epan/dissectors/packet-gssapi.h

   1 /* packet-gssapi.h
   2  * Dissector for GSS-API tokens as described in rfc2078, section 3.1
   3  * Copyright 2002, Tim Potter <tpot@samba.org>
   4  *
   5  * Wireshark - Network traffic analyzer
   6  * By Gerald Combs <gerald@wireshark.org>
   7  * Copyright 1998 Gerald Combs
   8  *
   9  * SPDX-License-Identifier: GPL-2.0-or-later
  10  */
  11
  12 #ifndef __PACKET_GSSAPI_H
  13 #define __PACKET_GSSAPI_H
  14
  15 struct _enc_key_t;
  16
  17 /* Structures needed outside */
  18
  19 typedef struct _gssapi_oid_value {
  20         protocol_t *proto;
  21         int ett;
  22         dissector_handle_t handle;
  23         dissector_handle_t wrap_handle;
  24         const char *comment;  /* For the comment */
  25 } gssapi_oid_value;
  26
  27 #define DECRYPT_GSSAPI_NORMAL   1
  28 #define DECRYPT_GSSAPI_DCE  2
  29
  30 /**< Extra data for handling of decryption of GSSAPI wrapped tvbuffs.
  31         Caller sets decrypt_gssapi_tvb if this service is requested.
  32         If, on a successful return, gssapi_data_encrypted is false, the wrapped
  33         tvbuff was signed (i.e., an encrypted signature was present, to check
  34         whether the data was modified by a man in the middle) but not sealed
  35         (i.e., the data itself wasn't encrypted).
  36         If gssapi_encrypted_tvb is NULL, then the rest of the tvb data following
  37         the gssapi blob itself is decrypted otherwise the gssapi_encrypted_tvb
  38         tvb will be decrypted (DCERPC has the data before the gssapi blob).
  39         In the latter case, gssapi_decrypted_tvb contains the decrypted data if
  40         decryption is successful and is NULL if not.
  41         If gssapi_data_encrypted is false and gssapi_decrypted_tvb is not NULL,
  42         then it contains the plaintext data, for cases when the plaintext data
  43         was followed by the checksum, e.g. KRB_TOKEN_CFX_WRAP (RFC 4121),
  44         as the calling dissector cannot simply dissect all the data after
  45         the returned offset.
  46 */
  47 typedef struct _gssapi_encrypt_info
  48 {
  49         uint16_t decrypt_gssapi_tvb;
  50         tvbuff_t *gssapi_wrap_tvb;
  51         tvbuff_t *gssapi_header_tvb;
  52         tvbuff_t *gssapi_encrypted_tvb;
  53         tvbuff_t *gssapi_trailer_tvb;
  54         tvbuff_t *gssapi_decrypted_tvb;
  55         bool gssapi_data_encrypted;
  56         struct _enc_key_t *used_decryption_key;
  57 } gssapi_encrypt_info_t;
  58
  59 /* Function prototypes */
  60
  61 void
  62 gssapi_init_oid(const char *oid, int proto, int ett, dissector_handle_t handle,
  63                 dissector_handle_t wrap_handle, const char *comment);
  64
  65 gssapi_oid_value *
  66 gssapi_lookup_oid_str(const char *oid_key);
  67
  68 typedef struct _dcerpc_info dcerpc_info;
  69 typedef struct _dcerpc_auth_info dcerpc_auth_info;
  70
  71 int wrap_dissect_gssapi_verf(tvbuff_t *tvb, int offset,
  72                              packet_info *pinfo,
  73                              proto_tree *tree, dcerpc_info *di, uint8_t *drep);
  74
  75 tvbuff_t *
  76 wrap_dissect_gssapi_payload(tvbuff_t *header_tvb _U_,
  77                             tvbuff_t *payload_tvb,
  78                             tvbuff_t *trailer_tvb _U_,
  79                             tvbuff_t *auth_tvb,
  80                             packet_info *pinfo,
  81                             dcerpc_auth_info *auth_info _U_);
  82
  83 #endif /* __PACKET_GSSAPI_H */