OSCORE: Add the new dissector - decrypt and verify the authenticity of requests

This change introduces the OSCORE dissector, following draft-ietf-core-object-security-07. It performs decryption and authenticity check on requests. Bug: 14417 Change-Id: I92e45d66d5df51f6d4dbea4ef44e707955b65bee Reviewed-on: https://code.wireshark.org/review/25480 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu <peter@lekensteyn.nl>
author: Mališa Vučinić <malishav@gmail.com> 2017-12-20 10:03:08 +0100
committer: Peter Wu <peter@lekensteyn.nl> 2018-03-16 15:02:13 +0000
commit: ee901c58e65bb69d4e4e5b0acfaf76b70b6d86fc (patch)
tree: 8d05ad3d16585de6349178ca98232cb974e66254 /epan/dissectors/packet-oscore.h
parent: 628407dea9af8fa4dbb4baa966000a7b7e5c5fa9 (diff)
1 files changed, 72 insertions, 0 deletions
diff --git a/epan/dissectors/packet-oscore.h b/epan/dissectors/packet-oscore.h
new file mode 100644
index 0000000000..2eea9f3209
--- /dev/null
+++ b/epan/dissectors/packet-oscore.h
@@ -0,0 +1,72 @@
+/* packet-oscore.h
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef __PACKET_OSCORE_H__
+#define __PACKET_OSCORE_H__
+
+/* OSCORE uses AEAD algorithms defined in RFC8152 (COSE)
+ * We only implement the default algorithm which corresponds to CCM*
+ * */
+typedef enum {
+    COSE_AES_CCM_16_64_128 = 10,
+} cose_aead_alg_t;
+
+typedef enum {
+    STATUS_ERROR_DECRYPT_FAILED                 = 0,
+    STATUS_ERROR_CBCMAC_FAILED,
+    STATUS_ERROR_TAG_CHECK_FAILED,
+    STATUS_ERROR_MESSAGE_TOO_SMALL,
+    STATUS_SUCCESS_DECRYPTED_TAG_TRUNCATED,
+    STATUS_SUCCESS_DECRYPTED_TAG_CHECKED,
+} oscore_decryption_status_t;
+
+/*  Structure containing information regarding all necessary OSCORE message fields. */
+typedef struct oscore_context {
+    /* Pre-Shared Parameters as Strings */
+    gchar               *master_secret_prefs;
+    gchar               *master_salt_prefs;
+    gchar               *sender_id_prefs;
+    gchar               *recipient_id_prefs;
+    cose_aead_alg_t     algorithm;
+    /* Pre-Shared Parameters as Byte Arrays */
+    GByteArray          *master_secret;
+    GByteArray          *master_salt;
+    GByteArray          *sender_id;
+    GByteArray          *recipient_id;
+    /* Derived Parameters */
+    GByteArray          *request_decryption_key;
+    GByteArray          *response_decryption_key;
+    GByteArray          *common_iv; /* IV used to generate the nonce */
+} oscore_context_t;
+
+/* Data from the lower layer (CoAP/HTTP) necessary for OSCORE to decrypt the packet */
+typedef struct oscore_info {
+    guint8              *kid;
+    guint8              kid_len;
+    guint8              *kid_context;
+    guint8              kid_context_len;
+    guint8              *piv;
+    guint8              piv_len;
+    gboolean            response;
+} oscore_info_t;
+
+#endif /* __PACKET_OSCORE_H__ */
+
+/*
+ * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 4
+ * tab-width: 8
+ * indent-tabs-mode: nil
+ * End:
+ *
+ * vi: set shiftwidth=4 tabstop=8 expandtab:
+ * :indentSize=4:tabSize=8:noTabs=true:
+ */
author	Mališa Vučinić <malishav@gmail.com>	2017-12-20 10:03:08 +0100
committer	Peter Wu <peter@lekensteyn.nl>	2018-03-16 15:02:13 +0000
commit	ee901c58e65bb69d4e4e5b0acfaf76b70b6d86fc (patch)
tree	8d05ad3d16585de6349178ca98232cb974e66254 /epan/dissectors/packet-oscore.h
parent	628407dea9af8fa4dbb4baa966000a7b7e5c5fa9 (diff)