2013-09-03 17:35:00 +00:00
|
|
|
/* packet-macsec.c
|
2017-03-23 07:37:25 +00:00
|
|
|
* Routines for IEEE 802.1AE MACsec dissection
|
2013-09-03 17:35:00 +00:00
|
|
|
* Copyright 2013, Allan W. Nielsen <anielsen@vitesse.com>
|
|
|
|
*
|
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
2018-02-12 11:23:27 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
2013-09-03 17:35:00 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "config.h"
|
|
|
|
|
|
|
|
#include <epan/packet.h>
|
|
|
|
#include <epan/etypes.h>
|
|
|
|
|
2013-12-14 16:09:57 +00:00
|
|
|
void proto_register_macsec(void);
|
|
|
|
void proto_reg_handoff_macsec(void);
|
|
|
|
|
2017-03-23 07:37:25 +00:00
|
|
|
/* TCI/AN field masks */
|
|
|
|
#define TCI_MASK 0xFC
|
2013-09-03 17:35:00 +00:00
|
|
|
#define TCI_V_MASK 0x80
|
|
|
|
#define TCI_ES_MASK 0x40
|
|
|
|
#define TCI_SC_MASK 0x20
|
|
|
|
#define TCI_SCB_MASK 0x10
|
|
|
|
#define TCI_E_MASK 0x08
|
|
|
|
#define TCI_C_MASK 0x04
|
2017-03-23 07:37:25 +00:00
|
|
|
#define AN_MASK 0x03
|
2013-09-03 17:35:00 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int proto_macsec = -1;
|
|
|
|
static int hf_macsec_TCI = -1;
|
|
|
|
static int hf_macsec_TCI_V = -1;
|
|
|
|
static int hf_macsec_TCI_ES = -1;
|
|
|
|
static int hf_macsec_TCI_SC = -1;
|
|
|
|
static int hf_macsec_TCI_SCB = -1;
|
|
|
|
static int hf_macsec_TCI_E = -1;
|
|
|
|
static int hf_macsec_TCI_C = -1;
|
|
|
|
static int hf_macsec_AN = -1;
|
|
|
|
static int hf_macsec_SL = -1;
|
|
|
|
static int hf_macsec_PN = -1;
|
2017-03-23 07:37:25 +00:00
|
|
|
static int hf_macsec_SCI_system_identifier = -1;
|
|
|
|
static int hf_macsec_SCI_port_identifier = -1;
|
2013-09-03 17:35:00 +00:00
|
|
|
static int hf_macsec_ICV = -1;
|
|
|
|
|
|
|
|
/* Initialize the subtree pointers */
|
|
|
|
static gint ett_macsec = -1;
|
|
|
|
static gint ett_macsec_tci = -1;
|
|
|
|
|
|
|
|
/* Code to actually dissect the packets */
|
|
|
|
static int dissect_macsec(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) {
|
2017-03-23 07:37:25 +00:00
|
|
|
unsigned sectag_length, data_length, icv_length;
|
|
|
|
unsigned data_offset, icv_offset;
|
2013-09-03 17:35:00 +00:00
|
|
|
guint8 tci_an_field;
|
|
|
|
|
2017-03-23 07:37:25 +00:00
|
|
|
proto_item *macsec_item;
|
|
|
|
proto_tree *macsec_tree;
|
2013-09-03 17:35:00 +00:00
|
|
|
|
|
|
|
tvbuff_t *next_tvb;
|
|
|
|
|
|
|
|
tci_an_field = tvb_get_guint8(tvb, 0);
|
|
|
|
|
|
|
|
if ((tci_an_field & TCI_V_MASK) != 0) { /* version must be zero */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-03-23 07:37:25 +00:00
|
|
|
icv_length = 16; /* Fixed size for version 0 */
|
|
|
|
|
2013-09-03 17:35:00 +00:00
|
|
|
if (tci_an_field & TCI_SC_MASK) {
|
2017-03-23 07:37:25 +00:00
|
|
|
sectag_length = 14; /* optional SCI present */
|
2013-09-03 17:35:00 +00:00
|
|
|
} else {
|
|
|
|
sectag_length = 6;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check for short length */
|
2015-06-24 00:22:18 +00:00
