diff options
author | Mališa Vučinić <malishav@gmail.com> | 2017-12-20 10:03:08 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2018-03-16 15:02:13 +0000 |
commit | ee901c58e65bb69d4e4e5b0acfaf76b70b6d86fc (patch) | |
tree | 8d05ad3d16585de6349178ca98232cb974e66254 /epan/dissectors/packet-oscore.h | |
parent | 628407dea9af8fa4dbb4baa966000a7b7e5c5fa9 (diff) |
OSCORE: Add the new dissector - decrypt and verify the authenticity of requests
This change introduces the OSCORE dissector, following
draft-ietf-core-object-security-07. It performs decryption and
authenticity
check on requests.
Bug: 14417
Change-Id: I92e45d66d5df51f6d4dbea4ef44e707955b65bee
Reviewed-on: https://code.wireshark.org/review/25480
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-oscore.h')
-rw-r--r-- | epan/dissectors/packet-oscore.h | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/epan/dissectors/packet-oscore.h b/epan/dissectors/packet-oscore.h new file mode 100644 index 0000000000..2eea9f3209 --- /dev/null +++ b/epan/dissectors/packet-oscore.h @@ -0,0 +1,72 @@ +/* packet-oscore.h + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef __PACKET_OSCORE_H__ +#define __PACKET_OSCORE_H__ + +/* OSCORE uses AEAD algorithms defined in RFC8152 (COSE) + * We only implement the default algorithm which corresponds to CCM* + * */ +typedef enum { + COSE_AES_CCM_16_64_128 = 10, +} cose_aead_alg_t; + +typedef enum { + STATUS_ERROR_DECRYPT_FAILED = 0, + STATUS_ERROR_CBCMAC_FAILED, + STATUS_ERROR_TAG_CHECK_FAILED, + STATUS_ERROR_MESSAGE_TOO_SMALL, + STATUS_SUCCESS_DECRYPTED_TAG_TRUNCATED, + STATUS_SUCCESS_DECRYPTED_TAG_CHECKED, +} oscore_decryption_status_t; + +/* Structure containing information regarding all necessary OSCORE message fields. */ +typedef struct oscore_context { + /* Pre-Shared Parameters as Strings */ + gchar *master_secret_prefs; + gchar *master_salt_prefs; + gchar *sender_id_prefs; + gchar *recipient_id_prefs; + cose_aead_alg_t algorithm; + /* Pre-Shared Parameters as Byte Arrays */ + GByteArray *master_secret; + GByteArray *master_salt; + GByteArray *sender_id; + GByteArray *recipient_id; + /* Derived Parameters */ + GByteArray *request_decryption_key; + GByteArray *response_decryption_key; + GByteArray *common_iv; /* IV used to generate the nonce */ +} oscore_context_t; + +/* Data from the lower layer (CoAP/HTTP) necessary for OSCORE to decrypt the packet */ +typedef struct oscore_info { + guint8 *kid; + guint8 kid_len; + guint8 *kid_context; + guint8 kid_context_len; + guint8 *piv; + guint8 piv_len; + gboolean response; +} oscore_info_t; + +#endif /* __PACKET_OSCORE_H__ */ + +/* + * Editor modelines - https://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * vi: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ |