3 * $Id: packet-tripe.c,v 1.1 2003/10/15 09:30:19 mdw Exp $
5 * TrIPE protocol dissector for Ethereal
7 * (c) 2003 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Trivial IP Encryption (TrIPE).
14 * TrIPE is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * TrIPE is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with TrIPE; if not, write to the Free Software Foundation,
26 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 /*----- Revision history --------------------------------------------------*
31 * $Log: packet-tripe.c,v $
32 * Revision 1.1 2003/10/15 09:30:19 mdw
33 * Add support for Ethereal protocol analysis.
37 /*----- Header files ------------------------------------------------------*/
45 #include <netinet/in.h>
49 #include <epan/packet.h>
51 #ifdef ETHEREAL_BUGGERED
52 # define plugin_address_table_t void
53 # define plugin_address_table_init(x)
55 # include <plugins/plugin_api.h>
58 #include "tripe-protocol.h"
60 /*----- Static variables --------------------------------------------------*/
62 static int proto_tripe
= -1;
64 typedef struct hfmp
{ int hf
, hf_len
, hf_val
, tt
; } hfmp
;
66 static int hf_tripe_cat
= -1;
67 static int hf_tripe_packet_type
= -1;
68 static int hf_tripe_ct
= -1;
69 static int hf_tripe_ct_seq
= -1;
70 static int hf_tripe_ct_iv
= -1;
71 static int hf_tripe_ct_cbc
= -1;
72 static int hf_tripe_ct_mac
= -1;
73 static int hf_tripe_kx_type
= -1;
74 static hfmp hf_tripe_kx_mychal
= { -1, -1, -1, -1 };
75 static int hf_tripe_kx_mycookie
= -1;
76 static int hf_tripe_kx_yourcookie
= -1;
77 static hfmp hf_tripe_kx_check
= { -1, -1, -1, -1 };
78 static int hf_tripe_huh
= -1;
80 static int tt_tripe
= -1;
81 static int tt_tripe_ct
= -1;
83 G_MODULE_EXPORT
const gchar version
[] = VERSION
;
85 /*----- Main code ---------------------------------------------------------*/
87 static gint
gethash(proto_tree
*tt
, int hf
, tvbuff_t
*b
, gint off
)
89 proto_tree_add_item(tt
, hf
, b
, off
, 20, FALSE
);
93 static gint
getmp(proto_tree
*tt
, const hfmp
*hf
, tvbuff_t
*b
, gint off
)
95 guint16 len
= tvb_get_ntohs(b
, off
);
96 proto_item
*ti
= proto_tree_add_item(tt
, hf
->hf
, b
, off
, len
+ 2, FALSE
);
97 tt
= proto_item_add_subtree(ti
, hf
->tt
);
98 proto_tree_add_item(tt
, hf
->hf_len
, b
, off
, 2, FALSE
);
99 proto_tree_add_item(tt
, hf
->hf_val
, b
, off
+ 2, len
, FALSE
);
100 return (off
+ 2 + len
);
103 static void dissect_tripe(tvbuff_t
*b
, packet_info
*p
, proto_tree
*t
)
108 gint off
= tvb_raw_offset(b
);
111 /* --- Initialize the summary cells --- */
113 if (check_col(p
->cinfo
, COL_PROTOCOL
))
114 col_set_str(p
->cinfo
, COL_PROTOCOL
, "TrIPE");
115 ty
= tvb_get_guint8(b
, 0);
116 if (check_col(p
->cinfo
, COL_INFO
)) {
117 col_clear(p
->cinfo
, COL_INFO
);
118 switch (ty
& MSG_CATMASK
) {
120 switch (ty
& MSG_TYPEMASK
) {
122 col_set_str(p
->cinfo
, COL_INFO
, "Packet data");
125 col_add_fstr(p
->cinfo
, COL_INFO
,
126 "Packet data, unknown type code %u",
132 switch (ty
