1062
#define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; }
1064
static void renew_ue_cache(void) {
1066
static snmp_ue_assoc_t* a;
1068
localized_ues = NULL;
1069
unlocalized_ues = NULL;
1071
for(a = ue_assocs; a->user.userName.data; a++) {
1072
if (a->engine.data) {
1073
CACHE_INSERT(localized_ues,a);
1075
CACHE_INSERT(unlocalized_ues,a);
1083
static snmp_ue_assoc_t* localize_ue( snmp_ue_assoc_t* o, const guint8* engine, guint engine_len ) {
1084
snmp_ue_assoc_t* n = se_memdup(o,sizeof(snmp_ue_assoc_t));
1085
guint key_size = n->user.authModel->key_size;
1087
n->engine.data = se_memdup(engine,engine_len);
1088
n->engine.len = engine_len;
1090
n->user.authKey.data = se_alloc(key_size);
1091
n->user.authKey.len = key_size;
1092
n->user.authModel->pass2key(n->user.authPassword.data,
1093
n->user.authPassword.len,
1096
n->user.authKey.data);
1098
n->user.privKey.data = se_alloc(key_size);
1099
n->user.privKey.len = key_size;
1100
n->user.authModel->pass2key(n->user.privPassword.data,
1101
n->user.privPassword.len,
1104
n->user.privKey.data);
1110
#define localized_match(a,u,ul,e,el) \
1111
( a->user.userName.len == ul \
1112
&& a->engine.len == el \
1113
&& memcmp( a->user.userName.data, u, (a->user.userName.len < ul) ? a->user.userName.len : ul ) == 0 \
1114
&& memcmp( a->engine.data, e, (a->engine.len < el) ? a->engine.len : el ) == 0 )
1116
#define unlocalized_match(a,u,l) \
1117
( a->user.userName.len == l && memcmp( a->user.userName.data, u, a->user.userName.len < l ? a->user.userName.len : l) == 0 )
1119
static snmp_ue_assoc_t* get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb) {
1120
static snmp_ue_assoc_t* a;
1121
guint given_username_len;
1122
guint8* given_username;
1123
guint given_engine_len;
1124
guint8* given_engine;
1126
if ( ! (localized_ues || unlocalized_ues ) ) return NULL;
1128
if (! ( user_tvb && engine_tvb ) ) return NULL;
1130
given_username_len = tvb_length_remaining(user_tvb,0);
1131
given_username = ep_tvb_memdup(user_tvb,0,-1);
1132
given_engine_len = tvb_length_remaining(engine_tvb,0);
1133
given_engine = ep_tvb_memdup(engine_tvb,0,-1);
1135
for (a = localized_ues; a; a = a->next) {
1136
if ( localized_match(a, given_username, given_username_len, given_engine, given_engine_len) ) {
1141
for (a = unlocalized_ues; a; a = a->next) {
1142
if ( unlocalized_match(a, given_username, given_username_len) ) {
1143
snmp_ue_assoc_t* n = localize_ue( a, given_engine, given_engine_len );
1144
CACHE_INSERT(localized_ues,n);
1152
static void destroy_ue_assocs(snmp_ue_assoc_t* assocs) {
1156
for(a = assocs; a->user.userName.data; a++) {
1157
g_free(a->user.userName.data);
1158
if (a->user.authKey.data) g_free(a->user.authKey.data);
1159
if (a->user.privKey.data) g_free(a->user.privKey.data);
1160
if (a->engine.data) g_free(a->engine.data);
1168
gboolean snmp_usm_auth_md5(snmp_usm_params_t* p, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error) {
1175
guint8 calc_auth[16];
1181
*error = "No Authenticator";
1185
key = p->user_assoc->user.authKey.data;
1186
key_len = p->user_assoc->user.authKey.len;
1189
*error = "User has no authKey";
1194
auth_len = tvb_length_remaining(p->auth_tvb,0);
1196
if (auth_len != 12) {
1197
*error = "Authenticator length wrong";
1201
msg_len = tvb_length_remaining(p->msg_tvb,0);
1202
msg = ep_tvb_memdup(p->msg_tvb,0,msg_len);
1205
auth = ep_tvb_memdup(p->auth_tvb,0,auth_len);
1207
start = p->auth_offset - p->start_offset;
1208
end = start + auth_len;
1210
/* fill the authenticator with zeros */
1211
for ( i = start ; i < end ; i++ ) {
1215
md5_hmac(msg, msg_len, key, key_len, calc_auth);
1217
if (calc_auth_p) *calc_auth_p = calc_auth;
1218
if (calc_auth_len_p) *calc_auth_len_p = 12;
1220
return ( memcmp(auth,calc_auth,12) != 0 ) ? FALSE : TRUE;
1224
gboolean snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_) {
1231
guint8 calc_auth[20];
1237
*error = "No Authenticator";
1241
key = p->user_assoc->user.authKey.data;
1242
key_len = p->user_assoc->user.authKey.len;