|
|
|
if (tvb_captured_length(tvb) <= (sectag_length + icv_length)) {
|
2013-09-03 17:35:00 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-03-23 07:37:25 +00:00
|
|
|
/* Get the payload section */
|
2013-09-03 17:35:00 +00:00
|
|
|
data_offset = sectag_length;
|
2015-06-24 00:22:18 +00:00
|
|
|
data_length = tvb_captured_length(tvb) - sectag_length - icv_length;
|
2013-09-03 17:35:00 +00:00
|
|
|
icv_offset = data_length + data_offset;
|
|
|
|
|
2014-06-06 14:35:50 +00:00
|
|
|
next_tvb = tvb_new_subset_length(tvb, data_offset, data_length);
|
2013-09-03 17:35:00 +00:00
|
|
|
|
|
|
|
col_set_str(pinfo->cinfo, COL_PROTOCOL, "MACSEC");
|
|
|
|
col_set_str(pinfo->cinfo, COL_INFO, "MACsec frame");
|
|
|
|
|
|
|
|
if (tree) {
|
|
|
|
macsec_item = proto_tree_add_item(tree,
|
|
|
|
proto_macsec, tvb, 0, sectag_length, ENC_NA);
|
|
|
|
macsec_tree = proto_item_add_subtree(macsec_item, ett_macsec);
|
|
|
|
|
2017-03-23 07:37:25 +00:00
|
|
|
static const int * flags[] = {
|
|
|
|
&hf_macsec_TCI_V,
|
|
|
|
&hf_macsec_TCI_ES,
|
|
|
|
&hf_macsec_TCI_SC,
|
|
|
|
&hf_macsec_TCI_SCB,
|
|
|
|
&hf_macsec_TCI_E,
|
|
|
|
&hf_macsec_TCI_C,
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
|
|
|
|
proto_tree_add_bitmask_with_flags(macsec_tree, tvb, 0,
|
|
|
|
hf_macsec_TCI, ett_macsec_tci, flags, ENC_NA, BMT_NO_TFS);
|
|
|
|
|
|
|
|
proto_tree_add_item(macsec_tree, hf_macsec_AN, tvb, 0, 1, ENC_NA);
|
|
|
|
proto_tree_add_item(macsec_tree, hf_macsec_SL, tvb, 1, 1, ENC_NA);
|
|
|
|
proto_tree_add_item(macsec_tree, hf_macsec_PN, tvb, 2, 4, ENC_BIG_ENDIAN);
|
2013-09-03 17:35:00 +00:00
|
|
|
|
|
|
|
if (sectag_length == 14) {
|
2017-03-23 07:37:25 +00:00
|
|
|
proto_tree_add_item(macsec_tree, hf_macsec_SCI_system_identifier,
|
|
|
|
tvb, 6, 6, ENC_NA);
|
|
|
|
proto_tree_add_item(macsec_tree, hf_macsec_SCI_port_identifier, tvb,
|
|
|
|
12, 2, ENC_BIG_ENDIAN);
|
2013-09-03 17:35:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
proto_tree_add_item(macsec_tree, hf_macsec_ICV, tvb, icv_offset,
|
|
|
|
icv_length, ENC_NA);
|
|
|
|
}
|
|
|
|
|
2017-03-23 07:37:25 +00:00
|
|
|
call_data_dissector(next_tvb, pinfo, tree);
|
|
|
|
|
2015-06-23 18:24:48 +00:00
|
|
|
return tvb_captured_length(tvb);
|
2013-09-03 17:35:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
proto_register_macsec(void)
|
|
|
|
{
|
|
|
|
static hf_register_info hf[] = {
|
2017-03-23 07:37:25 +00:00
|
|
|
{ &hf_macsec_TCI,
|
|
|
|
{ "TCI", "macsec.TCI", FT_UINT8, BASE_HEX,
|
|
|
|
NULL, TCI_MASK, "TAG Control Information", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_TCI_V,
|
|
|
|
{ "VER", "macsec.TCI.V", FT_UINT8, BASE_HEX,
|
|
|
|
NULL, TCI_V_MASK, "Version", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_TCI_ES,
|
|
|
|
{ "ES", "macsec.TCI.ES", FT_BOOLEAN, 8,
|
|
|
|
TFS(&tfs_set_notset), TCI_ES_MASK, "End Station", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_TCI_SC,
|
|
|
|
{ "SC", "macsec.TCI.SC", FT_BOOLEAN, 8,
