Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1917 lines
49 KiB

#include <windows.h>
#include <string.h>
#include <bh.h>
#include <netmon.h>
#define FORMAT_BUFFER_SIZE 80
// Variables used in kerbparser.c to check
// for continuation packets.
HPROTOCOL hTCP = NULL;
HPROTOCOL hUDP = NULL;
// Begin Definitions for Encryption types
// Leaving the negative values out until I can figure out
// why some are labeled negative and some positive.
/*
#define KERB_ETYPE_RC4_MD4 -128
#define KERB_ETYPE_RC4_PLAIN2 -129
#define KERB_ETYPE_RC4_LM -130
#define KERB_ETYPE_RC4_SHA -131
#define KERB_ETYPE_DES_PLAIN -132
*/
#define KERB_ETYPE_RC4_HMAC_OLD 0x7B //-133
#define KERB_ETYPE_RC4_PLAIN_OLD 0x7A //-134
#define KERB_ETYPE_RC4_HMAC_OLD_EXP 0x79 //-135
#define KERB_ETYPE_RC4_PLAIN_OLD_EXP 0x78 //-136
#define KERB_ETYPE_RC4_PLAIN 0x77 //-140
#define KERB_ETYPE_RC4_PLAIN_EXP 0x76 //-141
#define KERB_ETYPE_NULL 0
#define KERB_ETYPE_DES_CBC_CRC 1
#define KERB_ETYPE_DES_CBC_MD4 2
#define KERB_ETYPE_DES_CBC_MD5 3
#define KERB_ETYPE_DSA_SHA1_CMS 9
#define KERB_ETYPE_RSA_MD5_CMS 10
#define KERB_ETYPE_RSA_SHA1_CMS 11
#define KERB_ETYPE_RC2_CBC_ENV 12
#define KERB_ETYPE_RSA_ENV 13
#define KERB_ETYPE_RSA_ES_OEAP_ENV 14
#define KERB_ETYPE_DES_EDE3_CBC_ENV 15
#define KERB_ETYPE_DES_CBC_MD5_NT 20
#define KERB_ETYPE_RC4_HMAC_NT 23
#define KERB_ETYPE_RC4_HMAC_NT_EXP 24
#define KERB_ETYPE_OLD_RC4_MD4 128
#define KERB_ETYPE_OLD_RC4_PLAIN 129
#define KERB_ETYPE_OLD_RC4_LM 130
#define KERB_ETYPE_OLD_RC4_SHA 131
#define KERB_ETYPE_OLD_DES_PLAIN 132
/* These are in kerbcon.h as well but there is a conflict
with the ones listed above. Worry about it later.
#define KERB_ETYPE_DSA_SIGN 8
#define KERB_ETYPE_RSA_PRIV 9
#define KERB_ETYPE_RSA_PUB 10
#define KERB_ETYPE_RSA_PUB_MD5 11
#define KERB_ETYPE_RSA_PUB_SHA1 12
#define KERB_ETYPE_PKCS7_PUB 13
*/
// In use types
// End Definition of encryption types
#define ASN1_KRB_AS_REQ 0x0A
#define ASN1_KRB_AS_REP 0x0B
#define ASN1_KRB_TGS_REQ 0x0C
#define ASN1_KRB_TGS_REP 0x0D
#define ASN1_KRB_AP_REQ 0x0E
#define ASN1_KRB_AP_REP 0x0F
#define ASN1_KRB_SAFE 0x14
#define ASN1_KRB_PRIV 0x15
#define ASN1_KRB_CRED 0x16
#define ASN1_KRB_ERROR 0x1E
#define UNIVERSAL 0x00
#define APPLICATION 0x40
#define CONTEXT_SPECIFIC 0x80
#define PRIVATE 0xC0
// Creating this function to change the format of GeneralizedTime
LPBYTE DispSumTime(HFRAME hFrame, LPBYTE TempFrame, int ClassValue, int OffSet, DWORD TypeVal);
LPBYTE TempFrame, TempFramePadata, TempFrameReq, TempFrameReq2;
DWORD TypeVal, TypeVal2, TypeVal3;
#define TIME_FORMAT_STRING "%c%c/%c%c/%c%c%c%c %c%c:%c%c:%c%c UTC Time Zone"
#define TIME_FORMAT_SIZE sizeof("00/00/0000 00:00:00 UTC Time Zone")
#define MAX_SERVER_NAME_SEGMENTS 100
LPPROTOCOLINFO ProtoInfo;
BOOL TestForUDP;
//char test[1];
char MsgType[ sizeof "Didn't recognize" ]/*, MsgType2[24]*/;
//char PrinName[32];
BYTE LongSize, TempStore, TempStoreEF;
int x, OffSet, lValue, ClassValue;
WORD TempLen;
// Definitions for KDC-REP
BYTE TempRepCname, TempRepGString, TempReqPadata, TempReq;
int lValueRepMsg, lValueCname, lValuePadata, lValueReq;
// Following enum is for the variables of KDC-REP
enum{
PvnoKdcRep = 0,
MsgTypeKdcRep,
PaDataKdcRep,
CrealmKdcRep,
CnameKdcRep,
TicketKdcRep,
EncpartKdcRep
};
// End definitions for KDC-REP
// Following enum is for Variables of ticket
enum{
tktvno = 0,
realm,
sname,
encpart
};
enum{
app1 = 1
};
enum{
PVNO =1,
MSGTYPE,
PADATA,
REQBODY
};
enum{
nametype = 0,
namestring
};
// Set values for Principal Name types
enum{
NT_UKNOWN = 0,
NT_PRINCIPAL,
NT_SRV_INST,
NT_SRV_HST,
NT_SRV_XHST,
NT_UID,
NT_X500_PRINCIPAL
};
// Enum to set the Tag values for KRB-ERROR
enum{
PvnoErr = 0,
MsgtypeErr,
CtimeErr,
CusecErr,
StimeErr,
SusecErr,
ErrorcodeErr,
CrealmErr,
CnameErr,
RealmErr,
SnameErr,
EtextErr,
EdataErr
};
// Enum to assign values to Kerberos Errors
enum{
KDC_ERR_NONE = 0, // 0
KDC_ERR_NAME_EXP, // 1
KDC_ERR_SERVICE_EXP, // 2
KDC_ERR_BAD_PVNO, // 3
KDC_ERR_C_OLD_MAST_KVNO, // 4
KDC_ERR_S_OLD_MAST_KVNO, // 5
KDC_ERR_C_PRINCIPAL_UNKNOWN, // 6
KDC_ERR_S_PRINCIPAL_UNKNOWN, // 7
KDC_ERR_PRINCIPAL_NOT_UNIQUE, // 8
KDC_ERR_NULL_KEY, // 9
KDC_ERR_CANNOT_POSTDATE, // 10
KDC_ERR_NEVER_VALID, // 11
KDC_ERR_POLICY, // 12
KDC_ERR_BADOPTION, // 13
KDC_ERR_ETYPE_NOSUPP, // 14
KDC_ERR_SUMTYPE_NOSUPP, // 15
KDC_ERR_PADATA_TYPE_NOSUPP, // 16
KDC_ERR_TRTYPE_NOSUPP, // 17
KDC_ERR_CLIENT_REVOKED, // 18
KDC_ERR_SERVICE_REVOKED, // 19
KDC_ERR_TGT_REVOKED, // 20
KDC_ERR_CLIENT_NOTYET, // 21
KDC_ERR_SERVICE_NOTYET, // 22
KDC_ERR_KEY_EXPIRED, // 23
KDC_ERR_PREAUTH_FAILED, // 24
KDC_ERR_PREAUTH_REQUIRED, // 25
KDC_ERR_SERVER_NOMATCH, // 26
KDC_ERR_MUST_USE_USER2USER, // 27
KDC_ERR_PATH_NOT_ACCEPTED, // 28
KDC_ERR_SVC_UNAVAILABLE, // 29
KRB_AP_ERR_BAD_INTEGRITY = 31, // 31
KRB_AP_ERR_TKT_EXPIRED, // 32
KRB_AP_ERR_TKT_NYV, // 33
KRB_AP_ERR_REPEAT, // 34
KRB_AP_ERR_NOT_US, // 35
KRB_AP_ERR_BADMATCH, // 36
KRB_AP_ERR_SKEW, // 37
KRB_AP_ERR_BADADDR, // 38
KRB_AP_ERR_BADVERSION, // 39
KRB_AP_ERR_MSG_TYPE, // 40
KRB_AP_ERR_MODIFIED, // 41
KRB_AP_ERR_BADORDER, // 42
KRB_AP_ERR_BADKEYVER = 44, // 44
KRB_AP_ERR_NOKEY, // 45
KRB_AP_ERR_MUT_FAIL, // 46
KRB_AP_ERR_BADDIRECTION, // 47
KRB_AP_ERR_METHOD, // 48
KRB_AP_ERR_BADSEQ, // 49
KRB_AP_ERR_INAPP_CKSUM, // 50
KRB_AP_PATH_NOT_ACCEPTED, // 51
KRB_ERR_RESPONSE_TOO_BIG, // 52
KRB_ERR_GENERIC = 60, // 60
KRB_ERR_FIELD_TOOLONG, // 61
KDC_ERROR_CLIENT_NOT_TRUSTED, // 62
KDC_ERROR_KDC_NOT_TRUSTED, // 63
KDC_ERROR_INVALID_SIG, // 64
KDC_ERROR_KEY_TOO_WEAK, // 65
KDC_ERR_CERTIFICATE_MISMATCH, // 66
KDC_AP_ERROR_NO_TGT, // 67
KDC_ERR_WRONG_REALM, // 68
KDC_AP_ERR_USER_TO_USER_REQURED, // 69
KDC_ERR_CANT_VERIFY_CERTIFICATE, // 70
KDC_ERR_INVALID_CERTIFICATE, // 71
KDC_ERR_REVOKED_CERTIFICATE, // 72
KDC_ERR_REVOCATION_STATUS_UNKNOWN, //73
KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, // 74
KDC_ERR_CLIENT_NAME_MISMATCH, // 75
KDC_ERR_KDC_NAME_MISMATCH // 76
};
// End Enum for error codes
// Values of padata type
enum{
PA_TGS_REQ = 1,
PA_ENC_TIMESTAMP, // 2
PA_PW_SALT, // 3
Reserved, // 4
PA_ENC_UNIX_TIME, // 5
PA_SANDIA_SECUREID, // 6
PA_SESAME, // 7
PA_OSF_DCE, // 8
PA_CYBERSAFE_SECUREID, // 9
PA_AFS3_SALT, // 0x0A
PA_ETYPE_INFO, // 0x0B
SAM_CHALLENGE, // 0x0C
SAM_RESPONSE, // 0x0D
PA_PK_AS_REQ, // 0x0E
PA_PK_AS_REP, // 0x0F
PA_PK_AS_SIGN, // 0x10
PA_PK_KEY_REQ, // 0x11
PA_PK_KEY_REP, // 0x12
PA_USE_SPECIFIELD_KVNO, // 0x13
SAM_REDIRECT, // 0x14
PA_GET_FROM_TYPED_DATA // 0x15
};
enum{
kdcoptions = 0,
cnamebody,
realmbody,
snamebody,
frombody,
tillbody,
rtimebody,
noncebody,
etypebody,
addressesbody,
encauthdatabody,
addtixbody
};
enum{
addrtype = 0,
address
};
enum{
etype = 0,
kvno,
cipher
};
enum{
PvnoApReq = 0,
MsgTypeApReq,
ApOptionsApReq,
TicketApReq,
AuthenticatorApReq
};
enum { ticket = 1};
enum{
Tixtkt_vno = 0,
TixRealm,
TixSname,
TixEnc_part
};
enum{
methodtype = 0,
methoddata
};
// kf 8/10 Rem the ifdef and trying to prevent global variables
// Using this statement to prevent multiple definitions
//#ifdef MAINPROG
// Defining these here while troubleshooting a report Access Violation
// Need to define the values locally and do away with as many of the
// Global variables as possible.
