Add a dissector table for EAPOL Key Descriptor types.
Instead of having a switch statement in the EAPOL dissector for Key Descriptor types, have a dissector table, and: have the EAPOL dissector register with a dissector for the RC4 type; have the 802.11 dissector register with dissectors for WPA and RSN types. This means that ieee_80211_add_tagged_parameters() no longer needs to be public; make it static. Change-Id: I68e0592c3ea055c693d6d5d5a9eb88634ea37a95 Reviewed-on: https://code.wireshark.org/review/800 Reviewed-by: Guy Harris <guy@alum.mit.edu>
This commit is contained in:
parent
2a6e50ca7d
commit
2d7828794c
|
@ -177,6 +177,7 @@ LIBWIRESHARK_INCLUDES = \
|
|||
dvb_chartbl.h \
|
||||
dwarf.h \
|
||||
eap.h \
|
||||
eapol_keydes_types.h \
|
||||
emem.h \
|
||||
epan-int.h \
|
||||
epan.h \
|
||||
|
|
|
@ -27,8 +27,8 @@
|
|||
#include <glib.h>
|
||||
#include <epan/packet.h>
|
||||
#include <epan/crypt/wep-wpadefs.h>
|
||||
#include "packet-ieee80211.h"
|
||||
#include <epan/etypes.h>
|
||||
#include <epan/eapol_keydes_types.h>
|
||||
|
||||
void proto_register_eapol(void);
|
||||
void proto_reg_handoff_eapol(void);
|
||||
|
@ -38,6 +38,7 @@ static int hf_eapol_version = -1;
|
|||
static int hf_eapol_type = -1;
|
||||
static int hf_eapol_len = -1;
|
||||
static int hf_eapol_keydes_type = -1;
|
||||
static int hf_eapol_keydes_body = -1;
|
||||
static int hf_eapol_keydes_key_len = -1;
|
||||
static int hf_eapol_keydes_replay_counter = -1;
|
||||
static int hf_eapol_keydes_key_iv = -1;
|
||||
|
@ -48,29 +49,12 @@ static int hf_eapol_keydes_key_signature = -1;
|
|||
static int hf_eapol_keydes_key = -1;
|
||||
static int hf_eapol_keydes_key_generated_locally = -1;
|
||||
|
||||
static int hf_eapol_wpa_keydes_keyinfo = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_keydes_version = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_key_type = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_key_index = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_install = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_key_ack = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_key_mic = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_secure = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_error = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_request = -1;
|
||||
static int hf_eapol_wpa_keydes_keyinfo_encrypted_key_data = -1;
|
||||
static int hf_eapol_wpa_keydes_nonce = -1;
|
||||
static int hf_eapol_wpa_keydes_rsc = -1;
|
||||
static int hf_eapol_wpa_keydes_id = -1;
|
||||
static int hf_eapol_wpa_keydes_mic = -1;
|
||||
static int hf_eapol_wpa_keydes_data_len = -1;
|
||||
static int hf_eapol_wpa_keydes_data = -1;
|
||||
|
||||
static gint ett_eapol = -1;
|
||||
static gint ett_eapol_keydes_data = -1;
|
||||
static gint ett_eapol_key_index = -1;
|
||||
static gint ett_keyinfo = -1;
|
||||
|
||||
static dissector_table_t eapol_keydes_type_dissector_table;
|
||||
|
||||
static dissector_handle_t eapol_handle;
|
||||
|
||||
static dissector_handle_t eap_handle;
|
||||
|
@ -88,10 +72,6 @@ static dissector_handle_t data_handle;
|
|||
#define EAPOL_KEY 3
|
||||
#define EAPOL_ENCAP_ASF_ALERT 4
|
||||
|
||||
#define EAPOL_RSN_KEY 2 /* TBD, may change in final IEEE 802.1X-REV
|
||||
*/
|
||||
#define EAPOL_WPA_KEY 254
|
||||
|
||||
static const value_string eapol_version_vals[] = {
|
||||
{ EAPOL_2001, "802.1X-2001" },
|
||||
{ EAPOL_2004, "802.1X-2004" },
|
||||
|
@ -109,59 +89,28 @@ static const value_string eapol_type_vals[] = {
|
|||
};
|
||||
|
||||
static const value_string eapol_keydes_type_vals[] = {
|
||||
{ 1, "RC4 Descriptor" },
|
||||
{ EAPOL_RC4_KEY, "RC4 Descriptor" },
|
||||
{ EAPOL_RSN_KEY, "EAPOL RSN Key" },
|
||||
{ EAPOL_WPA_KEY, "EAPOL WPA Key" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
#define KEY_INFO_KEYDES_VERSION_MASK 0x0007
|
||||
#define KEY_INFO_KEY_TYPE_MASK 0x0008
|
||||
#define KEY_INFO_KEY_INDEX_MASK 0x0030
|
||||
#define KEY_INFO_INSTALL_MASK 0x0040
|
||||
#define KEY_INFO_KEY_ACK_MASK 0x0080
|
||||
#define KEY_INFO_KEY_MIC_MASK 0x0100
|
||||
#define KEY_INFO_SECURE_MASK 0x0200
|
||||
#define KEY_INFO_ERROR_MASK 0x0400
|
||||
#define KEY_INFO_REQUEST_MASK 0x0800
|
||||
#define KEY_INFO_ENCRYPTED_KEY_DATA_MASK 0x1000
|
||||
|
||||
static const true_false_string keytype_tfs = { "Unicast", "Broadcast" };
|
||||
|
||||
static const true_false_string keyinfo_key_type_tfs = { "Pairwise Key", "Group Key" };
|
||||
|
||||
#define KEYDES_KEY_INDEX_TYPE_MASK 0x80
|
||||
#define KEYDES_KEY_INDEX_NUMBER_MASK 0x7F
|
||||
|
||||
#define KEYDES_VER_TYPE1 0x01
|
||||
#define KEYDES_VER_TYPE2 0x02
|
||||
#define KEYDES_VER_TYPE3 0x03
|
||||
|
||||
static const value_string keydes_version_vals[] = {
|
||||
{ KEYDES_VER_TYPE1, "RC4 Cipher, HMAC-MD5 MIC" },
|
||||
{ KEYDES_VER_TYPE2, "AES Cipher, HMAC-SHA1 MIC" },
|
||||
{ KEYDES_VER_TYPE3, "AES Cipher, AES-128-CMAC MIC" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
static void
|
||||
dissect_eapol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
int offset = 0;
|
||||
guint8 eapol_type;
|
||||
guint8 keydesc_type;
|
||||
guint16 eapol_len;
|
||||
guint8 keydesc_type;
|
||||
guint len;
|
||||
guint16 eapol_key_len, eapol_data_len;
|
||||
guint16 keyinfo;
|
||||
gboolean generated_locally;
|
||||
proto_tree *ti = NULL;
|
||||
proto_tree *eapol_tree = NULL;
|
||||
proto_tree *keyinfo_item = NULL;
|
||||
proto_tree *keyinfo_tree = NULL;
|
||||
proto_tree *key_index_tree, *keydes_tree;
|
||||
tvbuff_t *next_tvb;
|
||||
guint8 counter;
|
||||
|
||||
col_set_str(pinfo->cinfo, COL_PROTOCOL, "EAPOL");
|
||||
col_clear(pinfo->cinfo, COL_INFO);
|
||||
|
@ -198,159 +147,14 @@ dissect_eapol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
break;
|
||||
|
||||
case EAPOL_KEY:
|
||||
if (tree) {
|
||||
keydesc_type = tvb_get_guint8(tvb, offset);
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_type, tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
offset += 1;
|
||||
if (keydesc_type == EAPOL_WPA_KEY || keydesc_type == EAPOL_RSN_KEY) {
|
||||
/*
|
||||
* 802.11i.
|
||||
*/
|
||||
keyinfo = tvb_get_ntohs(tvb, offset);
|
||||
if (keyinfo & KEY_INFO_REQUEST_MASK) {
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Request)");
|
||||
if (keyinfo & KEY_INFO_ERROR_MASK)
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Request, Error)");
|
||||
} else if (keyinfo & KEY_INFO_KEY_TYPE_MASK) {
|
||||
guint16 masked;
|
||||
masked = keyinfo &
|
||||
(KEY_INFO_INSTALL_MASK | KEY_INFO_KEY_ACK_MASK |
|
||||
KEY_INFO_KEY_MIC_MASK | KEY_INFO_SECURE_MASK);
|
||||
|
||||
if (keydesc_type == EAPOL_WPA_KEY) {
|
||||
switch (masked) {
|
||||
case KEY_INFO_KEY_ACK_MASK:
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 1 of 4)");
|
||||
break;
|
||||
case KEY_INFO_KEY_MIC_MASK:
|
||||
counter = tvb_get_guint8(tvb, offset+11);
|
||||
if (!counter)
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");
|
||||
else
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 4 of 4)");
|
||||
break;
|
||||
case (KEY_INFO_INSTALL_MASK | KEY_INFO_KEY_ACK_MASK |
|
||||
KEY_INFO_KEY_MIC_MASK):
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 3 of 4)");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (keydesc_type == EAPOL_RSN_KEY) {
|
||||
switch (masked) {
|
||||
case KEY_INFO_KEY_ACK_MASK:
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 1 of 4)");
|
||||
break;
|
||||
case KEY_INFO_KEY_MIC_MASK:
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");
|
||||
break;
|
||||
case (KEY_INFO_INSTALL_MASK | KEY_INFO_KEY_ACK_MASK |
|
||||
KEY_INFO_KEY_MIC_MASK | KEY_INFO_SECURE_MASK):
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 3 of 4)");
|
||||
break;
|
||||
case (KEY_INFO_KEY_MIC_MASK | KEY_INFO_SECURE_MASK):
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 4 of 4)");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
if (keyinfo & KEY_INFO_KEY_ACK_MASK)
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Group Message 1 of 2)");
|
||||
else
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Group Message 2 of 2)");
|
||||
}
|
||||
keyinfo_item =
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_keyinfo, tvb,
|
||||
offset, 2, ENC_BIG_ENDIAN);
|
||||
|
||||
keyinfo_tree = proto_item_add_subtree(keyinfo_item, ett_keyinfo);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_keydes_version, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_type, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_index, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_install, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_ack, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_key_mic, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_secure, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_error, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_request, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_encrypted_key_data, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
|
||||
offset += 2;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_key_len, tvb, offset,
|
||||
2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_replay_counter, tvb,
|
||||
offset, 8, ENC_BIG_ENDIAN);
|
||||
offset += 8;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_nonce, tvb, offset,
|
||||
32, ENC_NA);
|
||||
offset += 32;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_key_iv, tvb,
|
||||
offset, 16, ENC_NA);
