From Motonori Shindo: Key Information dissection in EAPOL-Key messages.

svn path=/trunk/; revision=8690
author: Guy Harris <guy@alum.mit.edu> 2003-10-14 09:11:53 +0000
committer: Guy Harris <guy@alum.mit.edu> 2003-10-14 09:11:53 +0000
commit: 8a3baa43466ae276b11478888c7d1fb28f61997b (patch)
tree: 8ae916cb30d177270c7bfb0be8fc37bcdb05e910 /packet-eapol.c
parent: 61e4447e89fac743680d3e4b4c810128dae3176f (diff)
1 files changed, 105 insertions, 3 deletions
diff --git a/packet-eapol.c b/packet-eapol.c
index 068336e0f7..f6c58ee2fd 100644
--- a/packet-eapol.c
+++ b/packet-eapol.c
@@ -3,7 +3,7 @@
  * (From IEEE Draft P802.1X/D11; is there a later draft, or a
  * final standard?  If so, check it.)
  *
- * $Id: packet-eapol.c,v 1.14 2003/09/23 02:35:59 guy Exp $
+ * $Id: packet-eapol.c,v 1.15 2003/10/14 09:11:53 guy Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
@@ -47,6 +47,15 @@ static int hf_eapol_keydes_key_signature = -1;
 static int hf_eapol_keydes_key = -1;
 
 static int hf_eapol_wpa_keydes_keyinfo = -1;
+static int hf_eapol_wpa_keydes_keyinfo_keydes_ver = -1;
+static int hf_eapol_wpa_keydes_keyinfo_key_type = -1;
+static int hf_eapol_wpa_keydes_keyinfo_key_index = -1;
+static int hf_eapol_wpa_keydes_keyinfo_install = -1;
+static int hf_eapol_wpa_keydes_keyinfo_key_ack = -1;
+static int hf_eapol_wpa_keydes_keyinfo_key_mic = -1;
+static int hf_eapol_wpa_keydes_keyinfo_secure = -1;
+static int hf_eapol_wpa_keydes_keyinfo_error = -1;
+static int hf_eapol_wpa_keydes_keyinfo_request = -1;
 static int hf_eapol_wpa_keydes_nonce = -1;
 static int hf_eapol_wpa_keydes_rsc = -1;
 static int hf_eapol_wpa_keydes_id = -1;
@@ -57,6 +66,7 @@ static int hf_eapol_wpa_keydes_data = -1;
 static gint ett_eapol = -1;
 static gint ett_eapol_keydes_data = -1;
 static gint ett_eapol_key_index = -1;
+static gint ett_keyinfo = -1;
 
 static dissector_handle_t eap_handle;
 static dissector_handle_t data_handle;
@@ -86,8 +96,27 @@ static const value_string eapol_keydes_type_vals[] = {
 	{ 0, NULL }
 };
 
+#define KEY_INFO_KEYDES_VER_MASK	0x0007
+#define KEY_INFO_KEY_TYPE_MASK		0x0008
+#define KEY_INFO_KEY_INDEX_MASK		0x0030
+#define KEY_INFO_INSTALL_MASK		0x0040
+#define KEY_INFO_KEY_ACK_MASK		0x0080
+#define KEY_INFO_KEY_MIC_MASK		0x0100
+#define KEY_INFO_SECURE_MASK		0x0200
+#define KEY_INFO_ERROR_MASK		0x0400
+#define KEY_INFO_REQUEST_MASK		0x0800
+
 static const true_false_string keytype_tfs =
 	{ "Unicast", "Broadcast" };
+static const true_false_string tfs_keyinfo_key_type =
+	{ "Pairwise key", "Group key" };
+#define KEYDES_VER_TYPE1	0x01
+#define KEYDES_VER_TYPE2	0x02
+static const value_string keydes_ver[] = {
+	{ KEYDES_VER_TYPE1,	"HMAC-MD5 for MIC and RC4 for encryption" },
+	{ KEYDES_VER_TYPE2,	"AES-CBC-MAC for MIC and HMAC-SHA1 for encryption" },
+	{ 0, 		NULL }
+};
 
 static void
 dissect_eapol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
@@ -99,8 +128,11 @@ dissect_eapol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
   guint       len;
   guint16     eapol_key_len, eapol_data_len;
   guint8      key_index;
+  guint16     keyinfo;
   proto_tree *ti = NULL;
   proto_tree *eapol_tree = NULL;
+  proto_tree *keyinfo_item = NULL;
+  proto_tree *keyinfo_tree = NULL;
   proto_tree *key_index_tree, *keydes_tree;
   tvbuff_t   *next_tvb;
 
@@ -147,8 +179,22 @@ dissect_eapol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
       proto_tree_add_item(eapol_tree, hf_eapol_keydes_type, tvb, offset, 1, FALSE);
       offset += 1;
       if (keydesc_type == EAPOL_WPA_KEY) {
-        proto_tree_add_uint(eapol_tree, hf_eapol_wpa_keydes_keyinfo, tvb,
-        		    offset, 2, tvb_get_ntohs(tvb, offset));
+	keyinfo = tvb_get_ntohs(tvb, offset);
+	keyinfo_item = 
+	  proto_tree_add_uint(eapol_tree, hf_eapol_wpa_keydes_keyinfo, tvb,
+			      offset, 2, keyinfo);
+
+	keyinfo_tree = proto_item_add_subtree(keyinfo_item, ett_keyinfo);
+	proto_tree_add_uint(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_keydes_ver, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_type, tvb, offset, 2, keyinfo);
+	proto_tree_add_uint(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_index, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_install, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_ack, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_mic, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_secure, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_error, tvb, offset, 2, keyinfo);
+	proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_request, tvb, offset, 2, keyinfo);
+
         offset += 2;
         proto_tree_add_uint(eapol_tree, hf_eapol_keydes_keylen, tvb, offset,
         		    2, tvb_get_ntohs(tvb, offset));
@@ -263,6 +309,61 @@ proto_register_eapol(void)
 	{ &hf_eapol_wpa_keydes_keyinfo, {
 		"Key Information", "eapol.keydes.key_info", FT_UINT16,
 		BASE_HEX, NULL, 0x0, "WPA key info", HFILL }},
+
+	{ &hf_eapol_wpa_keydes_keyinfo_keydes_ver, {
+		"Key Descriptor Version", 
+		"eapol.keydes.key_info.keydes_ver", 
+		FT_UINT16, BASE_DEC, VALS(&keydes_ver),
+		KEY_INFO_KEYDES_VER_MASK, 
+		"Key Descriptor Version Type", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_key_type, {
+		"Key Type", 
+		"eapol.keydes.key_info.key_type", 
+		FT_BOOLEAN, 16, TFS(&tfs_keyinfo_key_type), 
+		KEY_INFO_KEY_TYPE_MASK, 
+		"Key Type (Pairwise or Group)", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_key_index, {
+		"Key Index", 
+		"eapol.keydes.key_info.key_index", 
+		FT_UINT16, BASE_DEC, NULL, 
+		KEY_INFO_KEY_INDEX_MASK, 
+		"Key Index (0-3)", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_install, {
+		"Install flag", 
+		"eapol.keydes.key_info.install", 
+		FT_BOOLEAN, 16, TFS(&flags_set_truth), 
+		KEY_INFO_INSTALL_MASK, 
+		"Install flag", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_key_ack, {
+		"Key Ack flag", 
+		"eapol.keydes.key_info.key_ack", 
+		FT_BOOLEAN, 16, TFS(&flags_set_truth), 
+		KEY_INFO_KEY_ACK_MASK, 
+		"Key Ack flag", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_key_mic, {
+		"Key MIC flag", 
+		"eapol.keydes.key_info.key_mic", 
+		FT_BOOLEAN, 16, TFS(&flags_set_truth), 
+		KEY_INFO_KEY_MIC_MASK, 
+		"Key MIC flag", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_secure, {
+		"Secure flag", 
+		"eapol.keydes.key_info.secure", 
+		FT_BOOLEAN, 16, TFS(&flags_set_truth), 
+		KEY_INFO_SECURE_MASK, 
+		"Secure flag", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_error, {
+		"Error flag", 
+		"eapol.keydes.key_info.error", 
+		FT_BOOLEAN, 16, TFS(&flags_set_truth), 
+		KEY_INFO_ERROR_MASK, 
+		"Error flag", HFILL }},
+	{ &hf_eapol_wpa_keydes_keyinfo_request, {
+		"Request flag", 
+		"eapol.keydes.key_info.request", 
+		FT_BOOLEAN, 16, TFS(&flags_set_truth), 
+		KEY_INFO_REQUEST_MASK, 
+		"Request flag", HFILL }},
 	{ &hf_eapol_wpa_keydes_nonce, {
 		"Nonce", "eapol.keydes.nonce", FT_BYTES, BASE_NONE,
 		NULL, 0x0, "WPA Key Nonce", HFILL }},
@@ -285,6 +386,7 @@ proto_register_eapol(void)
   static gint *ett[] = {
 	&ett_eapol,
 	&ett_eapol_keydes_data,
+	&ett_keyinfo,
 	&ett_eapol_key_index
   };
author	Guy Harris <guy@alum.mit.edu>	2003-10-14 09:11:53 +0000
committer	Guy Harris <guy@alum.mit.edu>	2003-10-14 09:11:53 +0000
commit	8a3baa43466ae276b11478888c7d1fb28f61997b (patch)
tree	8ae916cb30d177270c7bfb0be8fc37bcdb05e910 /packet-eapol.c
parent	61e4447e89fac743680d3e4b4c810128dae3176f (diff)