|
|
|
|
TFS(&tfs_set_notset), TCI_SC_MASK, "Secure Channel", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_TCI_SCB,
|
|
|
|
{ "SCB", "macsec.TCI.SCB", FT_BOOLEAN, 8,
|
|
|
|
TFS(&tfs_set_notset), TCI_SCB_MASK, "Single Copy Broadcast", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_TCI_E,
|
|
|
|
{ "E", "macsec.TCI.E", FT_BOOLEAN, 8,
|
|
|
|
TFS(&tfs_set_notset), TCI_E_MASK, "Encryption", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_TCI_C,
|
|
|
|
{ "C", "macsec.TCI.C", FT_BOOLEAN, 8,
|
|
|
|
TFS(&tfs_set_notset), TCI_C_MASK, "Changed Text", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_AN,
|
|
|
|
{ "AN", "macsec.AN", FT_UINT8, BASE_HEX,
|
|
|
|
NULL, AN_MASK, "Association Number", HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_SL,
|
|
|
|
{ "Short length", "macsec.SL", FT_UINT8, BASE_DEC,
|
|
|
|
NULL, 0, NULL, HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_PN,
|
|
|
|
{ "Packet number", "macsec.PN", FT_UINT32, BASE_DEC,
|
|
|
|
NULL, 0, NULL, HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_SCI_system_identifier,
|
|
|
|
{ "System Identifier", "macsec.SCI.system_identifier", FT_ETHER, BASE_NONE,
|
|
|
|
NULL, 0, NULL, HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_SCI_port_identifier,
|
|
|
|
{ "Port Identifier", "macsec.SCI.port_identifier", FT_UINT16, BASE_DEC,
|
|
|
|
NULL, 0, NULL, HFILL }
|
|
|
|
},
|
|
|
|
{ &hf_macsec_ICV,
|
|
|
|
{ "ICV", "macsec.ICV", FT_BYTES, BASE_NONE,
|
|
|
|
NULL, 0, NULL, HFILL }
|
|
|
|
}
|
2013-09-03 17:35:00 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
/* Setup protocol subtree array */
|
|
|
|
static gint *ett[] = {
|
|
|
|
&ett_macsec,
|
|
|
|
&ett_macsec_tci
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Register the protocol name and description */
|
2017-03-23 07:37:25 +00:00
|
|
|
proto_macsec = proto_register_protocol("802.1AE Security tag", "MACsec", "macsec");
|
2013-09-03 17:35:00 +00:00
|
|
|
|
|
|
|
/* Required function calls to register the header fields and subtrees used */
|
|
|
|
proto_register_field_array(proto_macsec, hf, array_length(hf));
|
|
|
|
proto_register_subtree_array(ett, array_length(ett));
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
proto_reg_handoff_macsec(void)
|
|
|
|
{
|
|
|
|
dissector_handle_t macsec_handle;
|
2015-12-09 03:49:44 +00:00
|
|
|
macsec_handle = create_dissector_handle(dissect_macsec, proto_macsec);
|
2013-09-03 17:35:00 +00:00
|
|
|
dissector_add_uint("ethertype", ETHERTYPE_MACSEC, macsec_handle);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2019-07-26 18:43:17 +00:00
|
|
|
* Editor modelines - https://www.wireshark.org/tools/modelines.html
|
2013-09-03 17:35:00 +00:00
|
|
|
*
|
|
|
|
* Local variables:
|
|
|
|
* c-basic-offset: 4
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
* End:
|
|
|
|
*
|
|
|
|
* vi: set shiftwidth=4 tabstop=8 expandtab:
|
|
|
|
* :indentSize=4:tabSize=8:noTabs=true:
|
|
|
|
*/
|
|
|
|
|