|
||||
offset += 16;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_rsc, tvb, offset,
|
||||
8, ENC_NA);
|
||||
offset += 8;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_id, tvb, offset, 8,
|
||||
ENC_NA);
|
||||
offset += 8;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_mic, tvb, offset,
|
||||
16, ENC_NA);
|
||||
offset += 16;
|
||||
eapol_data_len = tvb_get_ntohs(tvb, offset);
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_data_len, tvb,
|
||||
offset, 2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
if (eapol_data_len != 0) {
|
||||
ti = proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_data,
|
||||
tvb, offset, eapol_data_len, ENC_NA);
|
||||
if ((keyinfo & KEY_INFO_ENCRYPTED_KEY_DATA_MASK) ||
|
||||
!(keyinfo & KEY_INFO_KEY_TYPE_MASK)) {
|
||||
/* RSN: EAPOL-Key Key Data is encrypted.
|
||||
* WPA: Group Keys use encrypted Key Data.
|
||||
* Cannot parse this without knowing the key.
|
||||
* IEEE 802.11i-2004 8.5.2.
|
||||
*/
|
||||
} else {
|
||||
keydes_tree = proto_item_add_subtree(ti, ett_eapol_keydes_data);
|
||||
ieee_80211_add_tagged_parameters(tvb, offset, pinfo, keydes_tree,
|
||||
eapol_data_len, -1);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
eapol_key_len = tvb_get_ntohs(tvb, offset);
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_key_len, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_replay_counter, tvb,
|
||||
offset, 8, ENC_BIG_ENDIAN);
|
||||
offset += 8;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_key_iv, tvb,
|
||||
offset, 16, ENC_NA);
|
||||
offset += 16;
|
||||
ti = proto_tree_add_item(eapol_tree, hf_eapol_keydes_key_index, tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
key_index_tree = proto_item_add_subtree(ti, ett_eapol_key_index);
|
||||
proto_tree_add_item(key_index_tree, hf_eapol_keydes_key_index_type,
|
||||
tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(key_index_tree, hf_eapol_keydes_key_index_number,
|
||||
tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
offset += 1;
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_key_signature, tvb,
|
||||
offset, 16, ENC_NA);
|
||||
offset += 16;
|
||||
if (eapol_key_len != 0) {
|
||||
/* IEEE 802.1X-2004 7.6.3.6: If no bytes remain, then */
|
||||
generated_locally = eapol_len <= 44; /* Size of rc4 key with no key content */
|
||||
if (!generated_locally) {
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_key, tvb, offset,
|
||||
eapol_key_len, ENC_NA);
|
||||
}
|
||||
|
||||
proto_tree_add_boolean(eapol_tree, hf_eapol_keydes_key_generated_locally, tvb, offset,
|
||||
0, generated_locally);
|
||||
}
|
||||
}
|
||||
}
|
||||
keydesc_type = tvb_get_guint8(tvb, offset);
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_type, tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
offset += 1;
|
||||
next_tvb = tvb_new_subset_remaining(tvb, offset);
|
||||
if (!dissector_try_uint_new(eapol_keydes_type_dissector_table,
|
||||
keydesc_type, next_tvb, pinfo, eapol_tree,
|
||||
FALSE, NULL))
|
||||
proto_tree_add_item(eapol_tree, hf_eapol_keydes_body, tvb, offset, -1, ENC_NA);
|
||||
break;
|
||||
|
||||
case EAPOL_ENCAP_ASF_ALERT: /* XXX - is this an SNMP trap? */
|
||||
|
@ -361,6 +165,56 @@ dissect_eapol(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
}
|
||||
}
|
||||
|
||||
static int
|
||||
dissect_eapol_rc4_key(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void *data _U_)
|
||||
{
|
||||
int offset = 0;
|
||||
guint16 eapol_key_len;
|
||||
gboolean generated_locally;
|
||||
proto_tree *ti = NULL;
|
||||
proto_tree *key_index_tree;
|
||||
gint eapol_len;
|
||||
|
||||
eapol_key_len = tvb_get_ntohs(tvb, offset);
|
||||
proto_tree_add_item(tree, hf_eapol_keydes_key_len, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
proto_tree_add_item(tree, hf_eapol_keydes_replay_counter, tvb,
|
||||
offset, 8, ENC_BIG_ENDIAN);
|
||||
offset += 8;
|
||||
proto_tree_add_item(tree, hf_eapol_keydes_key_iv, tvb,
|
||||
offset, 16, ENC_NA);
|
||||
offset += 16;
|
||||
ti = proto_tree_add_item(tree, hf_eapol_keydes_key_index, tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
key_index_tree = proto_item_add_subtree(ti, ett_eapol_key_index);
|
||||
proto_tree_add_item(key_index_tree, hf_eapol_keydes_key_index_type,
|
||||
tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(key_index_tree, hf_eapol_keydes_key_index_number,
|
||||
tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
offset += 1;
|
||||
proto_tree_add_item(tree, hf_eapol_keydes_key_signature, tvb,
|
||||
offset, 16, ENC_NA);
|
||||
offset += 16;
|
||||
if (eapol_key_len != 0) {
|
||||
/*
|
||||
* Body length of EAPOL-Key message in which we're contained is 1 byte
