diff options
| author | Jaap Keuter <jaap.keuter@xs4all.nl> | 2017-04-04 11:59:42 +0200 |
|---|---|---|
| committer | Michael Mann <mmann78@netscape.net> | 2017-04-04 18:11:19 +0000 |
| commit | 0852b7b57c80059b05f8f2de0ee53b563adca534 (patch) | |
| tree | 88b7d1067f2505e072a5f26ce44b58e69797d71a /epan | |
| parent | 2a8bcfe86c3a24eab33e8270cade8021ed7d31f9 (diff) | |
EAPOL-MKA: Implement updates from IEEE standards
Alignment with IEEE 802.1X-2010
- Addition of Announcement
Alignment with IEEE 802.1X-2010 EAPOL-MKA
- Interpretation of algorithm agility value
- Interpretation of confidentiality offset values
- Interpretation of (wrong) cipher suite ID
- Padding handling for more parameter sets
- Improved robustness malformed frames
- Flexible SAK size handling
- Addition of Announcement parameter set
- Split ICV from ICV indicator
- Handle unknown parameter set
Additions for IEEE 802.1Xbx-2014
- Allow version 2 handling
- Addition of XPN parameter set
Change-Id: If7a36de6bb3b5148bfd1bd890e4490c045fba40d
Reviewed-on: https://code.wireshark.org/review/20899
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan')
| -rw-r--r-- | epan/dissectors/packet-eapol.c | 19 | ||||
| -rw-r--r-- | epan/dissectors/packet-mka.c | 319 |
2 files changed, 263 insertions, 75 deletions
diff --git a/epan/dissectors/packet-eapol.c b/epan/dissectors/packet-eapol.c index 9bf43c53d0..340025ba63 100644 --- a/epan/dissectors/packet-eapol.c +++ b/epan/dissectors/packet-eapol.c @@ -1,7 +1,5 @@ /* packet-eapol.c - * Routines for EAPOL 802.1X authentication header disassembly - * (From IEEE Draft P802.1X/D11; is there a later draft, or a - * final standard? If so, check it.) + * Routines for EAPOL and EAPOL-Key IEEE 802.1X-2010 PDU dissection * * Wireshark - Network traffic analyzer * By Gerald Combs <gerald@wireshark.org> @@ -72,12 +70,15 @@ static const value_string eapol_version_vals[] = { }; static const value_string eapol_type_vals[] = { - { EAPOL_EAP, "EAP Packet" }, - { EAPOL_START, "Start" }, - { EAPOL_LOGOFF, "Logoff" }, - { EAPOL_KEY, "Key" }, - { EAPOL_ENCAP_ASF_ALERT, "Encapsulated ASF Alert" }, - { EAPOL_MKA, "MKA" }, + { EAPOL_EAP, "EAP Packet" }, + { EAPOL_START, "Start" }, + { EAPOL_LOGOFF, "Logoff" }, + { EAPOL_KEY, "Key" }, + { EAPOL_ENCAP_ASF_ALERT, "Encapsulated ASF Alert" }, + { EAPOL_MKA, "MKA" }, + { EAPOL_ANNOUNCEMENT_GENERIC, "Announcement (Generic)" }, + { EAPOL_ANNOUNCEMENT_SPECIFIC, "Announcement (Specific)" }, + { EAPOL_ANNOUNCEMENT_REQUEST, "Announcement Request" }, { 0, NULL } }; diff --git a/epan/dissectors/packet-mka.c b/epan/dissectors/packet-mka.c index a432181327..aea9f42ef0 100644 --- a/epan/dissectors/packet-mka.c +++ b/epan/dissectors/packet-mka.c @@ -1,10 +1,7 @@ /* packet-mka.c - * Routines for EAPOL-MKA 802.1X authentication header disassembly + * Routines for EAPOL-MKA IEEE 802.1X-2010 / IEEE 802.1bx-2014 MKPDU dissection * Copyright 2014, Hitesh K Maisheri <maisheri.hitesh@gmail.com> * - * (From IEEE Draft P802.1X/D11; is there a later draft, or a - * final standard? If so, check it.) - * * Wireshark - Network traffic analyzer * By Gerald Combs <gerald@wireshark.org> * Copyright 1998 Gerald Combs @@ -31,13 +28,14 @@ #include "packet-eapol.h" -#define BASIC_PARAM_SET_TYPE 1 #define LIVE_PEER_LIST_TYPE 1 #define POTENTIAL_PEER_LIST_TYPE 2 #define MACSEC_SAK_USE_TYPE 