diff options
author | Robert Cragie <Robert.Cragie@arm.com> | 2017-03-17 11:52:27 +0000 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2017-04-10 20:26:25 +0000 |
commit | ded9ad7017a9b04a9f63c9ea91961d19ff6b395e (patch) | |
tree | 44d3a78733c75d4b79910ce9153f3930ae19685a /epan/dissectors/packet-ieee802154.h | |
parent | 2321a92ccc339cd2103f75f190df045d7c631051 (diff) |
IEEE 802.15.4: Add support for Thread, MLE and ZigBee IP
Enhancements to security processing add support for Thread, MLE and ZigBee
IP. Thread and ZigBee IP use a hash for key derivation for MAC and MLE
security processing. Thread additionally uses a sequence counter.
Ping-Bug: 13495
Change-Id: Ib8351b21e5615cd44880f5126f59fd0dc0a11742
Reviewed-on: https://code.wireshark.org/review/20585
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan/dissectors/packet-ieee802154.h')
-rw-r--r-- | epan/dissectors/packet-ieee802154.h | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/epan/dissectors/packet-ieee802154.h b/epan/dissectors/packet-ieee802154.h index 442b2f8f8e..c46514b7a1 100644 --- a/epan/dissectors/packet-ieee802154.h +++ b/epan/dissectors/packet-ieee802154.h @@ -194,6 +194,11 @@ #define IEEE802154_AUX_KEY_ID_MODE_SHIFT 3 #define IEEE802154_AUX_KEY_RESERVED_MASK 0xE0 /* Reserved */ +/* Thread-specific well-known key support */ +#define IEEE802154_THR_WELL_KNOWN_KEY_INDEX 0xff +#define IEEE802154_THR_WELL_KNOWN_KEY_SRC 0xffffffff +#define IEEE802154_THR_WELL_KNOWN_EXT_ADDR 0x3506feb823d48712ULL + typedef enum { SECURITY_LEVEL_NONE = 0x00, SECURITY_LEVEL_MIC_32 = 0x01, @@ -212,6 +217,12 @@ typedef enum { KEY_ID_MODE_KEY_EXPLICIT_8 = 0x03 } ieee802154_key_id_mode; +typedef enum { + KEY_HASH_NONE = 0x00, + KEY_HASH_ZIP = 0x01, + KEY_HASH_THREAD = 0x02 +} ieee802154_key_hash; + /* Header IE Element ID */ #define IEEE802154_HEADER_VENDOR_SPECIFIC 0x00 /* Reserved 0x01-0x19 */ @@ -403,12 +414,56 @@ typedef struct { guint16 src16; guint16 dst16; ieee802154_map_rec *map_rec; + void *packet; } ieee802154_hints_t; +typedef enum { + DECRYPT_PACKET_SUCCEEDED, + DECRYPT_NOT_ENCRYPTED, + DECRYPT_VERSION_UNSUPPORTED, + DECRYPT_PACKET_TOO_SMALL, + DECRYPT_PACKET_NO_EXT_SRC_ADDR, + DECRYPT_PACKET_NO_KEY, + DECRYPT_PACKET_DECRYPT_FAILED, + DECRYPT_PACKET_MIC_CHECK_FAILED +} ws_decrypt_status; + +/* UAT key structure. */ +typedef struct { + gchar *pref_key; + guint key_index; + ieee802154_key_hash hash_type; + guint8 key[IEEE802154_CIPHER_SIZE]; + guint8 mle_key[IEEE802154_CIPHER_SIZE]; +} ieee802154_key_t; + /* */ void dissect_ieee802154_superframe (tvbuff_t *, packet_info *, proto_tree *, guint *); void dissect_ieee802154_gtsinfo (tvbuff_t *, packet_info *, proto_tree *, guint *); void dissect_ieee802154_pendaddr (tvbuff_t *, packet_info *, proto_tree *, guint *); +void dissect_ieee802154_aux_sec_header_and_key(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, ieee802154_packet *packet, guint *offset); +void ccm_init_block(gchar *block, gboolean adata, gint M, guint64 addr, guint32 frame_counter, guint8 level, gint ctr_val); +gboolean ccm_ctr_encrypt(const gchar *key, const gchar *iv, gchar *mic, gchar *data, gint length); +gboolean ccm_cbc_mac(const gchar *key, const gchar *iv, const gchar *a, gint a_len, const gchar *m, gint m_len, gchar *mic); + +typedef struct { + unsigned char* rx_mic; + guint* rx_mic_length; + guint aux_offset; + guint aux_length; + ws_decrypt_status* status; + unsigned char *key; + guint key_number; +} ieee802154_payload_info_t; + +typedef gboolean (*ieee802154_set_key_func) (ieee802154_packet * packet, unsigned char* key, unsigned char* alt_key, ieee802154_key_t* key_info); +typedef tvbuff_t* (*ieee802154_payload_func) (tvbuff_t *, guint, packet_info *, ieee802154_packet *, ieee802154_payload_info_t*); +tvbuff_t *dissect_ieee802154_payload(tvbuff_t * tvb, guint offset, packet_info * pinfo, proto_tree* key_tree, ieee802154_packet * packet, + ieee802154_payload_info_t* payload_info, ieee802154_set_key_func set_key_func, ieee802154_payload_func payload_func); + + +typedef gboolean (*ieee802154_set_mac_key_func) (ieee802154_packet * packet, unsigned char* key, unsigned char* alt_key, ieee802154_key_t* uat_key); +extern void register_ieee802154_mac_key_hash_handler(guint hash_identifier, ieee802154_set_mac_key_func key_func); /* Short to Extended Address Prototypes */ extern ieee802154_map_rec *ieee802154_addr_update(ieee802154_map_tab_t *, guint16, guint16, guint64, @@ -421,4 +476,6 @@ extern gboolean ieee802154_long_addr_equal(gconstpointer a, gconstpointer b); extern gboolean ieee802154_short_addr_invalidate(guint16, guint16, guint); extern gboolean ieee802154_long_addr_invalidate(guint64, guint); +extern ieee802154_map_tab_t ieee802154_map; + #endif /* PACKET_IEEE802154_H */ |