added smb2-com-transform-header for smb3.x

scripts/base/init-bare.bro

@@ -3327,6 +3327,30 @@ export {
 		## The action taken in establishing the open.
 		create_action : count;
 	};
+
+	## An SMB2 transform header (for SMB 3.x dialects with encryption enabled).
+	##
+	## For more information, see MS-SMB2:2.2.41
+	##
+	## .. bro:see:: smb2_header smb2_message smb2_close_request smb2_close_response
+	##    smb2_create_request smb2_create_response smb2_negotiate_request
+	##    smb2_negotiate_response smb2_read_request
+	##    smb2_session_setup_request smb2_session_setup_response
+	##    smb2_file_rename smb2_file_delete
+	##    smb2_tree_connect_request smb2_tree_connect_response
+	##    smb2_write_request
+	type SMB2::Transform_header: record {
+		## The 16-byte signature of the encrypted message, generated by using Session.EncryptionKey.
+		signature     : string;
+		## An implementation specific value assigned for every encrypted message.
+		nonce         : string;
+		## The size, in bytes, of the SMB2 message.
+		orig_msg_size : count;
+		## A flags field, interpreted in different ways depending of the SMB2 dialect.
+		flags         : count;
+		## A value that uniquely identifies the established session for the command.
+		session_id    : count;
+	};
 }
 
 module GLOBAL;