3 #define DISTRIBUTED_SAK_TYPE 4 #define DISTRIBUTED_CAK_TYPE 5 #define KMD_TYPE 6 +#define ANNOUNCEMENT_TYPE 7 +#define XPN_TYPE 8 #define ICV_TYPE 255 void proto_register_mka(void); @@ -53,6 +51,8 @@ static int hf_mka_macsec_sak_use_set = -1; static int hf_mka_distributed_sak_set = -1; static int hf_mka_distributed_cak_set = -1; static int hf_mka_kmd_set = -1; +static int hf_mka_announcement_set = -1; +static int hf_mka_xpn_set = -1; static int hf_mka_icv_set = -1; static int hf_mka_param_set_type = -1; @@ -67,6 +67,8 @@ static int hf_mka_actor_mn = -1; static int hf_mka_algo_agility = -1; static int hf_mka_cak_name = -1; +static int hf_mka_padding = -1; + static int hf_mka_latest_key_an = -1; static int hf_mka_latest_key_tx = -1; static int hf_mka_latest_key_rx = -1; @@ -92,10 +94,16 @@ static int hf_mka_aes_key_wrap_cak = -1; static int hf_mka_kmd = -1; +static int hf_mka_suspension_time = -1; + +static int hf_mka_unknown_set = -1; +static int hf_mka_unknown_param_set = -1; + static int hf_mka_icv = -1; static expert_field ei_mka_undecoded = EI_INIT; static expert_field ei_unexpected_data = EI_INIT; +static expert_field ei_mka_unimplemented = EI_INIT; static gint ett_mka = -1; static gint ett_mka_basic_param_set = -1; @@ -104,17 +112,21 @@ static gint ett_mka_sak_use_set = -1; static gint ett_mka_distributed_sak_set = -1; static gint ett_mka_distributed_cak_set = -1; static gint ett_mka_kmd_set = -1; +static gint ett_mka_announcement_set = -1; +static gint ett_mka_xpn_set = -1; +static gint ett_mka_unknown_set = -1; static gint ett_mka_icv_set = -1; static const value_string param_set_type_vals[] = { - { 1, "Live Peer List" }, - { 2, "Potential Peer List" }, - { 3, "MACsec SAK Use" }, - { 4, "Distributed SAK" }, - { 5, "Distributed CAK" }, - { 6, "KMD" }, - { 7, "Announcement" }, - { 255, "ICV" }, + { LIVE_PEER_LIST_TYPE, "Live Peer List" }, + { POTENTIAL_PEER_LIST_TYPE, "Potential Peer List" }, + { MACSEC_SAK_USE_TYPE, "MACsec SAK Use" }, + { DISTRIBUTED_SAK_TYPE, "Distributed SAK" }, + { DISTRIBUTED_CAK_TYPE, "Distributed CAK" }, + { KMD_TYPE, "KMD" }, + { ANNOUNCEMENT_TYPE, "Announcement" }, + { XPN_TYPE, "XPN" }, + { ICV_TYPE, "ICV" }, { 0, NULL } }; @@ -126,7 +138,21 @@ static const value_string macsec_capability_type_vals[] = { { 0, NULL } }; -static const val64_string macsec_cipher_suite_vals[] = { +static const value_string algo_agility_vals[] = { + { 0x0080C201, "IEEE Std 802.1X-2010" }, + { 0, NULL } +}; + +static const value_string confidentiality_offset_vals[] = { + { 0, "No confidentiality" }, + { 1, "No confidentiality offset" }, + { 2, "Confidentiality offset 30 octets" }, + { 3, "Confidentiality offset 50 octets" }, + { 0, NULL } +}; + +static const val64_string macsec_cipher_suite_vals[] = { + { G_GINT64_CONSTANT(0x0080020001000001), "GCM-AES-128" }, // Original, incorrect value in IEEE 802.1AE-2006 and IEEE 802.1X-2010 { G_GINT64_CONSTANT(0x0080C20001000001), "GCM-AES-128" }, { G_GINT64_CONSTANT(0x0080C20001000002), "GCM-AES-256" }, { G_GINT64_CONSTANT(0x0080C20001000003), "GCM-AES-XPN-128" }, @@ -188,14 +214,19 @@ dissect_basic_paramset(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) offset += cak_len; if (basic_param_set_len%4) { - offset += (4 - (basic_param_set_len % 4)); + int padding_len = (4 - (basic_param_set_len % 