn1.h>
72 #include <epan/expert.h>
73 #include <epan/prefs.h>
74 #include <wsutil/file_util.h>
75 #include <wsutil/str_util.h>
76 #include "packet-kerberos.h"
77 #include "packet-netbios.h"
78 #include "packet-tcp.h"
79 #include "packet-ber.h"
80 #include "packet-pkinit.h"
81 #include "packet-cms.h"
82 #include "packet-windows-common.h"
84 #include "packet-dcerpc-netlogon.h"
85 #include "packet-dcerpc.h"
87 #include "packet-gssapi.h"
88 #include "packet-smb-common.h"
91 void proto_register_kerberos(void);
92 void proto_reg_handoff_kerberos(void);
94 #define UDP_PORT_KERBEROS 88
95 #define TCP_PORT_KERBEROS 88
97 #define ADDRESS_STR_BUFSIZ 256
99 typedef struct kerberos_key {
102 const guint8 *keyvalue;
112 guint32 checksum_type;
113 } kerberos_private_data_t;
115 static dissector_handle_t kerberos_handle_udp;
117 /* Forward declarations */
118 static int dissect_kerberos_Applications(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
119 static int dissect_kerberos_PA_ENC_TIMESTAMP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
120 static int dissect_kerberos_KERB_PA_PAC_REQUEST(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
121 static int dissect_kerberos_PA_S4U2Self(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
122 static int dissect_kerberos_ETYPE_INFO(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
123 static int dissect_kerberos_ETYPE_INFO2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
124 static int dissect_kerberos_AD_IF_RELEVANT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
127 /* Desegment Kerberos over TCP messages */
128 static gboolean krb_desegment = TRUE;
130 static gint proto_kerberos = -1;
132 static gint hf_krb_rm_reserved = -1;
133 static gint hf_krb_rm_reclen = -1;
134 static gint hf_krb_provsrv_location = -1;
135 static gint hf_krb_smb_nt_status = -1;
136 static gint hf_krb_smb_unknown = -1;
137 static gint hf_krb_address_ip = -1;
138 static gint hf_krb_address_netbios = -1;
139 static gint hf_krb_address_ipv6 = -1;
140 static gint hf_krb_gssapi_len = -1;
141 static gint hf_krb_gssapi_bnd = -1;
142 static gint hf_krb_gssapi_dlgopt = -1;
143 static gint hf_krb_gssapi_dlglen = -1;
144 static gint hf_krb_gssapi_c_flag_deleg = -1;
145 static gint hf_krb_gssapi_c_flag_mutual = -1;
146 static gint hf_krb_gssapi_c_flag_replay = -1;
147 static gint hf_krb_gssapi_c_flag_sequence = -1;
148 static gint hf_krb_gssapi_c_flag_conf = -1;
149 static gint hf_krb_gssapi_c_flag_integ = -1;
150 static gint hf_krb_gssapi_c_flag_dce_style = -1;
151 static gint hf_krb_midl_version = -1;
152 static gint hf_krb_midl_hdr_len = -1;
153 static gint hf_krb_midl_fill_bytes = -1;
154 static gint hf_krb_midl_blob_len = -1;
155 static gint hf_krb_pac_signature_type = -1;
156 static gint hf_krb_pac_signature_signature = -1;
157 static gint hf_krb_w2k_pac_entries = -1;
158 static gint hf_krb_w2k_pac_version = -1;
159 static gint hf_krb_w2k_pac_type = -1;
160 static gint hf_krb_w2k_pac_size = -1;
161 static gint hf_krb_w2k_pac_offset = -1;
162 static gint hf_krb_pac_clientid = -1;
163 static gint hf_krb_pac_namelen = -1;
164 static gint hf_krb_pac_clientname = -1;
165 static gint hf_krb_pac_logon_info = -1;
166 static gint hf_krb_pac_credential_type = -1;
167 static gint hf_krb_pac_s4u_delegation_info = -1;
168 static gint hf_krb_pac_upn_dns_info = -1;
169 static gint hf_krb_pac_upn_flags = -1;
170 static gint hf_krb_pac_upn_dns_offset = -1;
171 static gint hf_krb_pac_upn_dns_len = -1;
172 static gint hf_krb_pac_upn_upn_offset = -1;
173 static gint hf_krb_pac_upn_upn_len = -1;
174 static gint hf_krb_pac_upn_upn_name = -1;
175 static gint hf_krb_pac_upn_dns_name = -1;
176 static gint hf_krb_pac_server_checksum = -1;
177 static gint hf_krb_pac_privsvr_checksum = -1;
178 static gint hf_krb_pac_client_info_type = -1;
180 /*--- Included file: packet-kerberos-hf.c ---*/
181 #line 1 "./asn1/kerberos/packet-kerberos-hf.c"
182 static int hf_kerberos_ticket = -1; /* Ticket */
183 static int hf_kerberos_authenticator = -1; /* Authenticator */
184 static int hf_kerberos_encTicketPart = -1; /* EncTicketPart */
185 static int hf_kerberos_as_req = -1; /* AS_REQ */
186 static int hf_kerberos_as_rep = -1; /* AS_REP */
187 static int hf_kerberos_tgs_req = -1; /* TGS_REQ */
188 static int hf_kerberos_tgs_rep = -1; /* TGS_REP */
189 static int hf_kerberos_ap_req = -1; /* AP_REQ */
190 static int hf_kerberos_ap_rep = -1; /* AP_REP */
191 static int hf_kerberos_krb_safe = -1; /* KRB_SAFE */
192 static int hf_kerberos_krb_priv = -1; /* KRB_PRIV */
193 static int hf_kerberos_krb_cred = -1; /* KRB_CRED */
194 static int hf_kerberos_encASRepPart = -1; /* EncASRepPart */
195 static int hf_kerberos_encTGSRepPart = -1; /* EncTGSRepPart */
196 static int hf_kerberos_encAPRepPart = -1; /* EncAPRepPart */
197 static int hf_kerberos_encKrbPrivPart = -1; /* ENC_KRB_PRIV_PART */
198 static int hf_kerberos_encKrbCredPart = -1; /* EncKrbCredPart */
199 static int hf_kerberos_krb_error = -1; /* KRB_ERROR */
200 static int hf_kerberos_name_type = -1; /* NAME_TYPE */
201 static int hf_kerberos_name_string = -1; /* SEQUENCE_OF_KerberosString */
202 static int hf_kerberos_name_string_item = -1; /* KerberosString */
203 static int hf_kerberos_cname_string = -1; /* SEQUENCE_OF_CNameString */
204 static int hf_kerberos_cname_string_item = -1; /* CNameString */
205 static int hf_kerberos_sname_string = -1; /* SEQUENCE_OF_SNameString */
206 static int hf_kerberos_sname_string_item = -1; /* SNameString */
207 static int hf_kerberos_addr_type = -1; /* ADDR_TYPE */
208 static int hf_kerberos_address = -1; /* T_address */
209 static int hf_kerberos_HostAddresses_item = -1; /* HostAddress */
210 static int hf_kerberos_AuthorizationData_item = -1; /* AuthorizationData_item */
211 static int hf_kerberos_ad_type = -1; /* T_ad_type */
212 static int hf_kerberos_ad_data = -1; /* T_ad_data */
213 static int hf_kerberos_padata_type = -1; /* PADATA_TYPE */
214 static int hf_kerberos_padata_value = -1; /* T_padata_value */
215 static int hf_kerberos_keytype = -1; /* T_keytype */
216 static int hf_kerberos_keyvalue = -1; /* T_keyvalue */
217 static int hf_kerberos_cksumtype = -1; /* CKSUMTYPE */
218 static int hf_kerberos_checksum = -1; /* T_checksum */
219 static int hf_kerberos_etype = -1; /* ENCTYPE */
220 static int hf_kerberos_kvno = -1; /* UInt32 */
221 static int hf_kerberos_encryptedTicketData_cipher = -1; /* T_encryptedTicketData_cipher */
222 static int hf_kerberos_encryptedAuthorizationData_cipher = -1; /* T_encryptedAuthorizationData_cipher */
223 static int hf_kerberos_encryptedKDCREPData_cipher = -1; /* T_encryptedKDCREPData_cipher */
224 static int hf_kerberos_encryptedAPREPData_cipher = -1; /* T_encryptedAPREPData_cipher */
225 static int hf_kerberos_encryptedKrbPrivData_cipher = -1; /* T_encryptedKrbPrivData_cipher */
226 static int hf_kerberos_encryptedKrbCredData_cipher = -1; /* T_encryptedKrbCredData_cipher */
227 static int hf_kerberos_tkt_vno = -1; /* INTEGER_5 */
228 static int hf_kerberos_realm = -1; /* Realm */
229 static int hf_kerberos_sname = -1; /* SName */
230 static int hf_kerberos_ticket_enc_part = -1; /* EncryptedTicketData */
231 static int hf_kerberos_flags = -1; /* TicketFlags */
232 static int hf_kerberos_key = -1; /* EncryptionKey */
233 static int hf_kerberos_crealm = -1; /* Realm */
234 static int hf_kerberos_cname = -1; /* CName */
235 static int hf_kerberos_transited = -1; /* TransitedEncoding */
236 static int hf_kerberos_authtime = -1; /* KerberosTime */
237 static int hf_kerberos_starttime = -1; /* KerberosTime */
238 static int hf_kerberos_endtime = -1; /* KerberosTime */
239 static int hf_kerberos_renew_till = -1; /* KerberosTime */
240 static int hf_kerberos_caddr = -1; /* HostAddresses */
241 static int hf_kerberos_authorization_data = -1; /* AuthorizationData */
242 static int hf_kerberos_tr_type = -1; /* Int32 */
243 static int hf_kerberos_contents = -1; /* OCTET_STRING */
244 static int hf_kerberos_pvno = -1; /* INTEGER_5 */
245 static int hf_kerberos_msg_type = -1; /* MESSAGE_TYPE */
246 static int hf_kerberos_padata = -1; /* SEQUENCE_OF_PA_DATA */
247 static int hf_kerberos_padata_item = -1; /* PA_DATA */
248 static int hf_kerberos_req_body = -1; /* KDC_REQ_BODY */
249 static int hf_kerberos_kdc_options = -1; /* KDCOptions */
250 static int hf_kerberos_from = -1; /* KerberosTime */
251 static int hf_kerberos_till = -1; /* KerberosTime */
252 static int hf_kerberos_rtime = -1; /* KerberosTime */
253 static int hf_kerberos_nonce = -1; /* UInt32 */
254 static int hf_kerberos_kDC_REQ_BODY_etype = -1; /* SEQUENCE_OF_ENCTYPE */
255 static int hf_kerberos_kDC_REQ_BODY_etype_item = -1; /* ENCTYPE */
256 static int hf_kerberos_addresses = -1; /* HostAddresses */
257 static int hf_kerberos_enc_authorization_data = -1; /* EncryptedAuthorizationData */
258 static int hf_kerberos_additional_tickets = -1; /* SEQUENCE_OF_Ticket */
259 static int hf_kerberos_additional_tickets_item = -1; /* Ticket */
260 static int hf_kerberos_kDC_REP_enc_part = -1; /* EncryptedKDCREPData */
261 static int hf_kerberos_last_req = -1; /* LastReq */
262 static int hf_kerberos_key_expiration = -1; /* KerberosTime */
263 static int hf_kerberos_srealm = -1; /* Realm */
264 static int hf_kerberos_encrypted_pa_data = -1; /* METHOD_DATA */
265 static int hf_kerberos_LastReq_item = -1; /* LastReq_item */
266 static int hf_kerberos_lr_type = -1; /* LR_TYPE */
267 static int hf_kerberos_lr_value = -1; /* KerberosTime */
268 static int hf_kerberos_ap_options = -1; /* APOptions */
269 static int hf_kerberos_authenticator_01 = -1; /* EncryptedAuthorizationData */
270 static int hf_kerberos_authenticator_vno = -1; /* INTEGER_5 */
271 static int hf_kerberos_cksum = -1; /* Checksum */
272 static int hf_kerberos_cusec = -1; /* Microseconds */
273 static int hf_kerberos_ctime = -1; /* KerberosTime */
274 static int hf_kerberos_subkey = -1; /* EncryptionKey */
275 static int hf_kerberos_seq_number = -1; /* UInt32 */
276 static int hf_kerberos_aP_REP_enc_part = -1; /* EncryptedAPREPData */
277 static int hf_kerberos_safe_body = -1; /* KRB_SAFE_BODY */
278 static int hf_kerberos_kRB_SAFE_BODY_user_data = -1; /* T_kRB_SAFE_BODY_user_data */
279 static int hf_kerberos_timestamp = -1; /* KerberosTime */
280 static int hf_kerberos_usec = -1; /* Microseconds */
281 static int hf_kerberos_s_address = -1; /* HostAddress */
282 static int hf_kerberos_r_address = -1; /* HostAddress */
283 static int hf_kerberos_kRB_PRIV_enc_part = -1; /* EncryptedKrbPrivData */
284 static int hf_kerberos_encKrbPrivPart_user_data = -1; /* T_encKrbPrivPart_user_data */
285 static int hf_kerberos_tickets = -1; /* SEQUENCE_OF_Ticket */
286 static int hf_kerberos_tickets_item = -1; /* Ticket */
287 static int hf_kerberos_kRB_CRED_enc_part = -1; /* EncryptedKrbCredData */
288 static int hf_kerberos_ticket_info = -1; /* SEQUENCE_OF_KrbCredInfo */
289 static int hf_kerberos_ticket_info_item = -1; /* KrbCredInfo */
290 static int hf_kerberos_prealm = -1; /* Realm */
291 static int hf_kerberos_pname = -1; /* PrincipalName */
292 static int hf_kerberos_stime = -1; /* KerberosTime */
293 static int hf_kerberos_susec = -1; /* Microseconds */
294 static int hf_kerberos_error_code = -1; /* ERROR_CODE */
295 static int hf_kerberos_e_text = -1; /* KerberosString */
296 static int hf_kerberos_e_data = -1; /* T_e_data */
297 static int hf_kerberos_e_checksum = -1; /* Checksum */
298 static int hf_kerberos_METHOD_DATA_item = -1; /* PA_DATA */
299 static int hf_kerberos_pA_ENC_TIMESTAMP_cipher = -1; /* T_pA_ENC_TIMESTAMP_cipher */
300 static int hf_kerberos_salt = -1; /* OCTET_STRING */
301 static int hf_kerberos_ETYPE_INFO_item = -1; /* ETYPE_INFO_ENTRY */
302 static int hf_kerberos_salt_01 = -1; /* KerberosString */
303 static int hf_kerberos_s2kparams = -1; /* OCTET_STRING */
304 static int hf_kerberos_ETYPE_INFO2_item = -1; /* ETYPE_INFO2_ENTRY */
305 static int hf_kerberos_name = -1; /* PrincipalName */
306 static int hf_kerberos_auth = -1; /* GeneralString */
307 static int hf_kerberos_include_pac = -1; /* BOOLEAN */
308 static int hf_kerberos_newpasswd = -1; /* OCTET_STRING */
309 static int hf_kerberos_targname = -1; /* PrincipalName */
310 static int hf_kerberos_targrealm = -1; /* Realm */
312 static int hf_kerberos_APOptions_reserved = -1;
313 static int hf_kerberos_APOptions_use_session_key = -1;
314 static int hf_kerberos_APOptions_mutual_required = -1;
315 static int hf_kerberos_TicketFlags_reserved = -1;
316 static int hf_kerberos_TicketFlags_forwardable = -1;
317 static int hf_kerberos_TicketFlags_forwarded = -1;
318 static int hf_kerberos_TicketFlags_proxiable = -1;
319 static int hf_kerberos_TicketFlags_proxy = -1;
320 static int hf_kerberos_TicketFlags_may_postdate = -1;
321 static int hf_kerberos_TicketFlags_postdated = -1;
322 static int hf_kerberos_TicketFlags_invalid = -1;
323 static int hf_kerberos_TicketFlags_renewable = -1;
324 static int hf_kerberos_TicketFlags_initial = -1;
325 static int hf_kerberos_TicketFlags_pre_authent = -1;
326 static int hf_kerberos_TicketFlags_hw_authent = -1;
327 static int hf_kerberos_TicketFlags_transited_policy_checked = -1;
328 static int hf_kerberos_TicketFlags_ok_as_delegate = -1;
329 static int hf_kerberos_TicketFlags_anonymous = -1;
330 static int hf_kerberos_KDCOptions_reserved = -1;
331 static int hf_kerberos_KDCOptions_forwardable = -1;
332 static int hf_kerberos_KDCOptions_forwarded = -1;
333 static int hf_kerberos_KDCOptions_proxiable = -1;
334 static int hf_kerberos_KDCOptions_proxy = -1;
335 static int hf_kerberos_KDCOptions_allow_postdate = -1;
336 static int hf_kerberos_KDCOptions_postdated = -1;
337 static int hf_kerberos_KDCOptions_unused7 = -1;
338 static int hf_kerberos_KDCOptions_renewable = -1;
339 static int hf_kerberos_KDCOptions_unused9 = -1;
340 static int hf_kerberos_KDCOptions_unused10 = -1;
341 static int hf_kerberos_KDCOptions_opt_hardware_auth = -1;
342 static int hf_kerberos_KDCOptions_request_anonymous = -1;
343 static int hf_kerberos_KDCOptions_canonicalize = -1;
344 static int hf_kerberos_KDCOptions_constrained_delegation = -1;
345 static int hf_kerberos_KDCOptions_disable_transited_check = -1;
346 static int hf_kerberos_KDCOptions_renewable_ok = -1;
347 static int hf_kerberos_KDCOptions_enc_tkt_in_skey = -1;
348 static int hf_kerberos_KDCOptions_renew = -1;
349 static int hf_kerberos_KDCOptions_validate = -1;
351 /*--- End of included file: packet-kerberos-hf.c ---*/
352 #line 172 "./asn1/kerberos/packet-kerberos-template.c"
354 /* Initialize the subtree pointers */
355 static gint ett_kerberos = -1;
356 static gint ett_krb_recordmark = -1;
357 static gint ett_krb_pac = -1;
358 static gint ett_krb_pac_drep = -1;
359 static gint ett_krb_pac_midl_blob = -1;
360 static gint ett_krb_pac_logon_info = -1;
361 static gint ett_krb_pac_s4u_delegation_info = -1;
362 static gint ett_krb_pac_upn_dns_info = -1;
363 static gint ett_krb_pac_server_checksum = -1;
364 static gint ett_krb_pac_privsvr_checksum = -1;
365 static gint ett_krb_pac_client_info_type = -1;
367 /*--- Included file: packet-kerberos-ett.c ---*/
368 #line 1 "./asn1/kerberos/packet-kerberos-ett.c"
369 static gint ett_kerberos_Applications = -1;
370 static gint ett_kerberos_PrincipalName = -1;
371 static gint ett_kerberos_SEQUENCE_OF_KerberosString = -1;
372 static gint ett_kerberos_CName = -1;
373 static gint ett_kerberos_SEQUENCE_OF_CNameString = -1;
374 static gint ett_kerberos_SName = -1;
375 static gint ett_kerberos_SEQUENCE_OF_SNameString = -1;
376 static gint ett_kerberos_HostAddress = -1;
377 static gint ett_kerberos_HostAddresses = -1;
378 static gint ett_kerberos_AuthorizationData = -1;
379 static gint ett_kerberos_AuthorizationData_item = -1;
380 static gint ett_kerberos_PA_DATA = -1;
381 static gint ett_kerberos_EncryptionKey = -1;
382 static gint ett_kerberos_Checksum = -1;
383 static gint ett_kerberos_EncryptedTicketData = -1;
384 static gint ett_kerberos_EncryptedAuthorizationData = -1;
385 static gint ett_kerberos_EncryptedKDCREPData = -1;
386 static gint ett_kerberos_EncryptedAPREPData = -1;
387 static gint ett_kerberos_EncryptedKrbPrivData = -1;
388 static gint ett_kerberos_EncryptedKrbCredData = -1;
389 static gint ett_kerberos_Ticket_U = -1;
390 static gint ett_kerberos_EncTicketPart_U = -1;
391 static gint ett_kerberos_TransitedEncoding = -1;
392 static gint ett_kerberos_KDC_REQ = -1;
393 static gint ett_kerberos_SEQUENCE_OF_PA_DATA = -1;
394 static gint ett_kerberos_KDC_REQ_BODY = -1;
395 static gint ett_kerberos_SEQUENCE_OF_ENCTYPE = -1;
396 static gint ett_kerberos_SEQUENCE_OF_Ticket = -1;
397 static gint ett_kerberos_KDC_REP = -1;
398 static gint ett_kerberos_EncKDCRepPart = -1;
399 static gint ett_kerberos_LastReq = -1;
400 static gint ett_kerberos_LastReq_item = -1;
401 static gint ett_kerberos_AP_REQ_U = -1;
402 static gint ett_kerberos_Authenticator_U = -1;
403 static gint ett_kerberos_AP_REP_U = -1;
404 static gint ett_kerberos_EncAPRepPart_U = -1;
405 static gint ett_kerberos_KRB_SAFE_U = -1;
406 static gint ett_kerberos_KRB_SAFE_BODY = -1;
407 static gint ett_kerberos_KRB_PRIV_U = -1;
408 static gint ett_kerberos_EncKrbPrivPart = -1;
409 static gint ett_kerberos_KRB_CRED_U = -1;
410 static gint ett_kerberos_EncKrbCredPart_U = -1;
411 static gint ett_kerberos_SEQUENCE_OF_KrbCredInfo = -1;
412 static gint ett_kerberos_KrbCredInfo = -1;
413 static gint ett_kerberos_KRB_ERROR_U = -1;
414 static gint ett_kerberos_METHOD_DATA = -1;
415 static gint ett_kerberos_PA_ENC_TIMESTAMP = -1;
416 static gint ett_kerberos_ETYPE_INFO_ENTRY = -1;
417 static gint ett_kerberos_ETYPE_INFO = -1;
418 static gint ett_kerberos_ETYPE_INFO2_ENTRY = -1;
419 static gint ett_kerberos_ETYPE_INFO2 = -1;
420 static gint ett_kerberos_APOptions = -1;
421 static gint ett_kerberos_TicketFlags = -1;
422 static gint ett_kerberos_KDCOptions = -1;
423 static gint ett_kerberos_PA_S4U2Self = -1;
424 static gint ett_kerberos_KERB_PA_PAC_REQUEST = -1;
425 static gint ett_kerberos_ChangePasswdData = -1;
427 /*--- End of included file: packet-kerberos-ett.c ---*/
428 #line 186 "./asn1/kerberos/packet-kerberos-template.c"
430 static expert_field ei_kerberos_decrypted_keytype = EI_INIT;
431 static expert_field ei_kerberos_address = EI_INIT;
432 static expert_field ei_krb_gssapi_dlglen = EI_INIT;
434 static dissector_handle_t krb4_handle=NULL;
436 /* Global variables */
437 static guint32 krb5_errorcode;
438 static guint32 gbl_keytype;
439 static gboolean gbl_do_col_info;
442 /*--- Included file: packet-kerberos-val.h ---*/
443 #line 1 "./asn1/kerberos/packet-kerberos-val.h"
444 #define id_krb5 "1.3.6.1.5.2"
446 /* enumerated values for ADDR_TYPE */
447 #define KERBEROS_ADDR_TYPE_IPV4 2
448 #define KERBEROS_ADDR_TYPE_CHAOS 5
449 #define KERBEROS_ADDR_TYPE_XEROX 6
450 #define KERBEROS_ADDR_TYPE_ISO 7
451 #define KERBEROS_ADDR_TYPE_DECNET 12
452 #define KERBEROS_ADDR_TYPE_APPLETALK 16
453 #define KERBEROS_ADDR_TYPE_NETBIOS 20
454 #define KERBEROS_ADDR_TYPE_IPV6 24
456 /*--- End of included file: packet-kerberos-val.h ---*/
457 #line 199 "./asn1/kerberos/packet-kerberos-template.c"
460 call_kerberos_callbacks(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int tag, kerberos_callbacks *cb)
468 cb->callback(pinfo, tvb, tree);
476 static kerberos_private_data_t*
477 kerberos_get_private_data(asn1_ctx_t *actx)
479 if (!actx->private_data) {
480 actx->private_data = wmem_new0(wmem_packet_scope(), kerberos_private_data_t);
482 return (kerberos_private_data_t *)(actx->private_data);
487 /* Decrypt Kerberos blobs */
488 gboolean krb_decrypt = FALSE;
490 /* keytab filename */
491 static const char *keytab_filename = "";
494 read_keytab_file_from_preferences(void)
496 static char *last_keytab = NULL;
502 if (keytab_filename == NULL) {
506 if (last_keytab && !strcmp(last_keytab, keytab_filename)) {
510 if (last_keytab != NULL) {
514 last_keytab = g_strdup(keytab_filename);
516 read_keytab_file(last_keytab);
518 #endif /* HAVE_KERBEROS */
520 #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
522 /* prevent redefinition warnings in kfw-2.5\inc\win_mac.h */
523 #undef HAVE_GETADDRINFO
524 #undef HAVE_SYS_TYPES_H
527 enc_key_t *enc_key_list=NULL;
530 add_encryption_key(packet_info *pinfo, int keytype, int keylength, const char *keyvalue, const char *origin)
534 if(pinfo->fd->flags.visited){
538 new_key=(enc_key_t *)g_malloc(sizeof(enc_key_t));
539 g_snprintf(new_key->key_origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u",origin,pinfo->num);
540 new_key->fd_num = pinfo->num;
541 new_key->next=enc_key_list;
542 enc_key_list=new_key;
543 new_key->keytype=keytype;
544 new_key->keylength=keylength;
545 /*XXX this needs to be freed later */
546 new_key->keyvalue=(char *)g_memdup(keyvalue, keylength);
548 #endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
550 #if defined(HAVE_MIT_KERBEROS)
552 static krb5_context krb5_ctx;
554 USES_APPLE_DEPRECATED_API
556 read_keytab_file(const char *filename)
560 krb5_keytab_entry key;
561 krb5_kt_cursor cursor;
563 static gboolean first_time=TRUE;
565 if (filename == NULL || filename[0] == 0) {
571 ret = krb5_init_context(&krb5_ctx);
572 if(ret && ret != KRB5_CONFIG_CANTOPEN){
577 /* should use a file in the wireshark users dir */
578 ret = krb5_kt_resolve(krb5_ctx, filename, &keytab);
580 fprintf(stderr, "KERBEROS ERROR: Badly formatted keytab filename :%s\n",filename);
585 ret = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
587 fprintf(stderr, "KERBEROS ERROR: Could not open or could not read from keytab file :%s\n",filename);
592 new_key=(enc_key_t *)g_malloc(sizeof(enc_key_t));
593 new_key->fd_num = -1;
594 new_key->next=enc_key_list;
595 ret = krb5_kt_next_entry(krb5_ctx, keytab, &key, &cursor);
600 /* generate origin string, describing where this key came from */
601 pos=new_key->key_origin;
602 pos+=MIN(KRB_MAX_ORIG_LEN,
603 g_snprintf(pos, KRB_MAX_ORIG_LEN, "keytab principal "));
604 for(i=0;i<key.principal->length;i++){
605 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
606 g_snprintf(pos, (gulong)(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin)), "%s%s",(i?"/":""),(key.principal->data[i]).data));
608 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
609 g_snprintf(pos, (gulong)(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin)), "@%s",key.principal->realm.data));
611 new_key->keytype=key.key.enctype;
612 new_key->keylength=key.key.length;
613 new_key->keyvalue=(char *)g_memdup(key.key.contents, key.key.length);
614 enc_key_list=new_key;
618 ret = krb5_kt_end_seq_get(krb5_ctx, keytab, &cursor);
620 krb5_kt_close(krb5_ctx, keytab);
626 decrypt_krb5_data(proto_tree *tree _U_, packet_info *pinfo,
634 krb5_data data = {0,0,NULL};
635 krb5_keytab_entry key;
636 int length = tvb_captured_length(cryptotvb);
637 const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
639 /* don't do anything if we are not attempting to decrypt data */
640 if(!krb_decrypt || length < 1){
644 /* make sure we have all the data we need */
645 if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
649 read_keytab_file_from_preferences();
650 data.data = (char *)g_malloc(length);
651 data.length = length;
653 for(ek=enc_key_list;ek;ek=ek->next){
656 /* shortcircuit and bail out if enctypes are not matching */
657 if((keytype != -1) && (ek->keytype != keytype)) {
661 input.enctype = ek->keytype;
662 input.ciphertext.length = length;
663 input.ciphertext.data = (guint8 *)cryptotext;
665 key.key.enctype=ek->keytype;
666 key.key.length=ek->keylength;
667 key.key.contents=ek->keyvalue;
668 ret = krb5_c_decrypt(krb5_ctx, &(key.key), usage, 0, &input, &data);
672 expert_add_info_format(pinfo, NULL, &ei_kerberos_decrypted_keytype,
673 "Decrypted keytype %d in frame %u using %s",
674 ek->keytype, pinfo->num, ek->key_origin);
676 /* return a private g_malloced blob to the caller */
679 *datalen = data.length;
690 #elif defined(HAVE_HEIMDAL_KERBEROS)
691 static krb5_context krb5_ctx;
693 USES_APPLE_DEPRECATED_API
695 read_keytab_file(const char *filename)
699 krb5_keytab_entry key;
700 krb5_kt_cursor cursor;
702 static gboolean first_time=TRUE;
704 if (filename == NULL || filename[0] == 0) {
710 ret = krb5_init_context(&krb5_ctx);
716 /* should use a file in the wireshark users dir */
717 ret = krb5_kt_resolve(krb5_ctx, filename, &keytab);
719 fprintf(stderr, "KERBEROS ERROR: Could not open keytab file :%s\n",filename);
724 ret = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
726 fprintf(stderr, "KERBEROS ERROR: Could not read from keytab file :%s\n",filename);
731 new_key = (enc_key_t *)g_malloc(sizeof(enc_key_t));
732 new_key->fd_num = -1;
733 new_key->next=enc_key_list;
734 ret = krb5_kt_next_entry(krb5_ctx, keytab, &key, &cursor);
739 /* generate origin string, describing where this key came from */
740 pos=new_key->key_origin;
741 pos+=MIN(KRB_MAX_ORIG_LEN,
742 g_snprintf(pos, KRB_MAX_ORIG_LEN, "keytab principal "));
743 for(i=0;i<key.principal->name.name_string.len;i++){
744 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
745 g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "%s%s",(i?"/":""),key.principal->name.name_string.val[i]));
747 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
748 g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "@%s",key.principal->realm));
750 new_key->keytype=key.keyblock.keytype;
751 new_key->keylength=(int)key.keyblock.keyvalue.length;
752 new_key->keyvalue = (guint8 *)g_memdup(key.keyblock.keyvalue.data, (guint)key.keyblock.keyvalue.length);
753 enc_key_list=new_key;
757 ret = krb5_kt_end_seq_get(krb5_ctx, keytab, &cursor);
759 krb5_kt_close(krb5_ctx, keytab);
767 decrypt_krb5_data(proto_tree *tree _U_, packet_info *pinfo,
776 int length = tvb_captured_length(cryptotvb);
777 const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
779 /* don't do anything if we are not attempting to decrypt data */
784 /* make sure we have all the data we need */
785 if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
789 read_keytab_file_from_preferences();
791 for(ek=enc_key_list;ek;ek=ek->next){
792 krb5_keytab_entry key;
794 guint8 *cryptocopy; /* workaround for pre-0.6.1 heimdal bug */
796 /* shortcircuit and bail out if enctypes are not matching */
797 if((keytype != -1) && (ek->keytype != keytype)) {
801 key.keyblock.keytype=ek->keytype;
802 key.keyblock.keyvalue.length=ek->keylength;
803 key.keyblock.keyvalue.data=ek->keyvalue;
804 ret = krb5_crypto_init(krb5_ctx, &(key.keyblock), (krb5_enctype)ENCTYPE_NULL, &crypto);
809 /* pre-0.6.1 versions of Heimdal would sometimes change
810 the cryptotext data even when the decryption failed.