& MSG_TYPEMASK
) {
134 col_set_str(p
->cinfo
, COL_INFO
, "Key exchange, prechallenge");
137 col_set_str(p
->cinfo
, COL_INFO
, "Key exchange, cookie");
140 col_set_str(p
->cinfo
, COL_INFO
, "Key exchange, challenge");
143 col_set_str(p
->cinfo
, COL_INFO
, "Key exchange, reply");
146 col_set_str(p
->cinfo
, COL_INFO
, "Key exchange, switch request");
149 col_set_str(p
->cinfo
, COL_INFO
, "Key exchange, switch response");
152 col_add_fstr(p
->cinfo
, COL_INFO
,
153 "Key exchange, unknown type code %u",
159 col_add_fstr(p
->cinfo
, COL_INFO
,
160 "Unknown category code %u, unknown type code %u",
161 ty
& MSG_CATMASK
, ty
& MSG_TYPEMASK
);
166 /* --- Fill in the tree --- */
169 ti
= proto_tree_add_item(t
, proto_tripe
, b
, 0, -1, FALSE
);
170 tt
= proto_item_add_subtree(ti
, tt_tripe
);
172 proto_tree_add_item(tt
, hf_tripe_cat
, b
, 0, 1, FALSE
);
175 switch (ty
& MSG_CATMASK
) {
177 proto_tree_add_item(tt
, hf_tripe_packet_type
, b
, 0, 1, FALSE
);
178 switch (ty
& MSG_TYPEMASK
) {
186 proto_tree_add_item(tt
, hf_tripe_kx_type
, b
, 0, 1, FALSE
);
187 switch (ty
& MSG_TYPEMASK
) {
189 off
= getmp(tt
, &hf_tripe_kx_mychal
, b
, off
);
192 off
= getmp(tt
, &hf_tripe_kx_mychal
, b
, off
);
193 off
= gethash(tt
, hf_tripe_kx_yourcookie
, b
, off
);
196 off
= getmp(tt
, &hf_tripe_kx_mychal
, b
, off
);
197 off
= gethash(tt
, hf_tripe_kx_yourcookie
, b
, off
);
198 off
= getmp(tt
, &hf_tripe_kx_check
, b
, off
);
201 off
= gethash(tt
, hf_tripe_kx_mycookie
, b
, off
);
202 off
= gethash(tt
, hf_tripe_kx_yourcookie
, b
, off
);
203 off
= getmp(tt
, &hf_tripe_kx_check
, b
, off
);
206 off
= gethash(tt
, hf_tripe_kx_mycookie
, b
, off
);
207 off
= gethash(tt
, hf_tripe_kx_yourcookie
, b
, off
);
219 if (tvb_offset_exists(b
, off
))
223 proto_tree_add_item(tt
, hf_tripe_huh
, b
, off
, -1, FALSE
);
226 ti
= proto_tree_add_item(tt
, hf_tripe_ct
, b
, off
, -1, FALSE
);
227 seq
= tvb_get_ntohl(b
, off
+ 10);
228 proto_item_set_text(ti
, "Encrypted ciphertext (sequence number %lu)",
230 tt
= proto_item_add_subtree(ti
, tt_tripe_ct
);
231 proto_tree_add_item(tt
, hf_tripe_ct_mac
, b
, off
, 10, FALSE
);
233 proto_tree_add_item(tt
, hf_tripe_ct_seq
, b
, off
, 4, FALSE
);
235 proto_tree_add_item(tt
, hf_tripe_ct_iv
, b
, off
, 8, FALSE
);
237 proto_tree_add_item(ti
, hf_tripe_ct_cbc
, b
, off
, -1, FALSE
);
243 void proto_register_tripe(void)
245 static value_string vs_kxtype
[] = {
246 { KX_PRECHAL
, "KX_PRECHAL (prechallenge)" },
247 { KX_COOKIE
, "KX_COOKIE (cookie)" },
248 { KX_CHAL
, "KX_CHAL (challenge)" },
249 { KX_REPLY
, "KX_REPLY (reply)" },
250 { KX_SWITCH
, "KX_SWITCH (switch request)" },
251 { KX_SWITCHOK
, "KX_SWITCHOK (switch response)" },
255 static hf_register_info hfs
[] = {
257 "Message category", "tripe.cat",
258 FT_UINT8
, BASE_HEX
, 0, MSG_CATMASK
260 &hf_tripe_packet_type
, {
261 "Packet message type", "tripe.packet.type",
262 FT_UINT8
, BASE_HEX
, 0, MSG_TYPEMASK
,
263 "This is the TrIPE packet type subcode."