//KF 10/15 CHANGING TO LABELED_BIT IN ORDER TO TRY AND PHASE OUT
// QUAL_BITFIELDS AND USE QUAL_FLAGS. THERE ARE APPROX 15 BITFIELD
// USED IN KERBEROSDATABASE. I WILL COMMENT THERE WHERE I CHANGED TO FLAGS
// BUT I WILL NOT COMMENT THE LABLELS ANY MORE. ALL LABELED_BYTES HAVE BEEN
// CHANGED TO LABELED_BIT
//LABELED_BYTE ClassTag[] = {
LABELED_BYTE ClassTag[] = {
{0xC0, NULL},
{UNIVERSAL, "Class Tag (Universal)"},
{APPLICATION, "Class Tag (Application)"},
{CONTEXT_SPECIFIC, "Class Tag (Context Specific)"},
{PRIVATE, "Class Tag (Private)"},
};
SET ClassTagSet = { (sizeof(ClassTag)/sizeof(LABELED_BYTE)), ClassTag };
LABELED_BIT PC[] = {
{ 5, "P/C (Primitive)", "P/C (Constructed)"},
};
SET PCSet = { sizeof(PC)/sizeof(LABELED_BIT), PC };
LABELED_BYTE KrbMsgType[] = {
{0x1F, NULL},
{ASN1_KRB_AS_REQ, "KRB_AS_REQ"},
{ASN1_KRB_AS_REP, "KRB_AS_REP"},
{ASN1_KRB_TGS_REQ, "KRB_TGS_REQ"},
{ASN1_KRB_TGS_REP, "KRB_TGS_REP"},
{ASN1_KRB_AP_REQ, "KRB_AP_REQ"},
{ASN1_KRB_AP_REP, "KRB_AP_REP"},
{ASN1_KRB_SAFE, "KRB_SAFE"},
{ASN1_KRB_PRIV, "KRB_PRIV"},
{ASN1_KRB_CRED, "KRB_CRED"},
{ASN1_KRB_ERROR, "KRB_ERROR"}
};
SET KrbMsgTypeSet = { (sizeof(KrbMsgType)/sizeof(LABELED_BYTE)), KrbMsgType };
LABELED_BIT Length[] = {
{ 7, "Short Form", "Long Form"},
};
SET LengthSet = { sizeof(Length)/sizeof(LABELED_BIT), Length };
LABELED_BYTE UniversalTag[] = {
{0x1F, NULL},
{0x01, "BOOLEAN"},
{0x02, "INTEGER"},
{0x03, "BIT STRING"},
{0x04, "OCTET STRING"},
{0x05, "NULL"},
{0x06, "OBJECT IDENTIFIER"},
{0x07, "ObjectDescriptor"},
{0x08, "EXTERNAL"},
{0x09, "REAL"},
{0x0A, "ENUMERATED"},
{0x10, "SEQUENCE/SEQUENCE OF"},
{0x11, "SET/SET OF"},
{0x12, "NumericString"},
{0x13, "PrintableString"},
{0x14, "T61String"},
{0x15, "VideotexString"},
{0x16, "IA5String"},
{0x17, "UTCTime"},
{0x18, "GeneralizedTime"},
{0x19, "GraphicString"},
{0x1A, "VisibleString"},
{0x1B, "GeneralString"}
};
SET UniversalTagSet = { sizeof(UniversalTag)/sizeof(LABELED_BYTE), UniversalTag };
LABELED_BYTE KdcReqTag[] = {
{0x1F, NULL},
{PVNO, "Protocol Version 5 (pvno[1])"},
{MSGTYPE, "Kerberos Message Type (msg-type[2])"},
{PADATA, "Pre-Authentication Data (padata[3])"},
{REQBODY, "KDC-Req-Body (req-body[4])"}
};
SET KdcReqTagSet = { sizeof(KdcReqTag)/sizeof(LABELED_BYTE), KdcReqTag };
LABELED_BYTE PaDataTag[] = {
{0x1F, NULL},
{0x01, "padata-type[1]"},
{0x02, "padata-value[2]"}
};
SET PaDataTagSet = { sizeof(PaDataTag)/sizeof(LABELED_BYTE), PaDataTag };
// For kdcrep packet
LABELED_BYTE KdcRepTag[] = {
{0x1F, NULL},
{PvnoKdcRep, "Protocol Version 5 (pvno[0])"},
{MsgTypeKdcRep, "Kerberos Message Type (msg-type[1])"},
{PaDataKdcRep, "Pre-Auth (padata[2])"},
{CrealmKdcRep, "Realm (crealm[3])"},
{CnameKdcRep, "Principal ID (cname[4])"},
{TicketKdcRep, "Ticket (ticket[5])"},
{EncpartKdcRep, "CipherText (enc-part[6])"}
};
SET KdcRepTagSet = {sizeof(KdcRepTag)/sizeof(LABELED_BYTE), KdcRepTag};
LABELED_BYTE PrincipalName[] = {
{0x1F, NULL},
{nametype, "Name Type (name-type[0])"},
{namestring, "Name String (name-string[1])"}
};
SET PrincipalNameSet = {sizeof(PrincipalName)/sizeof(LABELED_BYTE), PrincipalName};
LABELED_BYTE PrincNameType[] = {
{0x1F, NULL},
{NT_UKNOWN, "NT_UNKNOWN (Name Type not Known)"},
{NT_PRINCIPAL, "NT_PRINCIPAL (Name of Principal)"},
{NT_SRV_INST, "NT_SRV_INST (Service & other unique Instance)"},
{NT_SRV_HST, "NT_SRV_HST (Serv with Host Name as Instance)"},
{NT_SRV_XHST, "NT_SRV_XHST (Service with Host as remaining components)"},
{NT_UID, "NT_UID (Unique ID)"},
{NT_X500_PRINCIPAL, "NT_X500_PRINCIPAL (Encoded X.509 Distinguished Name)"}
};
SET PrincNameTypeSet = {sizeof(PrincNameType)/sizeof(LABELED_BYTE), PrincNameType};
LABELED_BYTE KrbTicket[] = {
{0x1F, NULL},
{tktvno, "Ticket Version (tkt-vno[0])"},
{realm, "Realm (realm[1])"},
{sname, "Server ID (sname[2])"},
{encpart, "Cipher Text (enc-part[3])"}
};
SET KrbTicketSet = {sizeof(KrbTicket)/sizeof(LABELED_BYTE), KrbTicket};
LABELED_BYTE KrbTixApp1 [] = {
{0x1F, NULL},
{app1, "Ticket ::= [APPLICATION 1]"}
};
SET KrbTixApp1Set = {sizeof(KrbTixApp1)/sizeof(LABELED_BYTE), KrbTixApp1};
LABELED_BYTE KrbErrTag [] = {
{0x1F, NULL},
{PvnoErr, "Protocol Version (pvno[0])"},
{MsgtypeErr, "Message Type (msg-type[1])"},
{CtimeErr, "Client Current Time (ctime[2])"},
{CusecErr, "MicroSec on Client (cusec[3])"},
{StimeErr, "Server Current Time (stime[4])"},
{SusecErr, "MicroSec on Server (susec[5])"},
{ErrorcodeErr, "Error Code (error-code[6])"},
{CrealmErr, "Client Realm (crealm[7])"},
{CnameErr, "Client Name (cname[8])"},
{RealmErr, "Correct Realm (realm[9])"},
{SnameErr, "Server Name (sname[10])"},
{EtextErr, "Addtional Error Info (etext[11])"},
{EdataErr, "Error Handling Data (edata[12])"}
};
SET KrbErrTagSet = {sizeof(KrbErrTag)/sizeof(LABELED_BYTE), KrbErrTag};
LABELED_BYTE KrbErrCode [] = {
{0xFF, NULL},
{KDC_ERR_NONE, "No error"}, // 0
{KDC_ERR_NAME_EXP, "Client's entry in database has expired"}, // 1
{KDC_ERR_SERVICE_EXP, "Server's entry in database has expired"},// 2
{KDC_ERR_BAD_PVNO, "Requested protocol ver. number not supported"}, // 3
{KDC_ERR_C_OLD_MAST_KVNO, "Client's key encrypted in old master key"}, // 4
{KDC_ERR_S_OLD_MAST_KVNO, "Server's key encrypted in old master key"}, //5
{KDC_ERR_C_PRINCIPAL_UNKNOWN, "Client not found in Kerberos database"},//6
{KDC_ERR_S_PRINCIPAL_UNKNOWN, "Server not found in Kerberos database"},//7
{KDC_ERR_PRINCIPAL_NOT_UNIQUE, "Multiple principal entries in database"},//8
{KDC_ERR_NULL_KEY, "The client or server has a null key"},//9
{KDC_ERR_CANNOT_POSTDATE, "Ticket not eligible for postdating"},//10
{KDC_ERR_NEVER_VALID, "Requested start time is later than end time"},//11
{KDC_ERR_POLICY, "KDC policy rejects request"}, //12
{KDC_ERR_BADOPTION, "KDC cannot accommodate requested option"}, //13
{KDC_ERR_ETYPE_NOSUPP, "KDC has no support for encryption type"}, //14
{KDC_ERR_SUMTYPE_NOSUPP, "KDC has no support for checksum type"}, //15
{KDC_ERR_PADATA_TYPE_NOSUPP, "KDC has no support for padata type"}, //16
{KDC_ERR_TRTYPE_NOSUPP, "KDC has no support for transited type"}, //17
{KDC_ERR_CLIENT_REVOKED, "Clients credentials have been revoked"}, //18
{KDC_ERR_SERVICE_REVOKED, "Credentials for server have been revoked"}, //19
{KDC_ERR_TGT_REVOKED, "TGT has been revoked"}, //20
{KDC_ERR_CLIENT_NOTYET, "Client not yet valid try again later"}, //21
{KDC_ERR_SERVICE_NOTYET, "Server not yet valid try again later"}, //22
{KDC_ERR_KEY_EXPIRED, "Password has expired change password to reset"}, //23
{KDC_ERR_PREAUTH_FAILED, "Pre-authentication information was invalid"}, //24
{KDC_ERR_PREAUTH_REQUIRED, "Additional preauthentication required"}, //25
{KDC_ERR_SERVER_NOMATCH, "Requested Server and ticket don't match"}, // 26
{KDC_ERR_MUST_USE_USER2USER, "Server principal valid for user2user only"}, // 27
{KDC_ERR_PATH_NOT_ACCEPTED, "KDC Policy rejects transited patth"}, //28
{KDC_ERR_SVC_UNAVAILABLE, "A service is not available"}, // 29
{KRB_AP_ERR_BAD_INTEGRITY, "Integrity check on decrypted field failed"}, //31
{KRB_AP_ERR_TKT_EXPIRED, "Ticket expired"}, //32
{KRB_AP_ERR_TKT_NYV, "Ticket not yet valid"}, //33
{KRB_AP_ERR_REPEAT, "Request is a replay"}, //34
{KRB_AP_ERR_NOT_US, "The ticket isn't for us"}, //35
{KRB_AP_ERR_BADMATCH, "Ticket and authenticator don't match"}, //36
{KRB_AP_ERR_SKEW, "Clock skew too great"}, // 37
{KRB_AP_ERR_BADADDR, "Incorrect net address"}, // 38
{KRB_AP_ERR_BADVERSION, "Protocol version mismatch"}, // 39
{KRB_AP_ERR_MSG_TYPE, "Invalid msg type"}, // 40
{KRB_AP_ERR_MODIFIED, "Message stream modified"}, //41
{KRB_AP_ERR_BADORDER, "Message out of order"}, //42
{KRB_AP_ERR_BADKEYVER, "Specified version of key is not available"}, //44
{KRB_AP_ERR_NOKEY, "Service key not available"}, //45
{KRB_AP_ERR_MUT_FAIL, "Mutual authentication failed"}, // 46
{KRB_AP_ERR_BADDIRECTION, "Incorrect message direction"}, // 47
{KRB_AP_ERR_METHOD, "Alternative authentication method required"}, // 48
{KRB_AP_ERR_BADSEQ, "Incorrect sequence number in message"}, // 49
{KRB_AP_ERR_INAPP_CKSUM, "Inappropriate type of checksum in message"}, // 50
{KRB_AP_PATH_NOT_ACCEPTED, "Policy rejects transited path"}, // 51
{KRB_ERR_RESPONSE_TOO_BIG, "Response too big for UDP, retry with TCP"}, // 52
{KRB_ERR_GENERIC, "Generic error"}, // 60
{KRB_ERR_FIELD_TOOLONG, "Field is too long for this implementation"}, // 61
{KDC_ERROR_CLIENT_NOT_TRUSTED, "Client is not trusted"}, // 62
{KDC_ERROR_KDC_NOT_TRUSTED, "KDC is not trusted"}, // 63
{KDC_ERROR_INVALID_SIG, "Invalid signature"}, // 64
{KDC_ERROR_KEY_TOO_WEAK, "Key is too weak"}, // 65
{KDC_ERR_CERTIFICATE_MISMATCH, "Certificate does not match"}, // 66
{KDC_AP_ERROR_NO_TGT, "No TGT"}, // 67
{KDC_ERR_WRONG_REALM, "Wrong realm"}, // 68
{KDC_AP_ERR_USER_TO_USER_REQURED, "User to User required"}, // 69
{KDC_ERR_CANT_VERIFY_CERTIFICATE, "Can't verify certificate"}, // 70
{KDC_ERR_INVALID_CERTIFICATE, "Invalid certificate"}, // 71
{KDC_ERR_REVOKED_CERTIFICATE, "Revoked certificate"}, // 72
{KDC_ERR_REVOCATION_STATUS_UNKNOWN, "Revocation status unknown"}, //73
{KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, "Revocation status unavailable"}, // 74
{KDC_ERR_CLIENT_NAME_MISMATCH, "Client name mismatch"}, //75
{KDC_ERR_KDC_NAME_MISMATCH, "KDC name mismatch"} // 76
};
SET KrbErrCodeSet = {sizeof(KrbErrCode)/sizeof(LABELED_BYTE), KrbErrCode};
LABELED_BYTE PadataTypeVal [] = {
{0xFF, NULL},