1245
*error = "User has no authKey";
1250
auth_len = tvb_length_remaining(p->auth_tvb,0);
1253
if (auth_len != 12) {
1254
*error = "Authenticator length wrong";
1258
msg_len = tvb_length_remaining(p->msg_tvb,0);
1259
msg = ep_tvb_memdup(p->msg_tvb,0,msg_len);
1261
auth = ep_tvb_memdup(p->auth_tvb,0,auth_len);
1263
start = p->auth_offset - p->start_offset;
1264
end = start + auth_len;
1266
/* fill the authenticator with zeros */
1267
for ( i = start ; i < end ; i++ ) {
1271
sha1_hmac(key, key_len, msg, msg_len, calc_auth);
1273
if (calc_auth_p) *calc_auth_p = calc_auth;
1274
if (calc_auth_len_p) *calc_auth_len_p = 12;
1276
return ( memcmp(auth,calc_auth,12) != 0 ) ? FALSE : TRUE;
1279
tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_) {
1280
#ifdef HAVE_LIBGCRYPT
1282
gcry_cipher_hd_t hd = NULL;
1285
guint8* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */
1286
guint8* pre_iv = &(p->user_assoc->user.privKey.data[8]); /* last 8 bytes */
1291
tvbuff_t* clear_tvb;
1296
salt_len = tvb_length_remaining(p->priv_tvb,0);
1298
if (salt_len != 8) {
1299
*error = "decryptionError: msgPrivacyParameters lenght != 8";
1303
salt = ep_tvb_memdup(p->priv_tvb,0,salt_len);
1306
The resulting "salt" is XOR-ed with the pre-IV to obtain the IV.
1308
for (i=0; i<8; i++) {
1309
iv[i] = pre_iv[i] ^ salt[i];
1312
cryptgrm_len = tvb_length_remaining(encryptedData,0);
1314
if (cryptgrm_len % 8) {
1315
*error = "decryptionError: the length of the encrypted data is not a mutiple of 8 octets";
1319
cryptgrm = ep_tvb_memdup(encryptedData,0,-1);
1321
cleartext = ep_alloc(cryptgrm_len);
1323
err = gcry_cipher_open(&hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0);
1324
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1326
err = gcry_cipher_setiv(hd, iv, 8);
1327
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1329
err = gcry_cipher_setkey(hd,des_key,8);
1330
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1332
err = gcry_cipher_decrypt(hd, cleartext, cryptgrm_len, cryptgrm, cryptgrm_len);
1333
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1335
gcry_cipher_close(hd);
1337
clear_tvb = tvb_new_real_data(cleartext, cryptgrm_len, cryptgrm_len);
1342
*error = (void*)gpg_strerror(err);
1343
if (hd) gcry_cipher_close(hd);
1346
*error = "libgcrypt not present, cannot decrypt";
1351
tvbuff_t* snmp_usm_priv_aes(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_) {
1352
#ifdef HAVE_LIBGCRYPT
1354
gcry_cipher_hd_t hd = NULL;
1357
guint8* aes_key = p->user_assoc->user.privKey.data; /* first 16 bytes */
1362
tvbuff_t* clear_tvb;
1364
priv_len = tvb_length_remaining(p->priv_tvb,0);
1366
if (priv_len != 8) {
1367
*error = "decryptionError: msgPrivacyParameters lenght != 8";
1371
iv[0] = (p->boots & 0xff000000) >> 24;
1372
iv[1] = (p->boots & 0x00ff0000) >> 16;
1373
iv[2] = (p->boots & 0x0000ff00) >> 8;
1374
iv[3] = (p->boots & 0x000000ff);
1375
iv[4] = (p->time & 0xff000000) >> 24;
1376
iv[5] = (p->time & 0x00ff0000) >> 16;
1377
iv[6] = (p->time & 0x0000ff00) >> 8;
1378
iv[7] = (p->time & 0x000000ff);
1379
tvb_memcpy(p->priv_tvb,&(iv[8]),0,8);
1381
cryptgrm_len = tvb_length_remaining(encryptedData,0);
1382
cryptgrm = ep_tvb_memdup(encryptedData,0,-1);
1384
cleartext = ep_alloc(cryptgrm_len);
1386
err = gcry_cipher_open(&hd, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CFB, 0);
1387
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1389
err = gcry_cipher_setiv(hd, iv, 16);
1390
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1392
err = gcry_cipher_setkey(hd,aes_key,16);
1393
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1395
err = gcry_cipher_decrypt(hd, cleartext, cryptgrm_len, cryptgrm, cryptgrm_len);
1396
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1398
gcry_cipher_close(hd);
1400
clear_tvb = tvb_new_real_data(cleartext, cryptgrm_len, cryptgrm_len);
1405
*error = (void*)gpg_strerror(err);
1406
if (hd) gcry_cipher_close(hd);
1409
*error = "libgcrypt not present, cannot decrypt";
