|
|
#include <windows.h>
#include <string.h>
#include <bh.h>
#include <netmon.h>
#define FORMAT_BUFFER_SIZE 80
// Variables used in kerbparser.c to check
// for continuation packets.
HPROTOCOL hTCP = NULL;HPROTOCOL hUDP = NULL;
// Begin Definitions for Encryption types
// Leaving the negative values out until I can figure out
// why some are labeled negative and some positive.
/*
#define KERB_ETYPE_RC4_MD4 -128
#define KERB_ETYPE_RC4_PLAIN2 -129
#define KERB_ETYPE_RC4_LM -130
#define KERB_ETYPE_RC4_SHA -131
#define KERB_ETYPE_DES_PLAIN -132
*/
#define KERB_ETYPE_RC4_HMAC_OLD 0x7B //-133
#define KERB_ETYPE_RC4_PLAIN_OLD 0x7A //-134
#define KERB_ETYPE_RC4_HMAC_OLD_EXP 0x79 //-135
#define KERB_ETYPE_RC4_PLAIN_OLD_EXP 0x78 //-136
#define KERB_ETYPE_RC4_PLAIN 0x77 //-140
#define KERB_ETYPE_RC4_PLAIN_EXP 0x76 //-141
#define KERB_ETYPE_NULL 0
#define KERB_ETYPE_DES_CBC_CRC 1
#define KERB_ETYPE_DES_CBC_MD4 2
#define KERB_ETYPE_DES_CBC_MD5 3
#define KERB_ETYPE_DSA_SHA1_CMS 9
#define KERB_ETYPE_RSA_MD5_CMS 10
#define KERB_ETYPE_RSA_SHA1_CMS 11
#define KERB_ETYPE_RC2_CBC_ENV 12
#define KERB_ETYPE_RSA_ENV 13
#define KERB_ETYPE_RSA_ES_OEAP_ENV 14
#define KERB_ETYPE_DES_EDE3_CBC_ENV 15
#define KERB_ETYPE_DES_CBC_MD5_NT 20
#define KERB_ETYPE_RC4_HMAC_NT 23
#define KERB_ETYPE_RC4_HMAC_NT_EXP 24
#define KERB_ETYPE_OLD_RC4_MD4 128
#define KERB_ETYPE_OLD_RC4_PLAIN 129
#define KERB_ETYPE_OLD_RC4_LM 130
#define KERB_ETYPE_OLD_RC4_SHA 131
#define KERB_ETYPE_OLD_DES_PLAIN 132
/* These are in kerbcon.h as well but there is a conflict
with the ones listed above. Worry about it later.#define KERB_ETYPE_DSA_SIGN 8
#define KERB_ETYPE_RSA_PRIV 9
#define KERB_ETYPE_RSA_PUB 10
#define KERB_ETYPE_RSA_PUB_MD5 11
#define KERB_ETYPE_RSA_PUB_SHA1 12
#define KERB_ETYPE_PKCS7_PUB 13
*/// In use types
// End Definition of encryption types
#define ASN1_KRB_AS_REQ 0x0A
#define ASN1_KRB_AS_REP 0x0B
#define ASN1_KRB_TGS_REQ 0x0C
#define ASN1_KRB_TGS_REP 0x0D
#define ASN1_KRB_AP_REQ 0x0E
#define ASN1_KRB_AP_REP 0x0F
#define ASN1_KRB_SAFE 0x14
#define ASN1_KRB_PRIV 0x15
#define ASN1_KRB_CRED 0x16
#define ASN1_KRB_ERROR 0x1E
#define UNIVERSAL 0x00
#define APPLICATION 0x40
#define CONTEXT_SPECIFIC 0x80
#define PRIVATE 0xC0
// Creating this function to change the format of GeneralizedTime
LPBYTE DispSumTime(HFRAME hFrame, LPBYTE TempFrame, int ClassValue, int OffSet, DWORD TypeVal);
LPBYTE TempFrame, TempFramePadata, TempFrameReq, TempFrameReq2;DWORD TypeVal, TypeVal2, TypeVal3;
#define TIME_FORMAT_STRING "%c%c/%c%c/%c%c%c%c %c%c:%c%c:%c%c UTC Time Zone"
#define TIME_FORMAT_SIZE sizeof("00/00/0000 00:00:00 UTC Time Zone")
#define MAX_SERVER_NAME_SEGMENTS 100
LPPROTOCOLINFO ProtoInfo;BOOL TestForUDP;
//char test[1];
char MsgType[ sizeof "Didn't recognize" ]/*, MsgType2[24]*/;//char PrinName[32];
BYTE LongSize, TempStore, TempStoreEF;int x, OffSet, lValue, ClassValue;WORD TempLen;
// Definitions for KDC-REP
BYTE TempRepCname, TempRepGString, TempReqPadata, TempReq;int lValueRepMsg, lValueCname, lValuePadata, lValueReq;
// Following enum is for the variables of KDC-REP
enum{ PvnoKdcRep = 0, MsgTypeKdcRep, PaDataKdcRep, CrealmKdcRep, CnameKdcRep, TicketKdcRep, EncpartKdcRep};
// End definitions for KDC-REP
// Following enum is for Variables of ticket
enum{ tktvno = 0, realm, sname, encpart};
enum{ app1 = 1};
enum{ PVNO =1, MSGTYPE, PADATA, REQBODY};
enum{ nametype = 0, namestring};
// Set values for Principal Name types
enum{ NT_UKNOWN = 0, NT_PRINCIPAL, NT_SRV_INST, NT_SRV_HST, NT_SRV_XHST, NT_UID, NT_X500_PRINCIPAL};
// Enum to set the Tag values for KRB-ERROR
enum{ PvnoErr = 0, MsgtypeErr, CtimeErr, CusecErr, StimeErr, SusecErr, ErrorcodeErr, CrealmErr, CnameErr, RealmErr, SnameErr, EtextErr, EdataErr};
// Enum to assign values to Kerberos Errors
enum{ KDC_ERR_NONE = 0, // 0
KDC_ERR_NAME_EXP, // 1
KDC_ERR_SERVICE_EXP, // 2
KDC_ERR_BAD_PVNO, // 3
KDC_ERR_C_OLD_MAST_KVNO, // 4
KDC_ERR_S_OLD_MAST_KVNO, // 5
KDC_ERR_C_PRINCIPAL_UNKNOWN, // 6
KDC_ERR_S_PRINCIPAL_UNKNOWN, // 7
KDC_ERR_PRINCIPAL_NOT_UNIQUE, // 8
KDC_ERR_NULL_KEY, // 9
KDC_ERR_CANNOT_POSTDATE, // 10
KDC_ERR_NEVER_VALID, // 11
KDC_ERR_POLICY, // 12
KDC_ERR_BADOPTION, // 13
KDC_ERR_ETYPE_NOSUPP, // 14
KDC_ERR_SUMTYPE_NOSUPP, // 15
KDC_ERR_PADATA_TYPE_NOSUPP, // 16
KDC_ERR_TRTYPE_NOSUPP, // 17
KDC_ERR_CLIENT_REVOKED, // 18
KDC_ERR_SERVICE_REVOKED, // 19
KDC_ERR_TGT_REVOKED, // 20
KDC_ERR_CLIENT_NOTYET, // 21
KDC_ERR_SERVICE_NOTYET, // 22
KDC_ERR_KEY_EXPIRED, // 23
KDC_ERR_PREAUTH_FAILED, // 24
KDC_ERR_PREAUTH_REQUIRED, // 25
KDC_ERR_SERVER_NOMATCH, // 26
KDC_ERR_MUST_USE_USER2USER, // 27
KDC_ERR_PATH_NOT_ACCEPTED, // 28
KDC_ERR_SVC_UNAVAILABLE, // 29
KRB_AP_ERR_BAD_INTEGRITY = 31, // 31
KRB_AP_ERR_TKT_EXPIRED, // 32
KRB_AP_ERR_TKT_NYV, // 33
KRB_AP_ERR_REPEAT, // 34
KRB_AP_ERR_NOT_US, // 35
KRB_AP_ERR_BADMATCH, // 36
KRB_AP_ERR_SKEW, // 37
KRB_AP_ERR_BADADDR, // 38
KRB_AP_ERR_BADVERSION, // 39
KRB_AP_ERR_MSG_TYPE, // 40
KRB_AP_ERR_MODIFIED, // 41
KRB_AP_ERR_BADORDER, // 42
KRB_AP_ERR_BADKEYVER = 44, // 44
KRB_AP_ERR_NOKEY, // 45
KRB_AP_ERR_MUT_FAIL, // 46
KRB_AP_ERR_BADDIRECTION, // 47
KRB_AP_ERR_METHOD, // 48
KRB_AP_ERR_BADSEQ, // 49
KRB_AP_ERR_INAPP_CKSUM, // 50
KRB_AP_PATH_NOT_ACCEPTED, // 51
KRB_ERR_RESPONSE_TOO_BIG, // 52
KRB_ERR_GENERIC = 60, // 60
KRB_ERR_FIELD_TOOLONG, // 61
KDC_ERROR_CLIENT_NOT_TRUSTED, // 62
KDC_ERROR_KDC_NOT_TRUSTED, // 63
KDC_ERROR_INVALID_SIG, // 64
KDC_ERROR_KEY_TOO_WEAK, // 65
KDC_ERR_CERTIFICATE_MISMATCH, // 66
KDC_AP_ERROR_NO_TGT, // 67
KDC_ERR_WRONG_REALM, // 68
KDC_AP_ERR_USER_TO_USER_REQURED, // 69
KDC_ERR_CANT_VERIFY_CERTIFICATE, // 70
KDC_ERR_INVALID_CERTIFICATE, // 71
KDC_ERR_REVOKED_CERTIFICATE, // 72
KDC_ERR_REVOCATION_STATUS_UNKNOWN, //73
KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, // 74
KDC_ERR_CLIENT_NAME_MISMATCH, // 75
KDC_ERR_KDC_NAME_MISMATCH // 76
};// End Enum for error codes
// Values of padata type
enum{ PA_TGS_REQ = 1, PA_ENC_TIMESTAMP, // 2
PA_PW_SALT, // 3
Reserved, // 4
PA_ENC_UNIX_TIME, // 5
PA_SANDIA_SECUREID, // 6
PA_SESAME, // 7
PA_OSF_DCE, // 8
PA_CYBERSAFE_SECUREID, // 9
PA_AFS3_SALT, // 0x0A
PA_ETYPE_INFO, // 0x0B
SAM_CHALLENGE, // 0x0C
SAM_RESPONSE, // 0x0D
PA_PK_AS_REQ, // 0x0E
PA_PK_AS_REP, // 0x0F
PA_PK_AS_SIGN, // 0x10
PA_PK_KEY_REQ, // 0x11
PA_PK_KEY_REP, // 0x12
PA_USE_SPECIFIELD_KVNO, // 0x13
SAM_REDIRECT, // 0x14
PA_GET_FROM_TYPED_DATA // 0x15
};
enum{ kdcoptions = 0, cnamebody, realmbody, snamebody, frombody, tillbody, rtimebody, noncebody, etypebody, addressesbody, encauthdatabody, addtixbody};
enum{ addrtype = 0, address};
enum{ etype = 0, kvno, cipher};
enum{ PvnoApReq = 0, MsgTypeApReq, ApOptionsApReq, TicketApReq, AuthenticatorApReq};
enum { ticket = 1};
enum{ Tixtkt_vno = 0, TixRealm, TixSname, TixEnc_part};
enum{ methodtype = 0, methoddata};
// kf 8/10 Rem the ifdef and trying to prevent global variables
// Using this statement to prevent multiple definitions
//#ifdef MAINPROG
// Defining these here while troubleshooting a report Access Violation
// Need to define the values locally and do away with as many of the
// Global variables as possible.
