diff options
author | Anders Broman <anders.broman@ericsson.com> | 2012-10-22 12:49:04 +0000 |
---|---|---|
committer | Anders Broman <anders.broman@ericsson.com> | 2012-10-22 12:49:04 +0000 |
commit | 576b37ddd80ecb24ab713b78c9d8bc0b001e544a (patch) | |
tree | 917f53c818e60e5869565a97e218b82e6ff4d6dc /epan/dissectors/packet-btsmp.c | |
parent | 007a0b28aec261bf54559d5ac84672c67f82e8b0 (diff) |
from Allan M. Madsen:
Add support for HCI 3.0+HS and v4.0, Bluetooth Low Energy. This includes
dissection of additional HCI commands and events, Attribute Protocol and
Security Manager Protocol.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7872
svn path=/trunk/; revision=45709
Diffstat (limited to 'epan/dissectors/packet-btsmp.c')
-rw-r--r-- | epan/dissectors/packet-btsmp.c | 408 |
1 files changed, 408 insertions, 0 deletions
diff --git a/epan/dissectors/packet-btsmp.c b/epan/dissectors/packet-btsmp.c new file mode 100644 index 0000000000..8c9aef0862 --- /dev/null +++ b/epan/dissectors/packet-btsmp.c @@ -0,0 +1,408 @@ +/* packet-btsmp.c + * Routines for Bluetooth Security Manager Protocol dissection + * + * Copyright 2012, Allan M. Madsen <allan.m@madsen.dk> + * + * $Id$ + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <epan/packet.h> +#include "packet-btl2cap.h" + +/* Initialize the protocol and registered fields */ +static int proto_btsmp = -1; + +static int hf_btsmp_opcode = -1; +static int hf_btsmp_io_capabilities = -1; +static int hf_btsmp_oob_data_flags = -1; +static int hf_btsmp_reason = -1; +static int hf_btsmp_cfm_value = -1; +static int hf_btsmp_random = -1; +static int hf_btsmp_long_term_key = -1; +static int hf_btsmp_id_resolving_key = -1; +static int hf_btsmp_signature_key = -1; +static int hf_btsmp_bonding_flags = -1; +static int hf_btsmp_mitm_flag = -1; +static int hf_btsmp_max_enc_key_size = -1; +static int hf_btsmp_key_dist_enc = -1; +static int hf_btsmp_key_dist_id = -1; +static int hf_btsmp_key_dist_sign = -1; +static int hf_btsmp_ediv = -1; + +/* Initialize the subtree pointers */ +static gint ett_btsmp = -1; +static gint ett_btsmp_auth_req = -1; +static gint ett_btsmp_key_dist = -1; + +/* Opcodes */ +static const value_string opcode_vals[] = { + {0x01, "Pairing Request"}, + {0x02, "Pairing Response"}, + {0x03, "Pairing Confirm"}, + {0x04, "Pairing Random"}, + {0x05, "Pairing Failed"}, + {0x06, "Encryption Information"}, + {0x07, "Master Identification"}, + {0x08, "Identity Information"}, + {0x09, "Identity Address Information"}, + {0x0a, "Signing Information"}, + {0x0b, "Security Request"}, + {0x0, NULL} +}; + +/* IO capabilities */ +static const value_string io_capability_vals[] = { + {0x00, "Display Only"}, + {0x01, "Display Yes/No"}, + {0x02, "Keyboard Only"}, + {0x03, "No Input, No Output"}, + {0x04, "Keyboard, Display"}, + {0x0, NULL} +}; + +/* OOB Data present Flag */ +static const value_string oob_data_flag_vals[] = { + {0x00, "OOB Auth. Data Not Present"}, + {0x01, "OOB Auth. Data From Remote Device Present"}, + {0x0, NULL} +}; + +/* Bonding flags */ +static const value_string bonding_flag_vals[] = { + {0x00, "No Bonding"}, + {0x01, "Bonding"}, + {0x0, NULL} +}; + +/* Reason codes */ +static const value_string reason_vals[] = { + {0x01, "Passkey Entry Failed"}, + {0x02, "OOB Not Available"}, + {0x03, "Authentication Requirements"}, + {0x04, "Confirm Value Failed"}, + {0x05, "Pairing Not Supported"}, + {0x06, "Encryption Key Size"}, + {0x07, "Command Not Supported"}, + {0x08, "Unspecified Reason"}, + {0x09, "Repeated Attempts"}, + {0x0a, "Invalid Parameters"}, + {0x0, NULL} +}; + +static int +dissect_btsmp_auth_req(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree) +{ + proto_item *ti_param; + proto_tree *st_param; + guint8 param; + + param = tvb_get_guint8(tvb, offset); + ti_param=proto_tree_add_text(tree, tvb, offset, 1, "AuthReq: "); + st_param=proto_item_add_subtree(ti_param, ett_btsmp_auth_req); + proto_tree_add_item(st_param, hf_btsmp_bonding_flags, tvb, offset, 1, ENC_LITTLE_ENDIAN); + proto_item_append_text(ti_param, "%s, ", val_to_str(param&0x03, bonding_flag_vals, "<unknown>")); + proto_tree_add_item(st_param, hf_btsmp_mitm_flag, tvb, offset, 1, ENC_LITTLE_ENDIAN); + proto_item_append_text(ti_param, "%s", (param&0x04)?"MITM":"No MITM"); + + col_append_fstr(pinfo->cinfo, COL_INFO, "%s, %s", val_to_str(param&0x03, bonding_flag_vals, "<unknown>"), (param&0x04)?"MITM":"No MITM"); + + return offset+1; +} + +static int +dissect_btsmp_key_dist(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, gboolean initiator) +{ + proto_item *ti_param; + proto_tree *st_param; + guint8 param; + + param = tvb_get_guint8(tvb, offset); + if(initiator) { + col_append_fstr(pinfo->cinfo, COL_INFO, ", Initiator Key(s): "); + ti_param=proto_tree_add_text(tree, tvb, offset, 1, "Initiator Key Distribution: "); + } + else { + col_append_fstr(pinfo->cinfo, COL_INFO, ", Responder Key(s): "); + ti_param=proto_tree_add_text(tree, tvb, offset, 1, "Responder Key Distribution: "); + } + + st_param=proto_item_add_subtree(ti_param, ett_btsmp_key_dist); + proto_tree_add_item(st_param, hf_btsmp_key_dist_enc, tvb, offset, 1, ENC_LITTLE_ENDIAN); + proto_tree_add_item(st_param, hf_btsmp_key_dist_id, tvb, offset, 1, ENC_LITTLE_ENDIAN); + proto_tree_add_item(st_param, hf_btsmp_key_dist_sign, tvb, offset, 1, ENC_LITTLE_ENDIAN); + if( param & 0x01 ) { + proto_item_append_text(ti_param, "LTK "); + col_append_fstr(pinfo->cinfo, COL_INFO, "LTK "); + } + if( param & 0x02 ) { + proto_item_append_text(ti_param, "IRK "); + col_append_fstr(pinfo->cinfo, COL_INFO, "IRK "); + } + if( param & 0x04 ) { + proto_item_append_text(ti_param, "CSRK "); + col_append_fstr(pinfo->cinfo, COL_INFO, "CSRK "); + } + + return offset+1; +} + +static void +dissect_btsmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + int offset = 0; + proto_item *ti; + proto_tree *st; + guint8 opcode; + + col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMP"); + + switch (pinfo->p2p_dir) + { + case P2P_DIR_SENT: + col_add_fstr(pinfo->cinfo, COL_INFO, "Sent "); + break; + + case P2P_DIR_RECV: + col_add_fstr(pinfo->cinfo, COL_INFO, "Rcvd "); + break; + + case P2P_DIR_UNKNOWN: + break; + + default: + col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown direction %d ", + pinfo->p2p_dir); + break; + } + + if (tvb_length_remaining(tvb, 0) < 1) + return; + + ti = proto_tree_add_item(tree, proto_btsmp, tvb, 0, -1, ENC_NA); + st = proto_item_add_subtree(ti, ett_btsmp); + + proto_tree_add_item(st, hf_btsmp_opcode, tvb, 0, 1, ENC_LITTLE_ENDIAN); + opcode = tvb_get_guint8(tvb, 0); + offset++; + + col_append_fstr(pinfo->cinfo, COL_INFO, "%s", val_to_str(opcode, opcode_vals, "<unknown>")); + + switch (opcode) { + case 0x01: /* Pairing Request */ + case 0x02: /* Pairing Response */ + { + col_append_fstr(pinfo->cinfo, COL_INFO, ": "); + + proto_tree_add_item(st, hf_btsmp_io_capabilities, tvb, offset, 1, ENC_LITTLE_ENDIAN); + offset++; + proto_tree_add_item(st, hf_btsmp_oob_data_flags, tvb, offset, 1, ENC_LITTLE_ENDIAN); + offset++; + + offset = dissect_btsmp_auth_req(tvb, offset, pinfo, st); + + proto_tree_add_item(st, hf_btsmp_max_enc_key_size, tvb, offset, 1, ENC_LITTLE_ENDIAN); + offset++; + + offset = dissect_btsmp_key_dist(tvb, offset, pinfo, st, TRUE); + offset = dissect_btsmp_key_dist(tvb, offset, pinfo, st, FALSE); + break; + } + + case 0x03: /* Pairing Confirm */ + proto_tree_add_item(st, hf_btsmp_cfm_value, tvb, offset, 16, ENC_NA); + offset += 16; + break; + + case 0x04: /* Pairing Random */ + proto_tree_add_item(st, hf_btsmp_random, tvb, offset, 16, ENC_NA); + offset += 16; + break; + + case 0x05: /* Pairing Failed */ + proto_tree_add_item(st, hf_btsmp_reason, tvb, offset, 1, ENC_LITTLE_ENDIAN); + col_append_fstr(pinfo->cinfo, COL_INFO, ": %s", val_to_str(tvb_get_guint8(tvb, offset), reason_vals, "<unknown>")); + offset++; + break; + + case 0x06: /* Encryption Information */ + proto_tree_add_item(st, hf_btsmp_long_term_key, tvb, offset, 16, ENC_NA); + offset += 16; + break; + + case 0x07: /* Master Identification */ + proto_tree_add_item(st, hf_btsmp_ediv, tvb, offset, 2, ENC_LITTLE_ENDIAN); + offset += 2; + proto_tree_add_item(st, hf_btsmp_random, tvb, offset, 8, ENC_NA); + offset += 8; + break; + + case 0x08: /* Identity Information */ + proto_tree_add_item(st, hf_btsmp_id_resolving_key, tvb, offset, 16, ENC_NA); + offset += 16; + break; + + case 0x0a: /* Signing Informationn */ + proto_tree_add_item(st, hf_btsmp_signature_key, tvb, offset, 16, ENC_NA); + offset += 16; + break; + + case 0x0b: /* Security Request */ + col_append_fstr(pinfo->cinfo, COL_INFO, ": "); + offset = dissect_btsmp_auth_req(tvb, offset, pinfo, st); + break; + + default: + break; + } +} + +void +proto_register_btsmp(void) +{ + static hf_register_info hf[] = { + {&hf_btsmp_opcode, + {"Opcode", "btsmp.opcode", + FT_UINT8, BASE_HEX, VALS(opcode_vals), 0x0, + NULL, HFILL} + }, + {&hf_btsmp_reason, + {"Reason", "btsmp.reason", + FT_UINT8, BASE_HEX, VALS(reason_vals), 0x0, + NULL, HFILL} + }, + {&hf_btsmp_io_capabilities, + {"IO Capability", "btsmp.io_capability", + FT_UINT8, BASE_HEX, VALS(io_capability_vals), 0x0, + NULL, HFILL} + }, + {&hf_btsmp_oob_data_flags, + {"OOB Data Flags", "btsmp.oob_data_flags", + FT_UINT8, BASE_HEX, VALS(oob_data_flag_vals), 0x0, + NULL, HFILL} + }, + {&hf_btsmp_cfm_value, + {"Confirm Value", "btsmp.cfm_value", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL} + }, + {&hf_btsmp_random, + {"Random Value", "btsmp.random_value", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL} + }, + {&hf_btsmp_long_term_key, + {"Long Term Key", "btsmp.long_term_key", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL} + }, + {&hf_btsmp_id_resolving_key, + {"Identity Resolving Key", "btsmp.id_resolving_key", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL} + }, + {&hf_btsmp_signature_key, + {"Signature Key", "btsmp.signature_key", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL} + }, + {&hf_btsmp_bonding_flags, + {"Bonding Flags", "btsmp.bonding_flags", + FT_UINT8, BASE_HEX, VALS(bonding_flag_vals), 0x03, + NULL, HFILL} + }, + {&hf_btsmp_mitm_flag, + {"MITM Flag", "btsmp.mitm_flag", + FT_UINT8, BASE_DEC, NULL, 0x04, + NULL, HFILL} + }, + {&hf_btsmp_max_enc_key_size, + {"Max Encryption Key Size", "btsmp.max_enc_key_size", + FT_UINT8, BASE_DEC, NULL, 0x00, + NULL, HFILL} + }, + {&hf_btsmp_key_dist_enc, + {"Encryption Key (LTK)", "btsmp.key_dist_enc", + FT_UINT8, BASE_DEC, NULL, 0x01, + NULL, HFILL} + }, + {&hf_btsmp_key_dist_id, + {"Id Key (IRK)", "btsmp.key_dist_id", + FT_UINT8, BASE_DEC, NULL, 0x02, + NULL, HFILL} + }, + {&hf_btsmp_key_dist_sign, + {"Signature Key (CSRK)", "btsmp.key_dist_sign", + FT_UINT8, BASE_DEC, NULL, 0x04, + NULL, HFILL} + }, + {&hf_btsmp_ediv, + {"Encrypted Diversifier (EDIV)", "btsmp.ediv", + FT_UINT16, BASE_HEX, NULL, 0x00, + NULL, HFILL} + } + }; + + /* Setup protocol subtree array */ + static gint *ett[] = { + &ett_btsmp, + &ett_btsmp_auth_req, + &ett_btsmp_key_dist + }; + + /* Register the protocol name and description */ + proto_btsmp = proto_register_protocol("Bluetooth Security Manager Protocol", + "SMP", "btsmp"); + + register_dissector("btsmp", dissect_btsmp, proto_btsmp); + + /* Required function calls to register the header fields and subtrees used */ + proto_register_field_array(proto_btsmp, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); +} + +void +proto_reg_handoff_btsmp(void) +{ + dissector_handle_t btsmp_handle; + + btsmp_handle = find_dissector("btsmp"); + dissector_add_uint("btl2cap.cid", BTL2CAP_FIXED_CID_SMP, btsmp_handle); +} + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * vi: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ + |