osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

DTN: updated dissection of confidentiality and integrity blocks 

Bug: 15137
Change-Id: I544c46030bfb74caa64c82f88b41f9d2a3c3d7de
Reviewed-on: https://code.wireshark.org/review/29695
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Patricia Lindner 2018-09-17 09:22:32 -04:00 committed by Anders Broman
parent 1a63f1ca9b
commit 8365012ea5
2 changed files with 265 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

276
epan/dissectors/packet-dtn.c
View File

@ -192,7 +192,6 @@ static int hf_block_control_block_cteb_creator_custodian_eid = -1;
/* Non-Primary Block Type Code Variable */
static int hf_bundle_block_type_code = -1;
static int hf_bundle_age_extension_block_code = -1;
static int hf_bundle_unprocessed_block_data = -1;
/* ECOS Flag Variables */
@ -236,6 +235,27 @@ static int hf_bundle_custody_signal_reason = -1;
static int hf_bundle_custody_id_range_start = -1;
static int hf_bundle_custody_id_range_end = -1;
static int hf_bundle_age_extension_block_code = -1;
static int hf_bundle_block_previous_hop_scheme = -1;
static int hf_bundle_block_previous_hop_eid = -1;
/* Security Block Variables */
static int hf_bundle_target_block_type = -1;
static int hf_bundle_target_block_occurance = -1;
static int hf_bundle_ciphersuite_type = -1;
static int hf_bundle_ciphersuite_flags = -1;
static int hf_block_ciphersuite_params = -1;
static int hf_block_ciphersuite_params_length = -1;
static int hf_block_ciphersuite_params_item_length = -1;
static int hf_block_ciphersuite_param_type = -1;
static int hf_block_ciphersuite_param_data = -1;
static int hf_block_ciphersuite_result_length = -1;
static int hf_block_ciphersuite_result_item_length = -1;
static int hf_block_ciphersuite_result_type = -1;
static int hf_block_ciphersuite_result_data = -1;
static int hf_block_ciphersuite_range_offset = -1;
static int hf_block_ciphersuite_range_length = -1;
/* Tree Node Variables */
static gint ett_bundle = -1;
static gint ett_conv_flags = -1;
@ -254,13 +274,13 @@ static gint ett_contact_hdr_flags = -1;
static gint ett_admin_record = -1;
static gint ett_admin_rec_status = -1;
static gint ett_metadata_hdr = -1;
static gint ett_sec_block_param_data = -1;
static gint ett_tcp_conv = -1;
static gint ett_tcp_conv_hdr = -1;
static gint ett_msg_fragment = -1;
static gint ett_msg_fragments = -1;
static expert_field ei_bundle_payload_length = EI_INIT;
static expert_field ei_bundle_control_flags_length = EI_INIT;
static expert_field ei_bundle_block_control_flags = EI_INIT;
@ -350,8 +370,8 @@ static const value_string status_report_reason_codes[] = {
static const value_string bundle_block_type_codes[] = {
{0x01, "Bundle Payload Block"},
{0x02, "Bundle Authentication Block"},
{0x03, "Bundle Integrity Block"},
{0x04, "Bundle Confidentiality Block"},
{0x03, "Block Integrity Block"},
{0x04, "Block Confidentiality Block"},
{0x05, "Previous-Hop Insertion Block"},
{0x08, "Metadata Extension Block"},
{0x09, "Extension Security Block"},
@ -369,6 +389,28 @@ static const value_string cosflags_priority_vals[] = {
{0, NULL}
};
static const value_string ciphersuite_types[] = {
{0x01, "HMAC_SHA1"},
{0x05, "HMAC_SHA256"},
{0x06, "ARC4_AES128"},
{0xD1, "HMAC_SHA384"},
{0xD2, "ECDSA_SHA256"},
{0xD3, "ECDSA_SHA384"},
{0xD4, "SHA256_AES128"},
{0xD5, "SHA384_AES256"},
{0, NULL}
};
static const value_string res_params_types[] = {
{0x01, "Initialization Vector"},
{0x03, "Key Information"},
{0x04, "Content Range"},
{0x05, "Integrity Signature"},
{0x07, "Salt"},
{0x08, "BCB Integrity Check Value"},
{0, NULL}
};
/*
* SDNV has a zero in high-order bit position of last byte. The high-order
* bit of all preceding bytes is set to one. This returns the numeric value
@ -1188,8 +1230,7 @@ dissect_payload_header(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, int
return offset;
}
} else {
proto_tree_add_string(payload_block_tree, hf_bundle_payload_data, tvb, offset, payload_length,
wmem_strdup_printf(wmem_packet_scope(), "<%d bytes>",payload_length));
proto_tree_add_item(payload_block_tree, hf_bundle_payload_data, tvb, offset, payload_length, ENC_ASCII);
offset += payload_length;
}
@ -1578,9 +1619,6 @@ display_extension_block(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, int
switch (type)
{
case BUNDLE_BLOCK_TYPE_AUTHENTICATION:
case BUNDLE_BLOCK_TYPE_INTEGRITY:
case BUNDLE_BLOCK_TYPE_CONFIDENTIALITY:
case BUNDLE_BLOCK_TYPE_PREVIOUS_HOP_INSERT:
case BUNDLE_BLOCK_TYPE_METADATA_EXTENSION:
case BUNDLE_BLOCK_TYPE_EXTENSION_SECURITY:
{
@ -1589,13 +1627,150 @@ display_extension_block(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, int
offset += block_length;
break;
}
case BUNDLE_BLOCK_TYPE_BUNDLE_AGE_EXTENSION:
case BUNDLE_BLOCK_TYPE_BUNDLE_AGE:
{
bundle_age = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(block_tree, hf_bundle_age_extension_block_code, tvb, offset, sdnv_length, bundle_age/1000000);
offset += block_length;
break;
}
case BUNDLE_BLOCK_TYPE_PREVIOUS_HOP_INSERT:
{
int scheme_length;
proto_tree_add_item_ret_length(block_tree, hf_bundle_block_previous_hop_scheme, tvb, offset, 4, ENC_ASCII, &scheme_length);
offset += scheme_length;
proto_tree_add_item(block_tree, hf_bundle_block_previous_hop_eid, tvb, offset, block_length-scheme_length, ENC_ASCII|ENC_NA);
offset += block_length - scheme_length;
break;
}
case BUNDLE_BLOCK_TYPE_INTEGRITY:
case BUNDLE_BLOCK_TYPE_CONFIDENTIALITY:
{
int target_block_type;
int target_block_occurance;
int ciphersuite_type;
unsigned int ciphersuite_flags;
target_block_type = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(block_tree, hf_bundle_target_block_type, tvb, offset, sdnv_length, target_block_type);
offset += sdnv_length;
target_block_occurance = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(block_tree, hf_bundle_target_block_occurance, tvb, offset, sdnv_length, target_block_occurance);
offset += sdnv_length;
ciphersuite_type = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(block_tree, hf_bundle_ciphersuite_type, tvb, offset, sdnv_length, ciphersuite_type);
offset += sdnv_length;
ciphersuite_flags = (unsigned int)evaluate_sdnv(tvb, offset, &sdnv_length);
block_flag_item = proto_tree_add_uint(block_tree, hf_bundle_ciphersuite_flags, tvb, offset, sdnv_length, ciphersuite_flags);
block_flag_tree = proto_item_add_subtree(block_flag_item, ett_block_flags);
proto_tree_add_boolean(block_flag_tree, hf_block_ciphersuite_params, tvb, offset, sdnv_length, ciphersuite_flags);
offset += sdnv_length;
int range_offset;
int range_length;
if (ciphersuite_flags & BLOCK_CIPHERSUITE_PARAMS) {
/* Decode cipher suite parameters */
int params_length;
int param_type;
int item_length;
proto_tree *param_tree;
params_length = evaluate_sdnv(tvb, offset, &sdnv_length);
param_tree = proto_tree_add_subtree(block_tree, tvb, offset, params_length+1, ett_sec_block_param_data, NULL, "Ciphersuite Parameters Data");
proto_tree_add_int(param_tree, hf_block_ciphersuite_params_length, tvb, offset, sdnv_length, params_length);
offset += sdnv_length;
for(int i = 0; i < params_length; i+=item_length+2)
{
param_type = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(param_tree, hf_block_ciphersuite_param_type, tvb, offset, sdnv_length, param_type);
offset += sdnv_length;
item_length = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(param_tree, hf_block_ciphersuite_params_item_length, tvb, offset, sdnv_length, item_length);
offset += sdnv_length;
//display item data
switch (param_type)
{
case 1:
case 3:
case 5:
case 7:
case 8:
proto_tree_add_item(param_tree, hf_block_ciphersuite_param_data, tvb, offset, item_length, ENC_NA);
offset += item_length;
break;
case 4:
//pair of sdnvs offset and length
range_offset = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(param_tree, hf_block_ciphersuite_range_offset, tvb, offset, sdnv_length, range_offset);
offset += sdnv_length;
range_length = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(param_tree, hf_block_ciphersuite_range_length, tvb, offset, sdnv_length, range_length);
offset += sdnv_length;
break;
default:
break;
}
}
}
/* Decode cipher suite results */
int result_length;
int result_type;
int result_item_length;
proto_tree *result_tree;
result_length = evaluate_sdnv(tvb, offset, &sdnv_length);
result_tree = proto_tree_add_subtree(block_tree, tvb, offset, result_length+1, ett_sec_block_param_data, NULL, "Security Results Data");
proto_tree_add_int(result_tree, hf_block_ciphersuite_result_length, tvb, offset, sdnv_length, result_length);
offset += sdnv_length;
for(int i = 0; i < result_length; i+=result_item_length+2)
{
result_type = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(result_tree, hf_block_ciphersuite_result_type, tvb, offset, sdnv_length, result_type);
offset += sdnv_length;
result_item_length = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(result_tree, hf_block_ciphersuite_result_item_length, tvb, offset, sdnv_length, result_item_length);
offset += sdnv_length;
//display item data
switch (result_type)
{
case 1:
case 3:
case 5:
case 7:
case 8:
proto_tree_add_item(result_tree, hf_block_ciphersuite_result_data, tvb, offset, result_item_length, ENC_NA);
offset += result_item_length;
break;
case 4:
//pair of sdnvs offset and length
range_offset = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(result_tree, hf_block_ciphersuite_range_offset, tvb, offset, sdnv_length, range_offset);
offset += sdnv_length;
range_length = evaluate_sdnv(tvb, offset, &sdnv_length);
proto_tree_add_int(result_tree, hf_block_ciphersuite_range_length, tvb, offset, sdnv_length, range_length);
offset += sdnv_length;
break;
default:
break;
}
}
break;
}
case BUNDLE_BLOCK_TYPE_CUSTODY_TRANSFER:
{
int custody_id;
@ -2340,6 +2515,7 @@ dissect_bundle(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _
col_clear(pinfo->cinfo,COL_INFO);
ti_bundle_protocol = proto_tree_add_item(tree, proto_bundle, tvb, offset, -1, ENC_NA);
bundle_tree = proto_item_add_subtree(ti_bundle_protocol, ett_bundle);
primary_tree = proto_tree_add_subtree(bundle_tree, tvb, offset, -1, ett_primary_hdr, &ti, "Primary Bundle Header");
@ -2853,10 +3029,6 @@ proto_register_bundle(void)
{"Block Type Code", "bundle.block_type_code",
FT_UINT8, BASE_DEC, VALS(bundle_block_type_codes), 0x0, NULL, HFILL}
},
{&hf_bundle_age_extension_block_code,
{"Bundle Age in seconds", "bundle.age_extension_block_code",
FT_INT32, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_unprocessed_block_data,
{"Block Data", "bundle.block_data",
FT_STRINGZPAD, BASE_NONE, NULL, 0x0, NULL, HFILL}
@ -2889,6 +3061,78 @@ proto_register_bundle(void)
{"ECOS Ordinal", "bundle.block.ecos.ordinal",
FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_age_extension_block_code,
{"Bundle Age in seconds", "bundle.age_extension_block_code",
FT_INT32, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_block_previous_hop_scheme,
{"Previous Hop Secheme", "bundle.block.previous_hop_scheme",
FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_block_previous_hop_eid,
{"Previous Hop EID", "bundle.block.previous_hop_eid",
FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_target_block_type,
{"Target Block Type", "bundle.target_block_type",
FT_INT32, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_target_block_occurance,
{"Target Block Occurance", "bundle.target_block_occurance",
FT_INT32, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_bundle_ciphersuite_type,
{"Ciphersuite Type", "bundle.ciphersuite_type",
FT_INT32, BASE_DEC, VALS(ciphersuite_types), 0x0, NULL, HFILL}
},
{&hf_bundle_ciphersuite_flags,
{"Ciphersuite Flags", "bundle.ciphersuite_flags",
FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_params,
{"Block Contains Ciphersuite Parameters", "bundle.block.ciphersuite_params",
FT_BOOLEAN, 8, NULL, BLOCK_CIPHERSUITE_PARAMS, NULL, HFILL}
},
{&hf_block_ciphersuite_params_length,
{"Ciphersuite Parameters Length", "bundle.block.ciphersuite_params_length",
FT_INT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_params_item_length,
{"Parameter Length", "bundle.block.ciphersuite_params_item_length",
FT_INT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_param_type,
{"Ciphersuite Parameter Type", "bundle.block.ciphersuite_param_type",
FT_INT8, BASE_DEC, VALS(res_params_types), 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_param_data,
{"Ciphersuite Parameter Data", "bundle.block.ciphersuite_param_data",
FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_result_length,
{"Security Results Length", "bundle.block.ciphersuite_result_length",
FT_INT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_result_item_length,
{"Security Result Item Length", "bundle.block.ciphersuite_result_item_length",
FT_INT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_result_type,
{"Security Result Item Type", "bundle.block.ciphersuite_result_type",
FT_INT8, BASE_DEC, VALS(res_params_types), 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_result_data,
{"Security Result Item Data", "bundle.block.ciphersuite_result_data",
FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_range_offset,
{"Content Range Offset", "bundle.block.ciphersuite_range_offset",
FT_INT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
{&hf_block_ciphersuite_range_length,
{"Content Range Length", "bundle.block.ciphersuite_range_length",
FT_INT8, BASE_DEC, NULL, 0x0, NULL, HFILL}
},
};
static hf_register_info hf_tcpcl[] = {
@ -2991,7 +3235,8 @@ proto_register_bundle(void)
&ett_shutdown_flags,
&ett_admin_record,
&ett_admin_rec_status,
&ett_metadata_hdr
&ett_metadata_hdr,
&ett_sec_block_param_data
};
static gint *ett_tcpcl[] = {
@ -3059,6 +3304,7 @@ proto_register_bundle(void)
reassembly_table_register(&msg_reassembly_table,
&addresses_reassembly_table_functions);
}
void

5
epan/dissectors/packet-dtn.h
View File

@ -89,7 +89,7 @@
#define BUNDLE_BLOCK_TYPE_EXTENSION_SECURITY 0x09 /* RFC6257 */
#define BUNDLE_BLOCK_TYPE_CUSTODY_TRANSFER 0x0a /* http://bioserve.colorado.edu/bp-acs/ */
#define BUNDLE_BLOCK_TYPE_EXTENDED_COS 0x13 /* http://tools.ietf.org/html/draft-irtf-dtnrg-ecos-02 */
#define BUNDLE_BLOCK_TYPE_BUNDLE_AGE_EXTENSION 0x14 /* ION NASA specific */
#define BUNDLE_BLOCK_TYPE_BUNDLE_AGE 0x14 /* https://tools.ietf.org/html/draft-irtf-dtnrg-bundle-age-block-01 */
/* Payload Header Processing Flags */
#define PAYLOAD_PROCFLAGS_REPLICATE_MASK 0x01
@ -135,6 +135,9 @@
#define ECOS_FLAGS_FLOWLABEL 0x04
#define ECOS_FLAGS_RELIABLE 0x08
/* Ciphersuite Flags */
#define BLOCK_CIPHERSUITE_PARAMS 0x01
#define DTN_SCHEME_STR "dtn"
#define IPN_SCHEME_STR "ipn"