|
||||
* larger than the reported length of the key descriptor we were handed,
|
||||
* that 1 byte being the Key Descriptor Type.
|
||||
*/
|
||||
eapol_len = 1 + tvb_reported_length(tvb);
|
||||
|
||||
/* IEEE 802.1X-2004 7.6.3.6: If no bytes remain, then */
|
||||
generated_locally = eapol_len <= 44; /* Size of rc4 key with no key content */
|
||||
if (!generated_locally) {
|
||||
proto_tree_add_item(tree, hf_eapol_keydes_key, tvb, offset,
|
||||
eapol_key_len, ENC_NA);
|
||||
}
|
||||
|
||||
proto_tree_add_boolean(tree, hf_eapol_keydes_key_generated_locally, tvb, offset,
|
||||
0, generated_locally);
|
||||
}
|
||||
return tvb_captured_length(tvb);
|
||||
}
|
||||
|
||||
void
|
||||
proto_register_eapol(void)
|
||||
{
|
||||
|
@ -385,6 +239,11 @@ proto_register_eapol(void)
|
|||
FT_UINT8, BASE_DEC, VALS(eapol_keydes_type_vals), 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_keydes_body, {
|
||||
"Key Descriptor Body", "eapol.keydes.body",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_keydes_key_len, {
|
||||
"Key Length", "eapol.keydes.key_len",
|
||||
FT_UINT16, BASE_DEC, NULL, 0x0,
|
||||
|
@ -429,96 +288,10 @@ proto_register_eapol(void)
|
|||
"Key Generated Locally", "eapol.keydes.key.generated_locally",
|
||||
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo, {
|
||||
"Key Information", "eapol.keydes.key_info",
|
||||
FT_UINT16, BASE_HEX, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_keydes_version, {
|
||||
"Key Descriptor Version", "eapol.keydes.key_info.keydes_version",
|
||||
FT_UINT16, BASE_DEC, VALS(keydes_version_vals), KEY_INFO_KEYDES_VERSION_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_key_type, {
|
||||
"Key Type", "eapol.keydes.key_info.key_type",
|
||||
FT_BOOLEAN, 16, TFS(&keyinfo_key_type_tfs), KEY_INFO_KEY_TYPE_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_key_index, {
|
||||
"Key Index", "eapol.keydes.key_info.key_index",
|
||||
FT_UINT16, BASE_DEC, NULL, KEY_INFO_KEY_INDEX_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_install, {
|
||||
"Install", "eapol.keydes.key_info.install",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_INSTALL_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_key_ack, {
|
||||
"Key ACK", "eapol.keydes.key_info.key_ack",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_KEY_ACK_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_key_mic, {
|
||||
"Key MIC", "eapol.keydes.key_info.key_mic",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_KEY_MIC_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_secure, {
|
||||
"Secure", "eapol.keydes.key_info.secure",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_SECURE_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_error, {
|
||||
"Error", "eapol.keydes.key_info.error",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_ERROR_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_request, {
|
||||
"Request", "eapol.keydes.key_info.request",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_REQUEST_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_keyinfo_encrypted_key_data, {
|
||||
"Encrypted Key Data", "eapol.keydes.key_info.encrypted_key_data",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_ENCRYPTED_KEY_DATA_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_nonce, {
|
||||
"WPA Key Nonce", "eapol.keydes.nonce",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_rsc, {
|
||||
"WPA Key RSC", "eapol.keydes.rsc",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_id, {
|
||||
"WPA Key ID", "eapol.keydes.id",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_mic, {
|
||||
"WPA Key MIC", "eapol.keydes.mic",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_data_len, {
|
||||
"WPA Key Data Length", "eapol.keydes.data_len",
|
||||
FT_UINT16, BASE_DEC, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{ &hf_eapol_wpa_keydes_data, {
|
||||
"WPA Key Data", "eapol.keydes.data",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
};
|
||||
|
||||
static gint *ett[] = {
|
||||
&ett_eapol,
|
||||
&ett_eapol_keydes_data,
|
||||
&ett_keyinfo,
|
||||
&ett_eapol_key_index
|
||||
};
|
||||
|
@ -528,11 +301,18 @@ proto_register_eapol(void)
|
|||
|
||||
proto_register_field_array(proto_eapol, hf, array_length(hf));
|
||||
proto_register_subtree_array(ett, array_length(ett));
|
||||
|
||||
eapol_keydes_type_dissector_table = register_dissector_table("eapol.keydes.type",
|
||||
"EAPOL Key Descriptor Type",
|
||||
FT_UINT8,
|
||||
BASE_DEC);
|
||||
}
|
||||
|
||||
void
|
||||
proto_reg_handoff_eapol(void)
|
||||
{
|
||||
dissector_handle_t eapol_rc4_key_handle;
|
||||
|
||||
/*
|
||||
* Get handles for the EAP and raw data dissectors.
|
||||
*/
|
||||
|
@ -541,6 +321,13 @@ proto_reg_handoff_eapol(void)
|
|||
|
||||
dissector_add_uint("ethertype", ETHERTYPE_EAPOL, eapol_handle);
|
||||
dissector_add_uint("ethertype", ETHERTYPE_RSN_PREAUTH, eapol_handle);
|
||||
|
||||
/*
|
||||
* EAPOL key descriptor types.
|
||||
*/
|
||||
eapol_rc4_key_handle = new_create_dissector_handle(dissect_eapol_rc4_key,
|
||||
proto_eapol);
|
||||
dissector_add_uint("eapol.keydes.type", EAPOL_RC4_KEY, eapol_rc4_key_handle);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -103,6 +103,7 @@
|
|||
#include <epan/crypt/wep-wpadefs.h>
|
||||
#include <epan/expert.h>
|
||||
#include <epan/uat.h>
|
||||
#include <epan/eapol_keydes_types.h>
|
||||
|
||||
#include "packet-wps.h"
|
||||
|
||||
|
@ -226,6 +227,10 @@ UAT_CSTRING_CB_DEF(uat_wep_key_records, string, uat_wep_key_record_t)
|
|||
/* Stuff for the WEP decoder */
|
||||
static gboolean enable_decryption = FALSE;
|
||||
|
||||
static void
|
||||
ieee_80211_add_tagged_parameters (tvbuff_t *tvb, int offset, packet_info *pinfo,
|
||||
proto_tree *tree, int tagged_parameters_len, int ftype);
|
||||
|
||||
/* Davide Schiera (2006-11-26): created function to decrypt WEP and WPA/WPA2 */
|
||||
static tvbuff_t *try_decrypt(tvbuff_t *tvb, guint32 offset, guint32 len, guint8 *algorithm, guint32 *sec_header, guint32 *sec_trailer);
|
||||
|
||||
|
@ -15415,7 +15420,7 @@ add_tagged_field(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset
|
|||
return tag_len + 1 + 1;
|
||||
}
|
||||
|
||||
void
|
||||
static void
|
||||
ieee_80211_add_tagged_parameters (tvbuff_t *tvb, int offset, packet_info *pinfo,
|
||||
proto_tree *tree, int tagged_parameters_len, int ftype)
|
||||
{
|
||||
|
@ -17671,6 +17676,205 @@ frame_equal(gconstpointer k1, gconstpointer k2)
|
|||
return frame1==frame2;
|
||||
}
|
||||
|
||||
/*
|
||||
* EAPOL key description dissectors.
|
||||
*/
|
||||
#define KEY_INFO_KEYDES_VERSION_MASK 0x0007
|
||||
#define KEY_INFO_KEY_TYPE_MASK 0x0008
|
||||
#define KEY_INFO_KEY_INDEX_MASK 0x0030
|
||||
#define KEY_INFO_INSTALL_MASK 0x0040
|
||||
#define KEY_INFO_KEY_ACK_MASK 0x0080
|
||||
#define KEY_INFO_KEY_MIC_MASK 0x0100
|
||||
#define KEY_INFO_SECURE_MASK 0x0200
|
||||
#define KEY_INFO_ERROR_MASK 0x0400
|
||||
#define KEY_INFO_REQUEST_MASK 0x0800
|
||||
#define KEY_INFO_ENCRYPTED_KEY_DATA_MASK 0x1000
|
||||
|
||||
#define KEYDES_VER_TYPE1 0x01
|
||||
#define KEYDES_VER_TYPE2 0x02
|
||||
#define KEYDES_VER_TYPE3 0x03
|
||||
|
||||
static const value_string keydes_version_vals[] = {
|
||||
{ KEYDES_VER_TYPE1, "RC4 Cipher, HMAC-MD5 MIC" },
|
||||
{ KEYDES_VER_TYPE2, "AES Cipher, HMAC-SHA1 MIC" },
|
||||
{ KEYDES_VER_TYPE3, "AES Cipher, AES-128-CMAC MIC" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
static int proto_ieee80211i = -1;
|
||||
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_keydes_version = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_key_type = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_key_index = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_install = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_key_ack = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_key_mic = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_secure = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_error = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_request = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_keyinfo_encrypted_key_data = -1;
|
||||
static int hf_ieee80211i_keydes_key_len = -1;
|
||||
static int hf_ieee80211i_keydes_replay_counter = -1;
|
||||
static int hf_ieee80211i_keydes_key_iv = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_nonce = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_rsc = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_id = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_mic = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_data_len = -1;
|
||||
static int hf_ieee80211i_wpa_keydes_data = -1;
|
||||
|
||||
static gint ett_keyinfo = -1;
|
||||
static gint ett_ieee80211i_keydes_data = -1;
|
||||
|
||||
static const true_false_string keyinfo_key_type_tfs = { "Pairwise Key", "Group Key" };
|
||||
|
||||
static int
|
||||
dissect_ieee80211i_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_rsn)
|
||||
{
|
||||
int offset = 0;
|
||||
guint16 keyinfo;
|
||||
guint16 eapol_data_len;
|
||||
proto_tree *keyinfo_item = NULL;
|
||||
proto_tree *keyinfo_tree = NULL;
|
||||
proto_tree *keydes_tree;
|
||||
proto_tree *ti = NULL;
|
||||
guint8 counter;
|
||||
|
||||
/*
|
||||
* 802.11i.
|
||||
*/
|
||||
keyinfo = tvb_get_ntohs(tvb, offset);
|
||||
if (keyinfo & KEY_INFO_REQUEST_MASK) {
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Request)");
|
||||
if (keyinfo & KEY_INFO_ERROR_MASK)
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Request, Error)");
|
||||
} else if (keyinfo & KEY_INFO_KEY_TYPE_MASK) {
|
||||
guint16 masked;
|
||||
masked = keyinfo &
|
||||
(KEY_INFO_INSTALL_MASK | KEY_INFO_KEY_ACK_MASK |
|
||||
KEY_INFO_KEY_MIC_MASK | KEY_INFO_SECURE_MASK);
|
||||
|
||||
if (!is_rsn) {
|
||||
/* WPA */
|
||||
switch (masked) {
|
||||
case KEY_INFO_KEY_ACK_MASK:
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 1 of 4)");
|
||||
break;
|
||||
|
||||
case KEY_INFO_KEY_MIC_MASK:
|
||||
counter = tvb_get_guint8(tvb, offset+11);
|
||||
if (!counter)
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");
|
||||
else
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 4 of 4)");
|
||||
break;
|
||||
|
||||
case (KEY_INFO_INSTALL_MASK | KEY_INFO_KEY_ACK_MASK | KEY_INFO_KEY_MIC_MASK):
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 3 of 4)");
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
/* RSN */
|
||||
switch (masked) {
|
||||
|
||||
case KEY_INFO_KEY_ACK_MASK:
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 1 of 4)");
|
||||
break;
|
||||
|
||||
case KEY_INFO_KEY_MIC_MASK:
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");
|
||||
break;
|
||||
|
||||
case (KEY_INFO_INSTALL_MASK | KEY_INFO_KEY_ACK_MASK | KEY_INFO_KEY_MIC_MASK | KEY_INFO_SECURE_MASK):
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 3 of 4)");
|
||||
break;
|
||||
|
||||
case (KEY_INFO_KEY_MIC_MASK | KEY_INFO_SECURE_MASK):
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 4 of 4)");
|
||||
break;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (keyinfo & KEY_INFO_KEY_ACK_MASK)
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Group Message 1 of 2)");
|
||||
else
|
||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Group Message 2 of 2)");
|
||||
}
|
||||
keyinfo_item =
|
||||
proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_keyinfo, tvb,
|
||||
offset, 2, ENC_BIG_ENDIAN);
|
||||
|
||||
keyinfo_tree = proto_item_add_subtree(keyinfo_item, ett_keyinfo);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_keydes_version, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_key_type, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_key_index, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_install, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_key_ack, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_key_mic, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_secure, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_error, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_request, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
proto_tree_add_item(keyinfo_tree, hf_ieee80211i_wpa_keydes_keyinfo_encrypted_key_data, tvb, offset, 2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
|
||||
proto_tree_add_item(tree, hf_ieee80211i_keydes_key_len, tvb, offset,
|
||||
2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
proto_tree_add_item(tree, hf_ieee80211i_keydes_replay_counter, tvb,
|
||||
offset, 8, ENC_BIG_ENDIAN);
|
||||
offset += 8;
|
||||
proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_nonce, tvb, offset,
|
||||
32, ENC_NA);
|
||||
offset += 32;
|
||||
proto_tree_add_item(tree, hf_ieee80211i_keydes_key_iv, tvb,
|
||||
offset, 16, ENC_NA);
|
||||
offset += 16;
|
||||
proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_rsc, tvb, offset,
|
||||
8, ENC_NA);
|
||||
offset += 8;
|
||||
proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_id, tvb, offset, 8,
|
||||
ENC_NA);
|
||||
offset += 8;
|
||||
proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_mic, tvb, offset,
|
||||
16, ENC_NA);
|
||||
offset += 16;
|
||||
eapol_data_len = tvb_get_ntohs(tvb, offset);
|
||||
proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_data_len, tvb,
|
||||
offset, 2, ENC_BIG_ENDIAN);
|
||||
offset += 2;
|
||||
if (eapol_data_len != 0) {
|
||||
ti = proto_tree_add_item(tree, hf_ieee80211i_wpa_keydes_data,
|
||||
tvb, offset, eapol_data_len, ENC_NA);
|
||||
if ((keyinfo & KEY_INFO_ENCRYPTED_KEY_DATA_MASK) ||
|
||||
!(keyinfo & KEY_INFO_KEY_TYPE_MASK)) {
|
||||
/* RSN: EAPOL-Key Key Data is encrypted.
|
||||
* WPA: Group Keys use encrypted Key Data.
|
||||
* Cannot parse this without knowing the key.
|
||||
* IEEE 802.11i-2004 8.5.2.
|
||||
*/
|
||||
} else {
|
||||
keydes_tree = proto_item_add_subtree(ti, ett_ieee80211i_keydes_data);
|
||||
ieee_80211_add_tagged_parameters(tvb, offset, pinfo, keydes_tree,
|
||||
tvb_reported_length_remaining(tvb, offset),
|
||||
-1);
|
||||
}
|
||||
}
|
||||
return tvb_captured_length(tvb);
|
||||
}
|
||||
|
||||
static int
|
||||
dissect_ieee80211i_wpa_key(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
|
||||
{
|
||||
return dissect_ieee80211i_wpa_or_rsn_key(tvb, pinfo, tree, FALSE);
|
||||
}
|
||||
|
||||
static int
|
||||
dissect_ieee80211i_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
|
||||
{
|
||||
return dissect_ieee80211i_wpa_or_rsn_key(tvb, pinfo, tree, TRUE);
|
||||
}
|
||||
|
||||
/* Davide Schiera (2006-11-26): this function will try to decrypt with WEP or */
|
||||
/* WPA and return a tvb to the caller to add a new tab. It returns the */
|
||||
/* algorithm used for decryption (WEP, TKIP, CCMP) and the header and */
|
||||
|
@ -25716,10 +25920,129 @@ proto_register_ieee80211 (void)
|
|||
wep_uat);
|
||||
}
|
||||
|
||||
void
|
||||
proto_register_ieee80211i (void)
|
||||
{
|
||||
|
||||
static hf_register_info hf[] = {
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo,
|
||||
{"Key Information", "ieee80211i.keydes.key_info",
|
||||
FT_UINT16, BASE_HEX, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_keydes_version,
|
||||
{"Key Descriptor Version", "ieee80211i.keydes.key_info.keydes_version",
|
||||
FT_UINT16, BASE_DEC, VALS(keydes_version_vals), KEY_INFO_KEYDES_VERSION_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_key_type,
|
||||
{"Key Type", "ieee80211i.keydes.key_info.key_type",
|
||||
FT_BOOLEAN, 16, TFS(&keyinfo_key_type_tfs), KEY_INFO_KEY_TYPE_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_key_index,
|
||||
{"Key Index", "ieee80211i.keydes.key_info.key_index",
|
||||
FT_UINT16, BASE_DEC, NULL, KEY_INFO_KEY_INDEX_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_install,
|
||||
{"Install", "ieee80211i.keydes.key_info.install",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_INSTALL_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_key_ack,
|
||||
{"Key ACK", "ieee80211i.keydes.key_info.key_ack",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_KEY_ACK_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_key_mic,
|
||||
{"Key MIC", "ieee80211i.keydes.key_info.key_mic",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_KEY_MIC_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_secure,
|
||||
{"Secure", "ieee80211i.keydes.key_info.secure",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_SECURE_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_error,
|
||||
{"Error", "ieee80211i.keydes.key_info.error",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_ERROR_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_request,
|
||||
{"Request", "ieee80211i.keydes.key_info.request",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_REQUEST_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_keyinfo_encrypted_key_data,
|
||||
{"Encrypted Key Data", "ieee80211i.keydes.key_info.encrypted_key_data",
|
||||
FT_BOOLEAN, 16, TFS(&tfs_set_notset), KEY_INFO_ENCRYPTED_KEY_DATA_MASK,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_keydes_key_len,
|
||||
{"Key Length", "eapol.keydes.key_len",
|
||||
FT_UINT16, BASE_DEC, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_keydes_replay_counter,
|
||||
{"Replay Counter", "eapol.keydes.replay_counter",
|
||||
FT_UINT64, BASE_DEC, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_keydes_key_iv,
|
||||
{"Key IV", "eapol.keydes.key_iv",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_nonce,
|
||||
{"WPA Key Nonce", "ieee80211i.keydes.nonce",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_rsc,
|
||||
{"WPA Key RSC", "ieee80211i.keydes.rsc",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_id,
|
||||
{"WPA Key ID", "ieee80211i.keydes.id",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_mic,
|
||||
{"WPA Key MIC", "ieee80211i.keydes.mic",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_data_len,
|
||||
{"WPA Key Data Length", "ieee80211i.keydes.data_len",
|
||||
FT_UINT16, BASE_DEC, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
|
||||
{&hf_ieee80211i_wpa_keydes_data,
|
||||
{"WPA Key Data", "ieee80211i.keydes.data",
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0,
|
||||
NULL, HFILL }},
|
||||
};
|
||||
|
||||
static gint *tree_array[] = {
|
||||
&ett_keyinfo,
|
||||
&ett_ieee80211i_keydes_data,
|
||||
};
|
||||
|
||||
proto_ieee80211i = proto_register_protocol("IEEE 802.11i MAC Security Enhancements",
|
||||
"IEEE 802.11i", "ieee80211i");
|
||||
proto_register_field_array(proto_ieee80211i, hf, array_length (hf));
|
||||
|
||||
proto_register_subtree_array (tree_array, array_length (tree_array));
|
||||
}
|
||||
|
||||
void
|
||||
proto_reg_handoff_ieee80211(void)
|
||||
{
|
||||
dissector_handle_t data_encap_handle, centrino_handle;
|
||||
dissector_handle_t ieee80211i_wpa_key_handle, ieee80211i_rsn_key_handle;
|
||||
|
||||
/*
|
||||
* Get handles for the LLC, IPX and Ethernet dissectors.
|
||||
|
@ -25764,6 +26087,16 @@ proto_reg_handoff_ieee80211(void)
|
|||
data_encap_handle = create_dissector_handle(dissect_data_encap, proto_wlan);
|
||||
dissector_add_uint("ethertype", ETHERTYPE_IEEE80211_DATA_ENCAP,
|
||||
data_encap_handle);
|
||||
|
||||
/*
|
||||
* EAPOL key descriptor types.
|
||||
*/
|
||||
ieee80211i_wpa_key_handle = new_create_dissector_handle(dissect_ieee80211i_wpa_key,
|
||||
proto_ieee80211i);
|
||||
dissector_add_uint("eapol.keydes.type", EAPOL_WPA_KEY, ieee80211i_wpa_key_handle);
|
||||
ieee80211i_rsn_key_handle = new_create_dissector_handle(dissect_ieee80211i_rsn_key,
|
||||
proto_ieee80211i);
|
||||
dissector_add_uint("eapol.keydes.type", EAPOL_RSN_KEY, ieee80211i_rsn_key_handle);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -38,9 +38,6 @@ void capture_prism(const guchar *, int, int, packet_counts *);
|
|||
WS_DLL_PUBLIC
|
||||
void capture_wlancap(const guchar *, int, int, packet_counts *);
|
||||
|
||||
void ieee_80211_add_tagged_parameters (tvbuff_t * tvb, int offset,
|
||||
packet_info * pinfo, proto_tree * tree, int tagged_parameters_len, int ftype);
|
||||
|
||||
void dissect_wifi_p2p_ie(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb,
|
||||
int offset, gint size);
|
||||
int dissect_wifi_p2p_public_action(packet_info *pinfo, proto_tree *tree,
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
/* eapol_keydes_types.h
|
||||
* Declarations of EAPOL Key Descriptor types
|
||||
*
|
||||
* Wireshark - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@wireshark.org>
|
||||
* Copyright 1998 Gerald Combs
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#ifndef __EAPOL_KEYDES_TYPES_H__
|
||||
#define __EAPOL_KEYDES_TYPES_H__
|
||||
|
||||
#define EAPOL_RC4_KEY 1 /* RC4 - deprecated */
|
||||
#define EAPOL_RSN_KEY 2 /* 802.11i - "work in progress" */
|
||||
#define EAPOL_WPA_KEY 254
|
||||
|
||||
#endif /* __EAPOL_KEYDES_TYPES_H__ */
|
Loading…
Reference in New Issue