+static u_char *
+do_decrypt(netdissect_options *ndo, const char *caller, struct sa_list *sa,
+ const u_char *iv, const u_char *ct, unsigned int ctlen)
+{
+ EVP_CIPHER_CTX *ctx;
+ unsigned int block_size;
+ unsigned int ptlen;
+ u_char *pt;
+ int len;
+
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL) {
+ /*
+ * Failed to initialize the cipher context.
+ * From a look at the OpenSSL code, this appears to
+ * mean "couldn't allocate memory for the cipher context";
+ * note that we're not passing any parameters, so there's
+ * not much else it can mean.
+ */
+ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+ "%s: can't allocate memory for cipher context", caller);
+ return NULL;
+ }
+
+ if (set_cipher_parameters(ctx, sa->evp, sa->secret, NULL) < 0) {
+ EVP_CIPHER_CTX_free(ctx);
+ (*ndo->ndo_warning)(ndo, "%s: espkey init failed", caller);
+ return NULL;
+ }
+ if (set_cipher_parameters(ctx, NULL, NULL, iv) < 0) {
+ EVP_CIPHER_CTX_free(ctx);
+ (*ndo->ndo_warning)(ndo, "%s: IV init failed", caller);
+ return NULL;
+ }
+
+ /*
+ * At least as I read RFC 5996 section 3.14 and RFC 4303 section 2.4,
+ * if the cipher has a block size of which the ciphertext's size must
+ * be a multiple, the payload must be padded to make that happen, so
+ * the ciphertext length must be a multiple of the block size. Fail
+ * if that's not the case.
+ */
+ block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
+ if ((ctlen % block_size) != 0) {
+ EVP_CIPHER_CTX_free(ctx);
+ (*ndo->ndo_warning)(ndo,
+ "%s: ciphertext size %u is not a multiple of the cipher block size %u",
+ caller, ctlen, block_size);
+ return NULL;
+ }
+
+ /*
+ * Attempt to allocate a buffer for the decrypted data, because
+ * we can't decrypt on top of the input buffer.
+ */
+ ptlen = ctlen;
+ pt = (u_char *)malloc(ptlen);
+ if (pt == NULL) {
+ EVP_CIPHER_CTX_free(ctx);
+ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+ "%s: can't allocate memory for decryption buffer", caller);
+ return NULL;
+ }
+
+ /*
+ * The size of the ciphertext handed to us is a multiple of the
+ * cipher block size, so we don't need to worry about padding.
+ */
+ if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) {
+ free(pt);
+ EVP_CIPHER_CTX_free(ctx);
+ (*ndo->ndo_warning)(ndo,
+ "%s: EVP_CIPHER_CTX_set_padding failed", caller);
+ return NULL;
+ }
+ if (!EVP_DecryptUpdate(ctx, pt, &len, ct, ctlen)) {
+ free(pt);
+ EVP_CIPHER_CTX_free(ctx);
+ (*ndo->ndo_warning)(ndo, "%s: EVP_DecryptUpdate failed",
+ caller);
+ return NULL;
+ }
+ EVP_CIPHER_CTX_free(ctx);
+ return pt;
+}
+
+/*
+ * This will allocate a new buffer containing the decrypted data.
+ * It returns 1 on success and 0 on failure.
+ *
+ * It will push the new buffer and the values of ndo->ndo_packetp and
+ * ndo->ndo_snapend onto the buffer stack, and change ndo->ndo_packetp
+ * and ndo->ndo_snapend to refer to the new buffer.
+ *
+ * Our caller must pop the buffer off the stack when it's finished
+ * dissecting anything in it and before it does any dissection of
+ * anything in the old buffer. That will free the new buffer.