4)); + + proto_tree_add_item(basic_param_set_tree, hf_mka_padding, + tvb, offset, padding_len, ENC_NA); + + offset += padding_len; } *offset_ptr = offset; } static void -dissect_peer_list(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) +dissect_peer_list(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, int *offset_ptr) { int offset = *offset_ptr; proto_tree *peer_list_set_tree; @@ -221,7 +252,7 @@ dissect_peer_list(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) tvb, offset, 2, peer_list_len); offset += 2; - while (peer_list_len > 0) { + while (peer_list_len >= 16) { proto_tree_add_item(peer_list_set_tree, hf_mka_actor_mi, tvb, offset, 12, ENC_NA); offset += 12; @@ -233,6 +264,11 @@ dissect_peer_list(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) peer_list_len -= 16; } + if (peer_list_len != 0) { + proto_tree_add_expert(peer_list_set_tree, pinfo, &ei_mka_undecoded, tvb, offset, peer_list_len); + offset += peer_list_len; + } + *offset_ptr = offset; } @@ -303,11 +339,10 @@ dissect_sak_use(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) offset += 4; proto_tree_add_item(sak_use_set_tree, hf_mka_old_lowest_acceptable_pn, - tvb, offset, 4, sak_use_len); + tvb, offset, 4, ENC_NA); offset += 4; *offset_ptr = offset; - } static void @@ -336,8 +371,12 @@ dissect_distributed_sak(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, tvb, offset, 2, distributed_sak_len); offset += 2; - switch (distributed_sak_len) { - case 28: + if (distributed_sak_len == 0) // Plain text + { + // Nothing + } + else if (distributed_sak_len == 28) // GCM-AES-128 + { proto_tree_add_item(distributed_sak_tree, hf_mka_key_number, tvb, offset, 4, ENC_NA); offset += 4; @@ -345,9 +384,9 @@ dissect_distributed_sak(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, proto_tree_add_item(distributed_sak_tree, hf_mka_aes_key_wrap_sak, tvb, offset, 24, ENC_NA); offset += 24; - break; - - case 36: + } + else if (distributed_sak_len >= 36) // Other than default cipher + { proto_tree_add_item(distributed_sak_tree, hf_mka_key_number, tvb, offset, 4, ENC_NA); offset += 4; @@ -357,27 +396,22 @@ dissect_distributed_sak(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, offset += 8; proto_tree_add_item(distributed_sak_tree, hf_mka_aes_key_wrap_sak, - tvb, offset, 24, ENC_NA); - offset += 24; - break; + tvb, offset, distributed_sak_len - 12, ENC_NA); + offset += (distributed_sak_len + 12); + } + else + { + proto_tree_add_expert(distributed_sak_tree, pinfo, &ei_mka_undecoded, tvb, offset, distributed_sak_len); + offset += distributed_sak_len; + } - case 52: - proto_tree_add_item(distributed_sak_tree, hf_mka_key_number, - tvb, offset, 4, ENC_NA); - offset += 4; + if (distributed_sak_len%4) { + int padding_len = (4 - (distributed_sak_len % 4)); - proto_tree_add_item(distributed_sak_tree, hf_mka_macsec_cipher_suite, - tvb, offset, 8, ENC_NA); - offset += 8; + proto_tree_add_item(distributed_sak_tree, hf_mka_padding, + tvb, offset, padding_len, ENC_NA); - proto_tree_add_item(distributed_sak_tree, hf_mka_aes_key_wrap_sak, - tvb, offset, 40, ENC_NA); - offset += 40; - break; - - default: - proto_tree_add_expert(distributed_sak_tree, pinfo, &ei_mka_undecoded, tvb, offset, distributed_sak_len); - offset += distributed_sak_len; + offset += padding_len; } *offset_ptr = offset; @@ -413,6 +447,15 @@ dissect_distributed_cak(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) tvb, offset, cak_len, ENC_NA); offset += cak_len; + if (distributed_cak_len%4) { + int padding_len = (4 - (distributed_cak_len % 4)); + + proto_tree_add_item(distributed_cak_tree, hf_mka_padding, + tvb, offset, padding_len, ENC_NA); + + offset += padding_len; + } + *offset_ptr = offset; } @@ -444,15 +487,78 @@ dissect_kmd(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) } static void -dissect_icv(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) +dissect_announcement(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, int *offset_ptr) +{ + int offset = *offset_ptr; + guint16 announcement_len; + proto_tree *announcement_set_tree; + proto_tree *ti; + + announcement_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff; + ti = proto_tree_add_item(mka_tree, hf_mka_announcement_set, tvb, offset, announcement_len + 4, ENC_NA); + announcement_set_tree = proto_item_add_subtree(ti, ett_mka_announcement_set); + + proto_tree_add_item(announcement_set_tree, hf_mka_param_set_type, + tvb, offset, 1, ENC_BIG_ENDIAN); + + offset += 2; + + proto_tree_add_uint(announcement_set_tree, hf_mka_param_body_length, + tvb, offset, 2, announcement_len); + offset += 2; + + // See IEEE 802.1X-2010, Section 11.11.1, Figure 11-15 and Section 11.12 + proto_tree_add_expert(announcement_set_tree, pinfo, &ei_mka_unimplemented, tvb, offset, announcement_len); + + offset += announcement_len; + + *offset_ptr = offset; +} + +static void +dissect_xpn(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) +{ + int offset = *offset_ptr; + guint16 xpn_len; + proto_tree *xpn_set_tree; + proto_tree *ti; + + xpn_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff; + ti = proto_tree_add_item(mka_tree, hf_mka_xpn_set, tvb, offset, xpn_len + 4, ENC_NA); + xpn_set_tree = proto_item_add_subtree(ti, ett_mka_xpn_set); + + proto_tree_add_item(xpn_set_tree, hf_mka_param_set_type, + tvb, offset, 1, ENC_BIG_ENDIAN); + offset += 1; + + proto_tree_add_item(xpn_set_tree, hf_mka_suspension_time, + tvb, offset, 1, ENC_NA); + offset += 1; + + proto_tree_add_uint(xpn_set_tree, hf_mka_param_body_length, + tvb, offset, 2, xpn_len); + offset += 2; + + proto_tree_add_item(xpn_set_tree, hf_mka_latest_lowest_acceptable_pn, + tvb, offset, 4, ENC_NA); + offset += 4; + + proto_tree_add_item(xpn_set_tree, hf_mka_old_lowest_acceptable_pn, + tvb, offset, 4, ENC_NA); + offset += 4; + + *offset_ptr = offset; +} + +static void +dissect_icv(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr, guint16 *icv_len) { int offset = *offset_ptr; - guint16 icv_len; proto_tree *icv_set_tree; proto_tree *ti; - icv_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff; - ti = proto_tree_add_item(mka_tree, hf_mka_icv_set, tvb, offset, icv_len + 4, ENC_NA); + *icv_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff; + ti = proto_tree_add_item(mka_tree, hf_mka_icv_set, tvb, offset, 4, ENC_NA); icv_set_tree = proto_item_add_subtree(ti, ett_mka_icv_set); proto_tree_add_item(icv_set_tree, hf_mka_param_set_type, @@ -460,12 +566,45 @@ dissect_icv(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) offset += 2; proto_tree_add_uint(icv_set_tree, hf_mka_param_body_length, - tvb, offset, 2, icv_len); + tvb, offset, 2, *icv_len); offset += 2; - proto_tree_add_item(icv_set_tree, hf_mka_icv, - tvb, offset, icv_len, ENC_NA); - offset += icv_len; + *offset_ptr = offset; +} + +static void +dissect_unknown_param_set(proto_tree *mka_tree, tvbuff_t *tvb, int *offset_ptr) +{ + int offset = *offset_ptr; + guint16 param_set_len; + proto_tree *param_set_tree; + proto_tree *ti; + + param_set_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff; + ti = proto_tree_add_item(mka_tree, hf_mka_unknown_set, tvb, offset, param_set_len + 4, ENC_NA); + param_set_tree = proto_item_add_subtree(ti, ett_mka_unknown_set); + + proto_tree_add_item(param_set_tree, hf_mka_param_set_type, + tvb, offset, 1, ENC_BIG_ENDIAN); + offset += 2; + + proto_tree_add_uint(param_set_tree, hf_mka_param_body_length, + tvb, offset, 2, param_set_len); + offset += 2; + + proto_tree_add_item(param_set_tree, hf_mka_unknown_param_set, + tvb, offset, param_set_len, ENC_NA); + + offset += param_set_len; + + if (param_set_len%4) { + int padding_len = (4 - (param_set_len % 4)); + + proto_tree_add_item(param_set_tree, hf_mka_padding, + tvb, offset, padding_len, ENC_NA); + + offset += padding_len; + } *offset_ptr = offset; } @@ -474,7 +613,8 @@ static int dissect_mka(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { int offset = 0; - guint8 mka_version_type = 0; + guint8 mka_version_type; + guint16 icv_len = 16; // Default ICV length, see IEEE 802.1X-2010, Section 11.11 proto_tree *ti; proto_tree *mka_tree; @@ -485,10 +625,11 @@ dissect_mka(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) mka_tree = proto_item_add_subtree(ti, ett_mka); /* - * The 802.1X-2010 spec specifies support for MKA version 1 only + * The 802.1X-2010 spec specifies support for MKA version 1 only. + * The 802.1Xbx-2014 spec specifies support for MKA version 2. */ mka_version_type = tvb_get_guint8(tvb, offset); - if (mka_version_type != 1) { + if ((mka_version_type != 1) && (mka_version_type != 2)) { expert_add_info(pinfo, ti, &ei_unexpected_data); } @@ -497,11 +638,11 @@ dissect_mka(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) */ dissect_basic_paramset(mka_tree, tvb, &offset); - while(tvb_reported_length_remaining(tvb, offset) > 0) { + while(tvb_reported_length_remaining(tvb, offset) > icv_len) { switch (tvb_get_guint8(tvb, offset)) { case LIVE_PEER_LIST_TYPE: case POTENTIAL_PEER_LIST_TYPE: - dissect_peer_list(mka_tree, tvb, &offset); + dissect_peer_list(mka_tree, pinfo, tvb, &offset); break; case MACSEC_SAK_USE_TYPE: @@ -520,15 +661,27 @@ dissect_mka(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) dissect_kmd(mka_tree, tvb, &offset); break; + case ANNOUNCEMENT_TYPE: + dissect_announcement(mka_tree, pinfo, tvb, &offset); + break; + + case XPN_TYPE: + dissect_xpn(mka_tree, tvb, &offset); + break; + case ICV_TYPE: - dissect_icv(mka_tree, tvb, &offset); + // This ICV indicator does not include the ICV itself, see IEEE 802.1X-2010, Section 11.11.1 + dissect_icv(mka_tree, tvb, &offset, &icv_len); break; default: - proto_tree_add_expert(mka_tree, pinfo, &ei_mka_undecoded, tvb, offset, -1); - offset += tvb_reported_length_remaining(tvb, offset); + dissect_unknown_param_set(mka_tree, tvb, &offset); + break; } } + + proto_tree_add_item(mka_tree, hf_mka_icv, tvb, offset, icv_len, ENC_NA); + return tvb_captured_length(tvb); } @@ -542,6 +695,8 @@ proto_register_mka(void) "mka.expert.undecoded_data", PI_UNDECODED, PI_WARN, "Undecoded data", EXPFILL }}, { &ei_unexpected_data, { "mka.expert.unexpected_data", PI_PROTOCOL, PI_WARN, "Unexpected data", EXPFILL }}, + { &ei_mka_unimplemented, { + "mka.expert.unimplemented", PI_UNDECODED, PI_WARN, "Announcement TLVs not handled, if you want this implemented please contact the wireshark developers", EXPFILL }} }; static hf_register_info hf[] = { @@ -581,12 +736,32 @@ proto_register_mka(void) NULL, HFILL }}, { &hf_mka_kmd_set, { - "Key Management Domain set", "mka.basic_kmd_set", + "Key Management Domain set", "mka.kmd_set", + FT_NONE, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, + + { &hf_mka_announcement_set, { + "Announcement parameter set", "mka.announcement_set", + FT_NONE, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, + + { &hf_mka_xpn_set, { + "Extended Packet Numbering set", "mka.xpn_set", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_mka_unknown_set, { + "Unknown parameter set", "mka.unknown_set", + FT_NONE, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, + + { &hf_mka_unknown_param_set, { + "Unknown parameter set", "mka.unknown_param_set", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, + { &hf_mka_icv_set, { - "Integrity Check Value Set", "mka.basic_icv_set", + "Integrity Check Value Indicator", "mka.icv_indicator", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }}, @@ -637,7 +812,7 @@ proto_register_mka(void) { &hf_mka_algo_agility, { "Algorithm Agility", "mka.algo_agility", - FT_BYTES, BASE_NONE, NULL, 0x0, + FT_UINT32, BASE_HEX, VALS(algo_agility_vals), 0x0, NULL, HFILL }}, { &hf_mka_cak_name, { @@ -645,6 +820,11 @@ proto_register_mka(void) FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_mka_padding, { + "Padding", "mka.padding", + FT_BYTES, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, + { &hf_mka_latest_key_an, { "Latest Key AN", "mka.latest_key_an", FT_UINT8, BASE_DEC, NULL, 0xc0, @@ -691,7 +871,7 @@ proto_register_mka(void) NULL, HFILL }}, { &hf_mka_latest_key_server_mi, { - "Latest Key: Key Sever Member Identifier", "mka.latest_key_server_mi", + "Latest Key: Key Server Member Identifier", "mka.latest_key_server_mi", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, @@ -706,7 +886,7 @@ proto_register_mka(void) NULL, HFILL }}, { &hf_mka_old_key_server_mi, { - "Old Key: Key Sever Member Identifier", "mka.old_key_server_mi", + "Old Key: Key Server Member Identifier", "mka.old_key_server_mi", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, @@ -727,7 +907,7 @@ proto_register_mka(void) { &hf_mka_confidentiality_offset, { "Confidentiality Offset", "mka.confidentiality_offset", - FT_UINT8, BASE_DEC, NULL, 0x30, + FT_UINT8, BASE_DEC, VALS(confidentiality_offset_vals), 0x30, NULL, HFILL }}, { &hf_mka_key_number, { @@ -755,11 +935,15 @@ proto_register_mka(void) FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_mka_suspension_time, { + "Suspension time", "mka.suspension_time", + FT_UINT8, BASE_DEC, NULL, 0xc0, + NULL, HFILL }}, + { &hf_mka_icv, { "Integrity Check Value", "mka.icv", FT_BYTES, BASE_NONE, NULL, 0x0, - NULL, HFILL }}, - + NULL, HFILL }} }; static gint *ett[] = { @@ -770,6 +954,9 @@ proto_register_mka(void) &ett_mka_distributed_sak_set, &ett_mka_distributed_cak_set, &ett_mka_kmd_set, + &ett_mka_announcement_set, + &ett_mka_xpn_set, + &ett_mka_unknown_set, &ett_mka_icv_set }; |