X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/3949f61cb6a890cbf6cfa08ee285276921f544cb..ab6f1b0d12478b8fe266e3dacc3de7121df29066:/wireshark/tripe.lua diff --git a/wireshark/tripe.lua b/wireshark/tripe.lua index fcc948d2..a3544e9d 100644 --- a/wireshark/tripe.lua +++ b/wireshark/tripe.lua @@ -9,19 +9,18 @@ --- --- This file is part of Trivial IP Encryption (TrIPE). --- ---- TrIPE is free software; you can redistribute it and/or modify ---- it under the terms of the GNU General Public License as published by ---- the Free Software Foundation; either version 2 of the License, or ---- (at your option) any later version. +--- TrIPE is free software: you can redistribute it and/or modify it under +--- the terms of the GNU General Public License as published by the Free +--- Software Foundation; either version 3 of the License, or (at your +--- option) any later version. --- ---- TrIPE is distributed in the hope that it will be useful, ---- but WITHOUT ANY WARRANTY; without even the implied warranty of ---- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ---- GNU General Public License for more details. +--- TrIPE is distributed in the hope that it will be useful, but WITHOUT +--- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +--- FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +--- for more details. --- --- You should have received a copy of the GNU General Public License ---- along with TrIPE; if not, write to the Free Software Foundation, ---- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +--- along with TrIPE. If not, see . local tripe = Proto("tripe", "TrIPE VPN") @@ -58,7 +57,7 @@ local CONFIG = { -- order. { var = "bulk", name = "Bulk transform", - type = "enum", allowed = { "v0", "iiv", "naclbox" }, + type = "enum", allowed = { "v0", "iiv", "naclbox", "aead" }, descr = "Bulk cryptographic transform", default = "v0" }, { var = "hashsz", name = "Hash length", type = "int", min = 0, descr = "Hash length (bytes)", default = 20 }, @@ -185,6 +184,11 @@ end -- Dissect a ciphertext of some particular kind. local dissect_ct = { } +function dissect_ct.aead(buf, tree, pos, sz) + tree:add(PF["tripe.ciphertext.tag"], buf(pos, C.tagsz)); pos = pos + C.tagsz + tree:add(PF["tripe.ciphertext.seq"], buf(pos, 4)); pos = pos + 4 + tree:add(PF["tripe.ciphertext.body"], buf(pos, sz - pos)) +end function dissect_ct.naclbox(buf, tree, pos, sz) tree:add(PF["tripe.ciphertext.tag"], buf(pos, 16)); pos = pos + 16 tree:add(PF["tripe.ciphertext.seq"], buf(pos, 4)); pos = pos + 4 @@ -208,7 +212,7 @@ local function dissect_ciphertext(buf, tree, label, pos, sz) local t = tree:add(PF[label], buf(pos, sz - pos)) dissect_ct[C.bulk](buf, t, pos, sz) - return pos + return sz end local function dissect_packet(buf, tree, pos, sz) @@ -290,6 +294,37 @@ local function dissect_misc_ciphertext(buf, tree, pos, sz) return dissect_ciphertext(buf, tree, "tripe.misc.ciphertext", pos, sz) end +local function dissect_chal(buf, tree, label, pos, sz) + local len = buf(pos, 2):uint() + local t = tree:add(PF[label], buf(pos, len + 2)) + t:add(PF["tripe.chal.len"], buf(pos, 2)); pos = pos + 2 + t:add(PF["tripe.chal.sequence"], buf(pos, 4)); pos = pos + 4; len = len - 4 + t:add(PF["tripe.chal.tag"], buf(pos, len)) + return pos + len +end + +local function dissect_my_chal(buf, tree, pos, sz) + return dissect_chal(buf, tree, "tripe.knock.mychal", pos, sz) +end + +local function dissect_your_chal(buf, tree, pos, sz) + return dissect_chal(buf, tree, "tripe.knock.yourchal", pos, sz) +end + +local function dissect_keyid(buf, tree, pos, sz) + tree:add(PF["tripe.knock.keyid"], buf(pos, 4)) + return pos + 4 +end + +local function dissect_ies(buf, tree, pos, sz) + local len = buf(pos, 2):uint() + local lim = pos + len + 2 + local t = tree:add(PF["tripe.knock.ies"], buf(pos, len + 2)) + t:add(PF["tripe.ies.len"], buf(pos, 2)); pos = pos + 2 + pos = dissect_ge[C.kx](buf, t, pos, sz) + return dissect_ciphertext(buf, t, "tripe.ies.ciphertext", pos, lim) +end + ----------------------------------------------------------------------------- --- The protocol information table. @@ -346,6 +381,19 @@ local PKTINFO = { dissect_switch } }, [4] = { label = "KX_SWITCHOK", info = "switch-ok", dissect = { dissect_switchok } }, + [5] = { label = "KX_TOKENRQ", info = "token-rq", + dissect = { dissect_my_chal, + dissect_keyid, + dissect_ies } }, + [6] = { label = "KX_TOKEN", info = "token", + dissect = { dissect_your_chal, + dissect_my_chal, + dissect_ies } }, + [7] = { label = "KX_KNOCK", info = "knock", + dissect = { dissect_your_chal, + dissect_keyid, + dissect_ies, + dissect_my_challenge } } } }, @@ -365,6 +413,8 @@ local PKTINFO = { dissect = { dissect_misc_ciphertext } }, [5] = { label = "MISC_GREET", info = "greeting", dissect = { dissect_misc_payload } }, + [6] = { label = "MISC_BYE", info = "disconnect notification", + dissect = { dissect_misc_ciphertext } }, } } } @@ -416,6 +466,40 @@ do ["tripe.packet.payload"] = { name = "Encrypted packet", type = ftypes.NONE }, + ["tripe.knock.keyid"] = { + name = "Short key indicator", type = ftypes.UINT32, base = base.HEX + }, + ["tripe.knock.mychal"] = { + name = "Sender's one-time challenge", type = ftypes.NONE + }, + ["tripe.knock.yourchal"] = { + name = "Recipient's one-time challenge", type = ftypes.NONE + }, + ["tripe.chal.len"] = { + name = "Challenge length", type = ftypes.UINT16, base = base.DEC + }, + ["tripe.chal.sequence"] = { + name = "Challenge sequence number", + type = ftypes.UINT32, base = base.DEC + }, + ["tripe.chal.tag"] = { + name = "Challenge tag", type = ftypes.BYTES, base = base.SPACE + }, + ["tripe.knock.ies"] = { + name = "Encrypted message", type = ftypes.NONE + }, + ["tripe.ies.len"] = { + name = "Encrypted message length", + type = ftypes.UINT16, base = base.DEC + }, + ["tripe.ies.clue"] = { + name = "Encrypted message KEM clue", + type = ftypes.BYTES, base = base.SPACE + }, + ["tripe.ies.ciphertext"] = { + name = "Encrypted message ciphertext", + type = ftypes.BYTES, base = base.SPACE + }, ["tripe.keyexch.type"] = { name = "Key-exchange subcode", type = ftypes.UINT8, base = base.DEC, mask = 0x0f, tab = subtab[1]