//KF 10/15 CHANGING TO LABELED_BIT IN ORDER TO TRY AND PHASE OUT
// QUAL_BITFIELDS AND USE QUAL_FLAGS. THERE ARE APPROX 15 BITFIELD
// USED IN KERBEROSDATABASE. I WILL COMMENT THERE WHERE I CHANGED TO FLAGS
// BUT I WILL NOT COMMENT THE LABLELS ANY MORE. ALL LABELED_BYTES HAVE BEEN
// CHANGED TO LABELED_BIT
//LABELED_BYTE ClassTag[] = {
LABELED_BYTE ClassTag[] = { {0xC0, NULL}, {UNIVERSAL, "Class Tag (Universal)"}, {APPLICATION, "Class Tag (Application)"}, {CONTEXT_SPECIFIC, "Class Tag (Context Specific)"}, {PRIVATE, "Class Tag (Private)"}, };
SET ClassTagSet = { (sizeof(ClassTag)/sizeof(LABELED_BYTE)), ClassTag };
LABELED_BIT PC[] = { { 5, "P/C (Primitive)", "P/C (Constructed)"}, }; SET PCSet = { sizeof(PC)/sizeof(LABELED_BIT), PC };
LABELED_BYTE KrbMsgType[] = { {0x1F, NULL}, {ASN1_KRB_AS_REQ, "KRB_AS_REQ"}, {ASN1_KRB_AS_REP, "KRB_AS_REP"}, {ASN1_KRB_TGS_REQ, "KRB_TGS_REQ"}, {ASN1_KRB_TGS_REP, "KRB_TGS_REP"}, {ASN1_KRB_AP_REQ, "KRB_AP_REQ"}, {ASN1_KRB_AP_REP, "KRB_AP_REP"}, {ASN1_KRB_SAFE, "KRB_SAFE"}, {ASN1_KRB_PRIV, "KRB_PRIV"}, {ASN1_KRB_CRED, "KRB_CRED"}, {ASN1_KRB_ERROR, "KRB_ERROR"} };
SET KrbMsgTypeSet = { (sizeof(KrbMsgType)/sizeof(LABELED_BYTE)), KrbMsgType };
LABELED_BIT Length[] = { { 7, "Short Form", "Long Form"}, }; SET LengthSet = { sizeof(Length)/sizeof(LABELED_BIT), Length };
LABELED_BYTE UniversalTag[] = { {0x1F, NULL}, {0x01, "BOOLEAN"}, {0x02, "INTEGER"}, {0x03, "BIT STRING"}, {0x04, "OCTET STRING"}, {0x05, "NULL"}, {0x06, "OBJECT IDENTIFIER"}, {0x07, "ObjectDescriptor"}, {0x08, "EXTERNAL"}, {0x09, "REAL"}, {0x0A, "ENUMERATED"}, {0x10, "SEQUENCE/SEQUENCE OF"}, {0x11, "SET/SET OF"}, {0x12, "NumericString"}, {0x13, "PrintableString"}, {0x14, "T61String"}, {0x15, "VideotexString"}, {0x16, "IA5String"}, {0x17, "UTCTime"}, {0x18, "GeneralizedTime"}, {0x19, "GraphicString"}, {0x1A, "VisibleString"}, {0x1B, "GeneralString"}};
SET UniversalTagSet = { sizeof(UniversalTag)/sizeof(LABELED_BYTE), UniversalTag };
LABELED_BYTE KdcReqTag[] = { {0x1F, NULL}, {PVNO, "Protocol Version 5 (pvno[1])"}, {MSGTYPE, "Kerberos Message Type (msg-type[2])"}, {PADATA, "Pre-Authentication Data (padata[3])"}, {REQBODY, "KDC-Req-Body (req-body[4])"}};
SET KdcReqTagSet = { sizeof(KdcReqTag)/sizeof(LABELED_BYTE), KdcReqTag };
LABELED_BYTE PaDataTag[] = { {0x1F, NULL}, {0x01, "padata-type[1]"}, {0x02, "padata-value[2]"}};
SET PaDataTagSet = { sizeof(PaDataTag)/sizeof(LABELED_BYTE), PaDataTag };
// For kdcrep packet
LABELED_BYTE KdcRepTag[] = { {0x1F, NULL}, {PvnoKdcRep, "Protocol Version 5 (pvno[0])"}, {MsgTypeKdcRep, "Kerberos Message Type (msg-type[1])"}, {PaDataKdcRep, "Pre-Auth (padata[2])"}, {CrealmKdcRep, "Realm (crealm[3])"}, {CnameKdcRep, "Principal ID (cname[4])"}, {TicketKdcRep, "Ticket (ticket[5])"}, {EncpartKdcRep, "CipherText (enc-part[6])"} };
SET KdcRepTagSet = {sizeof(KdcRepTag)/sizeof(LABELED_BYTE), KdcRepTag};
LABELED_BYTE PrincipalName[] = { {0x1F, NULL}, {nametype, "Name Type (name-type[0])"}, {namestring, "Name String (name-string[1])"} };
SET PrincipalNameSet = {sizeof(PrincipalName)/sizeof(LABELED_BYTE), PrincipalName};
LABELED_BYTE PrincNameType[] = { {0x1F, NULL}, {NT_UKNOWN, "NT_UNKNOWN (Name Type not Known)"}, {NT_PRINCIPAL, "NT_PRINCIPAL (Name of Principal)"}, {NT_SRV_INST, "NT_SRV_INST (Service & other unique Instance)"}, {NT_SRV_HST, "NT_SRV_HST (Serv with Host Name as Instance)"}, {NT_SRV_XHST, "NT_SRV_XHST (Service with Host as remaining components)"}, {NT_UID, "NT_UID (Unique ID)"}, {NT_X500_PRINCIPAL, "NT_X500_PRINCIPAL (Encoded X.509 Distinguished Name)"} };
SET PrincNameTypeSet = {sizeof(PrincNameType)/sizeof(LABELED_BYTE), PrincNameType};
LABELED_BYTE KrbTicket[] = { {0x1F, NULL}, {tktvno, "Ticket Version (tkt-vno[0])"}, {realm, "Realm (realm[1])"}, {sname, "Server ID (sname[2])"}, {encpart, "Cipher Text (enc-part[3])"} };
SET KrbTicketSet = {sizeof(KrbTicket)/sizeof(LABELED_BYTE), KrbTicket};
LABELED_BYTE KrbTixApp1 [] = { {0x1F, NULL}, {app1, "Ticket ::= [APPLICATION 1]"}};
SET KrbTixApp1Set = {sizeof(KrbTixApp1)/sizeof(LABELED_BYTE), KrbTixApp1};
LABELED_BYTE KrbErrTag [] = { {0x1F, NULL}, {PvnoErr, "Protocol Version (pvno[0])"}, {MsgtypeErr, "Message Type (msg-type[1])"}, {CtimeErr, "Client Current Time (ctime[2])"}, {CusecErr, "MicroSec on Client (cusec[3])"}, {StimeErr, "Server Current Time (stime[4])"}, {SusecErr, "MicroSec on Server (susec[5])"}, {ErrorcodeErr, "Error Code (error-code[6])"}, {CrealmErr, "Client Realm (crealm[7])"}, {CnameErr, "Client Name (cname[8])"}, {RealmErr, "Correct Realm (realm[9])"}, {SnameErr, "Server Name (sname[10])"}, {EtextErr, "Addtional Error Info (etext[11])"}, {EdataErr, "Error Handling Data (edata[12])"}};
SET KrbErrTagSet = {sizeof(KrbErrTag)/sizeof(LABELED_BYTE), KrbErrTag};
LABELED_BYTE KrbErrCode [] = { {0xFF, NULL}, {KDC_ERR_NONE, "No error"}, // 0
{KDC_ERR_NAME_EXP, "Client's entry in database has expired"}, // 1
{KDC_ERR_SERVICE_EXP, "Server's entry in database has expired"},// 2
{KDC_ERR_BAD_PVNO, "Requested protocol ver. number not supported"}, // 3
{KDC_ERR_C_OLD_MAST_KVNO, "Client's key encrypted in old master key"}, // 4
{KDC_ERR_S_OLD_MAST_KVNO, "Server's key encrypted in old master key"}, //5
{KDC_ERR_C_PRINCIPAL_UNKNOWN, "Client not found in Kerberos database"},//6
{KDC_ERR_S_PRINCIPAL_UNKNOWN, "Server not found in Kerberos database"},//7
{KDC_ERR_PRINCIPAL_NOT_UNIQUE, "Multiple principal entries in database"},//8
{KDC_ERR_NULL_KEY, "The client or server has a null key"},//9
{KDC_ERR_CANNOT_POSTDATE, "Ticket not eligible for postdating"},//10
{KDC_ERR_NEVER_VALID, "Requested start time is later than end time"},//11
{KDC_ERR_POLICY, "KDC policy rejects request"}, //12
{KDC_ERR_BADOPTION, "KDC cannot accommodate requested option"}, //13
{KDC_ERR_ETYPE_NOSUPP, "KDC has no support for encryption type"}, //14
{KDC_ERR_SUMTYPE_NOSUPP, "KDC has no support for checksum type"}, //15
{KDC_ERR_PADATA_TYPE_NOSUPP, "KDC has no support for padata type"}, //16
{KDC_ERR_TRTYPE_NOSUPP, "KDC has no support for transited type"}, //17
{KDC_ERR_CLIENT_REVOKED, "Clients credentials have been revoked"}, //18
{KDC_ERR_SERVICE_REVOKED, "Credentials for server have been revoked"}, //19
{KDC_ERR_TGT_REVOKED, "TGT has been revoked"}, //20
{KDC_ERR_CLIENT_NOTYET, "Client not yet valid try again later"}, //21
{KDC_ERR_SERVICE_NOTYET, "Server not yet valid try again later"}, //22
{KDC_ERR_KEY_EXPIRED, "Password has expired change password to reset"}, //23
{KDC_ERR_PREAUTH_FAILED, "Pre-authentication information was invalid"}, //24
{KDC_ERR_PREAUTH_REQUIRED, "Additional preauthentication required"}, //25
{KDC_ERR_SERVER_NOMATCH, "Requested Server and ticket don't match"}, // 26
{KDC_ERR_MUST_USE_USER2USER, "Server principal valid for user2user only"}, // 27
{KDC_ERR_PATH_NOT_ACCEPTED, "KDC Policy rejects transited patth"}, //28
{KDC_ERR_SVC_UNAVAILABLE, "A service is not available"}, // 29
{KRB_AP_ERR_BAD_INTEGRITY, "Integrity check on decrypted field failed"}, //31
{KRB_AP_ERR_TKT_EXPIRED, "Ticket expired"}, //32
{KRB_AP_ERR_TKT_NYV, "Ticket not yet valid"}, //33
{KRB_AP_ERR_REPEAT, "Request is a replay"}, //34
{KRB_AP_ERR_NOT_US, "The ticket isn't for us"}, //35
{KRB_AP_ERR_BADMATCH, "Ticket and authenticator don't match"}, //36
{KRB_AP_ERR_SKEW, "Clock skew too great"}, // 37
{KRB_AP_ERR_BADADDR, "Incorrect net address"}, // 38
{KRB_AP_ERR_BADVERSION, "Protocol version mismatch"}, // 39
{KRB_AP_ERR_MSG_TYPE, "Invalid msg type"}, // 40
{KRB_AP_ERR_MODIFIED, "Message stream modified"}, //41
{KRB_AP_ERR_BADORDER, "Message out of order"}, //42
{KRB_AP_ERR_BADKEYVER, "Specified version of key is not available"}, //44
{KRB_AP_ERR_NOKEY, "Service key not available"}, //45
{KRB_AP_ERR_MUT_FAIL, "Mutual authentication failed"}, // 46
{KRB_AP_ERR_BADDIRECTION, "Incorrect message direction"}, // 47
{KRB_AP_ERR_METHOD, "Alternative authentication method required"}, // 48
{KRB_AP_ERR_BADSEQ, "Incorrect sequence number in message"}, // 49
{KRB_AP_ERR_INAPP_CKSUM, "Inappropriate type of checksum in message"}, // 50
{KRB_AP_PATH_NOT_ACCEPTED, "Policy rejects transited path"}, // 51
{KRB_ERR_RESPONSE_TOO_BIG, "Response too big for UDP, retry with TCP"}, // 52
{KRB_ERR_GENERIC, "Generic error"}, // 60
{KRB_ERR_FIELD_TOOLONG, "Field is too long for this implementation"}, // 61
{KDC_ERROR_CLIENT_NOT_TRUSTED, "Client is not trusted"}, // 62
{KDC_ERROR_KDC_NOT_TRUSTED, "KDC is not trusted"}, // 63
{KDC_ERROR_INVALID_SIG, "Invalid signature"}, // 64
{KDC_ERROR_KEY_TOO_WEAK, "Key is too weak"}, // 65
{KDC_ERR_CERTIFICATE_MISMATCH, "Certificate does not match"}, // 66
{KDC_AP_ERROR_NO_TGT, "No TGT"}, // 67
{KDC_ERR_WRONG_REALM, "Wrong realm"}, // 68
{KDC_AP_ERR_USER_TO_USER_REQURED, "User to User required"}, // 69
{KDC_ERR_CANT_VERIFY_CERTIFICATE, "Can't verify certificate"}, // 70
{KDC_ERR_INVALID_CERTIFICATE, "Invalid certificate"}, // 71
{KDC_ERR_REVOKED_CERTIFICATE, "Revoked certificate"}, // 72
{KDC_ERR_REVOCATION_STATUS_UNKNOWN, "Revocation status unknown"}, //73
{KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, "Revocation status unavailable"}, // 74
{KDC_ERR_CLIENT_NAME_MISMATCH, "Client name mismatch"}, //75
{KDC_ERR_KDC_NAME_MISMATCH, "KDC name mismatch"} // 76
};
SET KrbErrCodeSet = {sizeof(KrbErrCode)/sizeof(LABELED_BYTE), KrbErrCode};
LABELED_BYTE PadataTypeVal [] = { {0xFF, NULL}, {PA_TGS_REQ, "PA-TGS-REQ"}, {PA_ENC_TIMESTAMP, "PA-ENC-TIMESTAMP"}, {PA_PW_SALT, "PA-PW-SALT"}, {Reserved, "Reserved Value"}, {PA_ENC_UNIX_TIME, "PA-END-UNIX-TIME"}, {PA_SANDIA_SECUREID, "PA-SANDIA-SECUREID"}, {PA_AFS3_SALT, "PA-AFS3-SALT"}, {PA_ETYPE_INFO, "PA-ETYPE-INFO"}, {SAM_CHALLENGE, "SAM-CHALLENGE"}, {SAM_RESPONSE, "SAM-RESPONSE"}, {PA_PK_AS_REQ, "PA-PK-AS-REP"}, {PA_PK_AS_REP, "PA-PK-AS-REP"}, {PA_PK_AS_SIGN, "PA-PK-AS-SIGN"}, {PA_PK_KEY_REQ, "PA-PK-KEY-REQ"}, {PA_PK_KEY_REP, "PA-PK-KEY-REP"}, {PA_USE_SPECIFIELD_KVNO, "PA-USE-SPECIFIELD-KVNO"}, {SAM_REDIRECT, "SAM-REDIRECT"}, {PA_GET_FROM_TYPED_DATA, "PA-GET-FROM-TYPED-DATA"}};
SET PadataTypeValSet = {sizeof(PadataTypeVal)/sizeof(LABELED_BYTE), PadataTypeVal};
LABELED_BYTE KdcReqBody [] = { {0x1F, NULL}, {kdcoptions, "Ticket Flags (kdc-options[0])"}, {cnamebody, "Client Name (cname[1])"}, {realmbody, "Realm (realm[2])"}, {snamebody, "Server Name (sname[3])"}, {frombody, "Start Time (from[4])"}, {tillbody, "Expiration date (till[5])"}, {rtimebody, "Requested renew till (rtime[6])"}, {noncebody, "Random Number (nonce[7])"}, {etypebody, "Encryption Alg. (etype[8])"}, {addressesbody, "Addresses (addresses[9])"}, {encauthdatabody, "Cipher Text (enc-authorization-data[10])"}, {addtixbody, "Additional Tix (additional-ticketsp[11])"}};
SET KdcReqBodySet = {sizeof(KdcReqBody)/sizeof(LABELED_BYTE), KdcReqBody};
LABELED_BYTE HostAddresses [] = { {0x1F, NULL}, {addrtype, "Type of Address (addr-type[0])"}, {address, "Addresses (address[1])"}};
SET HostAddressesSet = {sizeof(HostAddresses)/sizeof(LABELED_BYTE), HostAddresses};
// KDC-Options
LABELED_BIT KdcOptionFlags[] ={ {31, "Reserved (Bit 0)", // 0 bit = Reserved,
"Reserved (Bit 0)" },
{30, "Forwardable Bit Not Set (Bit 1)", // 1 bit = Fowardable
"Forwardable Bit Set (Bit 1)" },
{29, "Forwarded Bit Not Set (Bit 2)", // 2 bit = Forwarded
"Fowarded Bit Set (Bit 2)" },
{28, "Proxiable Bit Not Set (Bit 3)", // 3 bit = Proxiable
"Proxiable Bit Set (Bit 3)" },
{27, "Proxy Bit Not Set (Bit 4)", // 4 bit = Proxy
"Proxy Bit Set (Bit 4)" },
{26, "Allow-PostDate Bit Not Set (Bit 5)", // 5 bit = Allow-Postdate
"May-Postdate Bit Set (Bit 5)" },
{25, "PostDated Bit Not Set (Bit 6)", // 6 bit = Postdated
"Postdated Bit Set (Bit 6)" },
{24, "Unused (Bit 7)", // 7 bit = Unused
"Unused (Bit 7) " },
{23, "Renewable Bit Not Set (Bit 8)", // 8 bit = Renewable
"Renewable Bit Set (Bit 8)" },
{22, "Unused (Bit 9)", // 9 bit = Reserved
"Unused (Bit 9)" },
{21, "Unused (Bit 10)", // 10 bit = Reserved
"Unused (Bit 10)" },
{20, "Unused (Bit 11)", // 11 bit = Reserved
"Unused (Bit 11)" },
{19, "Unused (Bit 12)", // 12 bit = Reserved
"Unused (Bit 12)" },
{18, "Unused (Bit 13)", // 13 bit = Reserved
"Unused (Bit 13)" },
{17, "Request-Anonymous Bit Not Set (Bit 14)", // 14 bit = Reserved
"Request-Anonymous Bit Set (Bit 14)" },
{16, "Name-Canonicalize Bit Not Set (Bit 15)", // 15 bit = Reserved
"Name-Canonicalize Bit Set (Bit 15)" },
{15, "Reserved (Bit 16)", // 16 bit = Reserved
"Reserved (Bit 16)" },
{14, "Reserved (Bit 17)", // 17 bit = Reserved
"Reserved (Bit 17)" },
{13, "Reserved (Bit 18)", // 18 bit = Reserved
"Reserved (Bit 18)" },
{12, "Reserved (Bit 19)", // 19 bit = Reserved
"Reserved (Bit 19)" },
{11, "Reserved (Bit 20)", // 20 bit = Reserved
"Reserved (Bit 20)" },
{10, "Reserved (Bit 21)", // 21 bit = Reserved
"Reserved (Bit 21)" },
{9, "Reserved (Bit 22)", // 22 bit = Reserved
"Reserved (Bit 22)" },
{8, "Reserved (Bit 23)", // 23 bit = Reserved
"Reserved (Bit 23)" },
{7, "Reserved (Bit 24)", // 24 bit = Reserved
"Reserved (Bit 24)" },
{6, "Reserved (Bit 25)", // 25 bit = Reserved
"Reserved (Bit 25)" },
{5, "Disable-Transited-Check Bit Not Set (Bit 26)", // 26 bit = Reserved
"Disable-Transited-Check Bit Set (Bit 26)" },
{4, "Renewable-OK Bit Not Set (Bit 27)", // 27 bit = Renewable-OK
"Renewable-OK Bit Set (Bit 27)" },
{3, "Enc-Tkt-In-Skey Bit Not Set (Bit 28)", // 28 bit = Enc-Tkt-In-Skey
"Enc-Tkt-In-Skey Bit Not Set (Bit 28)" },
{2, "Reserved (Bit 29)", // 29 bit = Reserved
"Reserved (Bit 29)" },
{1, "Renew Bit Not Set (Bit 30)", // 30 bit = Renew
"Renew Bit Set (Bit 30)" },
{0, "Validate Bit Not Set (Bit 31)", // 31 bit = Validate
"Validate Bit Set (Bit 31)" }};
SET KdcOptionFlagsSet = {sizeof(KdcOptionFlags)/sizeof(LABELED_BIT), KdcOptionFlags};
LABELED_BYTE EncryptionType [] = { {0xFF, NULL}, {KERB_ETYPE_RC4_HMAC_OLD, "RC4-HMAC-OLD"}, {KERB_ETYPE_RC4_PLAIN_OLD, "RC4-PLAIN-OLD"}, {KERB_ETYPE_RC4_HMAC_OLD_EXP, "RC4-HMAC-OLD-EXP"}, {KERB_ETYPE_RC4_PLAIN_OLD_EXP, "RC4-PLAIN-OLD-EXP"}, {KERB_ETYPE_RC4_PLAIN, "RC4-PLAIN"}, {KERB_ETYPE_RC4_PLAIN_EXP, "RC4-PLAIN-EXP"}, {KERB_ETYPE_NULL, "NULL"}, {KERB_ETYPE_DES_CBC_CRC, "DES-CBC-CRC"}, {KERB_ETYPE_DES_CBC_MD4, "DES-CBC-MD4"}, {KERB_ETYPE_DES_CBC_MD5, "DES-CBC-MD5"}, {KERB_ETYPE_DSA_SHA1_CMS, "DSA-SHA1-CMS"}, {KERB_ETYPE_RSA_MD5_CMS, "RSA-MD5-CMS"}, {KERB_ETYPE_RSA_SHA1_CMS, "RSA-SHA1-CMS"}, {KERB_ETYPE_RC2_CBC_ENV, "RC2-CBC-ENV"}, {KERB_ETYPE_RSA_ENV, "RSA-ENV"}, {KERB_ETYPE_RSA_ES_OEAP_ENV, "RSA-ES-OEAP-ENV"}, {KERB_ETYPE_DES_EDE3_CBC_ENV, "DES-EDE3-CBC-ENV"}, {KERB_ETYPE_DES_CBC_MD5_NT, "DES-CBC-MD5-NT"}, {KERB_ETYPE_RC4_HMAC_NT, "RC4-HMAC-NT"}, {KERB_ETYPE_RC4_HMAC_NT_EXP, "RC4-HMAC-NT-EXP"}, {KERB_ETYPE_OLD_RC4_MD4, "RC4-MD4-OLD"}, {KERB_ETYPE_OLD_RC4_PLAIN, "RC4-PLAIN-OLD"}, {KERB_ETYPE_OLD_RC4_LM, "RC4-LM-OLD"}, {KERB_ETYPE_OLD_RC4_SHA, "RC4-SHA-OLD"}, {KERB_ETYPE_OLD_DES_PLAIN, "DES-PLAIN-OLD"}};
SET EncryptionTypeSet = {sizeof(EncryptionType)/sizeof(LABELED_BYTE), EncryptionType};
LABELED_BYTE EncryptedData[] ={ {0x1F, NULL}, {etype, "Encryption Type (etype[0])"}, {kvno, "Key Version Number (kvno[1])"}, {cipher, "Enciphered Text (cipher[2]"}};
SET EncryptedDataSet = {sizeof(EncryptedData)/sizeof(LABELED_BYTE), EncryptedData};
LABELED_BYTE KrbApReq[] = { {0x1F, NULL}, {PvnoApReq, "Protocol Version (pvno[0])"}, {MsgTypeApReq, "Message Type (msg-type[1])"}, {ApOptionsApReq, "AP Options (ap-options[2])"}, {TicketApReq, "Ticket (ticket[3])"}, {AuthenticatorApReq, "Authenticator (authenticator[4])"}};
SET KrbApReqSet = {sizeof(KrbApReq)/sizeof(LABELED_BYTE), KrbApReq};
// AP-Options
LABELED_BIT ApOptionFlags[] ={ {31, "Reserved (Bit 0)", // 0 bit = Reserved,
"Reserved (Bit 0)" },
{30, "Use-Session-Key Bit Not Set(Bit 1)", // 1 bit = Use-Session-Key
"Use-Session-Key Bit Set (Bit 1)" },
{29, "Mutual-Required Bit Not Set (Bit 2)", // 2 bit = Mutual-Required
"Mutual-Required Bit Set (Bit 2)" },
{28, "Reserved (Bit 3)", // 3 bit = Reserved
"Reserved(Bit 3)" },
{27, "Reserved (Bit 4)", // 4 bit = Reserved
"Reserved (Bit 4)" },
{26, "Reserved (Bit 5)", // 5 bit = Reserved
"Reserved (Bit 5)" },
{25, "Reserved (Bit 6)", // 6 bit = Reserved
"Reserved (Bit 6)" },
{24, "Reserved (Bit 7)", // 7 bit = Reserved
"Reserved (Bit 7)" },
{23, "Reserved (Bit 8)", // 8 bit = Reserved
"Reserved (Bit 8)" },
{22, "Reserved (Bit 9)", // 9 bit = Reserved
"Reserved (Bit 9)" },
{21, "Reserved (Bit 10)", // 10 bit = Reserved
"Reserved (Bit 10)" },
{20, "Reserved (Bit 11)", // 11 bit = Reserved
"Reserved (Bit 11)" },
{19, "Reserved (Bit 12)", // 12 bit = Reserved
"Reserved (Bit 12)" },
{18, "Reserved (Bit 13)", // 13 bit = Reserved
"Reserved (Bit 13)" },
{17, "Reserved (Bit 14)", // 14 bit = Reserved
"Reserved (Bit 14)" },
{16, "Reserved (Bit 15)", // 15 bit = Reserved
"Reserved (Bit 15)" },
{15, "Reserved (Bit 16)", // 16 bit = Reserved
"Reserved (Bit 16)" },
{14, "Reserved (Bit 17)", // 17 bit = Reserved
"Reserved (Bit 17)" },
{13, "Reserved (Bit 18)", // 18 bit = Reserved
"Reserved (Bit 18)" },
{12, "Reserved (Bit 19)", // 19 bit = Reserved
"Reserved (Bit 19)" },
{11, "Reserved (Bit 20)", // 20 bit = Reserved
"Reserved (Bit 20)" },
{10, "Reserved (Bit 21)", // 21 bit = Reserved
"Reserved (Bit 21)" },
{9, "Reserved (Bit 22)", // 22 bit = Reserved
"Reserved (Bit 22)" },
{8, "Reserved (Bit 23)", // 23 bit = Reserved
"Reserved (Bit 23)" },
{7, "Reserved (Bit 24)", // 24 bit = Reserved
"Reserved (Bit 24)" },
{6, "Reserved (Bit 25)", // 25 bit = Reserved
"Reserved (Bit 25)" },
{5, "Reserved (Bit 26)", // 26 bit = Reserved
"Reserved (Bit 26)" },
{4, "Reserved (Bit 27)", // 27 bit = Renewable-OK
"Reserved (Bit 27)" },
{3, "Reserved (Bit 28)", // 28 bit = Enc-Tkt-In-Skey
"Reserved (Bit 28)" },
{2, "Reserved (Bit 29)", // 29 bit = Reserved
"Reserved (Bit 29)" },
{1, "Reserved(Bit 30)", // 30 bit = Renew
"Reserved (Bit 30)" },
{0, "Reserved (Bit 31)", // 31 bit = Reserved
"Reserved (Bit 31)" }};
SET ApOptionFlagsSet = {sizeof(ApOptionFlags)/sizeof(LABELED_BIT), ApOptionFlags};
LABELED_BYTE ApTicket[] = { {0x1F, NULL}, {ticket, "AP Ticket"}};
SET ApTicketSet = {sizeof(ApTicket)/sizeof(LABELED_BYTE), ApTicket};
LABELED_BYTE TicketStruct[] = { {0x1F, NULL}, {Tixtkt_vno, "Ticket Version Number (tkt-vno[0])"}, {TixRealm, "Issuing Realm (realm[1])"}, {TixSname, "Server (sname[2])"}, {TixEnc_part, "Cipher Encoding (enc-part[3])"}};
SET TicketStructSet = {sizeof(TicketStruct)/sizeof(LABELED_BYTE), TicketStruct};
LABELED_BYTE MethodDataType[] = { {0x1F, NULL}, {methodtype, "Req. Alt. Method (method-type[0])"}, {methoddata, "Req. Alt. Info (method-data[1])"} };
SET MethodDataSet = { (sizeof(MethodDataType)/sizeof(LABELED_BYTE)), MethodDataType};
//=============================================================================
// Kerberos database.
//=============================================================================
//KF 10/19/99 NEED TO GO THROUGH AND WEED OUT DUPLICATE NODES. ALSO
// NEED TO RENAME THE DUPLICATES WHICH ARE NEEDED BECAUSE OF DIFFERENT
// DATATYPE LABELS.
PROPERTYINFO KerberosDatabase[] ={ { // KerberosSummary 0x00
// Global Variable,description for all Kerberos Message Types
0,0, MsgType, "Kerberos Packet", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KerberosIDSummary 0x01
// Global Variable, used in identifying the Identifier Octet for Kerberos frames
0,0, "Message Type", "Display Message Type", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KerberosClassTag 0x02
// Global Variable used to display ASN.1 Class tag of initial Identifier octet
0,0, "Class Tag", "Display Class Tag", PROP_TYPE_BYTE, //PROP_QUAL_FLAGS,
PROP_QUAL_LABELED_BITFIELD, &ClassTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // PCIdentifier 0x03
// Global Variable, used to determine method of encoding used.
0,0, "P/C", "Display Primitive/Constructed", PROP_TYPE_BYTE, PROP_QUAL_FLAGS, &PCSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // ASN1UnivTag 0x04
// Global Variable, probably needs to be renamed. This takes the last 5 bits
// of the Initial Identifier Octet and prints out the message type of the packet
0,0, "Contents", "Display Contents", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &UniversalTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // LengthSummary 0x05
0,0, "Length Summary", "Display Length Summary", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // LengthFlag 0x06
// Global Variable, Used in determining if the ASN.1 length octet is short or long form
0,0, "Length Flag", "Display Length Flag", PROP_TYPE_BYTE, PROP_QUAL_FLAGS, &LengthSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // LengthBits 0x07
// Global Variable, used for labeling
0,0, "Number of Octets (Size)", "Display Number of Octets (Size)", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // LongLength1 0x08
// Global Variable, used for labeling values spanning multiple octets
0,0, "Size (BSW)", "Display Size (Long)", PROP_TYPE_BYTESWAPPED_WORD, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // LongLength2 0x09
// Not sure about this one but looks to be for labeling
0,0, "Size (B)", "Display Size (short)", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // ASNIdentifier 0x0A
// Global, used for labeling of ASN.1 Identifier Octets
0,0, "Identifier", "Display Identifier Octet", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // UniversalTagID 0x0B
//Global, Used for displaying ASN.1 Universal Class Tags
0,0, "Tag Number", "Display Tag Number (Bitfield)", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &UniversalTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KdcReqTagID 0x0C
0,0, "KERB_KDC_REQ Type", "Dipslay KERB_KDC_REQ Summary", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KdcReqTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KdcReqSeq 0x0D
0,0, "Tag Number (BF)", "Display Tag Number", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KdcReqTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KdcReqSeqLength 0x0E
// Global, however only used to represent the body of kdc-req packets
0,0, "Length", "Length", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // ASN1UnivTagSumID 0x0F
// This points to the Universal Class Tags
//Used to display summary
0,0, "Univ. Class Tag", "Universal Class Tag", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &UniversalTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KdcContentsValue 0x10
// Global label
0,0, "Value", "Value", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // PaDataSummary 0x11
// Global Displays values for the PADATA type
0,0, "PA-DATA Type", "PA-DATA Summary", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &PaDataTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // PaDataSeq 0x12
0,0, "Tag Number", "Tag Number", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &PaDataTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // DispString 0x13
0,0, "Value", "Value", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KerberosIdentifier 0x14
0,0, "KRB MSG-Type Identifier", "Displays Kerberos Message Type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, //PROP_QUAL_FLAGS,
&KrbMsgTypeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance}, { // lblTagNumber 0x15
// Created this as a lable
0,0, "Tag Number", "Display Explicit Tags", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KdcRepTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KdcRepTagID 0x16
0,0, "KERB_KDC_REP Tag", "Struct of KDC-REP packet", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KdcRepTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KrbPrincipalNamelSet 0x17
0, 0, "Principal Name", "PrincipalName Structure", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &PrincipalNameSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KrbPrincNameType 0x18
0, 0, "Name Type", "Principal Name Type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &PrincNameTypeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbPrincipalNamelBitF 0x19
0, 0, "Name Type", "Principal Name Type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &PrincipalNameSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KrbTicketID 0x1A
0,0, "Kerberos Ticket", "Kerberos Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KrbTicketSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KrbTixApp1ID 0x1B
0, 0, "Ticket Identifier", "Tag for Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KrbTixApp1Set, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // KrbErrTagID 0x1C
// Global Displays values for the KRB-ERR type
0,0, "KRB-ERROR", "KRB-ERROR Packet", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KrbErrTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // DispTimeID 0x1D
0,0, "Micro Sec", "Micro Seconds", PROP_TYPE_BYTESWAPPED_DWORD, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbErrTagSumID 0x1E
// Used in the inital display of KRB-ERROR
0,0, "KRB-ERROR", "Kerberos Error", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbErrTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbTixAppSumID 0x1F
//Used in summary displays of Explicit Application Tags
0,0, "Explicit Tag", "Explicit Tags", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbTixApp1Set, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbTicketSumID 0x20
// Used in summary displays of Ticket Variables
0,0, "KRB-Ticket", "Kerberos Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbTicketSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance}, { //KrbErrCodeID 0x21
//Used to display Kerberos Error Codes
0,0, "Kerberos Error", "Kerberos Error", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbErrCodeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbMsgTypeID 0x22
0,0, "Contents", "Display Contents Octet", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbMsgTypeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance}, { //PadataTypeValID 0x23
0,0, "padata-type", "Value of padata-type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &PadataTypeValSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //CipherTextDisp 0x24
// Changed display from Cipher Text to Length. Could possibly get rid of this
// Leaving it in place in case we need to break down padata.
0, 0, "Length", "Display Cipher Text", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //FragUdpID 0x25
0,0, "Fragmented Kerberos cont.", "Display Fragmented Kerberos Packets", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KdcReqBodyID 0x26
0,0, "KDC-Req-Body", "KDC Req Body", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KdcReqBodySet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KdcReqBodyBitF 0x27
0,0, "KDC-Req-Body", "KDC Req Body", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KdcReqBodySet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //HostAddressesID 0x28
0,0, "Addresses", "Addresses", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &HostAddressesSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //HostAddressesBitF 0x29
0,0, "Addresses", "Addresses", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &HostAddressesSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // DispStringCliName 0x2A
0,0, "Client Name", "Display Client Name", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringRealmName 0x2B
0,0, "Realm Name", "Display Realm Name", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringServerName 0x2C
0,0, "Server Name", "Display Server Name", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringTixFlag 0x2D
0,0, "Ticket Flags", "Display Ticket Flags", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringExpDate 0x2E
0,0, "Expiration Date", "Display Expiration Date", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringPostDate 0x2F
0,0, "Post Date", "Display Post Date", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringRenewTill 0x30
0,0, "Renew Till", "Display Renew Till Time", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumRandomNumber 0x31
0,0, "Random Number", "Display Random Number", PROP_TYPE_BYTESWAPPED_DWORD, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumEtype 0x32
0,0, "Encryption Type", "Display Encryption Type", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringAddresses 0x33
0,0, "Client Host Address", "Display Random Number", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSummary 0x34
0,0, "Summary (ASN.1)", "Display ASN.1 Summary", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringCliRealm 0x35
0,0, "Client Realm", "Display Client's Realm", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispProtocolVer 0x36
0,0, "Kerberos Protocol Version", "Display Kerberos Protocol Version", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispKerbMsgType 0x37
0,0, "Kerberos Message Type", "Display Kerberos Message Type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbMsgTypeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumPreAuth 0x38
0,0, "Pre-Authentication Data", "Display Pre-Authentication Date", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumReqBody 0x39
0,0, "KDC Request Body", "Display KDC Request Body", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumKerbTix 0x3A
0,0, "Kerberos Ticket", "Display Kerberos Ticket", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumTixVer 0x3B
0,0, "Ticket Version", "Display Ticket Version", PROP_TYPE_BYTE, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispCipherText 0x3C
0,0, "Cipher Text", "Display Text", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringCliTime 0x3D
0,0, "Current Client Time", "Display Client's Current Time", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumCuSec 0x3E
0,0, "MicroSec Of Client", "Display Microseconds of Client", PROP_TYPE_BYTESWAPPED_DWORD, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringSrvTime 0x3F
0,0, "Current Server Time", "Display Server's Current Time", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumSuSec 0x40
0,0, "MicroSec Of Server", "Display Microseconds of Server", PROP_TYPE_BYTESWAPPED_DWORD, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumKerbErr 0x41
0,0, "Kerberos Error", "Display Kerberos Error", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbErrCodeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringErrorText 0x42
0,0, "Error Text", "Display Error Text", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispStringErrorData 0x43
0,0, "Error Data", "Display Error Data", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // DispFlagKdcOptions 0x44
0,0, "KDC-Option Flags", "Specifies KDC-Option Flags", PROP_TYPE_BYTESWAPPED_DWORD, PROP_QUAL_FLAGS, &KdcOptionFlagsSet, 80 * 32, FormatPropertyInstance },
{ //DispStringServNameGS 0x45
0,0, "Server Name", "Displays General Strings", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispSumEtype2 0x46
0,0, "Encryption Type", "Display Encryption Type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &EncryptionTypeSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //EncryptedDataTag 0x47
0,0, "Encrypted Data", "Display Encrypted Data", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &EncryptedDataSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //EncryptedDataTagBitF 0x48
0,0, "Encrypted Data", "Encrypted Data", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &EncryptedDataSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbApReqID 0x49
0,0, "Kerb-AP-Req", "Display AP-Req", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &KrbApReqSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KrbApReqBitF 0x4A
0,0, "Kerb-AP-Req", "Display AP Req ASN.1", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &KrbApReqSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispApOptionsSum 0x4B
0,0, "AP Options", "Display AP Option Flags", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispFlagApOptions 0x4C
0,0, "AP-Option Flags", "Specifies AP-Option Flags", PROP_TYPE_BYTESWAPPED_DWORD, PROP_QUAL_FLAGS, &ApOptionFlagsSet, 80 * 32, FormatPropertyInstance },
{ //DispSumTicket 0x4D
0,0, "Ticket", "Display Ticket", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //ApTicketID 0x4E
0,0, "Kerb-Ticket", "Display Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &ApTicketSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //ApTicketBitF 0x4F
0,0, "Kerb-Ticket", "Display Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &ApTicketSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //TicketStructID 0x50
0,0, "Kerb-Ticket", "Display Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &TicketStructSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance}, { //TicketStructBitF 0x51
0,0, "Kerb-Ticket", "Display Ticket", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &TicketStructSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //KerberosDefaultlbl 0x52
// Kerberos continuation packets
0,0, "Kerberos Packet (Cont.) Use the Coalescer to view contents", "Display Kerberos Continuation Packets", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // PaDataSummaryMulti 0x53
// Global Displays values for the PADATA type if integer is multiple octets
0,0, "PA-DATA Type", "PA-DATA Summary", PROP_TYPE_BYTESWAPPED_WORD, PROP_QUAL_LABELED_SET, &PaDataTagSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // Certificatelbl 0x54
// Because I couldn't find the ASN.1 layout for the certificates
// Present in AS-Req and Rep's, I'm labeling the bits for now
0,0, "Certificate Data", "Certificate Data Label", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ //DispEncryptionOptions 0x55
0,0, "Supported Encryption Types", "Available Encryption Type", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // MethodDataSummary 0x56
// Global Displays values for the PADATA type if integer is multiple octets
0,0, "Method-Data Type", "Method-Data Type Summary", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &MethodDataSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // MethodDataBitF 0x57
// Global Displays values for the PADATA type if integer is multiple octets
0,0, "Method-Data ", "Method-Data Display", PROP_TYPE_BYTE, PROP_QUAL_LABELED_BITFIELD, &MethodDataSet, FORMAT_BUFFER_SIZE, FormatPropertyInstance},
{ // DispReqAddInfo 0x58
0,0, "Required Additional Info", "Req Add Info Summary", PROP_TYPE_STRING, PROP_QUAL_NONE, 0, FORMAT_BUFFER_SIZE, FormatPropertyInstance}
};
DWORD nKerberosProperties = ((sizeof KerberosDatabase) / PROPERTYINFO_SIZE);
|