266 "Encrypted ciphertext", "tripe.ct",
267 FT_BYTES
, BASE_NONE
, 0, 0,
268 "This is an encrypted message."
271 "Ciphertext sequence number", "tripe.ct.seq",
272 FT_UINT32
, BASE_DEC
, 0, 0,
273 "This is the unique sequence number for the ciphertext."
276 "Ciphertext initialization vector", "tripe.ct.iv",
277 FT_BYTES
, BASE_NONE
, 0, 0,
278 "This is the initialization vector used for the actual encryption."
281 "CBC-encrypted data", "tripe.ct.cbc",
282 FT_BYTES
, BASE_NONE
, 0, 0,
283 "This is the CBC-encrypted message. Reading it ought to be hard."
286 "Message authentication code", "tripe.ct.mac",
287 FT_BYTES
, BASE_NONE
, 0, 0,
288 "This is the message authentication code for the ciphertext."
291 "Key-exchange message type", "tripe.kx.type",
292 FT_UINT8
, BASE_HEX
, vs_kxtype
, MSG_TYPEMASK
,
293 "This is the TrIPE key-exchange type subcode."
295 &hf_tripe_kx_mychal
.hf
, {
296 "Sender's challenge data", "tripe.kx.mychal",
297 FT_BYTES
, BASE_NONE
, 0, 0,
298 "This is the sender's challenge value."
300 &hf_tripe_kx_mychal
.hf_len
, {
301 "Challenge length", "tripe.kx.mychal.len",
302 FT_UINT16
, BASE_DEC
, 0, 0,
303 "This is the length of the sender's challenge value."
305 &hf_tripe_kx_mychal
.hf_val
, {
306 "Challenge value", "tripe.kx.mychal.val",
307 FT_BYTES
, BASE_NONE
, 0, 0,
308 "This is the value of the sender's challenge value."
310 &hf_tripe_kx_mycookie
, {
311 "Sender's hashed cookie", "tripe.kx.mycookie",
312 FT_BYTES
, BASE_NONE
, 0, 0,
313 "This is the hash of the sender's challenge."
315 &hf_tripe_kx_yourcookie
, {
316 "Recipient's hashed cookie", "tripe.kx.yourcookie",
317 FT_BYTES
, BASE_NONE
, 0, 0,
318 "This is the hash of the recipient's challenge."
320 &hf_tripe_kx_check
.hf
, {
321 "Challenge check-value", "tripe.kx.check",
322 FT_BYTES
, BASE_NONE
, 0, 0,
323 "This is an encrypted check-value which proves that the sender "
324 "knows the answer to the challenge, and that it is therefore honest."
326 &hf_tripe_kx_check
.hf_len
, {
327 "Check-value length", "tripe.kx.check.len",
328 FT_UINT16
, BASE_DEC
, 0, 0,
329 "This is the length of the encrypted check-value."
331 &hf_tripe_kx_check
.hf_val
, {
332 "Check-value data", "tripe.kx.check.val",
333 FT_BYTES
, BASE_NONE
, 0, 0,
334 "This is the actual encrypted check-value."
337 "Unknown data", "tripe.huh",
338 FT_BYTES
, BASE_NONE
, 0, 0,
339 "I don't know what's meant to appear here."
343 static gint
*tts
[] = {
346 &hf_tripe_kx_mychal
.tt
,
347 &hf_tripe_kx_check
.tt
,
350 proto_tripe
= proto_register_protocol("TrIPE", "TrIPE", "tripe");
351 proto_register_field_array(proto_tripe
, hfs
, array_length(hfs
));
352 proto_register_subtree_array(tts
, array_length(tts
));
355 void proto_reg_handoff_tripe(void)
357 dissector_handle_t dh
;
359 dh
= create_dissector_handle(dissect_tripe
, proto_tripe
);
360 dissector_add("udp.port", 22003, dh
);
363 G_MODULE_EXPORT
void plugin_reg_handoff(void)
365 proto_reg_handoff_tripe();
368 G_MODULE_EXPORT
void plugin_init(plugin_address_table_t
*pat
)
370 plugin_address_table_init(pat
);
371 if (proto_tripe
== -1)
372 proto_register_tripe();
375 /*----- That's all, folks -------------------------------------------------*/