From e59c89b58f36621c690c8171cc0e6b93beaae422 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 17 Mar 2020 10:50:15 +0100 Subject: packet-kerberos: split out a decrypt_krb5_data_asn1() helper function If decrypt_krb5_data_private() is available we use it directly in order to pass down kerberos_private_data_t. Change-Id: I864d3e7d9adda454c96384d7b146ec774cd05d5f Signed-off-by: Stefan Metzmacher Reviewed-on: https://code.wireshark.org/review/36491 Petri-Dish: Anders Broman Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman --- .../asn1/kerberos/packet-kerberos-template.c | 50 +++++++++++++--------- 1 file changed, 30 insertions(+), 20 deletions(-) (limited to 'epan/dissectors/asn1/kerberos/packet-kerberos-template.c') diff --git a/epan/dissectors/asn1/kerberos/packet-kerberos-template.c b/epan/dissectors/asn1/kerberos/packet-kerberos-template.c index 9be4c2e19a..a53f1c3f62 100644 --- a/epan/dissectors/asn1/kerberos/packet-kerberos-template.c +++ b/epan/dissectors/asn1/kerberos/packet-kerberos-template.c @@ -518,6 +518,7 @@ decrypt_krb5_data_private(proto_tree *tree _U_, packet_info *pinfo, int usage, tvbuff_t *cryptotvb, int keytype, int *datalen) { +#define HAVE_DECRYPT_KRB5_DATA_PRIVATE 1 struct decrypt_krb5_data_state state; krb5_error_code ret; int length = tvb_captured_length(cryptotvb); @@ -1580,13 +1581,29 @@ static const true_false_string tfs_gss_flags_dce_style = { }; #ifdef HAVE_KERBEROS +static guint8 * +decrypt_krb5_data_asn1(proto_tree *tree, asn1_ctx_t *actx, + int usage, tvbuff_t *cryptotvb, int *datalen) +{ + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); + +#ifdef HAVE_DECRYPT_KRB5_DATA_PRIVATE + return decrypt_krb5_data_private(tree, actx->pinfo, private_data, + usage, cryptotvb, + private_data->etype, + datalen); +#else + return decrypt_krb5_data(tree, actx->pinfo, usage, cryptotvb, + private_data->etype, datalen); +#endif +} + static int dissect_krb5_decrypt_ticket_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1596,7 +1613,7 @@ dissect_krb5_decrypt_ticket_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offse * 7.5.1 * All Ticket encrypted parts use usage == 2 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 2, next_tvb, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1616,7 +1633,6 @@ dissect_krb5_decrypt_authenticator_data (gboolean imp_tag _U_, tvbuff_t *tvb, in { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1628,10 +1644,10 @@ dissect_krb5_decrypt_authenticator_data (gboolean imp_tag _U_, tvbuff_t *tvb, in * == 7 or * == 11 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 7, next_tvb, NULL); if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 11, next_tvb, NULL); } if(plaintext){ @@ -1652,7 +1668,6 @@ dissect_krb5_decrypt_authorization_data(gboolean imp_tag _U_, tvbuff_t *tvb, int { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1664,10 +1679,10 @@ dissect_krb5_decrypt_authorization_data(gboolean imp_tag _U_, tvbuff_t *tvb, int * == 5 or * == 4 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 5, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 5, next_tvb, NULL); if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 4, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 4, next_tvb, NULL); } if(plaintext){ @@ -1688,7 +1703,6 @@ dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offs { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1701,14 +1715,14 @@ dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offs * == 8 or * == 9 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 3, next_tvb, NULL); if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 8, next_tvb, NULL); } if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 9, next_tvb, NULL); } if(plaintext){ @@ -1729,7 +1743,6 @@ dissect_krb5_decrypt_PA_ENC_TIMESTAMP (gboolean imp_tag _U_, tvbuff_t *tvb, int { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1740,7 +1753,7 @@ dissect_krb5_decrypt_PA_ENC_TIMESTAMP (gboolean imp_tag _U_, tvbuff_t *tvb, int * AS-REQ PA_ENC_TIMESTAMP are encrypted with usage * == 1 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 1, next_tvb, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1760,7 +1773,6 @@ dissect_krb5_decrypt_AP_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offse { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1770,7 +1782,7 @@ dissect_krb5_decrypt_AP_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offse * 7.5.1 * AP-REP are encrypted with usage == 12 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 12, next_tvb, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1790,7 +1802,6 @@ dissect_krb5_decrypt_PRIV_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1800,7 +1811,7 @@ dissect_krb5_decrypt_PRIV_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, * EncKrbPrivPart encrypted with usage * == 13 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 13, next_tvb, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1820,7 +1831,6 @@ dissect_krb5_decrypt_CRED_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, { guint8 *plaintext; int length; - kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); @@ -1830,7 +1840,7 @@ dissect_krb5_decrypt_CRED_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, * EncKrbCredPart encrypted with usage * == 14 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, next_tvb, private_data->etype, NULL); + plaintext=decrypt_krb5_data_asn1(tree, actx, 14, next_tvb, NULL); if(plaintext){ tvbuff_t *child_tvb; -- cgit v1.2.3