1415
gboolean check_ScopedPdu(tvbuff_t* tvb) {
1420
int hoffset, eoffset;
1423
offset = get_ber_identifier(tvb, 0, &class, &pc, &tag);
1424
offset = get_ber_length(NULL, tvb, offset, NULL, NULL);
1426
if ( ! (((class!=BER_CLASS_APP) && (class!=BER_CLASS_PRI) )
1427
&& ( (!pc) || (class!=BER_CLASS_UNI) || (tag!=BER_UNI_TAG_ENUMERATED) )
1430
if((tvb_get_guint8(tvb, offset)==0)&&(tvb_get_guint8(tvb, offset+1)==0))
1435
offset = get_ber_identifier(tvb, offset, &class, &pc, &tag);
1436
offset = get_ber_length(NULL, tvb, offset, &len, NULL);
1437
eoffset = offset + len;
1439
if (eoffset <= hoffset) return FALSE;
1441
if ((class!=BER_CLASS_APP)&&(class!=BER_CLASS_PRI))
1442
if( (class!=BER_CLASS_UNI)
1443
||((tag<BER_UNI_TAG_NumericString)&&(tag!=BER_UNI_TAG_OCTETSTRING)&&(tag!=BER_UNI_TAG_UTF8String)) )
1043
1450
#include "packet-snmp-fn.c"
1046
1454
dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo,
1047
1455
proto_tree *tree, int proto, gint ett, gboolean is_tcp)
1288
1711
dissect_SMUX_PDUs_PDU(tvb, pinfo, tree);
1716
MD5 Password to Key Algorithm
1719
void snmp_usm_password_to_key_md5(const guint8 *password,
1721
const guint8 *engineID,
1725
guint8 *cp, password_buf[64];
1726
guint32 password_index = 0;
1727
guint32 count = 0, i;
1729
md5_init(&MD); /* initialize MD5 */
1731
/**********************************************/
1732
/* Use while loop until we've done 1 Megabyte */
1733
/**********************************************/
1734
while (count < 1048576) {
1736
for (i = 0; i < 64; i++) {
1737
/*************************************************/
1738
/* Take the next octet of the password, wrapping */
1739
/* to the beginning of the password as necessary.*/
1740
/*************************************************/
1741
*cp++ = password[password_index++ % passwordlen];
1743
md5_append(&MD, password_buf, 64);
1746
md5_finish(&MD, key1); /* tell MD5 we're done */
1748
/*****************************************************/
1749
/* Now localize the key with the engineID and pass */
1750
/* through MD5 to produce final key */
1751
/* May want to ensure that engineLength <= 32, */
1752
/* otherwise need to use a buffer larger than 64 */
1753
/*****************************************************/
1756
md5_append(&MD, key1, 16);
1757
md5_append(&MD, engineID, engineLength);
1758
md5_append(&MD, key1, 16);
1759
md5_finish(&MD, key);
1768
SHA1 Password to Key Algorithm COPIED from RFC 3414 A.2.2
1771
void snmp_usm_password_to_key_sha1(const guint8 *password,
1773
const guint8 *engineID,
1777
guint8 *cp, password_buf[72];
1778
guint32 password_index = 0;
1779
guint32 count = 0, i;
1781
sha1_starts(&SH); /* initialize SHA */
1783
/**********************************************/
1784
/* Use while loop until we've done 1 Megabyte */
1785
/**********************************************/
1786
while (count < 1048576) {
1788
for (i = 0; i < 64; i++) {
1789
/*************************************************/
1790
/* Take the next octet of the password, wrapping */
1791
/* to the beginning of the password as necessary.*/
1792
/*************************************************/
1793
*cp++ = password[password_index++ % passwordlen];
1795
sha1_update (&SH, password_buf, 64);
1798
sha1_finish(&SH, key);
1800
/*****************************************************/
1801
/* Now localize the key with the engineID and pass */
1802
/* through SHA to produce final key */
1803
/* May want to ensure that engineLength <= 32, */
1804
/* otherwise need to use a buffer larger than 72 */
1805
/*****************************************************/
1806
memcpy(password_buf, key, 20);
1807
memcpy(password_buf+20, engineID, engineLength);
1808
memcpy(password_buf+20+engineLength, key, 20);
1811
sha1_update(&SH, password_buf, 40+engineLength);
1812
sha1_finish(&SH, key);
1292
1818
process_prefs(void)
1294
#ifdef HAVE_SOME_SNMP
1820
#ifdef HAVE_NET_SNMP
1295
1821
gchar *tmp_mib_modules;
1296
1822
static gboolean mibs_loaded = FALSE;