811 This would obviously not work since we iterate over the
812 keys. So just give it a copy of the crypto data instead.
813 This has been seen for RC4-HMAC blobs.
815 cryptocopy = (guint8 *)g_memdup(cryptotext, length);
816 ret = krb5_decrypt_ivec(krb5_ctx, crypto, usage,
821 if((ret == 0) && (length>0)){
824 expert_add_info_format(pinfo, NULL, &ei_kerberos_decrypted_keytype,
825 "Decrypted keytype %d in frame %u using %s",
826 ek->keytype, pinfo->num, ek->key_origin);
828 krb5_crypto_destroy(krb5_ctx, crypto);
829 /* return a private g_malloced blob to the caller */
830 user_data = (char *)g_memdup(data.data, (guint)data.length);
832 *datalen = (int)data.length;
836 krb5_crypto_destroy(krb5_ctx, crypto);
841 #elif defined (HAVE_LIBNETTLE)
843 #define SERVICE_KEY_SIZE (DES3_KEY_SIZE + 2)
844 #define KEYTYPE_DES3_CBC_MD5 5 /* Currently the only one supported */
846 typedef struct _service_key_t {
851 char origin[KRB_MAX_ORIG_LEN+1];
853 GSList *service_key_list = NULL;
857 add_encryption_key(packet_info *pinfo, int keytype, int keylength, const char *keyvalue, const char *origin)
859 service_key_t *new_key;
861 if(pinfo->fd->flags.visited){
865 new_key = g_malloc(sizeof(service_key_t));
867 new_key->keytype = keytype;
868 new_key->length = keylength;
869 new_key->contents = g_memdup(keyvalue, keylength);
870 g_snprintf(new_key->origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u", origin, pinfo->num);
871 service_key_list = g_slist_append(service_key_list, (gpointer) new_key);
879 for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
880 sk = (service_key_t *) ske->data;
882 g_free(sk->contents);
886 g_slist_free(service_key_list);
887 service_key_list = NULL;
891 read_keytab_file(const char *service_key_file)
896 unsigned char buf[SERVICE_KEY_SIZE];
897 int newline_skip = 0, count = 0;
899 if (service_key_file != NULL && ws_stat64 (service_key_file, &st) == 0) {
901 /* The service key file contains raw 192-bit (24 byte) 3DES keys.
902 * There can be zero, one (\n), or two (\r\n) characters between
903 * keys. Trailing characters are ignored.
906 /* XXX We should support the standard keytab format instead */
907 if (st.st_size > SERVICE_KEY_SIZE) {
908 if ( (st.st_size % (SERVICE_KEY_SIZE + 1) == 0) ||
909 (st.st_size % (SERVICE_KEY_SIZE + 1) == SERVICE_KEY_SIZE) ) {
911 } else if ( (st.st_size % (SERVICE_KEY_SIZE + 2) == 0) ||
912 (st.st_size % (SERVICE_KEY_SIZE + 2) == SERVICE_KEY_SIZE) ) {
917 skf = ws_fopen(service_key_file, "rb");
920 while (fread(buf, SERVICE_KEY_SIZE, 1, skf) == 1) {
921 sk = g_malloc(sizeof(service_key_t));
922 sk->kvno = buf[0] << 8 | buf[1];
923 sk->keytype = KEYTYPE_DES3_CBC_MD5;
924 sk->length = DES3_KEY_SIZE;
925 sk->contents = g_memdup(buf + 2, DES3_KEY_SIZE);
926 g_snprintf(sk->origin, KRB_MAX_ORIG_LEN, "3DES service key file, key #%d, offset %ld", count, ftell(skf));
927 service_key_list = g_slist_append(service_key_list, (gpointer) sk);
928 if (fseek(skf, newline_skip, SEEK_CUR) < 0) {
929 fprintf(stderr, "unable to seek...\n");
938 #define CONFOUNDER_PLUS_CHECKSUM 24
941 decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
948 guint8 *decrypted_data = NULL, *plaintext = NULL;
951 guint32 tag, item_len, data_len;
952 int id_offset, offset;
953 guint8 key[DES3_KEY_SIZE];
954 guint8 initial_vector[DES_BLOCK_SIZE];
956 md5_byte_t digest[16];
957 md5_byte_t zero_fill[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
958 md5_byte_t confounder[8];
963 int length = tvb_captured_length(cryptotvb);
964 const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
967 /* don't do anything if we are not attempting to decrypt data */
972 /* make sure we have all the data we need */
973 if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
977 if (keytype != KEYTYPE_DES3_CBC_MD5 || service_key_list == NULL) {
981 decrypted_data = g_malloc(length);
982 for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
983 gboolean do_continue = FALSE;
984 sk = (service_key_t *) ske->data;
986 des_fix_parity(DES3_KEY_SIZE, key, sk->contents);
989 memset(initial_vector, 0, DES_BLOCK_SIZE);
990 des3_set_key(&ctx, key);
991 cbc_decrypt(&ctx, des3_decrypt, DES_BLOCK_SIZE, initial_vector,
992 length, decrypted_data, cryptotext);
993 encr_tvb = tvb_new_real_data(decrypted_data, length, length);
995 tvb_memcpy(encr_tvb, confounder, 0, 8);
997 /* We have to pull the decrypted data length from the decrypted
998 * content. If the key doesn't match or we otherwise get garbage,
999 * an exception may get thrown while decoding the ASN.1 header.
1000 * Catch it, just in case.
1003 id_offset = get_ber_identifier(encr_tvb, CONFOUNDER_PLUS_CHECKSUM, &cls, &pc, &tag);
1004 offset = get_ber_length(encr_tvb, id_offset, &item_len, &ind);
1006 CATCH_BOUNDS_ERRORS {
1012 if (do_continue) continue;
1014 data_len = item_len + offset - CONFOUNDER_PLUS_CHECKSUM;
1015 if ((int) item_len + offset > length) {
1020 md5_append(&md5s, confounder, 8);
1021 md5_append(&md5s, zero_fill, 16);
1022 md5_append(&md5s, decrypted_data + CONFOUNDER_PLUS_CHECKSUM, data_len);
1023 md5_finish(&md5s, digest);
1025 if (tvb_memeql (encr_tvb, 8, digest, 16) == 0) {
1026 plaintext = g_malloc(data_len);
1027 tvb_memcpy(encr_tvb, plaintext, CONFOUNDER_PLUS_CHECKSUM, data_len);
1031 *datalen = data_len;
1033 g_free(decrypted_data);
1039 g_free(decrypted_data);
1043 #endif /* HAVE_MIT_KERBEROS / HAVE_HEIMDAL_KERBEROS / HAVE_LIBNETTLE */
1045 #define INET6_ADDRLEN 16
1047 /* TCP Record Mark */
1048 #define KRB_RM_RESERVED 0x80000000U
1049 #define KRB_RM_RECLEN 0x7fffffffU
1051 #define KRB5_MSG_TICKET 1 /* Ticket */
1052 #define KRB5_MSG_AUTHENTICATOR 2 /* Authenticator */
1053 #define KRB5_MSG_ENC_TICKET_PART 3 /* EncTicketPart */
1054 #define KRB5_MSG_AS_REQ 10 /* AS-REQ type */
1055 #define KRB5_MSG_AS_REP 11 /* AS-REP type */
1056 #define KRB5_MSG_TGS_REQ 12 /* TGS-REQ type */
1057 #define KRB5_MSG_TGS_REP 13 /* TGS-REP type */
1058 #define KRB5_MSG_AP_REQ 14 /* AP-REQ type */
1059 #define KRB5_MSG_AP_REP 15 /* AP-REP type */
1061 #define KRB5_MSG_SAFE 20 /* KRB-SAFE type */
1062 #define KRB5_MSG_PRIV 21 /* KRB-PRIV type */
1063 #define KRB5_MSG_CRED 22 /* KRB-CRED type */
1064 #define KRB5_MSG_ENC_AS_REP_PART 25 /* EncASRepPart */
1065 #define KRB5_MSG_ENC_TGS_REP_PART 26 /* EncTGSRepPart */
1066 #define KRB5_MSG_ENC_AP_REP_PART 27 /* EncAPRepPart */
1067 #define KRB5_MSG_ENC_KRB_PRIV_PART 28 /* EncKrbPrivPart */
1068 #define KRB5_MSG_ENC_KRB_CRED_PART 29 /* EncKrbCredPart */
1069 #define KRB5_MSG_ERROR 30 /* KRB-ERROR type */
1071 /* encryption type constants */
1072 #define KRB5_ENCTYPE_NULL 0
1073 #define KRB5_ENCTYPE_DES_CBC_CRC 1
1074 #define KRB5_ENCTYPE_DES_CBC_MD4 2
1075 #define KRB5_ENCTYPE_DES_CBC_MD5 3
1076 #define KRB5_ENCTYPE_DES_CBC_RAW 4
1077 #define KRB5_ENCTYPE_DES3_CBC_SHA 5
1078 #define KRB5_ENCTYPE_DES3_CBC_RAW 6
1079 #define KRB5_ENCTYPE_DES_HMAC_SHA1 8
1080 #define KRB5_ENCTYPE_DSA_SHA1_CMS 9
1081 #define KRB5_ENCTYPE_RSA_MD5_CMS 10
1082 #define KRB5_ENCTYPE_RSA_SHA1_CMS 11
1083 #define KRB5_ENCTYPE_RC2_CBC_ENV 12
1084 #define KRB5_ENCTYPE_RSA_ENV 13
1085 #define KRB5_ENCTYPE_RSA_ES_OEAP_ENV 14
1086 #define KRB5_ENCTYPE_DES_EDE3_CBC_ENV 15
1087 #define KRB5_ENCTYPE_DES3_CBC_SHA1 16
1088 #define KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 17
1089 #define KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 18
1090 #define KRB5_ENCTYPE_DES_CBC_MD5_NT 20
1091 #define KERB_ENCTYPE_RC4_HMAC 23
1092 #define KERB_ENCTYPE_RC4_HMAC_EXP 24
1093 #define KRB5_ENCTYPE_UNKNOWN 0x1ff
1094 #define KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1 0x7007
1095 #define KRB5_ENCTYPE_RC4_PLAIN_EXP 0xffffff73
1096 #define KRB5_ENCTYPE_RC4_PLAIN 0xffffff74
1097 #define KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP 0xffffff78
1098 #define KRB5_ENCTYPE_RC4_HMAC_OLD_EXP 0xffffff79
1099 #define KRB5_ENCTYPE_RC4_PLAIN_OLD 0xffffff7a
1100 #define KRB5_ENCTYPE_RC4_HMAC_OLD 0xffffff7b
1101 #define KRB5_ENCTYPE_DES_PLAIN 0xffffff7c
1102 #define KRB5_ENCTYPE_RC4_SHA 0xffffff7d
1103 #define KRB5_ENCTYPE_RC4_LM 0xffffff7e
1104 #define KRB5_ENCTYPE_RC4_PLAIN2 0xffffff7f
1105 #define KRB5_ENCTYPE_RC4_MD4 0xffffff80
1107 /* checksum types */
1108 #define KRB5_CHKSUM_NONE 0
1109 #define KRB5_CHKSUM_CRC32 1
1110 #define KRB5_CHKSUM_MD4 2
1111 #define KRB5_CHKSUM_KRB_DES_MAC 4
1112 #define KRB5_CHKSUM_KRB_DES_MAC_K 5
1113 #define KRB5_CHKSUM_MD5 7
1114 #define KRB5_CHKSUM_MD5_DES 8
1115 /* the following four come from packetcable */
1116 #define KRB5_CHKSUM_MD5_DES3 9
1117 #define KRB5_CHKSUM_HMAC_SHA1_DES3_KD 12
1118 #define KRB5_CHKSUM_HMAC_SHA1_DES3 13
1119 #define KRB5_CHKSUM_SHA1_UNKEYED 14
1120 #define KRB5_CHKSUM_HMAC_MD5 0xffffff76
1121 #define KRB5_CHKSUM_MD5_HMAC 0xffffff77
1122 #define KRB5_CHKSUM_RC4_MD5 0xffffff78
1123 #define KRB5_CHKSUM_MD25 0xffffff79
1124 #define KRB5_CHKSUM_DES_MAC_MD5 0xffffff7a
1125 #define KRB5_CHKSUM_DES_MAC 0xffffff7b
1126 #define KRB5_CHKSUM_REAL_CRC32 0xffffff7c
1127 #define KRB5_CHKSUM_SHA1 0xffffff7d
1128 #define KRB5_CHKSUM_LM 0xffffff7e
1129 #define KRB5_CHKSUM_GSSAPI 0x8003
1132 * For KERB_ENCTYPE_RC4_HMAC and KERB_ENCTYPE_RC4_HMAC_EXP, see
1134 * http://www.ietf.org/internet-drafts/draft-brezak-win2k-krb-rc4-hmac-04.txt
1136 * unless it's expired.
1139 /* pre-authentication type constants */
1140 #define KRB5_PA_TGS_REQ 1
1141 #define KRB5_PA_ENC_TIMESTAMP 2
1142 #define KRB5_PA_PW_SALT 3
1143 #define KRB5_PA_ENC_ENCKEY 4
1144 #define KRB5_PA_ENC_UNIX_TIME 5
1145 #define KRB5_PA_ENC_SANDIA_SECURID 6
1146 #define KRB5_PA_SESAME 7
1147 #define KRB5_PA_OSF_DCE 8
1148 #define KRB5_PA_CYBERSAFE_SECUREID 9
1149 #define KRB5_PA_AFS3_SALT 10
1150 #define KRB5_PA_ENCTYPE_INFO 11
1151 #define KRB5_PA_SAM_CHALLENGE 12
1152 #define KRB5_PA_SAM_RESPONSE 13
1153 #define KRB5_PA_PK_AS_REQ 14
1154 #define KRB5_PA_PK_AS_REP 15
1155 #define KRB5_PA_DASS 16
1156 #define KRB5_PA_ENCTYPE_INFO2 19
1157 #define KRB5_PA_USE_SPECIFIED_KVNO 20
1158 #define KRB5_PA_SAM_REDIRECT 21
1159 #define KRB5_PA_GET_FROM_TYPED_DATA 22
1160 #define KRB5_PA_SAM_ETYPE_INFO 23
1161 #define KRB5_PA_ALT_PRINC 24
1162 #define KRB5_PA_SAM_CHALLENGE2 30
1163 #define KRB5_PA_SAM_RESPONSE2 31
1164 #define KRB5_TD_PKINIT_CMS_CERTIFICATES 101
1165 #define KRB5_TD_KRB_PRINCIPAL 102
1166 #define KRB5_TD_KRB_REALM 103
1167 #define KRB5_TD_TRUSTED_CERTIFIERS 104
1168 #define KRB5_TD_CERTIFICATE_INDEX 105
1169 #define KRB5_TD_APP_DEFINED_ERROR 106
1170 #define KRB5_TD_REQ_NONCE 107
1171 #define KRB5_TD_REQ_SEQ 108
1172 /* preauthentication types >127 (i.e. negative ones) are app specific.
1173 however since Microsoft is the dominant(only?) user of types in this range
1174 we also treat the type as unsigned.
1176 #define KRB5_PA_PAC_REQUEST 128 /* (Microsoft extension) */
1177 #define KRB5_PA_FOR_USER 129 /* Impersonation (Microsoft extension) See [MS-SFU]. XXX - replaced by KRB5_PA_S4U2SELF */
1178 #define KRB5_PA_S4U2SELF 129
1180 #define KRB5_PA_PROV_SRV_LOCATION 0xffffffff /* (gint32)0xFF) packetcable stuff */
1181 /* Principal name-type */
1182 #define KRB5_NT_UNKNOWN 0
1183 #define KRB5_NT_PRINCIPAL 1
1184 #define KRB5_NT_SRV_INST 2
1185 #define KRB5_NT_SRV_HST 3
1186 #define KRB5_NT_SRV_XHST 4
1187 #define KRB5_NT_UID 5
1188 #define KRB5_NT_X500_PRINCIPAL 6
1189 #define KRB5_NT_SMTP_NAME 7
1190 #define KRB5_NT_ENTERPRISE 10
1193 * MS specific name types, from
1195 * http://msdn.microsoft.com/library/en-us/security/security/kerb_external_name.asp
1197 #define KRB5_NT_MS_PRINCIPAL -128
1198 #define KRB5_NT_MS_PRINCIPAL_AND_SID -129
1199 #define KRB5_NT_ENT_PRINCIPAL_AND_SID -130
1200 #define KRB5_NT_PRINCIPAL_AND_SID -131
1201 #define KRB5_NT_SRV_INST_AND_SID -132
1203 /* error table constants */
1204 /* I prefixed the krb5_err.et constant names with KRB5_ET_ for these */
1205 #define KRB5_ET_KRB5KDC_ERR_NONE 0
1206 #define KRB5_ET_KRB5KDC_ERR_NAME_EXP 1
1207 #define KRB5_ET_KRB5KDC_ERR_SERVICE_EXP 2
1208 #define KRB5_ET_KRB5KDC_ERR_BAD_PVNO 3
1209 #define KRB5_ET_KRB5KDC_ERR_C_OLD_MAST_KVNO 4
1210 #define KRB5_ET_KRB5KDC_ERR_S_OLD_MAST_KVNO 5
1211 #define KRB5_ET_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN 6
1212 #define KRB5_ET_KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN 7
1213 #define KRB5_ET_KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE 8
1214 #define KRB5_ET_KRB5KDC_ERR_NULL_KEY 9
1215 #define KRB5_ET_KRB5KDC_ERR_CANNOT_POSTDATE 10
1216 #define KRB5_ET_KRB5KDC_ERR_NEVER_VALID 11
1217 #define KRB5_ET_KRB5KDC_ERR_POLICY 12
1218 #define KRB5_ET_KRB5KDC_ERR_BADOPTION 13
1219 #define KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP 14
1220 #define KRB5_ET_KRB5KDC_ERR_SUMTYPE_NOSUPP 15
1221 #define KRB5_ET_KRB5KDC_ERR_PADATA_TYPE_NOSUPP 16
1222 #define KRB5_ET_KRB5KDC_ERR_TRTYPE_NOSUPP 17
1223 #define KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED 18
1224 #define KRB5_ET_KRB5KDC_ERR_SERVICE_REVOKED 19
1225 #define KRB5_ET_KRB5KDC_ERR_TGT_REVOKED 20
1226 #define KRB5_ET_KRB5KDC_ERR_CLIENT_NOTYET 21
1227 #define KRB5_ET_KRB5KDC_ERR_SERVICE_NOTYET 22
1228 #define KRB5_ET_KRB5KDC_ERR_KEY_EXP 23
1229 #define KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED 24
1230 #define KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED 25
1231 #define KRB5_ET_KRB5KDC_ERR_SERVER_NOMATCH 26
1232 #define KRB5_ET_KRB5KDC_ERR_MUST_USE_USER2USER 27
1233 #define KRB5_ET_KRB5KDC_ERR_PATH_NOT_ACCEPTED 28
1234 #define KRB5_ET_KRB5KDC_ERR_SVC_UNAVAILABLE 29
1235 #define KRB5_ET_KRB5KRB_AP_ERR_BAD_INTEGRITY 31
1236 #define KRB5_ET_KRB5KRB_AP_ERR_TKT_EXPIRED 32
1237 #define KRB5_ET_KRB5KRB_AP_ERR_TKT_NYV 33
1238 #define KRB5_ET_KRB5KRB_AP_ERR_REPEAT 34
1239 #define KRB5_ET_KRB5KRB_AP_ERR_NOT_US 35
1240 #define KRB5_ET_KRB5KRB_AP_ERR_BADMATCH 36
1241 #define KRB5_ET_KRB5KRB_AP_ERR_SKEW 37
1242 #define KRB5_ET_KRB5KRB_AP_ERR_BADADDR 38
1243 #define KRB5_ET_KRB5KRB_AP_ERR_BADVERSION 39
1244 #define KRB5_ET_KRB5KRB_AP_ERR_MSG_TYPE 40
1245 #define KRB5_ET_KRB5KRB_AP_ERR_MODIFIED 41
1246 #define KRB5_ET_KRB5KRB_AP_ERR_BADORDER 42
1247 #define KRB5_ET_KRB5KRB_AP_ERR_ILL_CR_TKT 43
1248 #define KRB5_ET_KRB5KRB_AP_ERR_BADKEYVER 44
1249 #define KRB5_ET_KRB5KRB_AP_ERR_NOKEY 45
1250 #define KRB5_ET_KRB5KRB_AP_ERR_MUT_FAIL 46
1251 #define KRB5_ET_KRB5KRB_AP_ERR_BADDIRECTION 47
1252 #define KRB5_ET_KRB5KRB_AP_ERR_METHOD 48
1253 #define KRB5_ET_KRB5KRB_AP_ERR_BADSEQ 49
1254 #define KRB5_ET_KRB5KRB_AP_ERR_INAPP_CKSUM 50
1255 #define KRB5_ET_KRB5KDC_AP_PATH_NOT_ACCEPTED 51
1256 #define KRB5_ET_KRB5KRB_ERR_RESPONSE_TOO_BIG 52
1257 #define KRB5_ET_KRB5KRB_ERR_GENERIC 60
1258 #define KRB5_ET_KRB5KRB_ERR_FIELD_TOOLONG 61
1259 #define KRB5_ET_KDC_ERROR_CLIENT_NOT_TRUSTED 62
1260 #define KRB5_ET_KDC_ERROR_KDC_NOT_TRUSTED 63
1261 #define KRB5_ET_KDC_ERROR_INVALID_SIG 64
1262 #define KRB5_ET_KDC_ERR_KEY_TOO_WEAK 65
1263 #define KRB5_ET_KDC_ERR_CERTIFICATE_MISMATCH 66
1264 #define KRB5_ET_KRB_AP_ERR_NO_TGT 67
1265 #define KRB5_ET_KDC_ERR_WRONG_REALM 68
1266 #define KRB5_ET_KRB_AP_ERR_USER_TO_USER_REQUIRED 69
1267 #define KRB5_ET_KDC_ERR_CANT_VERIFY_CERTIFICATE 70
1268 #define KRB5_ET_KDC_ERR_INVALID_CERTIFICATE 71
1269 #define KRB5_ET_KDC_ERR_REVOKED_CERTIFICATE 72
1270 #define KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNKNOWN 73
1271 #define KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE 74
1272 #define KRB5_ET_KDC_ERR_CLIENT_NAME_MISMATCH 75
1273 #define KRB5_ET_KDC_ERR_KDC_NAME_MISMATCH 76
1275 static const value_string krb5_error_codes[] = {
1276 { KRB5_ET_KRB5KDC_ERR_NONE, "KRB5KDC_ERR_NONE" },
1277 { KRB5_ET_KRB5KDC_ERR_NAME_EXP, "KRB5KDC_ERR_NAME_EXP" },
1278 { KRB5_ET_KRB5KDC_ERR_SERVICE_EXP, "KRB5KDC_ERR_SERVICE_EXP" },
1279 { KRB5_ET_KRB5KDC_ERR_BAD_PVNO, "KRB5KDC_ERR_BAD_PVNO" },
1280 { KRB5_ET_KRB5KDC_ERR_C_OLD_MAST_KVNO, "KRB5KDC_ERR_C_OLD_MAST_KVNO" },
1281 { KRB5_ET_KRB5KDC_ERR_S_OLD_MAST_KVNO, "KRB5KDC_ERR_S_OLD_MAST_KVNO" },
1282 { KRB5_ET_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN" },
1283 { KRB5_ET_KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN, "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" },
1284 { KRB5_ET_KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE, "KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE" },
1285 { KRB5_ET_KRB5KDC_ERR_NULL_KEY, "KRB5KDC_ERR_NULL_KEY" },
1286 { KRB5_ET_KRB5KDC_ERR_CANNOT_POSTDATE, "KRB5KDC_ERR_CANNOT_POSTDATE" },
1287 { KRB5_ET_KRB5KDC_ERR_NEVER_VALID, "KRB5KDC_ERR_NEVER_VALID" },
1288 { KRB5_ET_KRB5KDC_ERR_POLICY, "KRB5KDC_ERR_POLICY" },
1289 { KRB5_ET_KRB5KDC_ERR_BADOPTION, "KRB5KDC_ERR_BADOPTION" },
1290 { KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP, "KRB5KDC_ERR_ETYPE_NOSUPP" },
1291 { KRB5_ET_KRB5KDC_ERR_SUMTYPE_NOSUPP, "KRB5KDC_ERR_SUMTYPE_NOSUPP" },
1292 { KRB5_ET_KRB5KDC_ERR_PADATA_TYPE_NOSUPP, "KRB5KDC_ERR_PADATA_TYPE_NOSUPP" },
1293 { KRB5_ET_KRB5KDC_ERR_TRTYPE_NOSUPP, "KRB5KDC_ERR_TRTYPE_NOSUPP" },
1294 { KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED, "KRB5KDC_ERR_CLIENT_REVOKED" },
1295 { KRB5_ET_KRB5KDC_ERR_SERVICE_REVOKED, "KRB5KDC_ERR_SERVICE_REVOKED" },
1296 { KRB5_ET_KRB5KDC_ERR_TGT_REVOKED, "KRB5KDC_ERR_TGT_REVOKED" },
1297 { KRB5_ET_KRB5KDC_ERR_CLIENT_NOTYET, "KRB5KDC_ERR_CLIENT_NOTYET" },
1298 { KRB5_ET_KRB5KDC_ERR_SERVICE_NOTYET, "KRB5KDC_ERR_SERVICE_NOTYET" },
1299 { KRB5_ET_KRB5KDC_ERR_KEY_EXP, "KRB5KDC_ERR_KEY_EXP" },
1300 { KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED, "KRB5KDC_ERR_PREAUTH_FAILED" },
1301 { KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED, "KRB5KDC_ERR_PREAUTH_REQUIRED" },
1302 { KRB5_ET_KRB5KDC_ERR_SERVER_NOMATCH, "KRB5KDC_ERR_SERVER_NOMATCH" },
1303 { KRB5_ET_KRB5KDC_ERR_MUST_USE_USER2USER, "KRB5KDC_ERR_MUST_USE_USER2USER" },
1304 { KRB5_ET_KRB5KDC_ERR_PATH_NOT_ACCEPTED, "KRB5KDC_ERR_PATH_NOT_ACCEPTED" },
1305 { KRB5_ET_KRB5KDC_ERR_SVC_UNAVAILABLE, "KRB5KDC_ERR_SVC_UNAVAILABLE" },
1306 { KRB5_ET_KRB5KRB_AP_ERR_BAD_INTEGRITY, "KRB5KRB_AP_ERR_BAD_INTEGRITY" },
1307 { KRB5_ET_KRB5KRB_AP_ERR_TKT_EXPIRED, "KRB5KRB_AP_ERR_TKT_EXPIRED" },
1308 { KRB5_ET_KRB5KRB_AP_ERR_TKT_NYV, "KRB5KRB_AP_ERR_TKT_NYV" },
1309 { KRB5_ET_KRB5KRB_AP_ERR_REPEAT, "KRB5KRB_AP_ERR_REPEAT" },
1310 { KRB5_ET_KRB5KRB_AP_ERR_NOT_US, "KRB5KRB_AP_ERR_NOT_US" },
1311 { KRB5_ET_KRB5KRB_AP_ERR_BADMATCH, "KRB5KRB_AP_ERR_BADMATCH" },
1312 { KRB5_ET_KRB5KRB_AP_ERR_SKEW, "KRB5KRB_AP_ERR_SKEW" },
1313 { KRB5_ET_KRB5KRB_AP_ERR_BADADDR, "KRB5KRB_AP_ERR_BADADDR" },
1314 { KRB5_ET_KRB5KRB_AP_ERR_BADVERSION, "KRB5KRB_AP_ERR_BADVERSION" },
1315 { KRB5_ET_KRB5KRB_AP_ERR_MSG_TYPE, "KRB5KRB_AP_ERR_MSG_TYPE" },
1316 { KRB5_ET_KRB5KRB_AP_ERR_MODIFIED, "KRB5KRB_AP_ERR_MODIFIED" },
1317 { KRB5_ET_KRB5KRB_AP_ERR_BADORDER, "KRB5KRB_AP_ERR_BADORDER" },
1318 { KRB5_ET_KRB5KRB_AP_ERR_ILL_CR_TKT, "KRB5KRB_AP_ERR_ILL_CR_TKT" },
1319 { KRB5_ET_KRB5KRB_AP_ERR_BADKEYVER, "KRB5KRB_AP_ERR_BADKEYVER" },
1320 { KRB5_ET_KRB5KRB_AP_ERR_NOKEY, "KRB5KRB_AP_ERR_NOKEY" },
1321 { KRB5_ET_KRB5KRB_AP_ERR_MUT_FAIL, "KRB5KRB_AP_ERR_MUT_FAIL" },
1322 { KRB5_ET_KRB5KRB_AP_ERR_BADDIRECTION, "KRB5KRB_AP_ERR_BADDIRECTION" },
1323 { KRB5_ET_KRB5KRB_AP_ERR_METHOD, "KRB5KRB_AP_ERR_METHOD" },
1324 { KRB5_ET_KRB5KRB_AP_ERR_BADSEQ, "KRB5KRB_AP_ERR_BADSEQ" },
1325 { KRB5_ET_KRB5KRB_AP_ERR_INAPP_CKSUM, "KRB5KRB_AP_ERR_INAPP_CKSUM" },
1326 { KRB5_ET_KRB5KDC_AP_PATH_NOT_ACCEPTED, "KRB5KDC_AP_PATH_NOT_ACCEPTED" },
1327 { KRB5_ET_KRB5KRB_ERR_RESPONSE_TOO_BIG, "KRB5KRB_ERR_RESPONSE_TOO_BIG"},
1328 { KRB5_ET_KRB5KRB_ERR_GENERIC, "KRB5KRB_ERR_GENERIC" },
1329 { KRB5_ET_KRB5KRB_ERR_FIELD_TOOLONG, "KRB5KRB_ERR_FIELD_TOOLONG" },
1330 { KRB5_ET_KDC_ERROR_CLIENT_NOT_TRUSTED, "KDC_ERROR_CLIENT_NOT_TRUSTED" },
1331 { KRB5_ET_KDC_ERROR_KDC_NOT_TRUSTED, "KDC_ERROR_KDC_NOT_TRUSTED" },
1332 { KRB5_ET_KDC_ERROR_INVALID_SIG, "KDC_ERROR_INVALID_SIG" },
1333 { KRB5_ET_KDC_ERR_KEY_TOO_WEAK, "KDC_ERR_KEY_TOO_WEAK" },
1334 { KRB5_ET_KDC_ERR_CERTIFICATE_MISMATCH, "KDC_ERR_CERTIFICATE_MISMATCH" },
1335 { KRB5_ET_KRB_AP_ERR_NO_TGT, "KRB_AP_ERR_NO_TGT" },
1336 { KRB5_ET_KDC_ERR_WRONG_REALM, "KDC_ERR_WRONG_REALM" },
1337 { KRB5_ET_KRB_AP_ERR_USER_TO_USER_REQUIRED, "KRB_AP_ERR_USER_TO_USER_REQUIRED" },
1338 { KRB5_ET_KDC_ERR_CANT_VERIFY_CERTIFICATE, "KDC_ERR_CANT_VERIFY_CERTIFICATE" },
1339 { KRB5_ET_KDC_ERR_INVALID_CERTIFICATE, "KDC_ERR_INVALID_CERTIFICATE" },
1340 { KRB5_ET_KDC_ERR_REVOKED_CERTIFICATE, "KDC_ERR_REVOKED_CERTIFICATE" },
1341 { KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNKNOWN, "KDC_ERR_REVOCATION_STATUS_UNKNOWN" },
1342 { KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, "KDC_ERR_REVOCATION_STATUS_UNAVAILABLE" },
1343 { KRB5_ET_KDC_ERR_CLIENT_NAME_MISMATCH, "KDC_ERR_CLIENT_NAME_MISMATCH" },
1344 { KRB5_ET_KDC_ERR_KDC_NAME_MISMATCH, "KDC_ERR_KDC_NAME_MISMATCH" },
1349 #define PAC_LOGON_INFO 1
1350 #define PAC_CREDENTIAL_TYPE 2
1351 #define PAC_SERVER_CHECKSUM 6
1352 #define PAC_PRIVSVR_CHECKSUM 7
1353 #define PAC_CLIENT_INFO_TYPE 10
1354 #define PAC_S4U_DELEGATION_INFO 11
1355 #define PAC_UPN_DNS_INFO 12
1356 static const value_string w2k_pac_types[] = {
1357 { PAC_LOGON_INFO , "Logon Info" },
1358 { PAC_CREDENTIAL_TYPE , "Credential Type" },
1359 { PAC_SERVER_CHECKSUM , "Server Checksum" },
1360 { PAC_PRIVSVR_CHECKSUM , "Privsvr Checksum" },
1361 { PAC_CLIENT_INFO_TYPE , "Client Info Type" },
1362 { PAC_S4U_DELEGATION_INFO, "S4U Delegation Info" },
1363 { PAC_UPN_DNS_INFO , "UPN DNS Info" },
1368 static const value_string krb5_princ_types[] = {
1369 { KRB5_NT_UNKNOWN , "Unknown" },
1370 { KRB5_NT_PRINCIPAL , "Principal" },
1371 { KRB5_NT_SRV_INST , "Service and Instance" },
1372 { KRB5_NT_SRV_HST , "Service and Host" },
1373 { KRB5_NT_SRV_XHST , "Service and Host Components" },
1374 { KRB5_NT_UID , "Unique ID" },
1375 { KRB5_NT_X500_PRINCIPAL , "Encoded X.509 Distinguished Name" },
1376 { KRB5_NT_SMTP_NAME , "SMTP Name" },
1377 { KRB5_NT_ENTERPRISE , "Enterprise Name" },
1378 { KRB5_NT_MS_PRINCIPAL , "NT 4.0 style name (MS specific)" },
1379 { KRB5_NT_MS_PRINCIPAL_AND_SID , "NT 4.0 style name with SID (MS specific)"},
1380 { KRB5_NT_ENT_PRINCIPAL_AND_SID, "UPN and SID (MS specific)"},
1381 { KRB5_NT_PRINCIPAL_AND_SID , "Principal name and SID (MS specific)"},
1382 { KRB5_NT_SRV_INST_AND_SID , "SPN and SID (MS specific)"},
1387 static const value_string krb5_preauthentication_types[] = {
1388 { KRB5_PA_TGS_REQ , "PA-TGS-REQ" },
1389 { KRB5_PA_ENC_TIMESTAMP , "PA-ENC-TIMESTAMP" },
1390 { KRB5_PA_PW_SALT , "PA-PW-SALT" },
1391 { KRB5_PA_ENC_ENCKEY , "PA-ENC-ENCKEY" },
1392 { KRB5_PA_ENC_UNIX_TIME , "PA-ENC-UNIX-TIME" },
1393 { KRB5_PA_ENC_SANDIA_SECURID , "PA-PW-SALT" },
1394 { KRB5_PA_SESAME , "PA-SESAME" },
1395 { KRB5_PA_OSF_DCE , "PA-OSF-DCE" },
1396 { KRB5_PA_CYBERSAFE_SECUREID , "PA-CYBERSAFE-SECURID" },
1397 { KRB5_PA_AFS3_SALT , "PA-AFS3-SALT" },
1398 { KRB5_PA_ENCTYPE_INFO , "PA-ENCTYPE-INFO" },
1399 { KRB5_PA_ENCTYPE_INFO2 , "PA-ENCTYPE-INFO2" },
1400 { KRB5_PA_SAM_CHALLENGE , "PA-SAM-CHALLENGE" },
1401 { KRB5_PA_SAM_RESPONSE , "PA-SAM-RESPONSE" },
1402 { KRB5_PA_PK_AS_REQ , "PA-PK-AS-REQ" },
1403 { KRB5_PA_PK_AS_REP , "PA-PK-AS-REP" },
1404 { KRB5_PA_DASS , "PA-DASS" },
1405 { KRB5_PA_USE_SPECIFIED_KVNO , "PA-USE-SPECIFIED-KVNO" },
1406 { KRB5_PA_SAM_REDIRECT , "PA-SAM-REDIRECT" },
1407 { KRB5_PA_GET_FROM_TYPED_DATA , "PA-GET-FROM-TYPED-DATA" },
1408 { KRB5_PA_SAM_ETYPE_INFO , "PA-SAM-ETYPE-INFO" },
1409 { KRB5_PA_ALT_PRINC , "PA-ALT-PRINC" },
1410 { KRB5_PA_SAM_CHALLENGE2 , "PA-SAM-CHALLENGE2" },
1411 { KRB5_PA_SAM_RESPONSE2 , "PA-SAM-RESPONSE2" },
1412 { KRB5_TD_PKINIT_CMS_CERTIFICATES, "TD-PKINIT-CMS-CERTIFICATES" },
1413 { KRB5_TD_KRB_PRINCIPAL , "TD-KRB-PRINCIPAL" },
1414 { KRB5_TD_KRB_REALM , "TD-KRB-REALM" },
1415 { KRB5_TD_TRUSTED_CERTIFIERS , "TD-TRUSTED-CERTIFIERS" },
1416 { KRB5_TD_CERTIFICATE_INDEX , "TD-CERTIFICATE-INDEX" },
1417 { KRB5_TD_APP_DEFINED_ERROR , "TD-APP-DEFINED-ERROR" },
1418 { KRB5_TD_REQ_NONCE , "TD-REQ-NONCE" },
1419 { KRB5_TD_REQ_SEQ , "TD-REQ-SEQ" },
1420 { KRB5_PA_PAC_REQUEST , "PA-PAC-REQUEST" },
1421 { KRB5_PA_FOR_USER , "PA-FOR-USER" },
1422 { KRB5_PA_PROV_SRV_LOCATION , "PA-PROV-SRV-LOCATION" },
1427 static const value_string krb5_encryption_types[] = {
1428 { KRB5_ENCTYPE_NULL , "NULL" },
1429 { KRB5_ENCTYPE_DES_CBC_CRC , "des-cbc-crc" },
1430 { KRB5_ENCTYPE_DES_CBC_MD4 , "des-cbc-md4" },
1431 { KRB5_ENCTYPE_DES_CBC_MD5 , "des-cbc-md5" },
1432 { KRB5_ENCTYPE_DES_CBC_RAW , "des-cbc-raw" },
1433 { KRB5_ENCTYPE_DES3_CBC_SHA , "des3-cbc-sha" },
1434 { KRB5_ENCTYPE_DES3_CBC_RAW , "des3-cbc-raw" },
1435 { KRB5_ENCTYPE_DES_HMAC_SHA1 , "des-hmac-sha1" },
1436 { KRB5_ENCTYPE_DSA_SHA1_CMS , "dsa-sha1-cms" },
1437 { KRB5_ENCTYPE_RSA_MD5_CMS , "rsa-md5-cms" },
1438 { KRB5_ENCTYPE_RSA_SHA1_CMS , "rsa-sha1-cms" },
1439 { KRB5_ENCTYPE_RC2_CBC_ENV , "rc2-cbc-env" },
1440 { KRB5_ENCTYPE_RSA_ENV , "rsa-env" },
1441 { KRB5_ENCTYPE_RSA_ES_OEAP_ENV, "rsa-es-oeap-env" },
1442 { KRB5_ENCTYPE_DES_EDE3_CBC_ENV, "des-ede3-cbc-env" },
1443 { KRB5_ENCTYPE_DES3_CBC_SHA1 , "des3-cbc-sha1" },
1444 { KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 , "aes128-cts-hmac-sha1-96" },
1445 { KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 , "aes256-cts-hmac-sha1-96" },
1446 { KRB5_ENCTYPE_DES_CBC_MD5_NT , "des-cbc-md5-nt" },
1447 { KERB_ENCTYPE_RC4_HMAC , "rc4-hmac" },
1448 { KERB_ENCTYPE_RC4_HMAC_EXP , "rc4-hmac-exp" },
1449 { KRB5_ENCTYPE_UNKNOWN , "unknown" },
1450 { KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1 , "local-des3-hmac-sha1" },
1451 { KRB5_ENCTYPE_RC4_PLAIN_EXP , "rc4-plain-exp" },
1452 { KRB5_ENCTYPE_RC4_PLAIN , "rc4-plain" },
1453 { KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP, "rc4-plain-old-exp" },
1454 { KRB5_ENCTYPE_RC4_HMAC_OLD_EXP, "rc4-hmac-old-exp" },
1455 { KRB5_ENCTYPE_RC4_PLAIN_OLD , "rc4-plain-old" },
1456 { KRB5_ENCTYPE_RC4_HMAC_OLD , "rc4-hmac-old" },
1457 { KRB5_ENCTYPE_DES_PLAIN , "des-plain" },
1458 { KRB5_ENCTYPE_RC4_SHA , "rc4-sha" },
1459 { KRB5_ENCTYPE_RC4_LM , "rc4-lm" },
1460 { KRB5_ENCTYPE_RC4_PLAIN2 , "rc4-plain2" },
1461 { KRB5_ENCTYPE_RC4_MD4 , "rc4-md4" },
1465 static const value_string krb5_checksum_types[] = {
1466 { KRB5_CHKSUM_NONE , "none" },
1467 { KRB5_CHKSUM_CRC32 , "crc32" },
1468 { KRB5_CHKSUM_MD4 , "md4" },
1469 { KRB5_CHKSUM_KRB_DES_MAC , "krb-des-mac" },
1470 { KRB5_CHKSUM_KRB_DES_MAC_K , "krb-des-mac-k" },
1471 { KRB5_CHKSUM_MD5 , "md5" },
1472 { KRB5_CHKSUM_MD5_DES , "md5-des" },
1473 { KRB5_CHKSUM_MD5_DES3 , "md5-des3" },
1474 { KRB5_CHKSUM_HMAC_SHA1_DES3_KD, "hmac-sha1-des3-kd" },
1475 { KRB5_CHKSUM_HMAC_SHA1_DES3 , "hmac-sha1-des3" },
1476 { KRB5_CHKSUM_SHA1_UNKEYED , "sha1 (unkeyed)" },
1477 { KRB5_CHKSUM_HMAC_MD5 , "hmac-md5" },
1478 { KRB5_CHKSUM_MD5_HMAC , "md5-hmac" },
1479 { KRB5_CHKSUM_RC4_MD5 , "rc5-md5" },
1480 { KRB5_CHKSUM_MD25 , "md25" },
1481 { KRB5_CHKSUM_DES_MAC_MD5 , "des-mac-md5" },
1482 { KRB5_CHKSUM_DES_MAC , "des-mac" },
1483 { KRB5_CHKSUM_REAL_CRC32 , "real-crc32" },
1484 { KRB5_CHKSUM_SHA1 , "sha1" },
1485 { KRB5_CHKSUM_LM , "lm" },
1486 { KRB5_CHKSUM_GSSAPI , "gssapi-8003" },
1491 #define KRB5_AD_IF_RELEVANT 1
1492 #define KRB5_AD_INTENDED_FOR_SERVER 2
1493 #define KRB5_AD_INTENDED_FOR_APPLICATION_CLASS 3
1494 #define KRB5_AD_KDC_ISSUED 4
1495 #define KRB5_AD_OR 5
1496 #define KRB5_AD_MANDATORY_TICKET_EXTENSIONS 6
1497 #define KRB5_AD_IN_TICKET_EXTENSIONS 7
1498 #define KRB5_AD_MANDATORY_FOR_KDC 8
1499 #define KRB5_AD_OSF_DCE 64
1500 #define KRB5_AD_SESAME 65
1501 #define KRB5_AD_OSF_DCE_PKI_CERTID 66
1502 #define KRB5_AD_WIN2K_PAC 128
1503 #define KRB5_AD_SIGNTICKET 0xffffffef
1505 static const value_string krb5_ad_types[] = {
1506 { KRB5_AD_IF_RELEVANT , "AD-IF-RELEVANT" },
1507 { KRB5_AD_INTENDED_FOR_SERVER , "AD-Intended-For-Server" },
1508 { KRB5_AD_INTENDED_FOR_APPLICATION_CLASS , "AD-Intended-For-Application-Class" },
1509 { KRB5_AD_KDC_ISSUED , "AD-KDCIssued" },
1510 { KRB5_AD_OR , "AD-AND-OR" },
1511 { KRB5_AD_MANDATORY_TICKET_EXTENSIONS , "AD-Mandatory-Ticket-Extensions" },
1512 { KRB5_AD_IN_TICKET_EXTENSIONS , "AD-IN-Ticket-Extensions" },
1513 { KRB5_AD_MANDATORY_FOR_KDC , "AD-MANDATORY-FOR-KDC" },
1514 { KRB5_AD_OSF_DCE , "AD-OSF-DCE" },
1515 { KRB5_AD_SESAME , "AD-SESAME" },
1516 { KRB5_AD_OSF_DCE_PKI_CERTID , "AD-OSF-DCE-PKI-CertID" },
1517 { KRB5_AD_WIN2K_PAC , "AD-Win2k-PAC" },
1518 { KRB5_AD_SIGNTICKET , "AD-SignTicket" },
1522 static const value_string krb5_transited_types[] = {
1523 { 1 , "DOMAIN-X500-COMPRESS" },
1528 static const value_string krb5_msg_types[] = {
1529 { KRB5_MSG_TICKET, "Ticket" },
1530 { KRB5_MSG_AUTHENTICATOR, "Authenticator" },
1531 { KRB5_MSG_ENC_TICKET_PART, "EncTicketPart" },
1532 { KRB5_MSG_TGS_REQ, "TGS-REQ" },
1533 { KRB5_MSG_TGS_REP, "TGS-REP" },
1534 { KRB5_MSG_AS_REQ, "AS-REQ" },
1535 { KRB5_MSG_AS_REP, "AS-REP" },
1536 { KRB5_MSG_AP_REQ, "AP-REQ" },
1537 { KRB5_MSG_AP_REP, "AP-REP" },
1538 { KRB5_MSG_SAFE, "KRB-SAFE" },
1539 { KRB5_MSG_PRIV, "KRB-PRIV" },
1540 { KRB5_MSG_CRED, "KRB-CRED" },
1541 { KRB5_MSG_ENC_AS_REP_PART, "EncASRepPart" },
1542 { KRB5_MSG_ENC_TGS_REP_PART, "EncTGSRepPart" },
1543 { KRB5_MSG_ENC_AP_REP_PART, "EncAPRepPart" },
1544 { KRB5_MSG_ENC_KRB_PRIV_PART, "EncKrbPrivPart" },
1545 { KRB5_MSG_ENC_KRB_CRED_PART, "EncKrbCredPart" },
1546 { KRB5_MSG_ERROR, "KRB-ERROR" },
1550 #define KRB5_GSS_C_DELEG_FLAG 0x01
1551 #define KRB5_GSS_C_MUTUAL_FLAG 0x02
1552 #define KRB5_GSS_C_REPLAY_FLAG 0x04
1553 #define KRB5_GSS_C_SEQUENCE_FLAG 0x08
1554 #define KRB5_GSS_C_CONF_FLAG 0x10
1555 #define KRB5_GSS_C_INTEG_FLAG 0x20
1556 #define KRB5_GSS_C_DCE_STYLE 0x1000
1558 static const true_false_string tfs_gss_flags_deleg = {
1559 "Delegate credentials to remote peer",
1562 static const true_false_string tfs_gss_flags_mutual = {
1563 "Request that remote peer authenticates itself",
1564 "Mutual authentication NOT required"
1566 static const true_false_string tfs_gss_flags_replay = {
1567 "Enable replay protection for signed or sealed messages",
1568 "Do NOT enable replay protection"
1570 static const true_false_string tfs_gss_flags_sequence = {
1571 "Enable Out-of-sequence detection for sign or sealed messages",
1572 "Do NOT enable out-of-sequence detection"
1574 static const true_false_string tfs_gss_flags_conf = {
1575 "Confidentiality (sealing) may be invoked",
1576 "Do NOT use Confidentiality (sealing)"
1578 static const true_false_string tfs_gss_flags_integ = {
1579 "Integrity protection (signing) may be invoked",
1580 "Do NOT use integrity protection"
1583 static const true_false_string tfs_gss_flags_dce_style = {
1585 "Not using DCE-STYLE"
1588 #ifdef HAVE_KERBEROS
1590 dissect_krb5_decrypt_ticket_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1591 proto_tree *tree, int hf_index _U_)
1595 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1598 next_tvb=tvb_new_subset_remaining(tvb, offset);
1599 length=tvb_captured_length_remaining(tvb, offset);
1601 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1603 * All Ticket encrypted parts use usage == 2
1605 plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, next_tvb, private_data->etype, NULL);
1608 tvbuff_t *child_tvb;
1609 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1610 tvb_set_free_cb(child_tvb, g_free);
1612 /* Add the decrypted data to the data source list. */
1613 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1615 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1621 dissect_krb5_decrypt_authenticator_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1622 proto_tree *tree, int hf_index _U_)
1626 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1629 next_tvb=tvb_new_subset_remaining(tvb, offset);
1630 length=tvb_captured_length_remaining(tvb, offset);
1632 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1634 * Authenticators are encrypted with usage
1638 plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, next_tvb, private_data->etype, NULL);
1641 plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, next_tvb, private_data->etype, NULL);
1645 tvbuff_t *child_tvb;
1646 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1647 tvb_set_free_cb(child_tvb, g_free);
1649 /* Add the decrypted data to the data source list. */
1650 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1652 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1658 dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1659 proto_tree *tree, int hf_index _U_)
1663 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1666 next_tvb=tvb_new_subset_remaining(tvb, offset);
1667 length=tvb_captured_length_remaining(tvb, offset);
1669 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1671 * ASREP/TGSREP encryptedparts are encrypted with usage
1676 plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, next_tvb, private_data->etype, NULL);
1679 plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, next_tvb, private_data->etype, NULL);
1683 plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, next_tvb, private_data->etype, NULL);
1687 tvbuff_t *child_tvb;
1688 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1689 tvb_set_free_cb(child_tvb, g_free);
1691 /* Add the decrypted data to the data source list. */
1692 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1694 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1700 dissect_krb5_decrypt_PA_ENC_TIMESTAMP (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1701 proto_tree *tree, int hf_index _U_)
1705 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1708 next_tvb=tvb_new_subset_remaining(tvb, offset);
1709 length=tvb_captured_length_remaining(tvb, offset);
1711 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1713 * AS-REQ PA_ENC_TIMESTAMP are encrypted with usage
1716 plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, next_tvb, private_data->etype, NULL);
1719 tvbuff_t *child_tvb;
1720 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1721 tvb_set_free_cb(child_tvb, g_free);
1723 /* Add the decrypted data to the data source list. */
1724 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1726 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1732 dissect_krb5_decrypt_AP_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1733 proto_tree *tree, int hf_index _U_)
1737 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1740 next_tvb=tvb_new_subset_remaining(tvb, offset);
1741 length=tvb_captured_length_remaining(tvb, offset);
1743 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1745 * AP-REP are encrypted with usage == 12
1747 plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, next_tvb, private_data->etype, NULL);
1750 tvbuff_t *child_tvb;
1751 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1752 tvb_set_free_cb(child_tvb, g_free);
1754 /* Add the decrypted data to the data source list. */
1755 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1757 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1763 dissect_krb5_decrypt_PRIV_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1764 proto_tree *tree, int hf_index _U_)
1768 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1771 next_tvb=tvb_new_subset_remaining(tvb, offset);
1772 length=tvb_captured_length_remaining(tvb, offset);
1775 * EncKrbPrivPart encrypted with usage
1778 plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, next_tvb, private_data->etype, NULL);
1781 tvbuff_t *child_tvb;
1782 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1783 tvb_set_free_cb(child_tvb, g_free);
1785 /* Add the decrypted data to the data source list. */
1786 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1788 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1794 dissect_krb5_decrypt_CRED_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1795 proto_tree *tree, int hf_index _U_)
1799 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1802 next_tvb=tvb_new_subset_remaining(tvb, offset);
1803 length=tvb_captured_length_remaining(tvb, offset);
1806 * EncKrbCredPart encrypted with usage
1809 plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, next_tvb, private_data->etype, NULL);
1812 tvbuff_t *child_tvb;
1813 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1814 tvb_set_free_cb(child_tvb, g_free);
1816 /* Add the decrypted data to the data source list. */
1817 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1819 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1825 /* Dissect a GSSAPI checksum as per RFC1964. This is NOT ASN.1 encoded.
1828 dissect_krb5_rfc1964_checksum(asn1_ctx_t *actx _U_, proto_tree *tree, tvbuff_t *tvb)
1834 /* Length of Bnd field */
1835 len=tvb_get_letohl(tvb, offset);
1836 proto_tree_add_item(tree, hf_krb_gssapi_len, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1840 proto_tree_add_item(tree, hf_krb_gssapi_bnd, tvb, offset, len, ENC_NA);
1845 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_dce_style, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1846 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_integ, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1847 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_conf, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1848 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_sequence, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1849 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_replay, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1850 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_mutual, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1851 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_deleg, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1854 /* the next fields are optional so we have to check that we have
1855 * more data in our buffers */
1856 if(tvb_reported_length_remaining(tvb, offset)<2){
1859 /* dlgopt identifier */
1860 proto_tree_add_item(tree, hf_krb_gssapi_dlgopt, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1863 if(tvb_reported_length_remaining(tvb, offset)<2){
1866 /* dlglen identifier */
1867 dlglen=tvb_get_letohs(tvb, offset);
1868 proto_tree_add_item(tree, hf_krb_gssapi_dlglen, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1871 if(dlglen!=tvb_reported_length_remaining(tvb, offset)){
1872 proto_tree_add_expert_format(tree, actx->pinfo, &ei_krb_gssapi_dlglen, tvb, 0, 0,
1873 "Error: DlgLen:%d is not the same as number of bytes remaining:%d", dlglen, tvb_captured_length_remaining(tvb, offset));
1877 /* this should now be a KRB_CRED message */
1878 offset=dissect_kerberos_Applications(FALSE, tvb, offset, actx, tree, /* hf_index */ -1);
1884 dissect_krb5_PA_PROV_SRV_LOCATION(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_)
1886 offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_provsrv_location, NULL, 0);
1892 dissect_krb5_PW_SALT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_)
1896 /* Microsoft stores a special 12 byte blob here
1900 * decode everything as this blob for now until we see if anyone
1901 * else ever uses it or we learn how to tell whether this
1902 * is such an MS blob or not.
1904 proto_tree_add_item(tree, hf_krb_smb_nt_status, tvb, offset, 4,
1906 nt_status=tvb_get_letohl(tvb, offset);
1908 col_append_fstr(actx->pinfo->cinfo, COL_INFO,
1910 val_to_str(nt_status, NT_errors,
1911 "Unknown error code %#x"));
1915 proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
1919 proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
1927 dissect_krb5_PAC_DREP(proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 *drep)
1932 tree = proto_tree_add_subtree(parent_tree, tvb, offset, 16, ett_krb_pac_drep, NULL, "DREP");
1934 val = tvb_get_guint8(tvb, offset);
1935 proto_tree_add_uint(tree, hf_dcerpc_drep_byteorder, tvb, offset, 1, val>>4);
1946 /* This might be some sort of header that MIDL generates when creating
1947 * marshalling/unmarshalling code for blobs that are not to be transported
1948 * ontop of DCERPC and where the DREP fields specifying things such as
1949 * endianess and similar are not available.
1952 dissect_krb5_PAC_NDRHEADERBLOB(proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 *drep, asn1_ctx_t *actx _U_)
1956 tree = proto_tree_add_subtree(parent_tree, tvb, offset, 16, ett_krb_pac_midl_blob, NULL, "MES header");
1958 /* modified DREP field that is used for stuff that is transporetd ontop
1961 proto_tree_add_item(tree, hf_krb_midl_version, tvb, offset, 1, ENC_LITTLE_ENDIAN);
1964 offset = dissect_krb5_PAC_DREP(tree, tvb, offset, drep);
1967 proto_tree_add_item(tree, hf_krb_midl_hdr_len, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1970 proto_tree_add_item(tree, hf_krb_midl_fill_bytes, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1973 /* length of blob that follows */
1974 proto_tree_add_item(tree, hf_krb_midl_blob_len, tvb, offset, 8, ENC_LITTLE_ENDIAN);
1981 dissect_krb5_PAC_LOGON_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
1985 guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */
1986 static dcerpc_info di; /* fake dcerpc_info struct */
1987 static dcerpc_call_value call_data;
1989 item = proto_tree_add_item(parent_tree, hf_krb_pac_logon_info, tvb, offset, -1, ENC_NA);
1990 tree = proto_item_add_subtree(item, ett_krb_pac_logon_info);
1992 /* skip the first 16 bytes, they are some magic created by the idl
1993 * compiler the first 4 bytes might be flags?
1995 offset = dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
1997 /* the PAC_LOGON_INFO blob */
1998 /* fake whatever state the dcerpc runtime support needs */
1999 di.conformant_run=0;
2000 /* we need di->call_data->flags.NDR64 == 0 */
2001 di.call_data=&call_data;
2002 init_ndr_pointer_list(&di);
2003 offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, &di, drep,
2004 netlogon_dissect_PAC_LOGON_INFO, NDR_POINTER_UNIQUE,
2005 "PAC_LOGON_INFO:", -1);
2011 dissect_krb5_PAC_S4U_DELEGATION_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx)
2015 guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */
2016 static dcerpc_info di; /* fake dcerpc_info struct */
2017 static dcerpc_call_value call_data;
2019 item = proto_tree_add_item(parent_tree, hf_krb_pac_s4u_delegation_info, tvb, offset, -1, ENC_NA);
2020 tree = proto_item_add_subtree(item, ett_krb_pac_s4u_delegation_info);
2022 /* skip the first 16 bytes, they are some magic created by the idl
2023 * compiler the first 4 bytes might be flags?
2025 offset = dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
2028 /* the S4U_DELEGATION_INFO blob. See [MS-PAC] */
2029 /* fake whatever state the dcerpc runtime support needs */
2030 di.conformant_run=0;
2031 /* we need di->call_data->flags.NDR64 == 0 */
2032 di.call_data=&call_data;
2033 init_ndr_pointer_list(&di);
2034 offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, &di, drep,
2035 netlogon_dissect_PAC_S4U_DELEGATION_INFO, NDR_POINTER_UNIQUE,
2036 "PAC_S4U_DELEGATION_INFO:", -1);
2042 dissect_krb5_PAC_UPN_DNS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2046 guint16 dns_offset, dns_len;
2047 guint16 upn_offset, upn_len;
2052 item = proto_tree_add_item(parent_tree, hf_krb_pac_upn_dns_info, tvb, offset, -1, ENC_NA);
2053 tree = proto_item_add_subtree(item, ett_krb_pac_upn_dns_info);
2056 upn_len = tvb_get_letohs(tvb, offset);
2057 proto_tree_add_item(tree, hf_krb_pac_upn_upn_len, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2059 upn_offset = tvb_get_letohs(tvb, offset);
2060 proto_tree_add_item(tree, hf_krb_pac_upn_upn_offset, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2064 dns_len = tvb_get_letohs(tvb, offset);
2065 proto_tree_add_item(tree, hf_krb_pac_upn_dns_len, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2067 dns_offset = tvb_get_letohs(tvb, offset);
2068 proto_tree_add_item(tree, hf_krb_pac_upn_dns_offset, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2072 proto_tree_add_item(tree, hf_krb_pac_upn_flags, tvb, offset, 4, ENC_LITTLE_ENDIAN);
2075 offset = upn_offset;
2077 bc = tvb_reported_length_remaining(tvb, offset);
2078 dn = get_unicode_or_ascii_string(tvb, &offset, TRUE, &dn_len, TRUE, TRUE, &bc);
2079 proto_tree_add_string(tree, hf_krb_pac_upn_upn_name, tvb, upn_offset, upn_len, dn);
2082 offset = dns_offset;
2084 bc = tvb_reported_length_remaining(tvb, offset);
2085 dn = get_unicode_or_ascii_string(tvb, &offset, TRUE, &dn_len, TRUE, TRUE, &bc);
2086 proto_tree_add_string(tree, hf_krb_pac_upn_dns_name, tvb, dns_offset, dns_len, dn);
2092 dissect_krb5_PAC_CREDENTIAL_TYPE(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2094 proto_tree_add_item(parent_tree, hf_krb_pac_credential_type, tvb, offset, -1, ENC_NA);
2100 dissect_krb5_PAC_SERVER_CHECKSUM(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2105 item = proto_tree_add_item(parent_tree, hf_krb_pac_server_checksum, tvb, offset, -1, ENC_NA);
2106 tree = proto_item_add_subtree(item, ett_krb_pac_server_checksum);
2108 /* signature type */
2109 proto_tree_add_item(tree, hf_krb_pac_signature_type, tvb, offset, 4, ENC_LITTLE_ENDIAN);
2112 /* signature data */
2113 proto_tree_add_item(tree, hf_krb_pac_signature_signature, tvb, offset, -1, ENC_NA);
2119 dissect_krb5_PAC_PRIVSVR_CHECKSUM(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2124 item = proto_tree_add_item(parent_tree, hf_krb_pac_privsvr_checksum, tvb, offset, -1, ENC_NA);
2125 tree = proto_item_add_subtree(item, ett_krb_pac_privsvr_checksum);
2127 /* signature type */
2128 proto_tree_add_item(tree, hf_krb_pac_signature_type, tvb, offset, 4, ENC_LITTLE_ENDIAN);
2131 /* signature data */
2132 proto_tree_add_item(tree, hf_krb_pac_signature_signature, tvb, offset, -1, ENC_NA);
2138 dissect_krb5_PAC_CLIENT_INFO_TYPE(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2144 item = proto_tree_add_item(parent_tree, hf_krb_pac_client_info_type, tvb, offset, -1, ENC_NA);
2145 tree = proto_item_add_subtree(item, ett_krb_pac_client_info_type);
2148 offset = dissect_nt_64bit_time(tvb, tree, offset, hf_krb_pac_clientid);
2151 namelen=tvb_get_letohs(tvb, offset);
2152 proto_tree_add_uint(tree, hf_krb_pac_namelen, tvb, offset, 2, namelen);
2156 proto_tree_add_item(tree, hf_krb_pac_clientname, tvb, offset, namelen, ENC_UTF_16|ENC_LITTLE_ENDIAN);
2163 dissect_krb5_AD_WIN2K_PAC_struct(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx)
2168 proto_item *it=NULL;
2169 proto_tree *tr=NULL;
2172 /* type of pac data */
2173 pac_type=tvb_get_letohl(tvb, offset);
2174 it=proto_tree_add_uint(tree, hf_krb_w2k_pac_type, tvb, offset, 4, pac_type);
2175 tr=proto_item_add_subtree(it, ett_krb_pac);
2179 /* size of pac data */
2180 pac_size=tvb_get_letohl(tvb, offset);
2181 proto_tree_add_uint(tr, hf_krb_w2k_pac_size, tvb, offset, 4, pac_size);
2184 /* offset to pac data */
2185 pac_offset=tvb_get_letohl(tvb, offset);
2186 proto_tree_add_uint(tr, hf_krb_w2k_pac_offset, tvb, offset, 4, pac_offset);
2189 next_tvb=tvb_new_subset(tvb, pac_offset, pac_size, pac_size);
2191 case PAC_LOGON_INFO:
2192 dissect_krb5_PAC_LOGON_INFO(tr, next_tvb, 0, actx);
2194 case PAC_CREDENTIAL_TYPE:
2195 dissect_krb5_PAC_CREDENTIAL_TYPE(tr, next_tvb, 0, actx);
2197 case PAC_SERVER_CHECKSUM:
2198 dissect_krb5_PAC_SERVER_CHECKSUM(tr, next_tvb, 0, actx);
2200 case PAC_PRIVSVR_CHECKSUM:
2201 dissect_krb5_PAC_PRIVSVR_CHECKSUM(tr, next_tvb, 0, actx);
2203 case PAC_CLIENT_INFO_TYPE:
2204 dissect_krb5_PAC_CLIENT_INFO_TYPE(tr, next_tvb, 0, actx);
2206 case PAC_S4U_DELEGATION_INFO:
2207 dissect_krb5_PAC_S4U_DELEGATION_INFO(tr, next_tvb, 0, actx);
2209 case PAC_UPN_DNS_INFO:
2210 dissect_krb5_PAC_UPN_DNS_INFO(tr, next_tvb, 0, actx);
2220 dissect_krb5_AD_WIN2K_PAC(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_)
2226 /* first in the PAC structure comes the number of entries */
2227 entries=tvb_get_letohl(tvb, offset);
2228 proto_tree_add_uint(tree, hf_krb_w2k_pac_entries, tvb, offset, 4, entries);
2231 /* second comes the version */
2232 version=tvb_get_letohl(tvb, offset);
2233 proto_tree_add_uint(tree, hf_krb_w2k_pac_version, tvb, offset, 4, version);
2236 for(i=0;i<entries;i++){
2237 offset=dissect_krb5_AD_WIN2K_PAC_struct(tree, tvb, offset, actx);
2244 /*--- Included file: packet-kerberos-fn.c ---*/
2245 #line 1 "./asn1/kerberos/packet-kerberos-fn.c"
2249 dissect_kerberos_INTEGER_5(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2250 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2259 dissect_kerberos_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2260 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
2261 actx, tree, tvb, offset, hf_index,
2270 dissect_kerberos_Realm(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2271 offset = dissect_kerberos_KerberosString(implicit_tag, tvb, offset, actx, tree, hf_index);
2277 static const value_string kerberos_NAME_TYPE_vals[] = {
2278 { 0, "kRB5-NT-UNKNOWN" },
2279 { 1, "kRB5-NT-PRINCIPAL" },
2280 { 2, "kRB5-NT-SRV-INST" },
2281 { 3, "kRB5-NT-SRV-HST" },
2282 { 4, "kRB5-NT-SRV-XHST" },
2283 { 5, "kRB5-NT-UID" },
2284 { 6, "kRB5-NT-X500-PRINCIPAL" },
2285 { 7, "kRB5-NT-SMTP-NAME" },
2286 { 10, "kRB5-NT-ENTERPRISE-PRINCIPAL" },
2287 { -130, "kRB5-NT-ENT-PRINCIPAL-AND-ID" },
2288 { -128, "kRB5-NT-MS-PRINCIPAL" },
2289 { -129, "kRB5-NT-MS-PRINCIPAL-AND-ID" },
2295 dissect_kerberos_NAME_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2296 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2305 dissect_kerberos_SNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2306 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
2307 actx, tree, tvb, offset, hf_index,
2314 static const ber_sequence_t SEQUENCE_OF_SNameString_sequence_of[1] = {
2315 { &hf_kerberos_sname_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_SNameString },
2319 dissect_kerberos_SEQUENCE_OF_SNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2320 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2321 SEQUENCE_OF_SNameString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_SNameString);
2327 static const ber_sequence_t SName_sequence[] = {
2328 { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
2329 { &hf_kerberos_sname_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_SNameString },
2330 { NULL, 0, 0, 0, NULL }
2334 dissect_kerberos_SName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2335 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2336 SName_sequence, hf_index, ett_kerberos_SName);
2342 static const value_string kerberos_ENCTYPE_vals[] = {
2343 { 0, "eTYPE-NULL" },
2344 { 1, "eTYPE-DES-CBC-CRC" },
2345 { 2, "eTYPE-DES-CBC-MD4" },
2346 { 3, "eTYPE-DES-CBC-MD5" },
2347 { 5, "eTYPE-DES3-CBC-MD5" },
2348 { 7, "eTYPE-OLD-DES3-CBC-SHA1" },
2349 { 8, "eTYPE-SIGN-DSA-GENERATE" },
2350 { 9, "eTYPE-DSA-SHA1" },
2351 { 10, "eTYPE-RSA-MD5" },
2352 { 11, "eTYPE-RSA-SHA1" },
2353 { 12, "eTYPE-RC2-CBC" },
2354 { 13, "eTYPE-RSA" },
2355 { 14, "eTYPE-RSAES-OAEP" },
2356 { 15, "eTYPE-DES-EDE3-CBC" },
2357 { 16, "eTYPE-DES3-CBC-SHA1" },
2358 { 17, "eTYPE-AES128-CTS-HMAC-SHA1-96" },
2359 { 18, "eTYPE-AES256-CTS-HMAC-SHA1-96" },
2360 { 23, "eTYPE-ARCFOUR-HMAC-MD5" },
2361 { 24, "eTYPE-ARCFOUR-HMAC-MD5-56" },
2362 { 25, "eTYPE-CAMELLIA128-CTS-CMAC" },
2363 { 26, "eTYPE-CAMELLIA256-CTS-CMAC" },
2364 { 48, "eTYPE-ENCTYPE-PK-CROSS" },
2365 { -128, "eTYPE-ARCFOUR-MD4" },
2366 { -133, "eTYPE-ARCFOUR-HMAC-OLD" },
2367 { -135, "eTYPE-ARCFOUR-HMAC-OLD-EXP" },
2368 { -4096, "eTYPE-DES-CBC-NONE" },
2369 { -4097, "eTYPE-DES3-CBC-NONE" },
2370 { -4098, "eTYPE-DES-CFB64-NONE" },
2371 { -4099, "eTYPE-DES-PCBC-NONE" },
2372 { -4100, "eTYPE-DIGEST-MD5-NONE" },
2373 { -4101, "eTYPE-CRAM-MD5-NONE" },
2379 dissect_kerberos_ENCTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2380 #line 225 "./asn1/kerberos/kerberos.cnf"
2381 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2382 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2383 &(private_data->etype));
2394 dissect_kerberos_UInt32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2395 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2404 dissect_kerberos_T_encryptedTicketData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2405 #line 229 "./asn1/kerberos/kerberos.cnf"
2406 #ifdef HAVE_KERBEROS
2407 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_ticket_data);
2409 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2421 static const ber_sequence_t EncryptedTicketData_sequence[] = {
2422 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
2423 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2424 { &hf_kerberos_encryptedTicketData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedTicketData_cipher },
2425 { NULL, 0, 0, 0, NULL }
2429 dissect_kerberos_EncryptedTicketData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2430 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2431 EncryptedTicketData_sequence, hf_index, ett_kerberos_EncryptedTicketData);
2437 static const ber_sequence_t Ticket_U_sequence[] = {
2438 { &hf_kerberos_tkt_vno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2439 { &hf_kerberos_realm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
2440 { &hf_kerberos_sname , BER_CLASS_CON, 2, 0, dissect_kerberos_SName },
2441 { &hf_kerberos_ticket_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedTicketData },
2442 { NULL, 0, 0, 0, NULL }
2446 dissect_kerberos_Ticket_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2447 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2448 Ticket_U_sequence, hf_index, ett_kerberos_Ticket_U);
2456 dissect_kerberos_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2457 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2458 hf_index, BER_CLASS_APP, 1, FALSE, dissect_kerberos_Ticket_U);
2466 dissect_kerberos_CNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2467 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
2468 actx, tree, tvb, offset, hf_index,
2475 static const ber_sequence_t SEQUENCE_OF_CNameString_sequence_of[1] = {
2476 { &hf_kerberos_cname_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_CNameString },
2480 dissect_kerberos_SEQUENCE_OF_CNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2481 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2482 SEQUENCE_OF_CNameString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_CNameString);
2488 static const ber_sequence_t CName_sequence[] = {
2489 { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
2490 { &hf_kerberos_cname_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_CNameString },
2491 { NULL, 0, 0, 0, NULL }
2495 dissect_kerberos_CName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2496 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2497 CName_sequence, hf_index, ett_kerberos_CName);
2503 static const value_string kerberos_CKSUMTYPE_vals[] = {
2504 { 0, "cKSUMTYPE-NONE" },
2505 { 1, "cKSUMTYPE-CRC32" },
2506 { 2, "cKSUMTYPE-RSA-MD4" },
2507 { 3, "cKSUMTYPE-RSA-MD4-DES" },
2508 { 4, "cKSUMTYPE-DES-MAC" },
2509 { 5, "cKSUMTYPE-DES-MAC-K" },
2510 { 6, "cKSUMTYPE-RSA-MD4-DES-K" },
2511 { 7, "cKSUMTYPE-RSA-MD5" },
2512 { 8, "cKSUMTYPE-RSA-MD5-DES" },
2513 { 9, "cKSUMTYPE-RSA-MD5-DES3" },
2514 { 10, "cKSUMTYPE-SHA1-OTHER" },
2515 { 12, "cKSUMTYPE-HMAC-SHA1-DES3-KD" },
2516 { 13, "cKSUMTYPE-HMAC-SHA1-DES3" },
2517 { 14, "cKSUMTYPE-SHA1" },
2518 { 15, "cKSUMTYPE-HMAC-SHA1-96-AES-128" },
2519 { 16, "cKSUMTYPE-HMAC-SHA1-96-AES-256" },
2520 { 17, "cKSUMTYPE-CMAC-CAMELLIA128" },
2521 { 18, "cKSUMTYPE-CMAC-CAMELLIA256" },
2522 { 32771, "cKSUMTYPE-GSSAPI" },
2523 { -138, "cKSUMTYPE-HMAC-MD5" },
2524 { -1138, "cKSUMTYPE-HMAC-MD5-ENC" },
2530 dissect_kerberos_CKSUMTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2531 #line 286 "./asn1/kerberos/kerberos.cnf"
2532 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2533 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2534 &(private_data->checksum_type));
2545 dissect_kerberos_T_checksum(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2546 #line 290 "./asn1/kerberos/kerberos.cnf"
2548 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2550 switch(private_data->checksum_type){
2551 case KRB5_CHKSUM_GSSAPI:
2552 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &next_tvb);
2553 dissect_krb5_rfc1964_checksum(actx, tree, next_tvb);
2556 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, NULL);
2566 static const ber_sequence_t Checksum_sequence[] = {
2567 { &hf_kerberos_cksumtype , BER_CLASS_CON, 0, 0, dissect_kerberos_CKSUMTYPE },
2568 { &hf_kerberos_checksum , BER_CLASS_CON, 1, 0, dissect_kerberos_T_checksum },
2569 { NULL, 0, 0, 0, NULL }
2573 dissect_kerberos_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2574 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2575 Checksum_sequence, hf_index, ett_kerberos_Checksum);
2583 dissect_kerberos_Microseconds(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2584 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2593 dissect_kerberos_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2594 offset = dissect_ber_GeneralizedTime(implicit_tag, actx, tree, tvb, offset, hf_index);
2602 dissect_kerberos_Int32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2603 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2612 dissect_kerberos_T_keytype(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2613 #line 304 "./asn1/kerberos/kerberos.cnf"
2614 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2616 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2618 private_data->key.keytype = gbl_keytype;
2628 dissect_kerberos_T_keyvalue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2629 #line 311 "./asn1/kerberos/kerberos.cnf"
2631 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2633 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2637 private_data->key.keylength = tvb_reported_length(out_tvb);
2638 private_data->key.keyvalue = tvb_get_ptr(out_tvb, 0, private_data->key.keylength);
2646 static const ber_sequence_t EncryptionKey_sequence[] = {
2647 { &hf_kerberos_keytype , BER_CLASS_CON, 0, 0, dissect_kerberos_T_keytype },
2648 { &hf_kerberos_keyvalue , BER_CLASS_CON, 1, 0, dissect_kerberos_T_keyvalue },
2649 { NULL, 0, 0, 0, NULL }
2653 dissect_kerberos_EncryptionKey(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2654 #line 320 "./asn1/kerberos/kerberos.cnf"
2655 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2657 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2658 EncryptionKey_sequence, hf_index, ett_kerberos_EncryptionKey);
2661 if (private_data->key.keytype != 0) {
2662 #ifdef HAVE_KERBEROS
2663 add_encryption_key(actx->pinfo, private_data->key.keytype, private_data->key.keylength, private_data->key.keyvalue, "key");
2675 dissect_kerberos_T_ad_type(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2676 #line 331 "./asn1/kerberos/kerberos.cnf"
2677 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2678 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2679 &(private_data->ad_type));
2688 dissect_kerberos_T_ad_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2689 #line 338 "./asn1/kerberos/kerberos.cnf"
2690 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2692 switch(private_data->ad_type){
2693 case KRB5_AD_WIN2K_PAC:
2694 offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_krb5_AD_WIN2K_PAC);
2696 case KRB5_AD_IF_RELEVANT:
2697 offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_kerberos_AD_IF_RELEVANT);
2700 offset=dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
2709 static const ber_sequence_t AuthorizationData_item_sequence[] = {
2710 { &hf_kerberos_ad_type , BER_CLASS_CON, 0, 0, dissect_kerberos_T_ad_type },
2711 { &hf_kerberos_ad_data , BER_CLASS_CON, 1, 0, dissect_kerberos_T_ad_data },
2712 { NULL, 0, 0, 0, NULL }
2716 dissect_kerberos_AuthorizationData_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2717 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2718 AuthorizationData_item_sequence, hf_index, ett_kerberos_AuthorizationData_item);
2724 static const ber_sequence_t AuthorizationData_sequence_of[1] = {
2725 { &hf_kerberos_AuthorizationData_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_AuthorizationData_item },
2729 dissect_kerberos_AuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2730 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2731 AuthorizationData_sequence_of, hf_index, ett_kerberos_AuthorizationData);
2737 static const ber_sequence_t Authenticator_U_sequence[] = {
2738 { &hf_kerberos_authenticator_vno, BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2739 { &hf_kerberos_crealm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
2740 { &hf_kerberos_cname , BER_CLASS_CON, 2, 0, dissect_kerberos_CName },
2741 { &hf_kerberos_cksum , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum },
2742 { &hf_kerberos_cusec , BER_CLASS_CON, 4, 0, dissect_kerberos_Microseconds },
2743 { &hf_kerberos_ctime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
2744 { &hf_kerberos_subkey , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptionKey },
2745 { &hf_kerberos_seq_number , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2746 { &hf_kerberos_authorization_data, BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_AuthorizationData },
2747 { NULL, 0, 0, 0, NULL }
2751 dissect_kerberos_Authenticator_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2752 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2753 Authenticator_U_sequence, hf_index, ett_kerberos_Authenticator_U);
2761 dissect_kerberos_Authenticator(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2762 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2763 hf_index, BER_CLASS_APP, 2, FALSE, dissect_kerberos_Authenticator_U);
2769 static const asn_namedbit TicketFlags_bits[] = {
2770 { 0, &hf_kerberos_TicketFlags_reserved, -1, -1, "reserved", NULL },
2771 { 1, &hf_kerberos_TicketFlags_forwardable, -1, -1, "forwardable", NULL },
2772 { 2, &hf_kerberos_TicketFlags_forwarded, -1, -1, "forwarded", NULL },
2773 { 3, &hf_kerberos_TicketFlags_proxiable, -1, -1, "proxiable", NULL },
2774 { 4, &hf_kerberos_TicketFlags_proxy, -1, -1, "proxy", NULL },
2775 { 5, &hf_kerberos_TicketFlags_may_postdate, -1, -1, "may-postdate", NULL },
2776 { 6, &hf_kerberos_TicketFlags_postdated, -1, -1, "postdated", NULL },
2777 { 7, &hf_kerberos_TicketFlags_invalid, -1, -1, "invalid", NULL },
2778 { 8, &hf_kerberos_TicketFlags_renewable, -1, -1, "renewable", NULL },
2779 { 9, &hf_kerberos_TicketFlags_initial, -1, -1, "initial", NULL },
2780 { 10, &hf_kerberos_TicketFlags_pre_authent, -1, -1, "pre-authent", NULL },
2781 { 11, &hf_kerberos_TicketFlags_hw_authent, -1, -1, "hw-authent", NULL },
2782 { 12, &hf_kerberos_TicketFlags_transited_policy_checked, -1, -1, "transited-policy-checked", NULL },
2783 { 13, &hf_kerberos_TicketFlags_ok_as_delegate, -1, -1, "ok-as-delegate", NULL },
2784 { 14, &hf_kerberos_TicketFlags_anonymous, -1, -1, "anonymous", NULL },
2785 { 0, NULL, 0, 0, NULL, NULL }
2789 dissect_kerberos_TicketFlags(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2790 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
2791 TicketFlags_bits, hf_index, ett_kerberos_TicketFlags,
2800 dissect_kerberos_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2801 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2808 static const ber_sequence_t TransitedEncoding_sequence[] = {
2809 { &hf_kerberos_tr_type , BER_CLASS_CON, 0, 0, dissect_kerberos_Int32 },
2810 { &hf_kerberos_contents , BER_CLASS_CON, 1, 0, dissect_kerberos_OCTET_STRING },
2811 { NULL, 0, 0, 0, NULL }
2815 dissect_kerberos_TransitedEncoding(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2816 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2817 TransitedEncoding_sequence, hf_index, ett_kerberos_TransitedEncoding);
2823 static const value_string kerberos_ADDR_TYPE_vals[] = {
2824 { KERBEROS_ADDR_TYPE_IPV4, "iPv4" },
2825 { KERBEROS_ADDR_TYPE_CHAOS, "cHAOS" },
2826 { KERBEROS_ADDR_TYPE_XEROX, "xEROX" },
2827 { KERBEROS_ADDR_TYPE_ISO, "iSO" },
2828 { KERBEROS_ADDR_TYPE_DECNET, "dECNET" },
2829 { KERBEROS_ADDR_TYPE_APPLETALK, "aPPLETALK" },
2830 { KERBEROS_ADDR_TYPE_NETBIOS, "nETBIOS" },
2831 { KERBEROS_ADDR_TYPE_IPV6, "iPv6" },
2837 dissect_kerberos_ADDR_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2838 #line 352 "./asn1/kerberos/kerberos.cnf"
2839 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2840 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2841 &(private_data->addr_type));
2852 dissect_kerberos_T_address(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2853 #line 174 "./asn1/kerberos/kerberos.cnf"
2858 const char *address_str;
2859 proto_item *it=NULL;
2860 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2862 /* read header and len for the octet string */
2863 offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &appclass, &pc, &tag);
2864 offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL);
2866 switch(private_data->addr_type){
2867 case KERBEROS_ADDR_TYPE_IPV4:
2868 it=proto_tree_add_item(tree, hf_krb_address_ip, tvb, offset, 4, ENC_BIG_ENDIAN);
2869 address_str = tvb_ip_to_str(tvb, offset);
2871 case KERBEROS_ADDR_TYPE_NETBIOS:
2873 char netbios_name[(NETBIOS_NAME_LEN - 1)*4 + 1];
2874 int netbios_name_type;
2875 int netbios_name_len = (NETBIOS_NAME_LEN - 1)*4 + 1;
2877 netbios_name_type = process_netbios_name(tvb_get_ptr(tvb, offset, 16), netbios_name, netbios_name_len);
2878 address_str = wmem_strdup_printf(wmem_packet_scope(), "%s<%02x>", netbios_name, netbios_name_type);
2879 it=proto_tree_add_string_format(tree, hf_krb_address_netbios, tvb, offset, 16, netbios_name, "NetBIOS Name: %s (%s)", address_str, netbios_name_type_descr(netbios_name_type));
2882 case KERBEROS_ADDR_TYPE_IPV6:
2883 it=proto_tree_add_item(tree, hf_krb_address_ipv6, tvb, offset, INET6_ADDRLEN, ENC_NA);
2884 address_str = tvb_ip6_to_str(tvb, offset);
2887 proto_tree_add_expert(tree, actx->pinfo, &ei_kerberos_address, tvb, offset, len);
2891 /* push it up two levels in the decode pane */
2892 if(it && address_str){
2893 proto_item_append_text(proto_item_get_parent(it), " %s",address_str);
2894 proto_item_append_text(proto_item_get_parent_nth(it, 2), " %s",address_str);
2907 static const ber_sequence_t HostAddress_sequence[] = {
2908 { &hf_kerberos_addr_type , BER_CLASS_CON, 0, 0, dissect_kerberos_ADDR_TYPE },
2909 { &hf_kerberos_address , BER_CLASS_CON, 1, 0, dissect_kerberos_T_address },
2910 { NULL, 0, 0, 0, NULL }
2914 dissect_kerberos_HostAddress(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2915 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2916 HostAddress_sequence, hf_index, ett_kerberos_HostAddress);
2922 static const ber_sequence_t HostAddresses_sequence_of[1] = {
2923 { &hf_kerberos_HostAddresses_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_HostAddress },
2927 dissect_kerberos_HostAddresses(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2928 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2929 HostAddresses_sequence_of, hf_index, ett_kerberos_HostAddresses);
2935 static const ber_sequence_t EncTicketPart_U_sequence[] = {
2936 { &hf_kerberos_flags , BER_CLASS_CON, 0, 0, dissect_kerberos_TicketFlags },
2937 { &hf_kerberos_key , BER_CLASS_CON, 1, 0, dissect_kerberos_EncryptionKey },
2938 { &hf_kerberos_crealm , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm },
2939 { &hf_kerberos_cname , BER_CLASS_CON, 3, 0, dissect_kerberos_CName },
2940 { &hf_kerberos_transited , BER_CLASS_CON, 4, 0, dissect_kerberos_TransitedEncoding },
2941 { &hf_kerberos_authtime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
2942 { &hf_kerberos_starttime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2943 { &hf_kerberos_endtime , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime },
2944 { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2945 { &hf_kerberos_caddr , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
2946 { &hf_kerberos_authorization_data, BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_AuthorizationData },
2947 { NULL, 0, 0, 0, NULL }
2951 dissect_kerberos_EncTicketPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2952 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2953 EncTicketPart_U_sequence, hf_index, ett_kerberos_EncTicketPart_U);
2961 dissect_kerberos_EncTicketPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2962 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2963 hf_index, BER_CLASS_APP, 3, FALSE, dissect_kerberos_EncTicketPart_U);
2969 static const value_string kerberos_MESSAGE_TYPE_vals[] = {
2970 { 10, "krb-as-req" },
2971 { 11, "krb-as-rep" },
2972 { 12, "krb-tgs-req" },
2973 { 13, "krb-tgs-rep" },
2974 { 14, "krb-ap-req" },
2975 { 15, "krb-ap-rep" },
2979 { 30, "krb-error" },
2985 dissect_kerberos_MESSAGE_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2986 #line 68 "./asn1/kerberos/kerberos.cnf"
2989 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2995 #line 73 "./asn1/kerberos/kerberos.cnf"
2996 if (gbl_do_col_info) {
2997 col_add_str(actx->pinfo->cinfo, COL_INFO,
2998 val_to_str(msgtype, krb5_msg_types,
2999 "Unknown msg type %#x"));
3001 gbl_do_col_info=FALSE;
3004 /* append the application type to the tree */
3005 proto_item_append_text(tree, " %s", val_to_str(msgtype, krb5_msg_types, "Unknown:0x%x"));
3013 static const value_string kerberos_PADATA_TYPE_vals[] = {
3014 { 0, "kRB5-PADATA-NONE" },
3015 { 1, "kRB5-PADATA-TGS-REQ" },
3016 { 1, "kRB5-PADATA-AP-REQ" },
3017 { 2, "kRB5-PADATA-ENC-TIMESTAMP" },
3018 { 3, "kRB5-PADATA-PW-SALT" },
3019 { 5, "kRB5-PADATA-ENC-UNIX-TIME" },
3020 { 6, "kRB5-PADATA-SANDIA-SECUREID" },
3021 { 7, "kRB5-PADATA-SESAME" },
3022 { 8, "kRB5-PADATA-OSF-DCE" },
3023 { 9, "kRB5-PADATA-CYBERSAFE-SECUREID" },
3024 { 10, "kRB5-PADATA-AFS3-SALT" },
3025 { 11, "kRB5-PADATA-ETYPE-INFO" },
3026 { 12, "kRB5-PADATA-SAM-CHALLENGE" },
3027 { 13, "kRB5-PADATA-SAM-RESPONSE" },
3028 { 14, "kRB5-PADATA-PK-AS-REQ-19" },
3029 { 15, "kRB5-PADATA-PK-AS-REP-19" },
3030 { 15, "kRB5-PADATA-PK-AS-REQ-WIN" },
3031 { 16, "kRB5-PADATA-PK-AS-REQ" },
3032 { 17, "kRB5-PADATA-PK-AS-REP" },
3033 { 18, "kRB5-PADATA-PA-PK-OCSP-RESPONSE" },
3034 { 19, "kRB5-PADATA-ETYPE-INFO2" },
3035 { 20, "kRB5-PADATA-USE-SPECIFIED-KVNO" },
3036 { 20, "kRB5-PADATA-SVR-REFERRAL-INFO" },
3037 { 21, "kRB5-PADATA-SAM-REDIRECT" },
3038 { 22, "kRB5-PADATA-GET-FROM-TYPED-DATA" },
3039 { 23, "kRB5-PADATA-SAM-ETYPE-INFO" },
3040 { 25, "kRB5-PADATA-SERVER-REFERRAL" },
3041 { 102, "kRB5-PADATA-TD-KRB-PRINCIPAL" },
3042 { 104, "kRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS" },
3043 { 105, "kRB5-PADATA-PK-TD-CERTIFICATE-INDEX" },
3044 { 106, "kRB5-PADATA-TD-APP-DEFINED-ERROR" },
3045 { 107, "kRB5-PADATA-TD-REQ-NONCE" },
3046 { 108, "kRB5-PADATA-TD-REQ-SEQ" },
3047 { 128, "kRB5-PADATA-PA-PAC-REQUEST" },
3048 { 129, "kRB5-PADATA-S4U2SELF" },
3049 { 132, "kRB5-PADATA-PK-AS-09-BINDING" },
3050 { 133, "kRB5-PADATA-CLIENT-CANONICALIZED" },
3056 dissect_kerberos_PADATA_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3057 #line 121 "./asn1/kerberos/kerberos.cnf"
3058 kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
3059 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
3060 &(private_data->padata_type));
3064 #line 124 "./asn1/kerberos/kerberos.cnf"
3066 proto_item_append_text(tree, " %s",
3067 val_to_str(private_data->padata_type, krb5_preauthentication_types,
3078 dissect_kerberos_T_padata_value(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3079 #line 131 "./asn1/kerberos/kerberos.cnf"
3080 proto_tree *sub_tree=tree;
3081 kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
3083 if(actx->created_item){
3084 sub_tree=proto_item_add_subtree(actx->created_item, ett_kerberos_PA_DATA);
3087 switch(private_data->padata_type){
3088 case KRB5_PA_TGS_REQ:
3089 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
3091 case KRB5_PA_PK_AS_REQ:
3092 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsReq);
3094 case KRB5_PA_PK_AS_REP:
3095 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsRep);
3097 case KRB5_PA_PAC_REQUEST:
3098 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_KERB_PA_PAC_REQUEST);
3100 case KRB5_PA_S4U2SELF:
3101 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U2Self);
3103 case KRB5_PA_PROV_SRV_LOCATION:
3104 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PA_PROV_SRV_LOCATION);
3106 case KRB5_PA_ENC_TIMESTAMP:
3107 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_ENC_TIMESTAMP);
3109 case KRB5_PA_ENCTYPE_INFO:
3110 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO);
3112 case KRB5_PA_ENCTYPE_INFO2:
3113 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO2);
3115 case KRB5_PA_PW_SALT:
3116 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PW_SALT);
3119 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, NULL);
3128 static const ber_sequence_t PA_DATA_sequence[] = {
3129 { &hf_kerberos_padata_type, BER_CLASS_CON, 1, 0, dissect_kerberos_PADATA_TYPE },
3130 { &hf_kerberos_padata_value, BER_CLASS_CON, 2, 0, dissect_kerberos_T_padata_value },
3131 { NULL, 0, 0, 0, NULL }
3135 dissect_kerberos_PA_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3136 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3137 PA_DATA_sequence, hf_index, ett_kerberos_PA_DATA);
3143 static const ber_sequence_t SEQUENCE_OF_PA_DATA_sequence_of[1] = {
3144 { &hf_kerberos_padata_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_PA_DATA },
3148 dissect_kerberos_SEQUENCE_OF_PA_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3149 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3150 SEQUENCE_OF_PA_DATA_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_PA_DATA);
3156 static const asn_namedbit KDCOptions_bits[] = {
3157 { 0, &hf_kerberos_KDCOptions_reserved, -1, -1, "reserved", NULL },
3158 { 1, &hf_kerberos_KDCOptions_forwardable, -1, -1, "forwardable", NULL },
3159 { 2, &hf_kerberos_KDCOptions_forwarded, -1, -1, "forwarded", NULL },
3160 { 3, &hf_kerberos_KDCOptions_proxiable, -1, -1, "proxiable", NULL },
3161 { 4, &hf_kerberos_KDCOptions_proxy, -1, -1, "proxy", NULL },
3162 { 5, &hf_kerberos_KDCOptions_allow_postdate, -1, -1, "allow-postdate", NULL },
3163 { 6, &hf_kerberos_KDCOptions_postdated, -1, -1, "postdated", NULL },
3164 { 7, &hf_kerberos_KDCOptions_unused7, -1, -1, "unused7", NULL },
3165 { 8, &hf_kerberos_KDCOptions_renewable, -1, -1, "renewable", NULL },
3166 { 9, &hf_kerberos_KDCOptions_unused9, -1, -1, "unused9", NULL },
3167 { 10, &hf_kerberos_KDCOptions_unused10, -1, -1, "unused10", NULL },
3168 { 11, &hf_kerberos_KDCOptions_opt_hardware_auth, -1, -1, "opt-hardware-auth", NULL },
3169 { 14, &hf_kerberos_KDCOptions_request_anonymous, -1, -1, "request-anonymous", NULL },
3170 { 15, &hf_kerberos_KDCOptions_canonicalize, -1, -1, "canonicalize", NULL },
3171 { 16, &hf_kerberos_KDCOptions_constrained_delegation, -1, -1, "constrained-delegation", NULL },
3172 { 26, &hf_kerberos_KDCOptions_disable_transited_check, -1, -1, "disable-transited-check", NULL },
3173 { 27, &hf_kerberos_KDCOptions_renewable_ok, -1, -1, "renewable-ok", NULL },
3174 { 28, &hf_kerberos_KDCOptions_enc_tkt_in_skey, -1, -1, "enc-tkt-in-skey", NULL },
3175 { 30, &hf_kerberos_KDCOptions_renew, -1, -1, "renew", NULL },
3176 { 31, &hf_kerberos_KDCOptions_validate, -1, -1, "validate", NULL },
3177 { 0, NULL, 0, 0, NULL, NULL }
3181 dissect_kerberos_KDCOptions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3182 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
3183 KDCOptions_bits, hf_index, ett_kerberos_KDCOptions,
3190 static const ber_sequence_t SEQUENCE_OF_ENCTYPE_sequence_of[1] = {
3191 { &hf_kerberos_kDC_REQ_BODY_etype_item, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_kerberos_ENCTYPE },
3195 dissect_kerberos_SEQUENCE_OF_ENCTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3196 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3197 SEQUENCE_OF_ENCTYPE_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_ENCTYPE);
3205 dissect_kerberos_T_encryptedAuthorizationData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3206 #line 237 "./asn1/kerberos/kerberos.cnf"
3207 #ifdef HAVE_KERBEROS
3208 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authenticator_data);
3210 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3222 static const ber_sequence_t EncryptedAuthorizationData_sequence[] = {
3223 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3224 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3225 { &hf_kerberos_encryptedAuthorizationData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedAuthorizationData_cipher },
3226 { NULL, 0, 0, 0, NULL }
3230 dissect_kerberos_EncryptedAuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3231 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3232 EncryptedAuthorizationData_sequence, hf_index, ett_kerberos_EncryptedAuthorizationData);
3238 static const ber_sequence_t SEQUENCE_OF_Ticket_sequence_of[1] = {
3239 { &hf_kerberos_additional_tickets_item, BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_kerberos_Ticket },
3243 dissect_kerberos_SEQUENCE_OF_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3244 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3245 SEQUENCE_OF_Ticket_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_Ticket);
3251 static const ber_sequence_t KDC_REQ_BODY_sequence[] = {
3252 { &hf_kerberos_kdc_options, BER_CLASS_CON, 0, 0, dissect_kerberos_KDCOptions },
3253 { &hf_kerberos_cname , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_CName },
3254 { &hf_kerberos_realm , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm },
3255 { &hf_kerberos_sname , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_SName },
3256 { &hf_kerberos_from , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3257 { &hf_kerberos_till , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3258 { &hf_kerberos_rtime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3259 { &hf_kerberos_nonce , BER_CLASS_CON, 7, 0, dissect_kerberos_UInt32 },
3260 { &hf_kerberos_kDC_REQ_BODY_etype, BER_CLASS_CON, 8, 0, dissect_kerberos_SEQUENCE_OF_ENCTYPE },
3261 { &hf_kerberos_addresses , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3262 { &hf_kerberos_enc_authorization_data, BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptedAuthorizationData },
3263 { &hf_kerberos_additional_tickets, BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_Ticket },
3264 { NULL, 0, 0, 0, NULL }
3268 dissect_kerberos_KDC_REQ_BODY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3269 #line 356 "./asn1/kerberos/kerberos.cnf"
3270 conversation_t *conversation;
3273 * UDP replies to KDC_REQs are sent from the server back to the client's
3274 * source port, similar to the way TFTP works. Set up a conversation
3277 * Ref: Section 7.2.1 of
3278 * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
3280 if (actx->pinfo->destport == UDP_PORT_KERBEROS && actx->pinfo->ptype == PT_UDP) {
3281 conversation = find_conversation(actx->pinfo->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
3282 actx->pinfo->srcport, 0, NO_PORT_B);
3283 if (conversation == NULL) {
3284 conversation = conversation_new(actx->pinfo->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
3285 actx->pinfo->srcport, 0, NO_PORT2);
3286 conversation_set_dissector(conversation, kerberos_handle_udp);
3290 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3291 KDC_REQ_BODY_sequence, hf_index, ett_kerberos_KDC_REQ_BODY);
3300 static const ber_sequence_t KDC_REQ_sequence[] = {
3301 { &hf_kerberos_pvno , BER_CLASS_CON, 1, 0, dissect_kerberos_INTEGER_5 },
3302 { &hf_kerberos_msg_type , BER_CLASS_CON, 2, 0, dissect_kerberos_MESSAGE_TYPE },
3303 { &hf_kerberos_padata , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA },
3304 { &hf_kerberos_req_body , BER_CLASS_CON, 4, 0, dissect_kerberos_KDC_REQ_BODY },
3305 { NULL, 0, 0, 0, NULL }
3309 dissect_kerberos_KDC_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3310 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3311 KDC_REQ_sequence, hf_index, ett_kerberos_KDC_REQ);
3319 dissect_kerberos_AS_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3320 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3321 hf_index, BER_CLASS_APP, 10, FALSE, dissect_kerberos_KDC_REQ);
3329 dissect_kerberos_T_encryptedKDCREPData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3330 #line 245 "./asn1/kerberos/kerberos.cnf"
3331 #ifdef HAVE_KERBEROS
3332 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KDC_REP_data);
3334 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3346 static const ber_sequence_t EncryptedKDCREPData_sequence[] = {
3347 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3348 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3349 { &hf_kerberos_encryptedKDCREPData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKDCREPData_cipher },
3350 { NULL, 0, 0, 0, NULL }
3354 dissect_kerberos_EncryptedKDCREPData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3355 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3356 EncryptedKDCREPData_sequence, hf_index, ett_kerberos_EncryptedKDCREPData);
3362 static const ber_sequence_t KDC_REP_sequence[] = {
3363 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3364 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3365 { &hf_kerberos_padata , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA },
3366 { &hf_kerberos_crealm , BER_CLASS_CON, 3, 0, dissect_kerberos_Realm },
3367 { &hf_kerberos_cname , BER_CLASS_CON, 4, 0, dissect_kerberos_CName },
3368 { &hf_kerberos_ticket , BER_CLASS_CON, 5, 0, dissect_kerberos_Ticket },
3369 { &hf_kerberos_kDC_REP_enc_part, BER_CLASS_CON, 6, 0, dissect_kerberos_EncryptedKDCREPData },
3370 { NULL, 0, 0, 0, NULL }
3374 dissect_kerberos_KDC_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3375 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3376 KDC_REP_sequence, hf_index, ett_kerberos_KDC_REP);
3384 dissect_kerberos_AS_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3385 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3386 hf_index, BER_CLASS_APP, 11, FALSE, dissect_kerberos_KDC_REP);
3394 dissect_kerberos_TGS_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3395 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3396 hf_index, BER_CLASS_APP, 12, FALSE, dissect_kerberos_KDC_REQ);
3404 dissect_kerberos_TGS_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3405 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3406 hf_index, BER_CLASS_APP, 13, FALSE, dissect_kerberos_KDC_REP);
3412 static const asn_namedbit APOptions_bits[] = {
3413 { 0, &hf_kerberos_APOptions_reserved, -1, -1, "reserved", NULL },
3414 { 1, &hf_kerberos_APOptions_use_session_key, -1, -1, "use-session-key", NULL },
3415 { 2, &hf_kerberos_APOptions_mutual_required, -1, -1, "mutual-required", NULL },
3416 { 0, NULL, 0, 0, NULL, NULL }
3420 dissect_kerberos_APOptions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3421 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
3422 APOptions_bits, hf_index, ett_kerberos_APOptions,
3429 static const ber_sequence_t AP_REQ_U_sequence[] = {
3430 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3431 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3432 { &hf_kerberos_ap_options , BER_CLASS_CON, 2, 0, dissect_kerberos_APOptions },
3433 { &hf_kerberos_ticket , BER_CLASS_CON, 3, 0, dissect_kerberos_Ticket },
3434 { &hf_kerberos_authenticator_01, BER_CLASS_CON, 4, 0, dissect_kerberos_EncryptedAuthorizationData },
3435 { NULL, 0, 0, 0, NULL }
3439 dissect_kerberos_AP_REQ_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3440 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3441 AP_REQ_U_sequence, hf_index, ett_kerberos_AP_REQ_U);
3449 dissect_kerberos_AP_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3450 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3451 hf_index, BER_CLASS_APP, 14, FALSE, dissect_kerberos_AP_REQ_U);
3459 dissect_kerberos_T_encryptedAPREPData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3460 #line 261 "./asn1/kerberos/kerberos.cnf"
3461 #ifdef HAVE_KERBEROS
3462 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_AP_REP_data);
3464 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3476 static const ber_sequence_t EncryptedAPREPData_sequence[] = {
3477 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3478 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3479 { &hf_kerberos_encryptedAPREPData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedAPREPData_cipher },
3480 { NULL, 0, 0, 0, NULL }
3484 dissect_kerberos_EncryptedAPREPData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3485 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3486 EncryptedAPREPData_sequence, hf_index, ett_kerberos_EncryptedAPREPData);
3492 static const ber_sequence_t AP_REP_U_sequence[] = {
3493 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3494 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3495 { &hf_kerberos_aP_REP_enc_part, BER_CLASS_CON, 2, 0, dissect_kerberos_EncryptedAPREPData },
3496 { NULL, 0, 0, 0, NULL }
3500 dissect_kerberos_AP_REP_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3501 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3502 AP_REP_U_sequence, hf_index, ett_kerberos_AP_REP_U);
3510 dissect_kerberos_AP_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3511 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3512 hf_index, BER_CLASS_APP, 15, FALSE, dissect_kerberos_AP_REP_U);
3520 dissect_kerberos_T_kRB_SAFE_BODY_user_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3521 #line 379 "./asn1/kerberos/kerberos.cnf"
3523 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
3525 call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA, (kerberos_callbacks*)actx->private_data);
3534 static const ber_sequence_t KRB_SAFE_BODY_sequence[] = {
3535 { &hf_kerberos_kRB_SAFE_BODY_user_data, BER_CLASS_CON, 0, 0, dissect_kerberos_T_kRB_SAFE_BODY_user_data },
3536 { &hf_kerberos_timestamp , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3537 { &hf_kerberos_usec , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3538 { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3539 { &hf_kerberos_s_address , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3540 { &hf_kerberos_r_address , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3541 { NULL, 0, 0, 0, NULL }
3545 dissect_kerberos_KRB_SAFE_BODY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3546 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3547 KRB_SAFE_BODY_sequence, hf_index, ett_kerberos_KRB_SAFE_BODY);
3553 static const ber_sequence_t KRB_SAFE_U_sequence[] = {
3554 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3555 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3556 { &hf_kerberos_safe_body , BER_CLASS_CON, 2, 0, dissect_kerberos_KRB_SAFE_BODY },
3557 { &hf_kerberos_cksum , BER_CLASS_CON, 3, 0, dissect_kerberos_Checksum },
3558 { NULL, 0, 0, 0, NULL }
3562 dissect_kerberos_KRB_SAFE_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3563 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3564 KRB_SAFE_U_sequence, hf_index, ett_kerberos_KRB_SAFE_U);
3572 dissect_kerberos_KRB_SAFE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3573 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3574 hf_index, BER_CLASS_APP, 20, FALSE, dissect_kerberos_KRB_SAFE_U);
3582 dissect_kerberos_T_encryptedKrbPrivData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3583 #line 269 "./asn1/kerberos/kerberos.cnf"
3584 #ifdef HAVE_KERBEROS
3585 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PRIV_data);
3587 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3599 static const ber_sequence_t EncryptedKrbPrivData_sequence[] = {
3600 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3601 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3602 { &hf_kerberos_encryptedKrbPrivData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKrbPrivData_cipher },
3603 { NULL, 0, 0, 0, NULL }
3607 dissect_kerberos_EncryptedKrbPrivData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3608 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3609 EncryptedKrbPrivData_sequence, hf_index, ett_kerberos_EncryptedKrbPrivData);
3615 static const ber_sequence_t KRB_PRIV_U_sequence[] = {
3616 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3617 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3618 { &hf_kerberos_kRB_PRIV_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedKrbPrivData },
3619 { NULL, 0, 0, 0, NULL }
3623 dissect_kerberos_KRB_PRIV_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3624 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3625 KRB_PRIV_U_sequence, hf_index, ett_kerberos_KRB_PRIV_U);
3633 dissect_kerberos_KRB_PRIV(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3634 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3635 hf_index, BER_CLASS_APP, 21, FALSE, dissect_kerberos_KRB_PRIV_U);
3643 dissect_kerberos_T_encryptedKrbCredData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3644 #line 277 "./asn1/kerberos/kerberos.cnf"
3645 #ifdef HAVE_KERBEROS
3646 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_CRED_data);
3648 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3661 static const ber_sequence_t EncryptedKrbCredData_sequence[] = {
3662 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3663 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3664 { &hf_kerberos_encryptedKrbCredData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKrbCredData_cipher },
3665 { NULL, 0, 0, 0, NULL }
3669 dissect_kerberos_EncryptedKrbCredData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3670 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3671 EncryptedKrbCredData_sequence, hf_index, ett_kerberos_EncryptedKrbCredData);
3677 static const ber_sequence_t KRB_CRED_U_sequence[] = {
3678 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3679 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3680 { &hf_kerberos_tickets , BER_CLASS_CON, 2, 0, dissect_kerberos_SEQUENCE_OF_Ticket },
3681 { &hf_kerberos_kRB_CRED_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedKrbCredData },
3682 { NULL, 0, 0, 0, NULL }
3686 dissect_kerberos_KRB_CRED_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3687 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3688 KRB_CRED_U_sequence, hf_index, ett_kerberos_KRB_CRED_U);
3696 dissect_kerberos_KRB_CRED(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3697 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3698 hf_index, BER_CLASS_APP, 22, FALSE, dissect_kerberos_KRB_CRED_U);
3704 static const value_string kerberos_LR_TYPE_vals[] = {
3706 { 1, "lR-INITIAL-TGT" },
3707 { 2, "lR-INITIAL" },
3708 { 3, "lR-ISSUE-USE-TGT" },
3709 { 4, "lR-RENEWAL" },
3710 { 5, "lR-REQUEST" },
3711 { 6, "lR-PW-EXPTIME" },
3712 { 7, "lR-ACCT-EXPTIME" },
3718 dissect_kerberos_LR_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3719 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
3726 static const ber_sequence_t LastReq_item_sequence[] = {
3727 { &hf_kerberos_lr_type , BER_CLASS_CON, 0, 0, dissect_kerberos_LR_TYPE },
3728 { &hf_kerberos_lr_value , BER_CLASS_CON, 1, 0, dissect_kerberos_KerberosTime },
3729 { NULL, 0, 0, 0, NULL }
3733 dissect_kerberos_LastReq_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3734 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3735 LastReq_item_sequence, hf_index, ett_kerberos_LastReq_item);
3741 static const ber_sequence_t LastReq_sequence_of[1] = {
3742 { &hf_kerberos_LastReq_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_LastReq_item },
3746 dissect_kerberos_LastReq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3747 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3748 LastReq_sequence_of, hf_index, ett_kerberos_LastReq);
3754 static const ber_sequence_t METHOD_DATA_sequence_of[1] = {
3755 { &hf_kerberos_METHOD_DATA_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_PA_DATA },
3759 dissect_kerberos_METHOD_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3760 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3761 METHOD_DATA_sequence_of, hf_index, ett_kerberos_METHOD_DATA);
3767 static const ber_sequence_t EncKDCRepPart_sequence[] = {
3768 { &hf_kerberos_key , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey },
3769 { &hf_kerberos_last_req , BER_CLASS_CON, 1, 0, dissect_kerberos_LastReq },
3770 { &hf_kerberos_nonce , BER_CLASS_CON, 2, 0, dissect_kerberos_UInt32 },
3771 { &hf_kerberos_key_expiration, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3772 { &hf_kerberos_flags , BER_CLASS_CON, 4, 0, dissect_kerberos_TicketFlags },
3773 { &hf_kerberos_authtime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
3774 { &hf_kerberos_starttime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3775 { &hf_kerberos_endtime , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime },
3776 { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3777 { &hf_kerberos_srealm , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm },
3778 { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_SName },
3779 { &hf_kerberos_caddr , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3780 { &hf_kerberos_encrypted_pa_data, BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_METHOD_DATA },
3781 { NULL, 0, 0, 0, NULL }
3785 dissect_kerberos_EncKDCRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3786 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3787 EncKDCRepPart_sequence, hf_index, ett_kerberos_EncKDCRepPart);
3795 dissect_kerberos_EncASRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3796 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3797 hf_index, BER_CLASS_APP, 25, FALSE, dissect_kerberos_EncKDCRepPart);
3805 dissect_kerberos_EncTGSRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3806 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3807 hf_index, BER_CLASS_APP, 26, FALSE, dissect_kerberos_EncKDCRepPart);
3813 static const ber_sequence_t EncAPRepPart_U_sequence[] = {
3814 { &hf_kerberos_ctime , BER_CLASS_CON, 0, 0, dissect_kerberos_KerberosTime },
3815 { &hf_kerberos_cusec , BER_CLASS_CON, 1, 0, dissect_kerberos_Microseconds },
3816 { &hf_kerberos_subkey , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptionKey },
3817 { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3818 { NULL, 0, 0, 0, NULL }
3822 dissect_kerberos_EncAPRepPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3823 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3824 EncAPRepPart_U_sequence, hf_index, ett_kerberos_EncAPRepPart_U);
3832 dissect_kerberos_EncAPRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3833 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3834 hf_index, BER_CLASS_APP, 27, FALSE, dissect_kerberos_EncAPRepPart_U);
3842 dissect_kerberos_T_encKrbPrivPart_user_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3843 #line 386 "./asn1/kerberos/kerberos.cnf"
3845 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
3847 call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA, (kerberos_callbacks*)actx->private_data);
3855 static const ber_sequence_t EncKrbPrivPart_sequence[] = {
3856 { &hf_kerberos_encKrbPrivPart_user_data, BER_CLASS_CON, 0, 0, dissect_kerberos_T_encKrbPrivPart_user_data },
3857 { &hf_kerberos_timestamp , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3858 { &hf_kerberos_usec , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3859 { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3860 { &hf_kerberos_s_address , BER_CLASS_CON, 4, 0, dissect_kerberos_HostAddress },
3861 { &hf_kerberos_r_address , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3862 { NULL, 0, 0, 0, NULL }
3866 dissect_kerberos_EncKrbPrivPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3867 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3868 EncKrbPrivPart_sequence, hf_index, ett_kerberos_EncKrbPrivPart);
3876 dissect_kerberos_ENC_KRB_PRIV_PART(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3877 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3878 hf_index, BER_CLASS_APP, 28, FALSE, dissect_kerberos_EncKrbPrivPart);
3884 static const ber_sequence_t SEQUENCE_OF_KerberosString_sequence_of[1] = {
3885 { &hf_kerberos_name_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_KerberosString },
3889 dissect_kerberos_SEQUENCE_OF_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3890 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3891 SEQUENCE_OF_KerberosString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KerberosString);
3897 static const ber_sequence_t PrincipalName_sequence[] = {
3898 { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
3899 { &hf_kerberos_name_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_KerberosString },
3900 { NULL, 0, 0, 0, NULL }
3904 dissect_kerberos_PrincipalName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3905 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3906 PrincipalName_sequence, hf_index, ett_kerberos_PrincipalName);
3912 static const ber_sequence_t KrbCredInfo_sequence[] = {
3913 { &hf_kerberos_key , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey },
3914 { &hf_kerberos_prealm , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3915 { &hf_kerberos_pname , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
3916 { &hf_kerberos_flags , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_TicketFlags },
3917 { &hf_kerberos_authtime , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3918 { &hf_kerberos_starttime , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3919 { &hf_kerberos_endtime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3920 { &hf_kerberos_renew_till , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3921 { &hf_kerberos_srealm , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3922 { &hf_kerberos_sname , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_SName },
3923 { &hf_kerberos_caddr , BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3924 { NULL, 0, 0, 0, NULL }
3928 dissect_kerberos_KrbCredInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3929 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3930 KrbCredInfo_sequence, hf_index, ett_kerberos_KrbCredInfo);
3936 static const ber_sequence_t SEQUENCE_OF_KrbCredInfo_sequence_of[1] = {
3937 { &hf_kerberos_ticket_info_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_KrbCredInfo },
3941 dissect_kerberos_SEQUENCE_OF_KrbCredInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3942 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3943 SEQUENCE_OF_KrbCredInfo_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KrbCredInfo);
3949 static const ber_sequence_t EncKrbCredPart_U_sequence[] = {
3950 { &hf_kerberos_ticket_info, BER_CLASS_CON, 0, 0, dissect_kerberos_SEQUENCE_OF_KrbCredInfo },
3951 { &hf_kerberos_nonce , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3952 { &hf_kerberos_timestamp , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3953 { &hf_kerberos_usec , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3954 { &hf_kerberos_s_address , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3955 { &hf_kerberos_r_address , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3956 { NULL, 0, 0, 0, NULL }
3960 dissect_kerberos_EncKrbCredPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3961 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3962 EncKrbCredPart_U_sequence, hf_index, ett_kerberos_EncKrbCredPart_U);
3970 dissect_kerberos_EncKrbCredPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3971 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3972 hf_index, BER_CLASS_APP, 29, FALSE, dissect_kerberos_EncKrbCredPart_U);
3978 static const value_string kerberos_ERROR_CODE_vals[] = {
3980 { 1, "eRR-NAME-EXP" },
3981 { 2, "eRR-SERVICE-EXP" },
3982 { 3, "eRR-BAD-PVNO" },
3983 { 4, "eRR-C-OLD-MAST-KVNO" },
3984 { 5, "eRR-S-OLD-MAST-KVNO" },
3985 { 6, "eRR-C-PRINCIPAL-UNKNOWN" },
3986 { 7, "eRR-S-PRINCIPAL-UNKNOWN" },
3987 { 8, "eRR-PRINCIPAL-NOT-UNIQUE" },
3988 { 9, "eRR-NULL-KEY" },
3989 { 10, "eRR-CANNOT-POSTDATE" },
3990 { 11, "eRR-NEVER-VALID" },
3991 { 12, "eRR-POLICY" },
3992 { 13, "eRR-BADOPTION" },
3993 { 14, "eRR-ETYPE-NOSUPP" },
3994 { 15, "eRR-SUMTYPE-NOSUPP" },
3995 { 16, "eRR-PADATA-TYPE-NOSUPP" },
3996 { 17, "eRR-TRTYPE-NOSUPP" },
3997 { 18, "eRR-CLIENT-REVOKED" },
3998 { 19, "eRR-SERVICE-REVOKED" },
3999 { 20, "eRR-TGT-REVOKED" },
4000 { 21, "eRR-CLIENT-NOTYET" },
4001 { 22, "eRR-SERVICE-NOTYET" },
4002 { 23, "eRR-KEY-EXP" },
4003 { 24, "eRR-PREAUTH-FAILED" },
4004 { 25, "eRR-PREAUTH-REQUIRED" },
4005 { 26, "eRR-SERVER-NOMATCH" },
4006 { 27, "eRR-MUST-USE-USER2USER" },
4007 { 28, "eRR-PATH-NOT-ACCEPTED" },
4008 { 29, "eRR-SVC-UNAVAILABLE" },
4009 { 31, "eRR-BAD-INTEGRITY" },
4010 { 32, "eRR-TKT-EXPIRED" },
4011 { 33, "eRR-TKT-NYV" },
4012 { 34, "eRR-REPEAT" },
4013 { 35, "eRR-NOT-US" },
4014 { 36, "eRR-BADMATCH" },
4016 { 38, "eRR-BADADDR" },
4017 { 39, "eRR-BADVERSION" },
4018 { 40, "eRR-MSG-TYPE" },
4019 { 41, "eRR-MODIFIED" },
4020 { 42, "eRR-BADORDER" },
4021 { 43, "eRR-ILL-CR-TKT" },
4022 { 44, "eRR-BADKEYVER" },
4023 { 45, "eRR-NOKEY" },
4024 { 46, "eRR-MUT-FAIL" },
4025 { 47, "eRR-BADDIRECTION" },
4026 { 48, "eRR-METHOD" },
4027 { 49, "eRR-BADSEQ" },
4028 { 50, "eRR-INAPP-CKSUM" },
4029 { 51, "pATH-NOT-ACCEPTED" },
4030 { 52, "eRR-RESPONSE-TOO-BIG" },
4031 { 60, "eRR-GENERIC" },
4032 { 61, "eRR-FIELD-TOOLONG" },
4033 { 62, "eRROR-CLIENT-NOT-TRUSTED" },
4034 { 63, "eRROR-KDC-NOT-TRUSTED" },
4035 { 64, "eRROR-INVALID-SIG" },
4036 { 65, "eRR-KEY-TOO-WEAK" },
4037 { 66, "eRR-CERTIFICATE-MISMATCH" },
4038 { 67, "eRR-NO-TGT" },
4039 { 68, "eRR-WRONG-REALM" },
4040 { 69, "eRR-USER-TO-USER-REQUIRED" },
4041 { 70, "eRR-CANT-VERIFY-CERTIFICATE" },
4042 { 71, "eRR-INVALID-CERTIFICATE" },
4043 { 72, "eRR-REVOKED-CERTIFICATE" },
4044 { 73, "eRR-REVOCATION-STATUS-UNKNOWN" },
4045 { 74, "eRR-REVOCATION-STATUS-UNAVAILABLE" },
4046 { 75, "eRR-CLIENT-NAME-MISMATCH" },
4047 { 76, "eRR-KDC-NAME-MISMATCH" },
4053 dissect_kerberos_ERROR_CODE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4054 #line 86 "./asn1/kerberos/kerberos.cnf"
4055 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
4061 #line 89 "./asn1/kerberos/kerberos.cnf"
4062 if(krb5_errorcode) {
4063 col_add_fstr(actx->pinfo->cinfo, COL_INFO,
4065 val_to_str(krb5_errorcode, krb5_error_codes,
4066 "Unknown error code %#x"));
4077 dissect_kerberos_T_e_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4078 #line 99 "./asn1/kerberos/kerberos.cnf"
4079 switch(krb5_errorcode){
4080 case KRB5_ET_KRB5KDC_ERR_BADOPTION:
4081 case KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED:
4082 case KRB5_ET_KRB5KDC_ERR_KEY_EXP:
4083 case KRB5_ET_KRB5KDC_ERR_POLICY:
4084 /* ms windows kdc sends e-data of this type containing a "salt"
4085 * that contains the nt_status code for these error codes.
4087 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_PA_DATA);
4089 case KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED:
4090 case KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED:
4091 case KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP:
4092 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_SEQUENCE_OF_PA_DATA);
4096 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, NULL);
4106 static const ber_sequence_t KRB_ERROR_U_sequence[] = {
4107 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
4108 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
4109 { &hf_kerberos_ctime , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
4110 { &hf_kerberos_cusec , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
4111 { &hf_kerberos_stime , BER_CLASS_CON, 4, 0, dissect_kerberos_KerberosTime },
4112 { &hf_kerberos_susec , BER_CLASS_CON, 5, 0, dissect_kerberos_Microseconds },
4113 { &hf_kerberos_error_code , BER_CLASS_CON, 6, 0, dissect_kerberos_ERROR_CODE },
4114 { &hf_kerberos_crealm , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
4115 { &hf_kerberos_cname , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_CName },
4116 { &hf_kerberos_realm , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm },
4117 { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_SName },
4118 { &hf_kerberos_e_text , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString },
4119 { &hf_kerberos_e_data , BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_T_e_data },
4120 { &hf_kerberos_e_checksum , BER_CLASS_CON, 13, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum },
4121 { NULL, 0, 0, 0, NULL }
4125 dissect_kerberos_KRB_ERROR_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4126 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4127 KRB_ERROR_U_sequence, hf_index, ett_kerberos_KRB_ERROR_U);
4135 dissect_kerberos_KRB_ERROR(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4136 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
4137 hf_index, BER_CLASS_APP, 30, FALSE, dissect_kerberos_KRB_ERROR_U);
4143 static const ber_choice_t Applications_choice[] = {
4144 { KERBEROS_APPLICATIONS_TICKET, &hf_kerberos_ticket , BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_kerberos_Ticket },
4145 { KERBEROS_APPLICATIONS_AUTHENTICATOR, &hf_kerberos_authenticator, BER_CLASS_APP, 2, BER_FLAGS_NOOWNTAG, dissect_kerberos_Authenticator },
4146 { KERBEROS_APPLICATIONS_ENCTICKETPART, &hf_kerberos_encTicketPart, BER_CLASS_APP, 3, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncTicketPart },
4147 { KERBEROS_APPLICATIONS_AS_REQ, &hf_kerberos_as_req , BER_CLASS_APP, 10, BER_FLAGS_NOOWNTAG, dissect_kerberos_AS_REQ },
4148 { KERBEROS_APPLICATIONS_AS_REP, &hf_kerberos_as_rep , BER_CLASS_APP, 11, BER_FLAGS_NOOWNTAG, dissect_kerberos_AS_REP },
4149 { KERBEROS_APPLICATIONS_TGS_REQ, &hf_kerberos_tgs_req , BER_CLASS_APP, 12, BER_FLAGS_NOOWNTAG, dissect_kerberos_TGS_REQ },
4150 { KERBEROS_APPLICATIONS_TGS_REP, &hf_kerberos_tgs_rep , BER_CLASS_APP, 13, BER_FLAGS_NOOWNTAG, dissect_kerberos_TGS_REP },
4151 { KERBEROS_APPLICATIONS_AP_REQ, &hf_kerberos_ap_req , BER_CLASS_APP, 14, BER_FLAGS_NOOWNTAG, dissect_kerberos_AP_REQ },
4152 { KERBEROS_APPLICATIONS_AP_REP, &hf_kerberos_ap_rep , BER_CLASS_APP, 15, BER_FLAGS_NOOWNTAG, dissect_kerberos_AP_REP },
4153 { KERBEROS_APPLICATIONS_KRB_SAFE, &hf_kerberos_krb_safe , BER_CLASS_APP, 20, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_SAFE },
4154 { KERBEROS_APPLICATIONS_KRB_PRIV, &hf_kerberos_krb_priv , BER_CLASS_APP, 21, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_PRIV },
4155 { KERBEROS_APPLICATIONS_KRB_CRED, &hf_kerberos_krb_cred , BER_CLASS_APP, 22, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_CRED },
4156 { KERBEROS_APPLICATIONS_ENCASREPPART, &hf_kerberos_encASRepPart, BER_CLASS_APP, 25, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncASRepPart },
4157 { KERBEROS_APPLICATIONS_ENCTGSREPPART, &hf_kerberos_encTGSRepPart, BER_CLASS_APP, 26, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncTGSRepPart },
4158 { KERBEROS_APPLICATIONS_ENCAPREPPART, &hf_kerberos_encAPRepPart, BER_CLASS_APP, 27, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncAPRepPart },
4159 { KERBEROS_APPLICATIONS_ENCKRBPRIVPART, &hf_kerberos_encKrbPrivPart, BER_CLASS_APP, 28, BER_FLAGS_NOOWNTAG, dissect_kerberos_ENC_KRB_PRIV_PART },
4160 { KERBEROS_APPLICATIONS_ENCKRBCREDPART, &hf_kerberos_encKrbCredPart, BER_CLASS_APP, 29, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncKrbCredPart },
4161 { KERBEROS_APPLICATIONS_KRB_ERROR, &hf_kerberos_krb_error , BER_CLASS_APP, 30, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_ERROR },
4162 { 0, NULL, 0, 0, 0, NULL }
4166 dissect_kerberos_Applications(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4167 offset = dissect_ber_choice(actx, tree, tvb, offset,
4168 Applications_choice, hf_index, ett_kerberos_Applications,
4177 dissect_kerberos_T_pA_ENC_TIMESTAMP_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4178 #line 253 "./asn1/kerberos/kerberos.cnf"
4179 #ifdef HAVE_KERBEROS
4180 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
4182 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
4194 static const ber_sequence_t PA_ENC_TIMESTAMP_sequence[] = {
4195 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
4196 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
4197 { &hf_kerberos_pA_ENC_TIMESTAMP_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_pA_ENC_TIMESTAMP_cipher },
4198 { NULL, 0, 0, 0, NULL }
4202 dissect_kerberos_PA_ENC_TIMESTAMP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4203 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4204 PA_ENC_TIMESTAMP_sequence, hf_index, ett_kerberos_PA_ENC_TIMESTAMP);
4210 static const ber_sequence_t ETYPE_INFO_ENTRY_sequence[] = {
4211 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
4212 { &hf_kerberos_salt , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_OCTET_STRING },
4213 { NULL, 0, 0, 0, NULL }
4217 dissect_kerberos_ETYPE_INFO_ENTRY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4218 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4219 ETYPE_INFO_ENTRY_sequence, hf_index, ett_kerberos_ETYPE_INFO_ENTRY);
4225 static const ber_sequence_t ETYPE_INFO_sequence_of[1] = {
4226 { &hf_kerberos_ETYPE_INFO_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_ETYPE_INFO_ENTRY },
4230 dissect_kerberos_ETYPE_INFO(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4231 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
4232 ETYPE_INFO_sequence_of, hf_index, ett_kerberos_ETYPE_INFO);
4238 static const ber_sequence_t ETYPE_INFO2_ENTRY_sequence[] = {
4239 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
4240 { &hf_kerberos_salt_01 , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString },
4241 { &hf_kerberos_s2kparams , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_OCTET_STRING },
4242 { NULL, 0, 0, 0, NULL }
4246 dissect_kerberos_ETYPE_INFO2_ENTRY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4247 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4248 ETYPE_INFO2_ENTRY_sequence, hf_index, ett_kerberos_ETYPE_INFO2_ENTRY);
4254 static const ber_sequence_t ETYPE_INFO2_sequence_of[1] = {
4255 { &hf_kerberos_ETYPE_INFO2_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_ETYPE_INFO2_ENTRY },
4259 dissect_kerberos_ETYPE_INFO2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4260 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
4261 ETYPE_INFO2_sequence_of, hf_index, ett_kerberos_ETYPE_INFO2);
4269 dissect_kerberos_AD_IF_RELEVANT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4270 offset = dissect_kerberos_AuthorizationData(implicit_tag, tvb, offset, actx, tree, hf_index);
4278 dissect_kerberos_GeneralString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4279 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
4280 actx, tree, tvb, offset, hf_index,
4287 static const ber_sequence_t PA_S4U2Self_sequence[] = {
4288 { &hf_kerberos_name , BER_CLASS_CON, 0, 0, dissect_kerberos_PrincipalName },
4289 { &hf_kerberos_realm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
4290 { &hf_kerberos_cksum , BER_CLASS_CON, 2, 0, dissect_kerberos_Checksum },
4291 { &hf_kerberos_auth , BER_CLASS_CON, 3, 0, dissect_kerberos_GeneralString },
4292 { NULL, 0, 0, 0, NULL }
4296 dissect_kerberos_PA_S4U2Self(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4297 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4298 PA_S4U2Self_sequence, hf_index, ett_kerberos_PA_S4U2Self);
4306 dissect_kerberos_BOOLEAN(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4307 offset = dissect_ber_boolean(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
4313 static const ber_sequence_t KERB_PA_PAC_REQUEST_sequence[] = {
4314 { &hf_kerberos_include_pac, BER_CLASS_CON, 0, 0, dissect_kerberos_BOOLEAN },
4315 { NULL, 0, 0, 0, NULL }
4319 dissect_kerberos_KERB_PA_PAC_REQUEST(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4320 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4321 KERB_PA_PAC_REQUEST_sequence, hf_index, ett_kerberos_KERB_PA_PAC_REQUEST);
4327 static const ber_sequence_t ChangePasswdData_sequence[] = {
4328 { &hf_kerberos_newpasswd , BER_CLASS_CON, 0, 0, dissect_kerberos_OCTET_STRING },
4329 { &hf_kerberos_targname , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
4330 { &hf_kerberos_targrealm , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
4331 { NULL, 0, 0, 0, NULL }
4335 dissect_kerberos_ChangePasswdData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4336 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4337 ChangePasswdData_sequence, hf_index, ett_kerberos_ChangePasswdData);
4343 /*--- End of included file: packet-kerberos-fn.c ---*/
4344 #line 1985 "./asn1/kerberos/packet-kerberos-template.c"
4346 /* Make wrappers around exported functions for now */
4348 dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4350 return dissect_kerberos_Checksum(FALSE, tvb, offset, actx, tree, hf_kerberos_cksum);
4355 dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4357 return dissect_kerberos_KerberosTime(FALSE, tvb, offset, actx, tree, hf_kerberos_ctime);
4362 dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4364 return dissect_kerberos_PrincipalName(FALSE, tvb, offset, actx, tree, hf_kerberos_cname);
4367 dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4369 return dissect_kerberos_Realm(FALSE, tvb, offset, actx, tree, hf_kerberos_realm);
4374 dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
4375 gboolean dci, gboolean do_col_protocol, gboolean have_rm,
4376 kerberos_callbacks *cb)
4378 volatile int offset = 0;
4379 proto_tree *volatile kerberos_tree = NULL;
4380 proto_item *volatile item = NULL;
4381 asn1_ctx_t asn1_ctx;
4383 /* TCP record mark and length */
4385 gint krb_reclen = 0;
4387 gbl_do_col_info=dci;
4390 krb_rm = tvb_get_ntohl(tvb, offset);
4391 krb_reclen = kerberos_rm_to_reclen(krb_rm);
4393 * What is a reasonable size limit?
4395 if (krb_reclen > 10 * 1024 * 1024) {
4399 if (do_col_protocol) {
4400 col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4404 item = proto_tree_add_item(tree, proto_kerberos, tvb, 0, -1, ENC_NA);
4405 kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
4408 show_krb_recordmark(kerberos_tree, tvb, offset, krb_rm);
4411 /* Do some sanity checking here,
4412 * All krb5 packets start with a TAG class that is BER_CLASS_APP
4413 * and a tag value that is either of the values below:
4414 * If it doesn't look like kerberos, return 0 and let someone else have
4421 get_ber_identifier(tvb, offset, &tmp_class, &tmp_pc, &tmp_tag);
4422 if(tmp_class!=BER_CLASS_APP){
4426 case KRB5_MSG_TICKET:
4427 case KRB5_MSG_AUTHENTICATOR:
4428 case KRB5_MSG_ENC_TICKET_PART:
4429 case KRB5_MSG_AS_REQ:
4430 case KRB5_MSG_AS_REP:
4431 case KRB5_MSG_TGS_REQ:
4432 case KRB5_MSG_TGS_REP:
4433 case KRB5_MSG_AP_REQ:
4434 case KRB5_MSG_AP_REP:
4435 case KRB5_MSG_ENC_AS_REP_PART:
4436 case KRB5_MSG_ENC_TGS_REP_PART:
4437 case KRB5_MSG_ENC_AP_REP_PART:
4438 case KRB5_MSG_ENC_KRB_PRIV_PART:
4439 case KRB5_MSG_ENC_KRB_CRED_PART:
4442 case KRB5_MSG_ERROR:
4447 if (do_col_protocol) {
4448 col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4450 if (gbl_do_col_info) {
4451 col_clear(pinfo->cinfo, COL_INFO);
4454 item = proto_tree_add_item(tree, proto_kerberos, tvb, 0, -1, ENC_NA);
4455 kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
4458 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
4459 asn1_ctx.private_data = cb;
4462 offset=dissect_kerberos_Applications(FALSE, tvb, offset, &asn1_ctx , kerberos_tree, /* hf_index */ -1);
4463 } CATCH_BOUNDS_ERRORS {
4467 proto_item_set_len(item, offset);
4472 * Display the TCP record mark.
4475 show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm)
4478 proto_tree *rm_tree;
4483 rec_len = kerberos_rm_to_reclen(krb_rm);
4484 rm_tree = proto_tree_add_subtree_format(tree, tvb, start, 4, ett_krb_recordmark, NULL,
4485 "Record Mark: %u %s", rec_len, plurality(rec_len, "byte", "bytes"));
4486 proto_tree_add_boolean(rm_tree, hf_krb_rm_reserved, tvb, start, 4, krb_rm);
4487 proto_tree_add_uint(rm_tree, hf_krb_rm_reclen, tvb, start, 4, krb_rm);
4491 dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info, kerberos_callbacks *cb)
4493 return (dissect_kerberos_common(tvb, pinfo, tree, do_col_info, FALSE, FALSE, cb));
4497 kerberos_output_keytype(void)
4503 dissect_kerberos_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
4505 /* Some weird kerberos implementation apparently do krb4 on the krb5 port.
