X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/f6994bd047a35b06aa7aed3c59487000abec2325..8362ac1c9b2fbf253b06a50639c57047d43a8fa2:/wireshark/tripe.lua diff --git a/wireshark/tripe.lua b/wireshark/tripe.lua index f950aefa..aab8e798 100644 --- a/wireshark/tripe.lua +++ b/wireshark/tripe.lua @@ -289,6 +289,37 @@ local function dissect_misc_ciphertext(buf, tree, pos, sz) return dissect_ciphertext(buf, tree, "tripe.misc.ciphertext", pos, sz) end +local function dissect_chal(buf, tree, label, pos, sz) + local len = buf(pos, 2):uint() + local t = tree:add(PF[label], buf(pos, len + 2)) + t:add(PF["tripe.chal.len"], buf(pos, 2)); pos = pos + 2 + t:add(PF["tripe.chal.sequence"], buf(pos, 4)); pos = pos + 4; len = len - 4 + t:add(PF["tripe.chal.tag"], buf(pos, len)) + return pos + len +end + +local function dissect_my_chal(buf, tree, pos, sz) + return dissect_chal(buf, tree, "tripe.knock.mychal", pos, sz) +end + +local function dissect_your_chal(buf, tree, pos, sz) + return dissect_chal(buf, tree, "tripe.knock.yourchal", pos, sz) +end + +local function dissect_keyid(buf, tree, pos, sz) + tree:add(PF["tripe.knock.keyid"], buf(pos, 4)) + return pos + 4 +end + +local function dissect_ies(buf, tree, pos, sz) + local len = buf(pos, 2):uint() + local lim = pos + len + 2 + local t = tree:add(PF["tripe.knock.ies"], buf(pos, len + 2)) + t:add(PF["tripe.ies.len"], buf(pos, 2)); pos = pos + 2 + pos = dissect_ge[C.kx](buf, t, pos, sz) + return dissect_ciphertext(buf, t, "tripe.ies.ciphertext", pos, lim) +end + ----------------------------------------------------------------------------- --- The protocol information table. @@ -345,6 +376,19 @@ local PKTINFO = { dissect_switch } }, [4] = { label = "KX_SWITCHOK", info = "switch-ok", dissect = { dissect_switchok } }, + [5] = { label = "KX_TOKENRQ", info = "token-rq", + dissect = { dissect_my_chal, + dissect_keyid, + dissect_ies } }, + [6] = { label = "KX_TOKEN", info = "token", + dissect = { dissect_your_chal, + dissect_my_chal, + dissect_ies } }, + [7] = { label = "KX_KNOCK", info = "knock", + dissect = { dissect_your_chal, + dissect_keyid, + dissect_ies, + dissect_my_challenge } } } }, @@ -415,6 +459,40 @@ do ["tripe.packet.payload"] = { name = "Encrypted packet", type = ftypes.NONE }, + ["tripe.knock.keyid"] = { + name = "Short key indicator", type = ftypes.UINT32, base = base.HEX + }, + ["tripe.knock.mychal"] = { + name = "Sender's one-time challenge", type = ftypes.NONE + }, + ["tripe.knock.yourchal"] = { + name = "Recipient's one-time challenge", type = ftypes.NONE + }, + ["tripe.chal.len"] = { + name = "Challenge length", type = ftypes.UINT16, base = base.DEC + }, + ["tripe.chal.sequence"] = { + name = "Challenge sequence number", + type = ftypes.UINT32, base = base.DEC + }, + ["tripe.chal.tag"] = { + name = "Challenge tag", type = ftypes.BYTES, base = base.SPACE + }, + ["tripe.knock.ies"] = { + name = "Encrypted message", type = ftypes.NONE + }, + ["tripe.ies.len"] = { + name = "Encrypted message length", + type = ftypes.UINT16, base = base.DEC + }, + ["tripe.ies.clue"] = { + name = "Encrypted message KEM clue", + type = ftypes.BYTES, base = base.SPACE + }, + ["tripe.ies.ciphertext"] = { + name = "Encrypted message ciphertext", + type = ftypes.BYTES, base = base.SPACE + }, ["tripe.keyexch.type"] = { name = "Key-exchange subcode", type = ftypes.UINT8, base = base.DEC, mask = 0x0f, tab = subtab[1]