+ */
+USES_APPLE_DEPRECATED_API
+int esp_decrypt_buffer_by_ikev2_print(netdissect_options *ndo,
+ int initiator,
+ const u_char spii[8],
+ const u_char spir[8],
+ const u_char *buf, const u_char *end)
+{
+ struct sa_list *sa;
+ const u_char *iv;
+ const u_char *ct;
+ unsigned int ctlen;
+ u_char *pt;
+
+ /* initiator arg is any non-zero value */
+ if(initiator) initiator=1;
+
+ /* see if we can find the SA, and if so, decode it */
+ for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) {
+ if (sa->spi == 0
+ && initiator == sa->initiator
+ && memcmp(spii, sa->spii, 8) == 0
+ && memcmp(spir, sa->spir, 8) == 0)
+ break;
+ }
+
+ if(sa == NULL) return 0;
+ if(sa->evp == NULL) return 0;
+
+ /*
+ * remove authenticator, and see if we still have something to
+ * work with
+ */
+ end = end - sa->authlen;
+ iv = buf;
+ ct = iv + sa->ivlen;
+ ctlen = end-ct;
+
+ if(end <= ct) return 0;
+
+ pt = do_decrypt(ndo, "esp_decrypt_buffer_by_ikev2_print", sa, iv,
+ ct, ctlen);
+ if (pt == NULL)
+ return 0;
+
+ /*
+ * Switch to the output buffer for dissection, and save it
+ * on the buffer stack so it can be freed; our caller must
+ * pop it when done.
+ */
+ if (!nd_push_buffer(ndo, pt, pt, pt + ctlen)) {
+ free(pt);
+ return 0;
+ }
+
+ return 1;
+}
+USES_APPLE_RST
+
+static void esp_print_addsa(netdissect_options *ndo,
+ struct sa_list *sa, int sa_def)
+{
+ /* copy the "sa" */
+
+ struct sa_list *nsa;
+
+ /* malloc() return used in a 'struct sa_list': do not free() */
+ nsa = (struct sa_list *)malloc(sizeof(struct sa_list));
+ if (nsa == NULL)
+ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+ "esp_print_addsa: malloc");
+
+ *nsa = *sa;
+
+ if (sa_def)
+ ndo->ndo_sa_default = nsa;
+
+ nsa->next = ndo->ndo_sa_list_head;
+ ndo->ndo_sa_list_head = nsa;
+}
+
+
+static u_int hexdigit(netdissect_options *ndo, char hex)
+{
+ if (hex >= '0' && hex <= '9')
+ return (hex - '0');
+ else if (hex >= 'A' && hex <= 'F')
+ return (hex - 'A' + 10);
+ else if (hex >= 'a' && hex <= 'f')
+ return (hex - 'a' + 10);
+ else {
+ (*ndo->ndo_error)(ndo, S_ERR_ND_ESP_SECRET,
+ "invalid hex digit %c in espsecret\n", hex);
+ }
+}
+
+static u_int hex2byte(netdissect_options *ndo, char *hexstring)
+{
+ u_int byte;
+
+ byte = (hexdigit(ndo, hexstring[0]) << 4) + hexdigit(ndo, hexstring[1]);
+ return byte;
+}
+
+/*
+ * returns size of binary, 0 on failure.
+ */
+static
+int espprint_decode_hex(netdissect_options *ndo,
+ u_char *binbuf, unsigned int binbuf_len,
+ char *hex)
+{
+ unsigned int len;
+ int i;
+
+ len = strlen(hex) / 2;
+
+ if (len > binbuf_len) {
+ (*ndo->ndo_warning)(ndo, "secret is too big: %u\n", len);
+ return 0;
+ }
+
+ i = 0;
+ while (hex[0] != '\0' && hex[1]!='\0') {
+ binbuf[i] = hex2byte(ndo, hex);
+ hex += 2;
+ i++;
+ }
+
+ return i;
+}
+
+/*
+ * decode the form: SPINUM@IP <tab> ALGONAME:0xsecret
+ */
+
+USES_APPLE_DEPRECATED_API
+static int
+espprint_decode_encalgo(netdissect_options *ndo,
+ char *decode, struct sa_list *sa)
+{
+ size_t i;
+ const EVP_CIPHER *evp;
+ int authlen = 0;
+ char *colon, *p;
+
+ colon = strchr(decode, ':');
+ if (colon == NULL) {
+ (*ndo->ndo_warning)(ndo, "failed to decode espsecret: %s\n", decode);
+ return 0;
+ }
+ *colon = '\0';
projects / tcpdump / blobdiff