4506 Since all (except weirdo transarc krb4 stuff) use
4507 an opcode <=16 in the first byte, use this to see if it might
4509 All krb5 commands start with an APPL tag and thus is >=0x60
4510 so if first byte is <=16 just blindly assume it is krb4 then
4512 if(tvb_captured_length(tvb) >= 1 && tvb_get_guint8(tvb, 0)<=0x10){
4516 res=call_dissector_only(krb4_handle, tvb, pinfo, tree, NULL);
4524 return dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, FALSE, NULL);
4528 kerberos_rm_to_reclen(guint krb_rm)
4530 return (krb_rm & KRB_RM_RECLEN);
4534 get_krb_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_)
4539 krb_rm = tvb_get_ntohl(tvb, offset);
4540 pdulen = kerberos_rm_to_reclen(krb_rm);
4541 return (pdulen + 4);
4544 kerberos_prefs_apply_cb(void) {
4545 #ifdef HAVE_LIBNETTLE
4547 read_keytab_file(keytab_filename);
4552 dissect_kerberos_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
4554 pinfo->fragmented = TRUE;
4555 if (dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, TRUE, NULL) < 0) {
4557 * The dissector failed to recognize this as a valid
4558 * Kerberos message. Mark it as a continuation packet.
4560 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
4563 return tvb_captured_length(tvb);
4567 dissect_kerberos_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
4569 col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4570 col_clear(pinfo->cinfo, COL_INFO);
4572 tcp_dissect_pdus(tvb, pinfo, tree, krb_desegment, 4, get_krb_pdu_len,
4573 dissect_kerberos_tcp_pdu, data);
4574 return tvb_captured_length(tvb);
4577 /*--- proto_register_kerberos -------------------------------------------*/
4578 void proto_register_kerberos(void) {
4580 /* List of fields */
4582 static hf_register_info hf[] = {
4583 { &hf_krb_rm_reserved, {
4584 "Reserved", "kerberos.rm.reserved", FT_BOOLEAN, 32,
4585 TFS(&tfs_set_notset), KRB_RM_RESERVED, "Record mark reserved bit", HFILL }},
4586 { &hf_krb_rm_reclen, {
4587 "Record Length", "kerberos.rm.length", FT_UINT32, BASE_DEC,
4588 NULL, KRB_RM_RECLEN, NULL, HFILL }},
4589 { &hf_krb_provsrv_location, {
4590 "PROVSRV Location", "kerberos.provsrv_location", FT_STRING, BASE_NONE,
4591 NULL, 0, "PacketCable PROV SRV Location", HFILL }},
4592 { &hf_krb_smb_nt_status,
4593 { "NT Status", "kerberos.smb.nt_status", FT_UINT32, BASE_HEX,
4594 VALS(NT_errors), 0, "NT Status code", HFILL }},
4595 { &hf_krb_smb_unknown,
4596 { "Unknown", "kerberos.smb.unknown", FT_UINT32, BASE_HEX,
4597 NULL, 0, NULL, HFILL }},
4598 { &hf_krb_address_ip, {
4599 "IP Address", "kerberos.addr_ip", FT_IPv4, BASE_NONE,
4600 NULL, 0, NULL, HFILL }},
4601 { &hf_krb_address_ipv6, {
4602 "IPv6 Address", "kerberos.addr_ipv6", FT_IPv6, BASE_NONE,
4603 NULL, 0, NULL, HFILL }},
4604 { &hf_krb_address_netbios, {
4605 "NetBIOS Address", "kerberos.addr_nb", FT_STRING, BASE_NONE,
4606 NULL, 0, "NetBIOS Address and type", HFILL }},
4607 { &hf_krb_gssapi_len, {
4608 "Length", "kerberos.gssapi.len", FT_UINT32, BASE_DEC,
4609 NULL, 0, "Length of GSSAPI Bnd field", HFILL }},
4610 { &hf_krb_gssapi_bnd, {
4611 "Bnd", "kerberos.gssapi.bdn", FT_BYTES, BASE_NONE,
4612 NULL, 0, "GSSAPI Bnd field", HFILL }},
4613 { &hf_krb_gssapi_c_flag_deleg, {
4614 "Deleg", "kerberos.gssapi.checksum.flags.deleg", FT_BOOLEAN, 32,
4615 TFS(&tfs_gss_flags_deleg), KRB5_GSS_C_DELEG_FLAG, NULL, HFILL }},
4616 { &hf_krb_gssapi_c_flag_mutual, {
4617 "Mutual", "kerberos.gssapi.checksum.flags.mutual", FT_BOOLEAN, 32,
4618 TFS(&tfs_gss_flags_mutual), KRB5_GSS_C_MUTUAL_FLAG, NULL, HFILL }},
4619 { &hf_krb_gssapi_c_flag_replay, {
4620 "Replay", "kerberos.gssapi.checksum.flags.replay", FT_BOOLEAN, 32,
4621 TFS(&tfs_gss_flags_replay), KRB5_GSS_C_REPLAY_FLAG, NULL, HFILL }},
4622 { &hf_krb_gssapi_c_flag_sequence, {
4623 "Sequence", "kerberos.gssapi.checksum.flags.sequence", FT_BOOLEAN, 32,
4624 TFS(&tfs_gss_flags_sequence), KRB5_GSS_C_SEQUENCE_FLAG, NULL, HFILL }},
4625 { &hf_krb_gssapi_c_flag_conf, {
4626 "Conf", "kerberos.gssapi.checksum.flags.conf", FT_BOOLEAN, 32,
4627 TFS(&tfs_gss_flags_conf), KRB5_GSS_C_CONF_FLAG, NULL, HFILL }},
4628 { &hf_krb_gssapi_c_flag_integ, {
4629 "Integ", "kerberos.gssapi.checksum.flags.integ", FT_BOOLEAN, 32,
4630 TFS(&tfs_gss_flags_integ), KRB5_GSS_C_INTEG_FLAG, NULL, HFILL }},
4631 { &hf_krb_gssapi_c_flag_dce_style, {
4632 "DCE-style", "kerberos.gssapi.checksum.flags.dce-style", FT_BOOLEAN, 32,
4633 TFS(&tfs_gss_flags_dce_style), KRB5_GSS_C_DCE_STYLE, NULL, HFILL }},
4634 { &hf_krb_gssapi_dlgopt, {
4635 "DlgOpt", "kerberos.gssapi.dlgopt", FT_UINT16, BASE_DEC,
4636 NULL, 0, "GSSAPI DlgOpt", HFILL }},
4637 { &hf_krb_gssapi_dlglen, {
4638 "DlgLen", "kerberos.gssapi.dlglen", FT_UINT16, BASE_DEC,
4639 NULL, 0, "GSSAPI DlgLen", HFILL }},
4640 { &hf_krb_midl_blob_len, {
4641 "Blob Length", "kerberos.midl_blob_len", FT_UINT64, BASE_DEC,
4642 NULL, 0, "Length of NDR encoded data that follows", HFILL }},
4643 { &hf_krb_midl_fill_bytes, {
4644 "Fill bytes", "kerberos.midl.fill_bytes", FT_UINT32, BASE_HEX,
4645 NULL, 0, "Just some fill bytes", HFILL }},
4646 { &hf_krb_midl_version, {
4647 "Version", "kerberos.midl.version", FT_UINT8, BASE_DEC,
4648 NULL, 0, "Version of pickling", HFILL }},
4649 { &hf_krb_midl_hdr_len, {
4650 "HDR Length", "kerberos.midl.hdr_len", FT_UINT16, BASE_DEC,
4651 NULL, 0, "Length of header", HFILL }},
4652 { &hf_krb_pac_signature_type, {
4653 "Type", "kerberos.pac.signature.type", FT_INT32, BASE_DEC,
4654 NULL, 0, "PAC Signature Type", HFILL }},
4655 { &hf_krb_pac_signature_signature, {
4656 "Signature", "kerberos.pac.signature.signature", FT_BYTES, BASE_NONE,
4657 NULL, 0, "A PAC signature blob", HFILL }},
4658 { &hf_krb_w2k_pac_entries, {
4659 "Num Entries", "kerberos.pac.entries", FT_UINT32, BASE_DEC,
4660 NULL, 0, "Number of W2k PAC entries", HFILL }},
4661 { &hf_krb_w2k_pac_version, {
4662 "Version", "kerberos.pac.version", FT_UINT32, BASE_DEC,
4663 NULL, 0, "Version of PAC structures", HFILL }},
4664 { &hf_krb_w2k_pac_type, {
4665 "Type", "kerberos.pac.type", FT_UINT32, BASE_DEC,
4666 VALS(w2k_pac_types), 0, "Type of W2k PAC entry", HFILL }},
4667 { &hf_krb_w2k_pac_size, {
4668 "Size", "kerberos.pac.size", FT_UINT32, BASE_DEC,
4669 NULL, 0, "Size of W2k PAC entry", HFILL }},
4670 { &hf_krb_w2k_pac_offset, {
4671 "Offset", "kerberos.pac.offset", FT_UINT32, BASE_DEC,
4672 NULL, 0, "Offset to W2k PAC entry", HFILL }},
4673 { &hf_krb_pac_clientid, {
4674 "ClientID", "kerberos.pac.clientid", FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL,
4675 NULL, 0, "ClientID Timestamp", HFILL }},
4676 { &hf_krb_pac_namelen, {
4677 "Name Length", "kerberos.pac.namelen", FT_UINT16, BASE_DEC,
4678 NULL, 0, "Length of client name", HFILL }},
4679 { &hf_krb_pac_clientname, {
4680 "Name", "kerberos.pac.name", FT_STRING, BASE_NONE,
4681 NULL, 0, "Name of the Client in the PAC structure", HFILL }},
4682 { &hf_krb_pac_logon_info, {
4683 "PAC_LOGON_INFO", "kerberos.pac_logon_info", FT_BYTES, BASE_NONE,
4684 NULL, 0, "PAC_LOGON_INFO structure", HFILL }},
4685 { &hf_krb_pac_credential_type, {
4686 "PAC_CREDENTIAL_TYPE", "kerberos.pac_credential_type", FT_BYTES, BASE_NONE,
4687 NULL, 0, "PAC_CREDENTIAL_TYPE structure", HFILL }},
4688 { &hf_krb_pac_server_checksum, {
4689 "PAC_SERVER_CHECKSUM", "kerberos.pac_server_checksum", FT_BYTES, BASE_NONE,
4690 NULL, 0, "PAC_SERVER_CHECKSUM structure", HFILL }},
4691 { &hf_krb_pac_privsvr_checksum, {
4692 "PAC_PRIVSVR_CHECKSUM", "kerberos.pac_privsvr_checksum", FT_BYTES, BASE_NONE,
4693 NULL, 0, "PAC_PRIVSVR_CHECKSUM structure", HFILL }},
4694 { &hf_krb_pac_client_info_type, {
4695 "PAC_CLIENT_INFO_TYPE", "kerberos.pac_client_info_type", FT_BYTES, BASE_NONE,
4696 NULL, 0, "PAC_CLIENT_INFO_TYPE structure", HFILL }},
4697 { &hf_krb_pac_s4u_delegation_info, {
4698 "PAC_S4U_DELEGATION_INFO", "kerberos.pac_s4u_delegation_info", FT_BYTES, BASE_NONE,
4699 NULL, 0, "PAC_S4U_DELEGATION_INFO structure", HFILL }},
4700 { &hf_krb_pac_upn_dns_info, {
4701 "UPN_DNS_INFO", "kerberos.pac_upn_dns_info", FT_BYTES, BASE_NONE,
4702 NULL, 0, "UPN_DNS_INFO structure", HFILL }},
4703 { &hf_krb_pac_upn_flags, {
4704 "Flags", "kerberos.pac.upn.flags", FT_UINT32, BASE_HEX,
4705 NULL, 0, "UPN flags", HFILL }},
4706 { &hf_krb_pac_upn_dns_offset, {
4707 "DNS Offset", "kerberos.pac.upn.dns_offset", FT_UINT16, BASE_DEC,
4708 NULL, 0, NULL, HFILL }},
4709 { &hf_krb_pac_upn_dns_len, {
4710 "DNS Len", "kerberos.pac.upn.dns_len", FT_UINT16, BASE_DEC,
4711 NULL, 0, NULL, HFILL }},
4712 { &hf_krb_pac_upn_upn_offset, {
4713 "UPN Offset", "kerberos.pac.upn.upn_offset", FT_UINT16, BASE_DEC,
4714 NULL, 0, NULL, HFILL }},
4715 { &hf_krb_pac_upn_upn_len, {
4716 "UPN Len", "kerberos.pac.upn.upn_len", FT_UINT16, BASE_DEC,
4717 NULL, 0, NULL, HFILL }},
4718 { &hf_krb_pac_upn_upn_name, {
4719 "UPN Name", "kerberos.pac.upn.upn_name", FT_STRING, BASE_NONE,
4720 NULL, 0, NULL, HFILL }},
4721 { &hf_krb_pac_upn_dns_name, {
4722 "DNS Name", "kerberos.pac.upn.dns_name", FT_STRING, BASE_NONE,
4723 NULL, 0, NULL, HFILL }},
4726 /*--- Included file: packet-kerberos-hfarr.c ---*/
4727 #line 1 "./asn1/kerberos/packet-kerberos-hfarr.c"
4728 { &hf_kerberos_ticket,
4729 { "ticket", "kerberos.ticket_element",
4730 FT_NONE, BASE_NONE, NULL, 0,
4732 { &hf_kerberos_authenticator,
4733 { "authenticator", "kerberos.authenticator_element",
4734 FT_NONE, BASE_NONE, NULL, 0,
4736 { &hf_kerberos_encTicketPart,
4737 { "encTicketPart", "kerberos.encTicketPart_element",
4738 FT_NONE, BASE_NONE, NULL, 0,
4740 { &hf_kerberos_as_req,
4741 { "as-req", "kerberos.as_req_element",
4742 FT_NONE, BASE_NONE, NULL, 0,
4744 { &hf_kerberos_as_rep,
4745 { "as-rep", "kerberos.as_rep_element",
4746 FT_NONE, BASE_NONE, NULL, 0,
4748 { &hf_kerberos_tgs_req,
4749 { "tgs-req", "kerberos.tgs_req_element",
4750 FT_NONE, BASE_NONE, NULL, 0,
4752 { &hf_kerberos_tgs_rep,
4753 { "tgs-rep", "kerberos.tgs_rep_element",
4754 FT_NONE, BASE_NONE, NULL, 0,
4756 { &hf_kerberos_ap_req,
4757 { "ap-req", "kerberos.ap_req_element",
4758 FT_NONE, BASE_NONE, NULL, 0,
4760 { &hf_kerberos_ap_rep,
4761 { "ap-rep", "kerberos.ap_rep_element",
4762 FT_NONE, BASE_NONE, NULL, 0,
4764 { &hf_kerberos_krb_safe,
4765 { "krb-safe", "kerberos.krb_safe_element",
4766 FT_NONE, BASE_NONE, NULL, 0,
4768 { &hf_kerberos_krb_priv,
4769 { "krb-priv", "kerberos.krb_priv_element",
4770 FT_NONE, BASE_NONE, NULL, 0,
4772 { &hf_kerberos_krb_cred,
4773 { "krb-cred", "kerberos.krb_cred_element",
4774 FT_NONE, BASE_NONE, NULL, 0,
4776 { &hf_kerberos_encASRepPart,
4777 { "encASRepPart", "kerberos.encASRepPart_element",
4778 FT_NONE, BASE_NONE, NULL, 0,
4780 { &hf_kerberos_encTGSRepPart,
4781 { "encTGSRepPart", "kerberos.encTGSRepPart_element",
4782 FT_NONE, BASE_NONE, NULL, 0,
4784 { &hf_kerberos_encAPRepPart,
4785 { "encAPRepPart", "kerberos.encAPRepPart_element",
4786 FT_NONE, BASE_NONE, NULL, 0,
4788 { &hf_kerberos_encKrbPrivPart,
4789 { "encKrbPrivPart", "kerberos.encKrbPrivPart_element",
4790 FT_NONE, BASE_NONE, NULL, 0,
4791 "ENC_KRB_PRIV_PART", HFILL }},
4792 { &hf_kerberos_encKrbCredPart,
4793 { "encKrbCredPart", "kerberos.encKrbCredPart_element",
4794 FT_NONE, BASE_NONE, NULL, 0,
4796 { &hf_kerberos_krb_error,
4797 { "krb-error", "kerberos.krb_error_element",
4798 FT_NONE, BASE_NONE, NULL, 0,
4800 { &hf_kerberos_name_type,
4801 { "name-type", "kerberos.name_type",
4802 FT_INT32, BASE_DEC, VALS(kerberos_NAME_TYPE_vals), 0,
4804 { &hf_kerberos_name_string,
4805 { "name-string", "kerberos.name_string",
4806 FT_UINT32, BASE_DEC, NULL, 0,
4807 "SEQUENCE_OF_KerberosString", HFILL }},
4808 { &hf_kerberos_name_string_item,
4809 { "KerberosString", "kerberos.KerberosString",
4810 FT_STRING, BASE_NONE, NULL, 0,
4812 { &hf_kerberos_cname_string,
4813 { "cname-string", "kerberos.cname_string",
4814 FT_UINT32, BASE_DEC, NULL, 0,
4815 "SEQUENCE_OF_CNameString", HFILL }},
4816 { &hf_kerberos_cname_string_item,
4817 { "CNameString", "kerberos.CNameString",
4818 FT_STRING, BASE_NONE, NULL, 0,
4820 { &hf_kerberos_sname_string,
4821 { "sname-string", "kerberos.sname_string",
4822 FT_UINT32, BASE_DEC, NULL, 0,
4823 "SEQUENCE_OF_SNameString", HFILL }},
4824 { &hf_kerberos_sname_string_item,
4825 { "SNameString", "kerberos.SNameString",
4826 FT_STRING, BASE_NONE, NULL, 0,
4828 { &hf_kerberos_addr_type,
4829 { "addr-type", "kerberos.addr_type",
4830 FT_INT32, BASE_DEC, VALS(kerberos_ADDR_TYPE_vals), 0,
4832 { &hf_kerberos_address,
4833 { "address", "kerberos.address",
4834 FT_BYTES, BASE_NONE, NULL, 0,
4836 { &hf_kerberos_HostAddresses_item,
4837 { "HostAddress", "kerberos.HostAddress_element",
4838 FT_NONE, BASE_NONE, NULL, 0,
4840 { &hf_kerberos_AuthorizationData_item,
4841 { "AuthorizationData item", "kerberos.AuthorizationData_item_element",
4842 FT_NONE, BASE_NONE, NULL, 0,
4844 { &hf_kerberos_ad_type,
4845 { "ad-type", "kerberos.ad_type",
4846 FT_INT32, BASE_DEC, VALS(krb5_ad_types), 0,
4848 { &hf_kerberos_ad_data,
4849 { "ad-data", "kerberos.ad_data",
4850 FT_BYTES, BASE_NONE, NULL, 0,
4852 { &hf_kerberos_padata_type,
4853 { "padata-type", "kerberos.padata_type",
4854 FT_INT32, BASE_DEC, VALS(kerberos_PADATA_TYPE_vals), 0,
4856 { &hf_kerberos_padata_value,
4857 { "padata-value", "kerberos.padata_value",
4858 FT_BYTES, BASE_NONE, NULL, 0,
4860 { &hf_kerberos_keytype,
4861 { "keytype", "kerberos.keytype",
4862 FT_INT32, BASE_DEC, NULL, 0,
4864 { &hf_kerberos_keyvalue,
4865 { "keyvalue", "kerberos.keyvalue",
4866 FT_BYTES, BASE_NONE, NULL, 0,
4868 { &hf_kerberos_cksumtype,
4869 { "cksumtype", "kerberos.cksumtype",
4870 FT_INT32, BASE_DEC, VALS(kerberos_CKSUMTYPE_vals), 0,
4872 { &hf_kerberos_checksum,
4873 { "checksum", "kerberos.checksum",
4874 FT_BYTES, BASE_NONE, NULL, 0,
4876 { &hf_kerberos_etype,
4877 { "etype", "kerberos.etype",
4878 FT_INT32, BASE_DEC, VALS(kerberos_ENCTYPE_vals), 0,
4879 "ENCTYPE", HFILL }},
4880 { &hf_kerberos_kvno,
4881 { "kvno", "kerberos.kvno",
4882 FT_UINT32, BASE_DEC, NULL, 0,
4884 { &hf_kerberos_encryptedTicketData_cipher,
4885 { "cipher", "kerberos.cipher",
4886 FT_BYTES, BASE_NONE, NULL, 0,
4887 "T_encryptedTicketData_cipher", HFILL }},
4888 { &hf_kerberos_encryptedAuthorizationData_cipher,
4889 { "cipher", "kerberos.cipher",
4890 FT_BYTES, BASE_NONE, NULL, 0,
4891 "T_encryptedAuthorizationData_cipher", HFILL }},
4892 { &hf_kerberos_encryptedKDCREPData_cipher,
4893 { "cipher", "kerberos.cipher",
4894 FT_BYTES, BASE_NONE, NULL, 0,
4895 "T_encryptedKDCREPData_cipher", HFILL }},
4896 { &hf_kerberos_encryptedAPREPData_cipher,
4897 { "cipher", "kerberos.cipher",
4898 FT_BYTES, BASE_NONE, NULL, 0,
4899 "T_encryptedAPREPData_cipher", HFILL }},
4900 { &hf_kerberos_encryptedKrbPrivData_cipher,
4901 { "cipher", "kerberos.cipher",
4902 FT_BYTES, BASE_NONE, NULL, 0,
4903 "T_encryptedKrbPrivData_cipher", HFILL }},
4904 { &hf_kerberos_encryptedKrbCredData_cipher,
4905 { "cipher", "kerberos.cipher",
4906 FT_BYTES, BASE_NONE, NULL, 0,
4907 "T_encryptedKrbCredData_cipher", HFILL }},
4908 { &hf_kerberos_tkt_vno,
4909 { "tkt-vno", "kerberos.tkt_vno",
4910 FT_UINT32, BASE_DEC, NULL, 0,
4911 "INTEGER_5", HFILL }},
4912 { &hf_kerberos_realm,
4913 { "realm", "kerberos.realm",
4914 FT_STRING, BASE_NONE, NULL, 0,
4916 { &hf_kerberos_sname,
4917 { "sname", "kerberos.sname_element",
4918 FT_NONE, BASE_NONE, NULL, 0,
4920 { &hf_kerberos_ticket_enc_part,
4921 { "enc-part", "kerberos.enc_part_element",
4922 FT_NONE, BASE_NONE, NULL, 0,
4923 "EncryptedTicketData", HFILL }},
4924 { &hf_kerberos_flags,
4925 { "flags", "kerberos.flags",
4926 FT_BYTES, BASE_NONE, NULL, 0,
4927 "TicketFlags", HFILL }},
4929 { "key", "kerberos.key_element",
4930 FT_NONE, BASE_NONE, NULL, 0,
4931 "EncryptionKey", HFILL }},
4932 { &hf_kerberos_crealm,
4933 { "crealm", "kerberos.crealm",
4934 FT_STRING, BASE_NONE, NULL, 0,
4936 { &hf_kerberos_cname,
4937 { "cname", "kerberos.cname_element",
4938 FT_NONE, BASE_NONE, NULL, 0,
4940 { &hf_kerberos_transited,
4941 { "transited", "kerberos.transited_element",
4942 FT_NONE, BASE_NONE, NULL, 0,
4943 "TransitedEncoding", HFILL }},
4944 { &hf_kerberos_authtime,
4945 { "authtime", "kerberos.authtime",
4946 FT_STRING, BASE_NONE, NULL, 0,
4947 "KerberosTime", HFILL }},
4948 { &hf_kerberos_starttime,
4949 { "starttime", "kerberos.starttime",
4950 FT_STRING, BASE_NONE, NULL, 0,
4951 "KerberosTime", HFILL }},
4952 { &hf_kerberos_endtime,
4953 { "endtime", "kerberos.endtime",
4954 FT_STRING, BASE_NONE, NULL, 0,
4955 "KerberosTime", HFILL }},
4956 { &hf_kerberos_renew_till,
4957 { "renew-till", "kerberos.renew_till",
4958 FT_STRING, BASE_NONE, NULL, 0,
4959 "KerberosTime", HFILL }},
4960 { &hf_kerberos_caddr,
4961 { "caddr", "kerberos.caddr",
4962 FT_UINT32, BASE_DEC, NULL, 0,
4963 "HostAddresses", HFILL }},
4964 { &hf_kerberos_authorization_data,
4965 { "authorization-data", "kerberos.authorization_data",
4966 FT_UINT32, BASE_DEC, NULL, 0,
4967 "AuthorizationData", HFILL }},
4968 { &hf_kerberos_tr_type,
4969 { "tr-type", "kerberos.tr_type",
4970 FT_INT32, BASE_DEC, NULL, 0,
4972 { &hf_kerberos_contents,
4973 { "contents", "kerberos.contents",
4974 FT_BYTES, BASE_NONE, NULL, 0,
4975 "OCTET_STRING", HFILL }},
4976 { &hf_kerberos_pvno,
4977 { "pvno", "kerberos.pvno",
4978 FT_UINT32, BASE_DEC, NULL, 0,
4979 "INTEGER_5", HFILL }},
4980 { &hf_kerberos_msg_type,
4981 { "msg-type", "kerberos.msg_type",
4982 FT_INT32, BASE_DEC, VALS(kerberos_MESSAGE_TYPE_vals), 0,
4983 "MESSAGE_TYPE", HFILL }},
4984 { &hf_kerberos_padata,
4985 { "padata", "kerberos.padata",
4986 FT_UINT32, BASE_DEC, NULL, 0,
4987 "SEQUENCE_OF_PA_DATA", HFILL }},
4988 { &hf_kerberos_padata_item,
4989 { "PA-DATA", "kerberos.PA_DATA_element",
4990 FT_NONE, BASE_NONE, NULL, 0,
4992 { &hf_kerberos_req_body,
4993 { "req-body", "kerberos.req_body_element",
4994 FT_NONE, BASE_NONE, NULL, 0,
4995 "KDC_REQ_BODY", HFILL }},
4996 { &hf_kerberos_kdc_options,
4997 { "kdc-options", "kerberos.kdc_options",
4998 FT_BYTES, BASE_NONE, NULL, 0,
4999 "KDCOptions", HFILL }},
5000 { &hf_kerberos_from,
5001 { "from", "kerberos.from",
5002 FT_STRING, BASE_NONE, NULL, 0,
5003 "KerberosTime", HFILL }},
5004 { &hf_kerberos_till,
5005 { "till", "kerberos.till",
5006 FT_STRING, BASE_NONE, NULL, 0,
5007 "KerberosTime", HFILL }},
5008 { &hf_kerberos_rtime,
5009 { "rtime", "kerberos.rtime",
5010 FT_STRING, BASE_NONE, NULL, 0,
5011 "KerberosTime", HFILL }},
5012 { &hf_kerberos_nonce,
5013 { "nonce", "kerberos.nonce",
5014 FT_UINT32, BASE_DEC, NULL, 0,
5016 { &hf_kerberos_kDC_REQ_BODY_etype,
5017 { "etype", "kerberos.etype",
5018 FT_UINT32, BASE_DEC, NULL, 0,
5019 "SEQUENCE_OF_ENCTYPE", HFILL }},
5020 { &hf_kerberos_kDC_REQ_BODY_etype_item,
5021 { "ENCTYPE", "kerberos.ENCTYPE",
5022 FT_INT32, BASE_DEC, VALS(kerberos_ENCTYPE_vals), 0,
5024 { &hf_kerberos_addresses,
5025 { "addresses", "kerberos.addresses",
5026 FT_UINT32, BASE_DEC, NULL, 0,
5027 "HostAddresses", HFILL }},
5028 { &hf_kerberos_enc_authorization_data,
5029 { "enc-authorization-data", "kerberos.enc_authorization_data_element",
5030 FT_NONE, BASE_NONE, NULL, 0,
