[Wireshark-commits] master 3eb94b0: smb2: implement generation of SMB3.1.1 decryption keys

Tue, 22 Jan 2019 10:58:05 -0800 

URL: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3eb94b0e4fce06230a871a93904052be909a96f6
Submitter: "Peter Wu <pe...@lekensteyn.nl>"
Changed: branch: master
Repository: wireshark

Commits:

3eb94b0 by Aurelien Aptel (aap...@suse.com):

    smb2: implement generation of SMB3.1.1 decryption keys
    
    * implement preauth hashing
    
    keep hash state in conversation object
    
    - preauth_hash_con for connection hash state
    - preauth_hash_ses for session preauth hash state
    - preauth_hash_current points to either one of the above depending
      on where we are in the connection state
    - store final session preauth hash in session object
    
    store per-packet hash in the saved packet data
    object (smb2_saved_info_t) and display it as generated field.
    
    since request and responses share the same pointer, make a hash buffer
    for each (preauth_hash_req, preauth_hash_res).
    
    * implement 3.1.1 key derivation
    
    use session preauth hash to generate the keys
    
    * sample
    
    Sample from https://wiki.wireshark.org/SampleCaptures#SMB3.1.1_encryption
    can be loaded as follows:
    
        tshark 
-ouat:smb2_seskey_list:690000ac1c280000,b25a135fc3dc14269f20d7cbc8716b6b -r 
smb311-aes-128-ccm-filt.pcap
    
    To obtain the session id and key you can compile your kernel with
    CIFS_DEBUG_KEYS enabled and all the info should be printed on the
    console when cifs.ko generates keys. The patch that adds this
    config option merged in Linux 4.13 kernel.
    
    Change-Id: Iee41ef9e2dd93795a0c7953fdd1f5256fe477dd2
    Reviewed-on: https://code.wireshark.org/review/31659
    Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Peter Wu <pe...@lekensteyn.nl>
    

Actions performed:

    from  0751504   test: enable GUI tests on Linux, headless
     add  3eb94b0   smb2: implement generation of SMB3.1.1 decryption keys


Summary of changes:
 epan/dissectors/packet-smb2.c | 159 +++++++++++++++++++++++++++++++++++++++---
 epan/dissectors/packet-smb2.h |   9 +++
 2 files changed, 157 insertions(+), 11 deletions(-)
___________________________________________________________________________
Sent via:    Wireshark-commits mailing list <wireshark-commits@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-commits
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-commits
             mailto:wireshark-commits-requ...@wireshark.org?subject=unsubscribe

Reply via email to