{PA_TGS_REQ, "PA-TGS-REQ"},
{PA_ENC_TIMESTAMP, "PA-ENC-TIMESTAMP"},
{PA_PW_SALT, "PA-PW-SALT"},
{Reserved, "Reserved Value"},
{PA_ENC_UNIX_TIME, "PA-END-UNIX-TIME"},
{PA_SANDIA_SECUREID, "PA-SANDIA-SECUREID"},
{PA_AFS3_SALT, "PA-AFS3-SALT"},
{PA_ETYPE_INFO, "PA-ETYPE-INFO"},
{SAM_CHALLENGE, "SAM-CHALLENGE"},
{SAM_RESPONSE, "SAM-RESPONSE"},
{PA_PK_AS_REQ, "PA-PK-AS-REP"},
{PA_PK_AS_REP, "PA-PK-AS-REP"},
{PA_PK_AS_SIGN, "PA-PK-AS-SIGN"},
{PA_PK_KEY_REQ, "PA-PK-KEY-REQ"},
{PA_PK_KEY_REP, "PA-PK-KEY-REP"},
{PA_USE_SPECIFIELD_KVNO, "PA-USE-SPECIFIELD-KVNO"},
{SAM_REDIRECT, "SAM-REDIRECT"},
{PA_GET_FROM_TYPED_DATA, "PA-GET-FROM-TYPED-DATA"}
};
SET PadataTypeValSet = {sizeof(PadataTypeVal)/sizeof(LABELED_BYTE), PadataTypeVal};
LABELED_BYTE KdcReqBody [] = {
{0x1F, NULL},
{kdcoptions, "Ticket Flags (kdc-options[0])"},
{cnamebody, "Client Name (cname[1])"},
{realmbody, "Realm (realm[2])"},
{snamebody, "Server Name (sname[3])"},
{frombody, "Start Time (from[4])"},
{tillbody, "Expiration date (till[5])"},
{rtimebody, "Requested renew till (rtime[6])"},
{noncebody, "Random Number (nonce[7])"},
{etypebody, "Encryption Alg. (etype[8])"},
{addressesbody, "Addresses (addresses[9])"},
{encauthdatabody, "Cipher Text (enc-authorization-data[10])"},
{addtixbody, "Additional Tix (additional-ticketsp[11])"}
};
SET KdcReqBodySet = {sizeof(KdcReqBody)/sizeof(LABELED_BYTE), KdcReqBody};
LABELED_BYTE HostAddresses [] = {
{0x1F, NULL},
{addrtype, "Type of Address (addr-type[0])"},
{address, "Addresses (address[1])"}
};
SET HostAddressesSet = {sizeof(HostAddresses)/sizeof(LABELED_BYTE), HostAddresses};
// KDC-Options
LABELED_BIT KdcOptionFlags[] =
{ {31, "Reserved (Bit 0)", // 0 bit = Reserved,
"Reserved (Bit 0)"
},
{30, "Forwardable Bit Not Set (Bit 1)", // 1 bit = Fowardable
"Forwardable Bit Set (Bit 1)"
},
{29, "Forwarded Bit Not Set (Bit 2)", // 2 bit = Forwarded
"Fowarded Bit Set (Bit 2)"
},
{28, "Proxiable Bit Not Set (Bit 3)", // 3 bit = Proxiable
"Proxiable Bit Set (Bit 3)"
},
{27, "Proxy Bit Not Set (Bit 4)", // 4 bit = Proxy
"Proxy Bit Set (Bit 4)"
},
{26, "Allow-PostDate Bit Not Set (Bit 5)", // 5 bit = Allow-Postdate
"May-Postdate Bit Set (Bit 5)"
},
{25, "PostDated Bit Not Set (Bit 6)", // 6 bit = Postdated
"Postdated Bit Set (Bit 6)"
},
{24, "Unused (Bit 7)", // 7 bit = Unused
"Unused (Bit 7) "
},
{23, "Renewable Bit Not Set (Bit 8)", // 8 bit = Renewable
"Renewable Bit Set (Bit 8)"
},
{22, "Unused (Bit 9)", // 9 bit = Reserved
"Unused (Bit 9)"
},
{21, "Unused (Bit 10)", // 10 bit = Reserved
"Unused (Bit 10)"
},
{20, "Unused (Bit 11)", // 11 bit = Reserved
"Unused (Bit 11)"
},
{19, "Unused (Bit 12)", // 12 bit = Reserved
"Unused (Bit 12)"
},
{18, "Unused (Bit 13)", // 13 bit = Reserved
"Unused (Bit 13)"
},
{17, "Request-Anonymous Bit Not Set (Bit 14)", // 14 bit = Reserved
"Request-Anonymous Bit Set (Bit 14)"
},
{16, "Name-Canonicalize Bit Not Set (Bit 15)", // 15 bit = Reserved
"Name-Canonicalize Bit Set (Bit 15)"
},
{15, "Reserved (Bit 16)", // 16 bit = Reserved
"Reserved (Bit 16)"
},
{14, "Reserved (Bit 17)", // 17 bit = Reserved
"Reserved (Bit 17)"
},
{13, "Reserved (Bit 18)", // 18 bit = Reserved
"Reserved (Bit 18)"
},
{12, "Reserved (Bit 19)", // 19 bit = Reserved
"Reserved (Bit 19)"
},
{11, "Reserved (Bit 20)", // 20 bit = Reserved
"Reserved (Bit 20)"
},
{10, "Reserved (Bit 21)", // 21 bit = Reserved
"Reserved (Bit 21)"
},
{9, "Reserved (Bit 22)", // 22 bit = Reserved
"Reserved (Bit 22)"
},
{8, "Reserved (Bit 23)", // 23 bit = Reserved
"Reserved (Bit 23)"
},
{7, "Reserved (Bit 24)", // 24 bit = Reserved
"Reserved (Bit 24)"
},
{6, "Reserved (Bit 25)", // 25 bit = Reserved
"Reserved (Bit 25)"
},
{5, "Disable-Transited-Check Bit Not Set (Bit 26)", // 26 bit = Reserved
"Disable-Transited-Check Bit Set (Bit 26)"
},
{4, "Renewable-OK Bit Not Set (Bit 27)", // 27 bit = Renewable-OK
"Renewable-OK Bit Set (Bit 27)"
},
{3, "Enc-Tkt-In-Skey Bit Not Set (Bit 28)", // 28 bit = Enc-Tkt-In-Skey
"Enc-Tkt-In-Skey Bit Not Set (Bit 28)"
},
{2, "Reserved (Bit 29)", // 29 bit = Reserved
"Reserved (Bit 29)"
},
{1, "Renew Bit Not Set (Bit 30)", // 30 bit = Renew
"Renew Bit Set (Bit 30)"
},
{0, "Validate Bit Not Set (Bit 31)", // 31 bit = Validate
"Validate Bit Set (Bit 31)"
}
};
SET KdcOptionFlagsSet = {sizeof(KdcOptionFlags)/sizeof(LABELED_BIT), KdcOptionFlags};
LABELED_BYTE EncryptionType [] = {
{0xFF, NULL},
{KERB_ETYPE_RC4_HMAC_OLD, "RC4-HMAC-OLD"},
{KERB_ETYPE_RC4_PLAIN_OLD, "RC4-PLAIN-OLD"},
{KERB_ETYPE_RC4_HMAC_OLD_EXP, "RC4-HMAC-OLD-EXP"},
{KERB_ETYPE_RC4_PLAIN_OLD_EXP, "RC4-PLAIN-OLD-EXP"},
{KERB_ETYPE_RC4_PLAIN, "RC4-PLAIN"},
{KERB_ETYPE_RC4_PLAIN_EXP, "RC4-PLAIN-EXP"},
{KERB_ETYPE_NULL, "NULL"},
{KERB_ETYPE_DES_CBC_CRC, "DES-CBC-CRC"},
{KERB_ETYPE_DES_CBC_MD4, "DES-CBC-MD4"},
{KERB_ETYPE_DES_CBC_MD5, "DES-CBC-MD5"},
{KERB_ETYPE_DSA_SHA1_CMS, "DSA-SHA1-CMS"},
{KERB_ETYPE_RSA_MD5_CMS, "RSA-MD5-CMS"},
{KERB_ETYPE_RSA_SHA1_CMS, "RSA-SHA1-CMS"},
{KERB_ETYPE_RC2_CBC_ENV, "RC2-CBC-ENV"},
{KERB_ETYPE_RSA_ENV, "RSA-ENV"},
{KERB_ETYPE_RSA_ES_OEAP_ENV, "RSA-ES-OEAP-ENV"},
{KERB_ETYPE_DES_EDE3_CBC_ENV, "DES-EDE3-CBC-ENV"},
{KERB_ETYPE_DES_CBC_MD5_NT, "DES-CBC-MD5-NT"},
{KERB_ETYPE_RC4_HMAC_NT, "RC4-HMAC-NT"},
{KERB_ETYPE_RC4_HMAC_NT_EXP, "RC4-HMAC-NT-EXP"},
{KERB_ETYPE_OLD_RC4_MD4, "RC4-MD4-OLD"},
{KERB_ETYPE_OLD_RC4_PLAIN, "RC4-PLAIN-OLD"},
{KERB_ETYPE_OLD_RC4_LM, "RC4-LM-OLD"},
{KERB_ETYPE_OLD_RC4_SHA, "RC4-SHA-OLD"},
{KERB_ETYPE_OLD_DES_PLAIN, "DES-PLAIN-OLD"}
};
SET EncryptionTypeSet = {sizeof(EncryptionType)/sizeof(LABELED_BYTE), EncryptionType};
LABELED_BYTE EncryptedData[] ={
{0x1F, NULL},
{etype, "Encryption Type (etype[0])"},
{kvno, "Key Version Number (kvno[1])"},
{cipher, "Enciphered Text (cipher[2]"}
};
SET EncryptedDataSet = {sizeof(EncryptedData)/sizeof(LABELED_BYTE), EncryptedData};
LABELED_BYTE KrbApReq[] = {
{0x1F, NULL},
{PvnoApReq, "Protocol Version (pvno[0])"},
{MsgTypeApReq, "Message Type (msg-type[1])"},
{ApOptionsApReq, "AP Options (ap-options[2])"},
{TicketApReq, "Ticket (ticket[3])"},
{AuthenticatorApReq, "Authenticator (authenticator[4])"}
};
SET KrbApReqSet = {sizeof(KrbApReq)/sizeof(LABELED_BYTE), KrbApReq};
// AP-Options
LABELED_BIT ApOptionFlags[] =
{ {31, "Reserved (Bit 0)", // 0 bit = Reserved,
"Reserved (Bit 0)"
},
{30, "Use-Session-Key Bit Not Set(Bit 1)", // 1 bit = Use-Session-Key
"Use-Session-Key Bit Set (Bit 1)"
},
{29, "Mutual-Required Bit Not Set (Bit 2)", // 2 bit = Mutual-Required
"Mutual-Required Bit Set (Bit 2)"
},
{28, "Reserved (Bit 3)", // 3 bit = Reserved
"Reserved(Bit 3)"
},
{27, "Reserved (Bit 4)", // 4 bit = Reserved
"Reserved (Bit 4)"
},
{26, "Reserved (Bit 5)", // 5 bit = Reserved
"Reserved (Bit 5)"
},
{25, "Reserved (Bit 6)", // 6 bit = Reserved
"Reserved (Bit 6)"
},
{24, "Reserved (Bit 7)", // 7 bit = Reserved
"Reserved (Bit 7)"
},
{23, "Reserved (Bit 8)", // 8 bit = Reserved
"Reserved (Bit 8)"
},
{22, "Reserved (Bit 9)", // 9 bit = Reserved
"Reserved (Bit 9)"
},
{21, "Reserved (Bit 10)", // 10 bit = Reserved
"Reserved (Bit 10)"
},
{20, "Reserved (Bit 11)", // 11 bit = Reserved
"Reserved (Bit 11)"
},
{19, "Reserved (Bit 12)", // 12 bit = Reserved
"Reserved (Bit 12)"
},
{18, "Reserved (Bit 13)", // 13 bit = Reserved
"Reserved (Bit 13)"
},
{17, "Reserved (Bit 14)", // 14 bit = Reserved
"Reserved (Bit 14)"
},
{16, "Reserved (Bit 15)", // 15 bit = Reserved
"Reserved (Bit 15)"
},
{15, "Reserved (Bit 16)", // 16 bit = Reserved
"Reserved (Bit 16)"
},
{14, "Reserved (Bit 17)", // 17 bit = Reserved
"Reserved (Bit 17)"
},
{13, "Reserved (Bit 18)", // 18 bit = Reserved
"Reserved (Bit 18)"
},
{12, "Reserved (Bit 19)", // 19 bit = Reserved
"Reserved (Bit 19)"
},
{11, "Reserved (Bit 20)", // 20 bit = Reserved
"Reserved (Bit 20)"
},
{10, "Reserved (Bit 21)", // 21 bit = Reserved
"Reserved (Bit 21)"
},
{9, "Reserved (Bit 22)", // 22 bit = Reserved
"Reserved (Bit 22)"
},
{8, "Reserved (Bit 23)", // 23 bit = Reserved
"Reserved (Bit 23)"
},
{7, "Reserved (Bit 24)", // 24 bit = Reserved
"Reserved (Bit 24)"
},
{6, "Reserved (Bit 25)", // 25 bit = Reserved
"Reserved (Bit 25)"
},
{5, "Reserved (Bit 26)", // 26 bit = Reserved
"Reserved (Bit 26)"
},
{4, "Reserved (Bit 27)", // 27 bit = Renewable-OK
"Reserved (Bit 27)"
},
{3, "Reserved (Bit 28)", // 28 bit = Enc-Tkt-In-Skey
"Reserved (Bit 28)"
},
{2, "Reserved (Bit 29)", // 29 bit = Reserved
"Reserved (Bit 29)"
},
{1, "Reserved(Bit 30)", // 30 bit = Renew
"Reserved (Bit 30)"
},
{0, "Reserved (Bit 31)", // 31 bit = Reserved
"Reserved (Bit 31)"
}
};
SET ApOptionFlagsSet = {sizeof(ApOptionFlags)/sizeof(LABELED_BIT), ApOptionFlags};
LABELED_BYTE ApTicket[] = {
{0x1F, NULL},
{ticket, "AP Ticket"}
};
SET ApTicketSet = {sizeof(ApTicket)/sizeof(LABELED_BYTE), ApTicket};
LABELED_BYTE TicketStruct[] = {
{0x1F, NULL},
{Tixtkt_vno, "Ticket Version Number (tkt-vno[0])"},
{TixRealm, "Issuing Realm (realm[1])"},
{TixSname, "Server (sname[2])"},
{TixEnc_part, "Cipher Encoding (enc-part[3])"}
};
SET TicketStructSet = {sizeof(TicketStruct)/sizeof(LABELED_BYTE), TicketStruct};
LABELED_BYTE MethodDataType[] = {
{0x1F, NULL},
{methodtype, "Req. Alt. Method (method-type[0])"},
{methoddata, "Req. Alt. Info (method-data[1])"}
};
SET MethodDataSet = { (sizeof(MethodDataType)/sizeof(LABELED_BYTE)), MethodDataType};
//=============================================================================
// Kerberos database.
//=============================================================================
//KF 10/19/99 NEED TO GO THROUGH AND WEED OUT DUPLICATE NODES. ALSO
// NEED TO RENAME THE DUPLICATES WHICH ARE NEEDED BECAUSE OF DIFFERENT
// DATATYPE LABELS.
PROPERTYINFO KerberosDatabase[] =
{
{ // KerberosSummary 0x00
// Global Variable,description for all Kerberos Message Types
0,0,
MsgType,
"Kerberos Packet",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KerberosIDSummary 0x01
// Global Variable, used in identifying the Identifier Octet for Kerberos frames
0,0,
"Message Type",
"Display Message Type",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KerberosClassTag 0x02
// Global Variable used to display ASN.1 Class tag of initial Identifier octet
0,0,
"Class Tag",
"Display Class Tag",
PROP_TYPE_BYTE,
//PROP_QUAL_FLAGS,
PROP_QUAL_LABELED_BITFIELD,
&ClassTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // PCIdentifier 0x03
// Global Variable, used to determine method of encoding used.
0,0,
"P/C",
"Display Primitive/Constructed",
PROP_TYPE_BYTE,
PROP_QUAL_FLAGS,
&PCSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // ASN1UnivTag 0x04
// Global Variable, probably needs to be renamed. This takes the last 5 bits
// of the Initial Identifier Octet and prints out the message type of the packet
0,0,
"Contents",
"Display Contents",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&UniversalTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // LengthSummary 0x05
0,0,
"Length Summary",
"Display Length Summary",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // LengthFlag 0x06
// Global Variable, Used in determining if the ASN.1 length octet is short or long form
0,0,
"Length Flag",
"Display Length Flag",
PROP_TYPE_BYTE,
PROP_QUAL_FLAGS,
&LengthSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // LengthBits 0x07
// Global Variable, used for labeling
0,0,
"Number of Octets (Size)",
"Display Number of Octets (Size)",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // LongLength1 0x08
// Global Variable, used for labeling values spanning multiple octets
0,0,
"Size (BSW)",
"Display Size (Long)",
PROP_TYPE_BYTESWAPPED_WORD,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // LongLength2 0x09
// Not sure about this one but looks to be for labeling
0,0,
"Size (B)",
"Display Size (short)",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // ASNIdentifier 0x0A
// Global, used for labeling of ASN.1 Identifier Octets
0,0,
"Identifier",
"Display Identifier Octet",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // UniversalTagID 0x0B
//Global, Used for displaying ASN.1 Universal Class Tags
0,0,
"Tag Number",
"Display Tag Number (Bitfield)",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&UniversalTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KdcReqTagID 0x0C
0,0,
"KERB_KDC_REQ Type",
"Dipslay KERB_KDC_REQ Summary",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KdcReqTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KdcReqSeq 0x0D
0,0,
"Tag Number (BF)",
"Display Tag Number",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KdcReqTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KdcReqSeqLength 0x0E
// Global, however only used to represent the body of kdc-req packets
0,0,
"Length",
"Length",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // ASN1UnivTagSumID 0x0F
// This points to the Universal Class Tags
//Used to display summary
0,0,
"Univ. Class Tag",
"Universal Class Tag",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&UniversalTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KdcContentsValue 0x10
// Global label
0,0,
"Value",
"Value",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // PaDataSummary 0x11
// Global Displays values for the PADATA type
0,0,
"PA-DATA Type",
"PA-DATA Summary",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&PaDataTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // PaDataSeq 0x12
0,0,
"Tag Number",
"Tag Number",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&PaDataTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // DispString 0x13
0,0,
"Value",
"Value",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KerberosIdentifier 0x14
0,0,
"KRB MSG-Type Identifier",
"Displays Kerberos Message Type",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
//PROP_QUAL_FLAGS,
&KrbMsgTypeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // lblTagNumber 0x15
// Created this as a lable
0,0,
"Tag Number",
"Display Explicit Tags",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KdcRepTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KdcRepTagID 0x16
0,0,
"KERB_KDC_REP Tag",
"Struct of KDC-REP packet",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KdcRepTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KrbPrincipalNamelSet 0x17
0, 0,
"Principal Name",
"PrincipalName Structure",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&PrincipalNameSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KrbPrincNameType 0x18
0, 0,
"Name Type",
"Principal Name Type",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&PrincNameTypeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbPrincipalNamelBitF 0x19
0, 0,
"Name Type",
"Principal Name Type",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&PrincipalNameSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KrbTicketID 0x1A
0,0,
"Kerberos Ticket",
"Kerberos Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KrbTicketSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KrbTixApp1ID 0x1B
0, 0,
"Ticket Identifier",
"Tag for Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KrbTixApp1Set,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // KrbErrTagID 0x1C
// Global Displays values for the KRB-ERR type
0,0,
"KRB-ERROR",
"KRB-ERROR Packet",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KrbErrTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // DispTimeID 0x1D
0,0,
"Micro Sec",
"Micro Seconds",
PROP_TYPE_BYTESWAPPED_DWORD,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbErrTagSumID 0x1E
// Used in the inital display of KRB-ERROR
0,0,
"KRB-ERROR",
"Kerberos Error",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbErrTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbTixAppSumID 0x1F
//Used in summary displays of Explicit Application Tags
0,0,
"Explicit Tag",
"Explicit Tags",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbTixApp1Set,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbTicketSumID 0x20
// Used in summary displays of Ticket Variables
0,0,
"KRB-Ticket",
"Kerberos Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbTicketSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbErrCodeID 0x21
//Used to display Kerberos Error Codes
0,0,
"Kerberos Error",
"Kerberos Error",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbErrCodeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbMsgTypeID 0x22
0,0,
"Contents",
"Display Contents Octet",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbMsgTypeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //PadataTypeValID 0x23
0,0,
"padata-type",
"Value of padata-type",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&PadataTypeValSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //CipherTextDisp 0x24
// Changed display from Cipher Text to Length. Could possibly get rid of this
// Leaving it in place in case we need to break down padata.
0, 0,
"Length",
"Display Cipher Text",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //FragUdpID 0x25
0,0,
"Fragmented Kerberos cont.",
"Display Fragmented Kerberos Packets",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KdcReqBodyID 0x26
0,0,
"KDC-Req-Body",
"KDC Req Body",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KdcReqBodySet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KdcReqBodyBitF 0x27
0,0,
"KDC-Req-Body",
"KDC Req Body",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KdcReqBodySet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //HostAddressesID 0x28
0,0,
"Addresses",
"Addresses",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&HostAddressesSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //HostAddressesBitF 0x29
0,0,
"Addresses",
"Addresses",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&HostAddressesSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // DispStringCliName 0x2A
0,0,
"Client Name",
"Display Client Name",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringRealmName 0x2B
0,0,
"Realm Name",
"Display Realm Name",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringServerName 0x2C
0,0,
"Server Name",
"Display Server Name",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringTixFlag 0x2D
0,0,
"Ticket Flags",
"Display Ticket Flags",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringExpDate 0x2E
0,0,
"Expiration Date",
"Display Expiration Date",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringPostDate 0x2F
0,0,
"Post Date",
"Display Post Date",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringRenewTill 0x30
0,0,
"Renew Till",
"Display Renew Till Time",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumRandomNumber 0x31
0,0,
"Random Number",
"Display Random Number",
PROP_TYPE_BYTESWAPPED_DWORD,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumEtype 0x32
0,0,
"Encryption Type",
"Display Encryption Type",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringAddresses 0x33
0,0,
"Client Host Address",
"Display Random Number",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSummary 0x34
0,0,
"Summary (ASN.1)",
"Display ASN.1 Summary",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringCliRealm 0x35
0,0,
"Client Realm",
"Display Client's Realm",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispProtocolVer 0x36
0,0,
"Kerberos Protocol Version",
"Display Kerberos Protocol Version",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispKerbMsgType 0x37
0,0,
"Kerberos Message Type",
"Display Kerberos Message Type",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbMsgTypeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumPreAuth 0x38
0,0,
"Pre-Authentication Data",
"Display Pre-Authentication Date",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumReqBody 0x39
0,0,
"KDC Request Body",
"Display KDC Request Body",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumKerbTix 0x3A
0,0,
"Kerberos Ticket",
"Display Kerberos Ticket",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumTixVer 0x3B
0,0,
"Ticket Version",
"Display Ticket Version",
PROP_TYPE_BYTE,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispCipherText 0x3C
0,0,
"Cipher Text",
"Display Text",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringCliTime 0x3D
0,0,
"Current Client Time",
"Display Client's Current Time",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumCuSec 0x3E
0,0,
"MicroSec Of Client",
"Display Microseconds of Client",
PROP_TYPE_BYTESWAPPED_DWORD,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringSrvTime 0x3F
0,0,
"Current Server Time",
"Display Server's Current Time",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumSuSec 0x40
0,0,
"MicroSec Of Server",
"Display Microseconds of Server",
PROP_TYPE_BYTESWAPPED_DWORD,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumKerbErr 0x41
0,0,
"Kerberos Error",
"Display Kerberos Error",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbErrCodeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringErrorText 0x42
0,0,
"Error Text",
"Display Error Text",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispStringErrorData 0x43
0,0,
"Error Data",
"Display Error Data",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // DispFlagKdcOptions 0x44
0,0,
"KDC-Option Flags",
"Specifies KDC-Option Flags",
PROP_TYPE_BYTESWAPPED_DWORD,
PROP_QUAL_FLAGS,
&KdcOptionFlagsSet,
80 * 32,
FormatPropertyInstance },
{ //DispStringServNameGS 0x45
0,0,
"Server Name",
"Displays General Strings",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispSumEtype2 0x46
0,0,
"Encryption Type",
"Display Encryption Type",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&EncryptionTypeSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //EncryptedDataTag 0x47
0,0,
"Encrypted Data",
"Display Encrypted Data",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&EncryptedDataSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //EncryptedDataTagBitF 0x48
0,0,
"Encrypted Data",
"Encrypted Data",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&EncryptedDataSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbApReqID 0x49
0,0,
"Kerb-AP-Req",
"Display AP-Req",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&KrbApReqSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KrbApReqBitF 0x4A
0,0,
"Kerb-AP-Req",
"Display AP Req ASN.1",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&KrbApReqSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispApOptionsSum 0x4B
0,0,
"AP Options",
"Display AP Option Flags",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispFlagApOptions 0x4C
0,0,
"AP-Option Flags",
"Specifies AP-Option Flags",
PROP_TYPE_BYTESWAPPED_DWORD,
PROP_QUAL_FLAGS,
&ApOptionFlagsSet,
80 * 32,
FormatPropertyInstance },
{ //DispSumTicket 0x4D
0,0,
"Ticket",
"Display Ticket",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //ApTicketID 0x4E
0,0,
"Kerb-Ticket",
"Display Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&ApTicketSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //ApTicketBitF 0x4F
0,0,
"Kerb-Ticket",
"Display Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&ApTicketSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //TicketStructID 0x50
0,0,
"Kerb-Ticket",
"Display Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&TicketStructSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //TicketStructBitF 0x51
0,0,
"Kerb-Ticket",
"Display Ticket",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&TicketStructSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //KerberosDefaultlbl 0x52
// Kerberos continuation packets
0,0,
"Kerberos Packet (Cont.) Use the Coalescer to view contents",
"Display Kerberos Continuation Packets",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // PaDataSummaryMulti 0x53
// Global Displays values for the PADATA type if integer is multiple octets
0,0,
"PA-DATA Type",
"PA-DATA Summary",
PROP_TYPE_BYTESWAPPED_WORD,
PROP_QUAL_LABELED_SET,
&PaDataTagSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // Certificatelbl 0x54
// Because I couldn't find the ASN.1 layout for the certificates
// Present in AS-Req and Rep's, I'm labeling the bits for now
0,0,
"Certificate Data",
"Certificate Data Label",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ //DispEncryptionOptions 0x55
0,0,
"Supported Encryption Types",
"Available Encryption Type",
PROP_TYPE_SUMMARY,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // MethodDataSummary 0x56
// Global Displays values for the PADATA type if integer is multiple octets
0,0,
"Method-Data Type",
"Method-Data Type Summary",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_SET,
&MethodDataSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // MethodDataBitF 0x57
// Global Displays values for the PADATA type if integer is multiple octets
0,0,
"Method-Data ",
"Method-Data Display",
PROP_TYPE_BYTE,
PROP_QUAL_LABELED_BITFIELD,
&MethodDataSet,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance},
{ // DispReqAddInfo 0x58
0,0,
"Required Additional Info",
"Req Add Info Summary",
PROP_TYPE_STRING,
PROP_QUAL_NONE,
0,
FORMAT_BUFFER_SIZE,
FormatPropertyInstance}
};
DWORD nKerberosProperties = ((sizeof KerberosDatabase) / PROPERTYINFO_SIZE);