5031 "EncryptedAuthorizationData", HFILL }},
5032 { &hf_kerberos_additional_tickets,
5033 { "additional-tickets", "kerberos.additional_tickets",
5034 FT_UINT32, BASE_DEC, NULL, 0,
5035 "SEQUENCE_OF_Ticket", HFILL }},
5036 { &hf_kerberos_additional_tickets_item,
5037 { "Ticket", "kerberos.Ticket_element",
5038 FT_NONE, BASE_NONE, NULL, 0,
5040 { &hf_kerberos_kDC_REP_enc_part,
5041 { "enc-part", "kerberos.enc_part_element",
5042 FT_NONE, BASE_NONE, NULL, 0,
5043 "EncryptedKDCREPData", HFILL }},
5044 { &hf_kerberos_last_req,
5045 { "last-req", "kerberos.last_req",
5046 FT_UINT32, BASE_DEC, NULL, 0,
5047 "LastReq", HFILL }},
5048 { &hf_kerberos_key_expiration,
5049 { "key-expiration", "kerberos.key_expiration",
5050 FT_STRING, BASE_NONE, NULL, 0,
5051 "KerberosTime", HFILL }},
5052 { &hf_kerberos_srealm,
5053 { "srealm", "kerberos.srealm",
5054 FT_STRING, BASE_NONE, NULL, 0,
5056 { &hf_kerberos_encrypted_pa_data,
5057 { "encrypted-pa-data", "kerberos.encrypted_pa_data",
5058 FT_UINT32, BASE_DEC, NULL, 0,
5059 "METHOD_DATA", HFILL }},
5060 { &hf_kerberos_LastReq_item,
5061 { "LastReq item", "kerberos.LastReq_item_element",
5062 FT_NONE, BASE_NONE, NULL, 0,
5064 { &hf_kerberos_lr_type,
5065 { "lr-type", "kerberos.lr_type",
5066 FT_INT32, BASE_DEC, VALS(kerberos_LR_TYPE_vals), 0,
5068 { &hf_kerberos_lr_value,
5069 { "lr-value", "kerberos.lr_value",
5070 FT_STRING, BASE_NONE, NULL, 0,
5071 "KerberosTime", HFILL }},
5072 { &hf_kerberos_ap_options,
5073 { "ap-options", "kerberos.ap_options",
5074 FT_BYTES, BASE_NONE, NULL, 0,
5075 "APOptions", HFILL }},
5076 { &hf_kerberos_authenticator_01,
5077 { "authenticator", "kerberos.authenticator_element",
5078 FT_NONE, BASE_NONE, NULL, 0,
5079 "EncryptedAuthorizationData", HFILL }},
5080 { &hf_kerberos_authenticator_vno,
5081 { "authenticator-vno", "kerberos.authenticator_vno",
5082 FT_UINT32, BASE_DEC, NULL, 0,
5083 "INTEGER_5", HFILL }},
5084 { &hf_kerberos_cksum,
5085 { "cksum", "kerberos.cksum_element",
5086 FT_NONE, BASE_NONE, NULL, 0,
5087 "Checksum", HFILL }},
5088 { &hf_kerberos_cusec,
5089 { "cusec", "kerberos.cusec",
5090 FT_UINT32, BASE_DEC, NULL, 0,
5091 "Microseconds", HFILL }},
5092 { &hf_kerberos_ctime,
5093 { "ctime", "kerberos.ctime",
5094 FT_STRING, BASE_NONE, NULL, 0,
5095 "KerberosTime", HFILL }},
5096 { &hf_kerberos_subkey,
5097 { "subkey", "kerberos.subkey_element",
5098 FT_NONE, BASE_NONE, NULL, 0,
5099 "EncryptionKey", HFILL }},
5100 { &hf_kerberos_seq_number,
5101 { "seq-number", "kerberos.seq_number",
5102 FT_UINT32, BASE_DEC, NULL, 0,
5104 { &hf_kerberos_aP_REP_enc_part,
5105 { "enc-part", "kerberos.enc_part_element",
5106 FT_NONE, BASE_NONE, NULL, 0,
5107 "EncryptedAPREPData", HFILL }},
5108 { &hf_kerberos_safe_body,
5109 { "safe-body", "kerberos.safe_body_element",
5110 FT_NONE, BASE_NONE, NULL, 0,
5111 "KRB_SAFE_BODY", HFILL }},
5112 { &hf_kerberos_kRB_SAFE_BODY_user_data,
5113 { "user-data", "kerberos.user_data",
5114 FT_BYTES, BASE_NONE, NULL, 0,
5115 "T_kRB_SAFE_BODY_user_data", HFILL }},
5116 { &hf_kerberos_timestamp,
5117 { "timestamp", "kerberos.timestamp",
5118 FT_STRING, BASE_NONE, NULL, 0,
5119 "KerberosTime", HFILL }},
5120 { &hf_kerberos_usec,
5121 { "usec", "kerberos.usec",
5122 FT_UINT32, BASE_DEC, NULL, 0,
5123 "Microseconds", HFILL }},
5124 { &hf_kerberos_s_address,
5125 { "s-address", "kerberos.s_address_element",
5126 FT_NONE, BASE_NONE, NULL, 0,
5127 "HostAddress", HFILL }},
5128 { &hf_kerberos_r_address,
5129 { "r-address", "kerberos.r_address_element",
5130 FT_NONE, BASE_NONE, NULL, 0,
5131 "HostAddress", HFILL }},
5132 { &hf_kerberos_kRB_PRIV_enc_part,
5133 { "enc-part", "kerberos.enc_part_element",
5134 FT_NONE, BASE_NONE, NULL, 0,
5135 "EncryptedKrbPrivData", HFILL }},
5136 { &hf_kerberos_encKrbPrivPart_user_data,
5137 { "user-data", "kerberos.user_data",
5138 FT_BYTES, BASE_NONE, NULL, 0,
5139 "T_encKrbPrivPart_user_data", HFILL }},
5140 { &hf_kerberos_tickets,
5141 { "tickets", "kerberos.tickets",
5142 FT_UINT32, BASE_DEC, NULL, 0,
5143 "SEQUENCE_OF_Ticket", HFILL }},
5144 { &hf_kerberos_tickets_item,
5145 { "Ticket", "kerberos.Ticket_element",
5146 FT_NONE, BASE_NONE, NULL, 0,
5148 { &hf_kerberos_kRB_CRED_enc_part,
5149 { "enc-part", "kerberos.enc_part_element",
5150 FT_NONE, BASE_NONE, NULL, 0,
5151 "EncryptedKrbCredData", HFILL }},
5152 { &hf_kerberos_ticket_info,
5153 { "ticket-info", "kerberos.ticket_info",
5154 FT_UINT32, BASE_DEC, NULL, 0,
5155 "SEQUENCE_OF_KrbCredInfo", HFILL }},
5156 { &hf_kerberos_ticket_info_item,
5157 { "KrbCredInfo", "kerberos.KrbCredInfo_element",
5158 FT_NONE, BASE_NONE, NULL, 0,
5160 { &hf_kerberos_prealm,
5161 { "prealm", "kerberos.prealm",
5162 FT_STRING, BASE_NONE, NULL, 0,
5164 { &hf_kerberos_pname,
5165 { "pname", "kerberos.pname_element",
5166 FT_NONE, BASE_NONE, NULL, 0,
5167 "PrincipalName", HFILL }},
5168 { &hf_kerberos_stime,
5169 { "stime", "kerberos.stime",
5170 FT_STRING, BASE_NONE, NULL, 0,
5171 "KerberosTime", HFILL }},
5172 { &hf_kerberos_susec,
5173 { "susec", "kerberos.susec",
5174 FT_UINT32, BASE_DEC, NULL, 0,
5175 "Microseconds", HFILL }},
5176 { &hf_kerberos_error_code,
5177 { "error-code", "kerberos.error_code",
5178 FT_INT32, BASE_DEC, VALS(kerberos_ERROR_CODE_vals), 0,
5180 { &hf_kerberos_e_text,
5181 { "e-text", "kerberos.e_text",
5182 FT_STRING, BASE_NONE, NULL, 0,
5183 "KerberosString", HFILL }},
5184 { &hf_kerberos_e_data,
5185 { "e-data", "kerberos.e_data",
5186 FT_BYTES, BASE_NONE, NULL, 0,
5188 { &hf_kerberos_e_checksum,
5189 { "e-checksum", "kerberos.e_checksum_element",
5190 FT_NONE, BASE_NONE, NULL, 0,
5191 "Checksum", HFILL }},
5192 { &hf_kerberos_METHOD_DATA_item,
5193 { "PA-DATA", "kerberos.PA_DATA_element",
5194 FT_NONE, BASE_NONE, NULL, 0,
5196 { &hf_kerberos_pA_ENC_TIMESTAMP_cipher,
5197 { "cipher", "kerberos.cipher",
5198 FT_BYTES, BASE_NONE, NULL, 0,
5199 "T_pA_ENC_TIMESTAMP_cipher", HFILL }},
5200 { &hf_kerberos_salt,
5201 { "salt", "kerberos.salt",
5202 FT_BYTES, BASE_NONE, NULL, 0,
5203 "OCTET_STRING", HFILL }},
5204 { &hf_kerberos_ETYPE_INFO_item,
5205 { "ETYPE-INFO-ENTRY", "kerberos.ETYPE_INFO_ENTRY_element",
5206 FT_NONE, BASE_NONE, NULL, 0,
5208 { &hf_kerberos_salt_01,
5209 { "salt", "kerberos.salt",
5210 FT_STRING, BASE_NONE, NULL, 0,
5211 "KerberosString", HFILL }},
5212 { &hf_kerberos_s2kparams,
5213 { "s2kparams", "kerberos.s2kparams",
5214 FT_BYTES, BASE_NONE, NULL, 0,
5215 "OCTET_STRING", HFILL }},
5216 { &hf_kerberos_ETYPE_INFO2_item,
5217 { "ETYPE-INFO2-ENTRY", "kerberos.ETYPE_INFO2_ENTRY_element",
5218 FT_NONE, BASE_NONE, NULL, 0,
5220 { &hf_kerberos_name,
5221 { "name", "kerberos.name_element",
5222 FT_NONE, BASE_NONE, NULL, 0,
5223 "PrincipalName", HFILL }},
5224 { &hf_kerberos_auth,
5225 { "auth", "kerberos.auth",
5226 FT_STRING, BASE_NONE, NULL, 0,
5227 "GeneralString", HFILL }},
5228 { &hf_kerberos_include_pac,
5229 { "include-pac", "kerberos.include_pac",
5230 FT_BOOLEAN, BASE_NONE, NULL, 0,
5231 "BOOLEAN", HFILL }},
5232 { &hf_kerberos_newpasswd,
5233 { "newpasswd", "kerberos.newpasswd",
5234 FT_BYTES, BASE_NONE, NULL, 0,
5235 "OCTET_STRING", HFILL }},
5236 { &hf_kerberos_targname,
5237 { "targname", "kerberos.targname_element",
5238 FT_NONE, BASE_NONE, NULL, 0,
5239 "PrincipalName", HFILL }},
5240 { &hf_kerberos_targrealm,
5241 { "targrealm", "kerberos.targrealm",
5242 FT_STRING, BASE_NONE, NULL, 0,
5244 { &hf_kerberos_APOptions_reserved,
5245 { "reserved", "kerberos.reserved",
5246 FT_BOOLEAN, 8, NULL, 0x80,
5248 { &hf_kerberos_APOptions_use_session_key,
5249 { "use-session-key", "kerberos.use-session-key",
5250 FT_BOOLEAN, 8, NULL, 0x40,
5252 { &hf_kerberos_APOptions_mutual_required,
5253 { "mutual-required", "kerberos.mutual-required",
5254 FT_BOOLEAN, 8, NULL, 0x20,
5256 { &hf_kerberos_TicketFlags_reserved,
5257 { "reserved", "kerberos.reserved",
5258 FT_BOOLEAN, 8, NULL, 0x80,
5260 { &hf_kerberos_TicketFlags_forwardable,
5261 { "forwardable", "kerberos.forwardable",
5262 FT_BOOLEAN, 8, NULL, 0x40,
5264 { &hf_kerberos_TicketFlags_forwarded,
5265 { "forwarded", "kerberos.forwarded",
5266 FT_BOOLEAN, 8, NULL, 0x20,
5268 { &hf_kerberos_TicketFlags_proxiable,
5269 { "proxiable", "kerberos.proxiable",
5270 FT_BOOLEAN, 8, NULL, 0x10,
5272 { &hf_kerberos_TicketFlags_proxy,
5273 { "proxy", "kerberos.proxy",
5274 FT_BOOLEAN, 8, NULL, 0x08,
5276 { &hf_kerberos_TicketFlags_may_postdate,
5277 { "may-postdate", "kerberos.may-postdate",
5278 FT_BOOLEAN, 8, NULL, 0x04,
5280 { &hf_kerberos_TicketFlags_postdated,
5281 { "postdated", "kerberos.postdated",
5282 FT_BOOLEAN, 8, NULL, 0x02,
5284 { &hf_kerberos_TicketFlags_invalid,
5285 { "invalid", "kerberos.invalid",
5286 FT_BOOLEAN, 8, NULL, 0x01,
5288 { &hf_kerberos_TicketFlags_renewable,
5289 { "renewable", "kerberos.renewable",
5290 FT_BOOLEAN, 8, NULL, 0x80,
5292 { &hf_kerberos_TicketFlags_initial,
5293 { "initial", "kerberos.initial",
5294 FT_BOOLEAN, 8, NULL, 0x40,
5296 { &hf_kerberos_TicketFlags_pre_authent,
5297 { "pre-authent", "kerberos.pre-authent",
5298 FT_BOOLEAN, 8, NULL, 0x20,
5300 { &hf_kerberos_TicketFlags_hw_authent,
5301 { "hw-authent", "kerberos.hw-authent",
5302 FT_BOOLEAN, 8, NULL, 0x10,
5304 { &hf_kerberos_TicketFlags_transited_policy_checked,
5305 { "transited-policy-checked", "kerberos.transited-policy-checked",
5306 FT_BOOLEAN, 8, NULL, 0x08,
5308 { &hf_kerberos_TicketFlags_ok_as_delegate,
5309 { "ok-as-delegate", "kerberos.ok-as-delegate",
5310 FT_BOOLEAN, 8, NULL, 0x04,
5312 { &hf_kerberos_TicketFlags_anonymous,
5313 { "anonymous", "kerberos.anonymous",
5314 FT_BOOLEAN, 8, NULL, 0x02,
5316 { &hf_kerberos_KDCOptions_reserved,
5317 { "reserved", "kerberos.reserved",
5318 FT_BOOLEAN, 8, NULL, 0x80,
5320 { &hf_kerberos_KDCOptions_forwardable,
5321 { "forwardable", "kerberos.forwardable",
5322 FT_BOOLEAN, 8, NULL, 0x40,
5324 { &hf_kerberos_KDCOptions_forwarded,
5325 { "forwarded", "kerberos.forwarded",
5326 FT_BOOLEAN, 8, NULL, 0x20,
5328 { &hf_kerberos_KDCOptions_proxiable,
5329 { "proxiable", "kerberos.proxiable",
5330 FT_BOOLEAN, 8, NULL, 0x10,
5332 { &hf_kerberos_KDCOptions_proxy,
5333 { "proxy", "kerberos.proxy",
5334 FT_BOOLEAN, 8, NULL, 0x08,
5336 { &hf_kerberos_KDCOptions_allow_postdate,
5337 { "allow-postdate", "kerberos.allow-postdate",
5338 FT_BOOLEAN, 8, NULL, 0x04,
5340 { &hf_kerberos_KDCOptions_postdated,
5341 { "postdated", "kerberos.postdated",
5342 FT_BOOLEAN, 8, NULL, 0x02,
5344 { &hf_kerberos_KDCOptions_unused7,
5345 { "unused7", "kerberos.unused7",
5346 FT_BOOLEAN, 8, NULL, 0x01,
5348 { &hf_kerberos_KDCOptions_renewable,
5349 { "renewable", "kerberos.renewable",
5350 FT_BOOLEAN, 8, NULL, 0x80,
5352 { &hf_kerberos_KDCOptions_unused9,
5353 { "unused9", "kerberos.unused9",
5354 FT_BOOLEAN, 8, NULL, 0x40,
5356 { &hf_kerberos_KDCOptions_unused10,
5357 { "unused10", "kerberos.unused10",
5358 FT_BOOLEAN, 8, NULL, 0x20,
5360 { &hf_kerberos_KDCOptions_opt_hardware_auth,
5361 { "opt-hardware-auth", "kerberos.opt-hardware-auth",
5362 FT_BOOLEAN, 8, NULL, 0x10,
5364 { &hf_kerberos_KDCOptions_request_anonymous,
5365 { "request-anonymous", "kerberos.request-anonymous",
5366 FT_BOOLEAN, 8, NULL, 0x02,
5368 { &hf_kerberos_KDCOptions_canonicalize,
5369 { "canonicalize", "kerberos.canonicalize",
5370 FT_BOOLEAN, 8, NULL, 0x01,
5372 { &hf_kerberos_KDCOptions_constrained_delegation,
5373 { "constrained-delegation", "kerberos.constrained-delegation",
5374 FT_BOOLEAN, 8, NULL, 0x80,
5376 { &hf_kerberos_KDCOptions_disable_transited_check,
5377 { "disable-transited-check", "kerberos.disable-transited-check",
5378 FT_BOOLEAN, 8, NULL, 0x20,
5380 { &hf_kerberos_KDCOptions_renewable_ok,
5381 { "renewable-ok", "kerberos.renewable-ok",
5382 FT_BOOLEAN, 8, NULL, 0x10,
5384 { &hf_kerberos_KDCOptions_enc_tkt_in_skey,
5385 { "enc-tkt-in-skey", "kerberos.enc-tkt-in-skey",
5386 FT_BOOLEAN, 8, NULL, 0x08,
5388 { &hf_kerberos_KDCOptions_renew,
5389 { "renew", "kerberos.renew",
5390 FT_BOOLEAN, 8, NULL, 0x02,
5392 { &hf_kerberos_KDCOptions_validate,
5393 { "validate", "kerberos.validate",
5394 FT_BOOLEAN, 8, NULL, 0x01,
5397 /*--- End of included file: packet-kerberos-hfarr.c ---*/
5398 #line 2366 "./asn1/kerberos/packet-kerberos-template.c"
5401 /* List of subtrees */
5402 static gint *ett[] = {
5404 &ett_krb_recordmark,
5407 &ett_krb_pac_midl_blob,
5408 &ett_krb_pac_logon_info,
5409 &ett_krb_pac_s4u_delegation_info,
5410 &ett_krb_pac_upn_dns_info,
5411 &ett_krb_pac_server_checksum,
5412 &ett_krb_pac_privsvr_checksum,
5413 &ett_krb_pac_client_info_type,
5415 /*--- Included file: packet-kerberos-ettarr.c ---*/
5416 #line 1 "./asn1/kerberos/packet-kerberos-ettarr.c"
5417 &ett_kerberos_Applications,
5418 &ett_kerberos_PrincipalName,
5419 &ett_kerberos_SEQUENCE_OF_KerberosString,
5420 &ett_kerberos_CName,
5421 &ett_kerberos_SEQUENCE_OF_CNameString,
5422 &ett_kerberos_SName,
5423 &ett_kerberos_SEQUENCE_OF_SNameString,
5424 &ett_kerberos_HostAddress,
5425 &ett_kerberos_HostAddresses,
5426 &ett_kerberos_AuthorizationData,
5427 &ett_kerberos_AuthorizationData_item,
5428 &ett_kerberos_PA_DATA,
5429 &ett_kerberos_EncryptionKey,
5430 &ett_kerberos_Checksum,
5431 &ett_kerberos_EncryptedTicketData,
5432 &ett_kerberos_EncryptedAuthorizationData,
5433 &ett_kerberos_EncryptedKDCREPData,
5434 &ett_kerberos_EncryptedAPREPData,
5435 &ett_kerberos_EncryptedKrbPrivData,
5436 &ett_kerberos_EncryptedKrbCredData,
5437 &ett_kerberos_Ticket_U,
5438 &ett_kerberos_EncTicketPart_U,
5439 &ett_kerberos_TransitedEncoding,
5440 &ett_kerberos_KDC_REQ,
5441 &ett_kerberos_SEQUENCE_OF_PA_DATA,
5442 &ett_kerberos_KDC_REQ_BODY,
5443 &ett_kerberos_SEQUENCE_OF_ENCTYPE,
5444 &ett_kerberos_SEQUENCE_OF_Ticket,
5445 &ett_kerberos_KDC_REP,
5446 &ett_kerberos_EncKDCRepPart,
5447 &ett_kerberos_LastReq,
5448 &ett_kerberos_LastReq_item,
5449 &ett_kerberos_AP_REQ_U,
5450 &ett_kerberos_Authenticator_U,
5451 &ett_kerberos_AP_REP_U,
5452 &ett_kerberos_EncAPRepPart_U,
5453 &ett_kerberos_KRB_SAFE_U,
5454 &ett_kerberos_KRB_SAFE_BODY,
5455 &ett_kerberos_KRB_PRIV_U,
5456 &ett_kerberos_EncKrbPrivPart,
5457 &ett_kerberos_KRB_CRED_U,
5458 &ett_kerberos_EncKrbCredPart_U,
5459 &ett_kerberos_SEQUENCE_OF_KrbCredInfo,
5460 &ett_kerberos_KrbCredInfo,
5461 &ett_kerberos_KRB_ERROR_U,
5462 &ett_kerberos_METHOD_DATA,
5463 &ett_kerberos_PA_ENC_TIMESTAMP,
5464 &ett_kerberos_ETYPE_INFO_ENTRY,
5465 &ett_kerberos_ETYPE_INFO,
5466 &ett_kerberos_ETYPE_INFO2_ENTRY,
5467 &ett_kerberos_ETYPE_INFO2,
5468 &ett_kerberos_APOptions,
5469 &ett_kerberos_TicketFlags,
5470 &ett_kerberos_KDCOptions,
5471 &ett_kerberos_PA_S4U2Self,
5472 &ett_kerberos_KERB_PA_PAC_REQUEST,
5473 &ett_kerberos_ChangePasswdData,
5475 /*--- End of included file: packet-kerberos-ettarr.c ---*/
5476 #line 2382 "./asn1/kerberos/packet-kerberos-template.c"
5479 static ei_register_info ei[] = {
5480 { &ei_kerberos_decrypted_keytype, { "kerberos.decrypted_keytype", PI_SECURITY, PI_CHAT, "Decryted keytype", EXPFILL }},
5481 { &ei_kerberos_address, { "kerberos.address.unknown", PI_UNDECODED, PI_WARN, "KRB Address: I don't know how to parse this type of address yet", EXPFILL }},
5482 { &ei_krb_gssapi_dlglen, { "kerberos.gssapi.dlglen.error", PI_MALFORMED, PI_ERROR, "DlgLen is not the same as number of bytes remaining", EXPFILL }},
5485 expert_module_t* expert_krb;
5486 module_t *krb_module;
5488 proto_kerberos = proto_register_protocol("Kerberos", "KRB5", "kerberos");
5489 proto_register_field_array(proto_kerberos, hf, array_length(hf));
5490 proto_register_subtree_array(ett, array_length(ett));
5491 expert_krb = expert_register_protocol(proto_kerberos);
5492 expert_register_field_array(expert_krb, ei, array_length(ei));
5494 /* Register preferences */
5495 krb_module = prefs_register_protocol(proto_kerberos, kerberos_prefs_apply_cb);
5496 prefs_register_bool_preference(krb_module, "desegment",
5497 "Reassemble Kerberos over TCP messages spanning multiple TCP segments",
5498 "Whether the Kerberos dissector should reassemble messages spanning multiple TCP segments."
5499 " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
5501 #ifdef HAVE_KERBEROS
5502 prefs_register_bool_preference(krb_module, "decrypt",
5503 "Try to decrypt Kerberos blobs",
5504 "Whether the dissector should try to decrypt "
5505 "encrypted Kerberos blobs. This requires that the proper "
5506 "keytab file is installed as well.", &krb_decrypt);
5508 prefs_register_filename_preference(krb_module, "file",
5509 "Kerberos keytab file",
5510 "The keytab file containing all the secrets",
5515 static int wrap_dissect_gss_kerb(tvbuff_t *tvb, int offset, packet_info *pinfo,
5516 proto_tree *tree, dcerpc_info *di _U_,guint8 *drep _U_)
5520 auth_tvb = tvb_new_subset_remaining(tvb, offset);
5522 dissect_kerberos_main(auth_tvb, pinfo, tree, FALSE, NULL);
5524 return tvb_captured_length_remaining(tvb, offset);
5528 static dcerpc_auth_subdissector_fns gss_kerb_auth_connect_fns = {
5529 wrap_dissect_gss_kerb, /* Bind */
5530 wrap_dissect_gss_kerb, /* Bind ACK */
5531 wrap_dissect_gss_kerb, /* AUTH3 */
5532 NULL, /* Request verifier */
5533 NULL, /* Response verifier */
5534 NULL, /* Request data */
5535 NULL /* Response data */
5538 static dcerpc_auth_subdissector_fns gss_kerb_auth_sign_fns = {
5539 wrap_dissect_gss_kerb, /* Bind */
5540 wrap_dissect_gss_kerb, /* Bind ACK */
5541 wrap_dissect_gss_kerb, /* AUTH3 */
5542 wrap_dissect_gssapi_verf, /* Request verifier */
5543 wrap_dissect_gssapi_verf, /* Response verifier */
5544 NULL, /* Request data */
5545 NULL /* Response data */
5548 static dcerpc_auth_subdissector_fns gss_kerb_auth_seal_fns = {
5549 wrap_dissect_gss_kerb, /* Bind */
5550 wrap_dissect_gss_kerb, /* Bind ACK */
5551 wrap_dissect_gss_kerb, /* AUTH3 */
5552 wrap_dissect_gssapi_verf, /* Request verifier */
5553 wrap_dissect_gssapi_verf, /* Response verifier */
5554 wrap_dissect_gssapi_payload, /* Request data */
5555 wrap_dissect_gssapi_payload /* Response data */
5561 proto_reg_handoff_kerberos(void)
5563 dissector_handle_t kerberos_handle_tcp;
5565 krb4_handle = find_dissector_add_dependency("krb4", proto_kerberos);
5567 kerberos_handle_udp = create_dissector_handle(dissect_kerberos_udp,
5570 kerberos_handle_tcp = create_dissector_handle(dissect_kerberos_tcp,
5573 dissector_add_uint("udp.port", UDP_PORT_KERBEROS, kerberos_handle_udp);
5574 dissector_add_uint("tcp.port", TCP_PORT_KERBEROS, kerberos_handle_tcp);
5576 register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_CONNECT,
5577 DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5578 &gss_kerb_auth_connect_fns);
5580 register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_INTEGRITY,
5581 DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5582 &gss_kerb_auth_sign_fns);
5584 register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_PRIVACY,
5585 DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5586 &gss_kerb_auth_seal_fns);
5590 * Editor modelines - http://www.wireshark.org/tools/modelines.html
5595 * indent-tabs-mode: t
5598 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
5599 * :indentSize=8:tabSize=8:noTabs=false: