diff options
author | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2004-05-18 11:08:26 +0000 |
---|---|---|
committer | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2004-05-18 11:08:26 +0000 |
commit | bb429b3418d085d7fed77626823e26b740f5809f (patch) | |
tree | aa4becf037dff9e92afe5b61b0edb87eb52d5f88 /packet-pktc.c | |
parent | 0e37526b88fcd867c826b39fe977a90c61888de7 (diff) |
update to packetcable dissect all of apreq/aprep packets
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10917 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'packet-pktc.c')
-rw-r--r-- | packet-pktc.c | 235 |
1 files changed, 228 insertions, 7 deletions
diff --git a/packet-pktc.c b/packet-pktc.c index 5c6a1016d6..a596f160ab 100644 --- a/packet-pktc.c +++ b/packet-pktc.c @@ -3,7 +3,7 @@ * Ronnie Sahlberg 2004 * See the spec: PKT-SP-SEC-I10-040113.pdf * - * $Id: packet-pktc.c,v 1.1 2004/05/18 08:22:26 sahlberg Exp $ + * $Id: packet-pktc.c,v 1.2 2004/05/18 11:08:26 sahlberg Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -35,13 +35,31 @@ #define PKTC_PORT 1293 static int proto_pktc = -1; +static gint hf_pktc_app_spec_data = -1; +static gint hf_pktc_list_of_ciphersuites = -1; +static gint hf_pktc_list_of_ciphersuites_len = -1; static gint hf_pktc_kmmid = -1; static gint hf_pktc_doi = -1; static gint hf_pktc_version_major = -1; static gint hf_pktc_version_minor = -1; static gint hf_pktc_server_nonce = -1; +static gint hf_pktc_snmpEngineID_len = -1; +static gint hf_pktc_snmpEngineID = -1; +static gint hf_pktc_snmpEngineID_boots = -1; +static gint hf_pktc_snmpEngineID_time = -1; +static gint hf_pktc_usmUserName_len = -1; +static gint hf_pktc_usmUserName = -1; +static gint hf_pktc_snmpAuthenticationAlgorithm = -1; +static gint hf_pktc_snmpEncryptionTransformID = -1; +static gint hf_pktc_reestablish_flag = -1; +static gint hf_pktc_ack_required_flag = -1; +static gint hf_pktc_sha1_mac = -1; +static gint hf_pktc_sec_param_lifetime = -1; +static gint hf_pktc_grace_period = -1; static gint ett_pktc = -1; +static gint ett_pktc_app_spec_data = -1; +static gint ett_pktc_list_of_ciphersuites = -1; #define KMMID_WAKEUP 0x01 #define KMMID_AP_REQUEST 0x02 @@ -68,8 +86,122 @@ static const value_string doi_types[] = { }; +static const value_string snmpAlgorithmIdentifiers_vals[] = { + { 0x21 , "MD5-HMAC" }, + { 0x22 , "SHA1-HMAC" }, + { 0 , NULL } +}; +static const value_string snmpEncryptionTransformID_vals[] = { + { 0x20 , "SNMPv3 NULL (no encryption)" }, + { 0x21 , "SNMPv3 DES" }, + { 0 , NULL } +}; + +static int +dissect_pktc_app_specific_data(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 doi, guint8 kmmid) +{ + int old_offset=offset; + proto_tree *tree = NULL; + proto_item *item = NULL; + guint8 len; + + if (parent_tree) { + item = proto_tree_add_item(parent_tree, hf_pktc_app_spec_data, tvb, offset, -1, FALSE); + tree = proto_item_add_subtree(item, ett_pktc_app_spec_data); + } + + switch(doi){ + case DOI_SNMPv3: + switch(kmmid){ + /* we dont distinguish between manager and agent engineid. + feel free to add separation for this if it is imporant enough + for you. */ + case KMMID_AP_REQUEST: + case KMMID_AP_REPLY: + /* snmpEngineID Length */ + len=tvb_get_guint8(tvb, offset); + proto_tree_add_uint(tree, hf_pktc_snmpEngineID_len, tvb, offset, 1, len); + offset+=1; + + /* snmpEngineID */ + proto_tree_add_item(tree, hf_pktc_snmpEngineID, tvb, offset, len, FALSE); + offset+=len; + + /* boots */ + proto_tree_add_item(tree, hf_pktc_snmpEngineID_boots, tvb, offset, 4, FALSE); + offset+=4; + + /* time */ + proto_tree_add_item(tree, hf_pktc_snmpEngineID_time, tvb, offset, 4, FALSE); + offset+=4; + + /* usmUserName Length */ + len=tvb_get_guint8(tvb, offset); + proto_tree_add_uint(tree, hf_pktc_usmUserName_len, tvb, offset, 1, len); + offset+=1; + + /* usmUserName */ + proto_tree_add_item(tree, hf_pktc_usmUserName, tvb, offset, len, FALSE); + offset+=len; + + break; + default: + proto_tree_add_text(tree, tvb, offset, 1, "Dont know how to parse this type of KMMID yet"); + tvb_get_guint8(tvb, 9999); /* bail out and inform user we cant dissect the packet */ + }; + break; + default: + proto_tree_add_text(tree, tvb, offset, 1, "Dont know how to parse this type of DOI yet"); + tvb_get_guint8(tvb, 9999); /* bail out and inform user we cant dissect the packet */ + } + + proto_item_set_len(item, old_offset-offset); + return offset; +} + +static int +dissect_pktc_list_of_ciphersuites(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 doi) +{ + int old_offset=offset; + proto_tree *tree = NULL; + proto_item *item = NULL; + guint8 len, i; + + if (parent_tree) { + item = proto_tree_add_item(parent_tree, hf_pktc_list_of_ciphersuites, tvb, offset, -1, FALSE); + tree = proto_item_add_subtree(item, ett_pktc_list_of_ciphersuites); + } + + + /* key management message id */ + len=tvb_get_guint8(tvb, offset); + proto_tree_add_uint(tree, hf_pktc_list_of_ciphersuites_len, tvb, offset, 1, len); + offset+=1; + + for(i=0;i<len;i++){ + switch(doi){ + case DOI_SNMPv3: + /* authentication algorithm */ + proto_tree_add_item(tree, hf_pktc_snmpAuthenticationAlgorithm, tvb, offset, 1, FALSE); + offset+=1; + + /* encryption transform id */ + proto_tree_add_item(tree, hf_pktc_snmpEncryptionTransformID, tvb, offset, 1, FALSE); + offset+=1; + break; + default: + proto_tree_add_text(tree, tvb, offset, 1, "Dont know how to parse this type of Algorithm Identifier yet"); + tvb_get_guint8(tvb, 9999); /* bail out and inform user we cant dissect the packet */ + } + + } + + proto_item_set_len(item, old_offset-offset); + return offset; +} + static int -dissect_pktc_ap_request(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +dissect_pktc_ap_request(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset, guint8 doi) { tvbuff_t *pktc_tvb; guint32 snonce; @@ -81,13 +213,27 @@ dissect_pktc_ap_request(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int /* Server Nonce */ snonce=tvb_get_ntohl(tvb, offset); proto_tree_add_uint(tree, hf_pktc_server_nonce, tvb, offset, 4, snonce); + offset+=4; + + /* app specific data */ + offset=dissect_pktc_app_specific_data(pinfo, tree, tvb, offset, doi, KMMID_AP_REQUEST); + + /* list of ciphersuites */ + offset=dissect_pktc_list_of_ciphersuites(pinfo, tree, tvb, offset, doi); + + /* re-establish flag */ + proto_tree_add_item(tree, hf_pktc_reestablish_flag, tvb, offset, 1, FALSE); + offset+=1; + + /* sha1-mac */ + proto_tree_add_item(tree, hf_pktc_sha1_mac, tvb, offset, 20, FALSE); + offset+=20; -/* XXX here all the remaining stuff should go */ return offset; } static int -dissect_pktc_ap_reply(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +dissect_pktc_ap_reply(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset, guint8 doi) { tvbuff_t *pktc_tvb; @@ -95,7 +241,32 @@ dissect_pktc_ap_reply(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int o pktc_tvb = tvb_new_subset(tvb, offset, -1, -1); offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE); -/* XXX here all the remaining stuff should go */ + /* app specific data */ + offset=dissect_pktc_app_specific_data(pinfo, tree, tvb, offset, doi, KMMID_AP_REPLY); + + /* selected ciphersuite */ + offset=dissect_pktc_list_of_ciphersuites(pinfo, tree, tvb, offset, doi); + + /* sec param lifetime */ + proto_tree_add_item(tree, hf_pktc_sec_param_lifetime, tvb, offset, 4, FALSE); + offset+=4; + + /* grace period */ + proto_tree_add_item(tree, hf_pktc_grace_period, tvb, offset, 4, FALSE); + offset+=4; + + /* re-establish flag */ + proto_tree_add_item(tree, hf_pktc_reestablish_flag, tvb, offset, 1, FALSE); + offset+=1; + + /* ack required flag */ + proto_tree_add_item(tree, hf_pktc_ack_required_flag, tvb, offset, 1, FALSE); + offset+=1; + + /* sha1-mac */ + proto_tree_add_item(tree, hf_pktc_sha1_mac, tvb, offset, 20, FALSE); + offset+=20; + return offset; } @@ -133,10 +304,10 @@ dissect_pktc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) switch(kmmid){ case KMMID_AP_REQUEST: - offset=dissect_pktc_ap_request(pinfo, pktc_tree, tvb, offset); + offset=dissect_pktc_ap_request(pinfo, pktc_tree, tvb, offset, doi); break; case KMMID_AP_REPLY: - offset=dissect_pktc_ap_reply(pinfo, pktc_tree, tvb, offset); + offset=dissect_pktc_ap_reply(pinfo, pktc_tree, tvb, offset, doi); break; }; } @@ -160,9 +331,59 @@ proto_register_pktc(void) { &hf_pktc_server_nonce, { "Server Nonce", "pktc.server_nonce", FT_UINT32, BASE_HEX, NULL, 0, "Server Nonce random number", HFILL }}, + { &hf_pktc_app_spec_data, { + "Application Specific data", "pktc.app_spec_data", FT_NONE, BASE_HEX, + NULL, 0, "KMMID/DOI application specific data", HFILL }}, + { &hf_pktc_list_of_ciphersuites, { + "List of Ciphersuites", "pktc.list_of_ciphersuites", FT_NONE, BASE_HEX, + NULL, 0, "List of Ciphersuites", HFILL }}, + { &hf_pktc_list_of_ciphersuites_len, { + "Number of Ciphersuites", "pktc.list_of_ciphersuites.len", FT_UINT8, BASE_DEC, + NULL, 0, "Number of Ciphersuites", HFILL }}, + { &hf_pktc_snmpEngineID_len, { + "Engine ID Length", "pktc.EngineID.len", FT_UINT8, BASE_DEC, + NULL, 0, "Length of SNMP Engine ID", HFILL }}, + { &hf_pktc_snmpAuthenticationAlgorithm, { + "snmpAuthentication Algorithm", "pktc.snmpAuthenticationAlgorithm", FT_UINT8, BASE_DEC, + VALS(snmpAlgorithmIdentifiers_vals), 0, "snmpAuthentication Algorithm", HFILL }}, + { &hf_pktc_snmpEncryptionTransformID, { + "snmpEncryption Transform ID", "pktc.snmpEncryptionTransformID", FT_UINT8, BASE_DEC, + VALS(snmpEncryptionTransformID_vals), 0, "snmpEncryption Transform ID", HFILL }}, + { &hf_pktc_snmpEngineID, { + "Engine ID", "pktc.EngineID", FT_BYTES, BASE_HEX, + NULL, 0, "SNMP Engine ID", HFILL }}, + { &hf_pktc_snmpEngineID_boots, { + "Engine ID Boots", "pktc.EngineID.boots", FT_UINT32, BASE_HEX, + NULL, 0, "SNMP Engine ID Boots", HFILL }}, + { &hf_pktc_snmpEngineID_time, { + "Engine ID Time", "pktc.EngineID.time", FT_UINT32, BASE_HEX, + NULL, 0, "SNMP Engine ID Time", HFILL }}, + { &hf_pktc_usmUserName_len, { + "usmUserName Length", "pktc.usmUserName.len", FT_UINT8, BASE_DEC, + NULL, 0, "Length of usmUserName", HFILL }}, + { &hf_pktc_usmUserName, { + "usmUserName", "pktc.usmUserName", FT_STRING, BASE_DEC, + NULL, 0, "usmUserName", HFILL }}, + { &hf_pktc_reestablish_flag, { + "Re-establish Flag", "pktc.reestablish_flag", FT_UINT8, BASE_DEC, + NULL, 0, "Re-establish Flag", HFILL }}, + { &hf_pktc_ack_required_flag, { + "ACK Required Flag", "pktc.ack_required_flag", FT_UINT8, BASE_DEC, + NULL, 0, "ACK Required Flag", HFILL }}, + { &hf_pktc_sha1_mac, { + "SHA1 MAC", "pktc.sha1_mac", FT_BYTES, BASE_HEX, + NULL, 0, "SHA1 MAC", HFILL }}, + { &hf_pktc_sec_param_lifetime, { + "Security Parameter Lifetime", "pktc.sec_param_lifetime", FT_UINT32, BASE_DEC, + NULL, 0, "Lifetime in seconds of security parameter", HFILL }}, + { &hf_pktc_grace_period, { + "Grace Period", "pktc.grace_period", FT_UINT32, BASE_DEC, + NULL, 0, "Grace Period in seconds", HFILL }}, }; static gint *ett[] = { &ett_pktc, + &ett_pktc_app_spec_data, + &ett_pktc_list_of_ciphersuites, }; proto_pktc = proto_register_protocol("PacketCable", |