search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-mka.c
blob29b4a50e03d5f5ef54d43f2aba2dd38786cf2fe2
1 /* packet-mka.c
2 * Routines for EAPOL-MKA IEEE 802.1X-2010 / IEEE 802.1bx-2014 /
3 * IEEE Std 802.1Xck-2018 / IEEE 802.1X-2020 MKPDU dissection
4 * Copyright 2014, Hitesh K Maisheri <maisheri.hitesh@gmail.com>
5 *
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
9 *
10 * SPDX-License-Identifier: GPL-2.0-or-later
11 */
12
13 #include "config.h"
14
15 #include <epan/packet.h>
16 #include <epan/expert.h>
17 #include <epan/uat.h>
18
19 #include "packet-eapol.h"
20
21 #define LIVE_PEER_LIST_TYPE 1
22 #define POTENTIAL_PEER_LIST_TYPE 2
23 #define MACSEC_SAK_USE_TYPE 3
24 #define DISTRIBUTED_SAK_TYPE 4
25 #define DISTRIBUTED_CAK_TYPE 5
26 #define KMD_TYPE 6
27 #define ANNOUNCEMENT_TYPE 7
28 #define XPN_TYPE 8
29 #define ICV_TYPE 255
30
31 void proto_register_mka(void);
32 void proto_reg_handoff_mka(void);
33
34 static int proto_mka;
35
36 static int hf_mka_version_id;
37 static int hf_mka_basic_param_set;
38 static int hf_mka_live_peer_list_set;
39 static int hf_mka_potential_peer_list_set;
40 static int hf_mka_macsec_sak_use_set;
41 static int hf_mka_distributed_sak_set;
42 static int hf_mka_distributed_cak_set;
43 static int hf_mka_kmd_set;
44 static int hf_mka_announcement_set;
45 static int hf_mka_xpn_set;
46 static int hf_mka_icv_set;
47 static int hf_mka_param_set_type;
48
49 static int hf_mka_keyserver_priority;
50 static int hf_mka_key_server;
51 static int hf_mka_macsec_desired;
52 static int hf_mka_macsec_capability;
53 static int hf_mka_param_body_length;
54 static int hf_mka_sci;
55 static int hf_mka_actor_mi;
56 static int hf_mka_actor_mn;
57 static int hf_mka_algo_agility;
58 static int hf_mka_cak_name;
59 static int hf_mka_cak_name_info;
60
61 static int hf_mka_padding;
62
63 static int hf_mka_key_server_ssci;
64 static int hf_mka_peer_mi;
65 static int hf_mka_peer_mn;
66
67 static int hf_mka_latest_key_an;
68 static int hf_mka_latest_key_tx;
69 static int hf_mka_latest_key_rx;
70 static int hf_mka_old_key_an;
71 static int hf_mka_old_key_tx;
72 static int hf_mka_old_key_rx;
73 static int hf_mka_plain_tx;
74 static int hf_mka_plain_rx;
75 static int hf_mka_delay_protect;
76 static int hf_mka_latest_key_server_mi;
77 static int hf_mka_latest_key_number;
78 static int hf_mka_latest_lowest_acceptable_pn;
79 static int hf_mka_old_key_server_mi;
80 static int hf_mka_old_key_number;
81 static int hf_mka_old_lowest_acceptable_pn;
82
83 static int hf_mka_distributed_an;
84 static int hf_mka_confidentiality_offset;
85 static int hf_mka_key_number;
86 static int hf_mka_aes_key_wrap_sak;
87 static int hf_mka_macsec_cipher_suite;
88 static int hf_mka_aes_key_wrap_cak;
89
90 static int hf_mka_kmd;
91
92 static int hf_mka_suspension_time;
93
94 static int hf_mka_unknown_set;
95 static int hf_mka_unknown_param_set;
96
97 static int hf_mka_icv;
98
99 static int hf_mka_tlv_entry;
100 static int hf_mka_tlv_type;
101 static int hf_mka_tlv_info_string_length;
102 static int hf_mka_tlv_data;
103 static int hf_mka_tlv_cipher_suite_impl_cap;
104
105 static expert_field ei_mka_undecoded;
106 static expert_field ei_unexpected_data;
107 static expert_field ei_mka_unimplemented;
108
109 static int ett_mka;
110 static int ett_mka_basic_param_set;
111 static int ett_mka_peer_list_set;
112 static int ett_mka_sak_use_set;
113 static int ett_mka_distributed_sak_set;
114 static int ett_mka_distributed_cak_set;
115 static int ett_mka_kmd_set;
116 static int ett_mka_announcement_set;
117 static int ett_mka_xpn_set;
118 static int ett_mka_unknown_set;
119 static int ett_mka_icv_set;
120 static int ett_mka_tlv;
121 static int ett_mka_cipher_suite_entry;
122
123 static const value_string param_set_type_vals[] = {
124 { LIVE_PEER_LIST_TYPE, "Live Peer List" },
125 { POTENTIAL_PEER_LIST_TYPE, "Potential Peer List" },
126 { MACSEC_SAK_USE_TYPE, "MACsec SAK Use" },
127 { DISTRIBUTED_SAK_TYPE, "Distributed SAK" },
128 { DISTRIBUTED_CAK_TYPE, "Distributed CAK" },
129 { KMD_TYPE, "KMD" },
130 { ANNOUNCEMENT_TYPE, "Announcement" },
131 { XPN_TYPE, "XPN" },
132 { ICV_TYPE, "ICV Indicator" },
133 { 0, NULL }
134 };
135
136 static const value_string macsec_capability_type_vals[] = {
137 { 0, "MACsec not implemented" },
138 { 1, "MACsec Integrity without confidentiality" },
139 { 2, "MACsec Integrity with/without confidentiality, no confidentiality offset" },
140 { 3, "MACsec Integrity with/without confidentiality, confidentiality offset 0, 30, or 50" },
141 { 0, NULL }
142 };
143
144 static const value_string algo_agility_vals[] = {
145 { 0x0080C201, "IEEE Std 802.1X-2010" },
146 { 0, NULL }
147 };
148
149 static const value_string confidentiality_offset_vals[] = {
150 { 0, "No confidentiality" },
151 { 1, "No confidentiality offset" },
152 { 2, "Confidentiality offset 30 octets" },
153 { 3, "Confidentiality offset 50 octets" },
154 { 0, NULL }
155 };
156
157 static const val64_string macsec_cipher_suite_vals[] = {
158 { INT64_C(0x0080020001000001), "GCM-AES-128" }, // Original, incorrect value in IEEE 802.1AE-2006 and IEEE 802.1X-2010
159 { INT64_C(0x0080C20001000001), "GCM-AES-128" },
160 { INT64_C(0x0080C20001000002), "GCM-AES-256" },
161 { INT64_C(0x0080C20001000003), "GCM-AES-XPN-128" },
162 { INT64_C(0x0080C20001000004), "GCM-AES-XPN-256" },
163 { 0, NULL }
164 };
165
166
167 static const value_string macsec_tlvs[] = {
168 // 0 - 110 reserved
169 { 111, "Access Information" },
170 { 112, "MACsec Cipher Suites" },
171 { 113, "Key Management Domain" },
172 { 114, "NID (Network Identifier)" },
173 // 115 - 125 reserved
174 { 126, "Organizationally Specific Set TLV" },
175 { 127, "Organizationally Specific TLVs" },
176 { 0, NULL }
177 };
178
179
180 /*** UAT: CKN INFO ***/
181
182 #define DATAFILE_CKN_INFO "mka_ckn_info"
183
184 typedef struct _mka_ckn_info_key {
185 /* CKN: a byte array of 0 to 32 bytes. */
186 unsigned char *ckn;
187 unsigned ckn_len;
188 } mka_ckn_info_key_t;
189
190 typedef struct _mka_ckn_info {
191 mka_ckn_info_key_t key;
192 char *name;
193 } mka_ckn_info_t;
194
195 static mka_ckn_info_t *mka_ckn_uat_data;
196 static unsigned num_mka_ckn_uat_data;
197 static GHashTable *ht_mka_ckn;
198
199 UAT_BUFFER_CB_DEF(mka_ckn_uat_data, ckn, mka_ckn_info_t, key.ckn, key.ckn_len)
200 UAT_CSTRING_CB_DEF(mka_ckn_uat_data, name, mka_ckn_info_t)
201
202 static unsigned
203 ckn_key_hash_func(const void *k) {
204 const mka_ckn_info_key_t *key = (const mka_ckn_info_key_t *)k;
205 size_t i;
206 unsigned hash = 0;
207 uint8_t *tmp = (uint8_t *)key->ckn;
208
209 /* Reduce to uint32_t by XOR */
210 for (i = 0; i < key->ckn_len; i++) {
211 hash ^= tmp[i] << 8 * (i % 4);
212 }
213
214 return hash;
215 }
216
217 static int
218 ckn_key_equal_func(const void *c1, const void *c2) {
219 const mka_ckn_info_key_t *ckn1 = (const mka_ckn_info_key_t *)c1;
220 const mka_ckn_info_key_t *ckn2 = (const mka_ckn_info_key_t *)c2;
221 if (ckn1->ckn_len != ckn2->ckn_len) return 0;
222 if (memcmp(ckn1->ckn, ckn2->ckn, ckn1->ckn_len) != 0) return 0;
223
224 return 1;
225 }
226
227 static void *
228 ckn_info_copy_cb(void *n, const void *o, size_t size _U_) {
229 mka_ckn_info_t *new_rec = (mka_ckn_info_t *)n;
230 const mka_ckn_info_t *old_rec = (const mka_ckn_info_t *)o;
231
232 new_rec->key.ckn_len = old_rec->key.ckn_len;
233 new_rec->key.ckn = (unsigned char *)g_memdup2(old_rec->key.ckn, old_rec->key.ckn_len);
234 new_rec->key.ckn_len = old_rec->key.ckn_len;
235 new_rec->name = g_strdup(old_rec->name);
236
237 return new_rec;
238 }
239
240 static bool
241 ckn_info_update_cb(void *r, char **err) {
242 mka_ckn_info_t *rec = (mka_ckn_info_t *)r;
243
244 if (rec->key.ckn_len == 0 || rec->key.ckn_len > 32) {
245 *err = ws_strdup_printf("Invalid CKN length! CKNs need to be between 1 and 32 bytes.");
246 return false;
247 }
248
249 return true;
250 }
251
252 static void
253 ckn_info_free_cb(void *r) {
254 mka_ckn_info_t *rec = (mka_ckn_info_t *)r;
255 g_free(rec->key.ckn);
256 g_free(rec->name);
257 }
258
259 static void
260 ckn_info_reset_cb(void) {
261 if (ht_mka_ckn) {
262 g_hash_table_destroy(ht_mka_ckn);
263 ht_mka_ckn = NULL;
264 }
265 }
266
267 static void
268 ckn_info_post_update_cb(void) {
269 unsigned i;
270
271 ckn_info_reset_cb();
272
273 ht_mka_ckn = g_hash_table_new(&ckn_key_hash_func, &ckn_key_equal_func);
274
275 for (i = 0; i < num_mka_ckn_uat_data; i++) {
276 g_hash_table_insert(ht_mka_ckn, &(mka_ckn_uat_data[i].key), &(mka_ckn_uat_data[i]));
277 }
278 }
279
280 static const char *
281 ckn_info_lookup(uint8_t ckn[], uint32_t ckn_len) {
282 mka_ckn_info_key_t tmp_key = { .ckn = ckn, .ckn_len = ckn_len };
283
284 if (ht_mka_ckn == NULL) {
285 return NULL;
286 }
287
288 mka_ckn_info_t *tmp = (mka_ckn_info_t *)g_hash_table_lookup(ht_mka_ckn, &tmp_key);
289
290 if (tmp == NULL) {
291 return NULL;
292 }
293
294 return tmp->name;
295 }
296
297 static void
298 mka_add_ckn_info(proto_tree *tree, tvbuff_t *tvb, int offset, uint16_t ckn_len) {
299 proto_item *ti;
300
301 uint8_t cak_name[32]; /* Only accept CKN between 1 and 32 bytes! */
302 if (1 <= ckn_len && ckn_len <= 32) {
303 tvb_memcpy(tvb, cak_name, offset, ckn_len);
304
305 const char *tmp_string = ckn_info_lookup(cak_name, ckn_len);
306 if (tmp_string != NULL) {
307 ti = proto_tree_add_string(tree, hf_mka_cak_name_info, tvb, offset, ckn_len, tmp_string);
308 proto_item_set_generated(ti);
309 }
310 }
311 }
312
313
314 static void
315 dissect_basic_paramset(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, int *offset_ptr)
316 {
317 int offset = *offset_ptr;
318 proto_tree *basic_param_set_tree;
319 proto_tree *ti;
320 uint16_t basic_param_set_len;
321 uint16_t cak_len;
322
323 basic_param_set_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
324 ti = proto_tree_add_item(mka_tree, hf_mka_basic_param_set, tvb, offset, basic_param_set_len + 4, ENC_NA);
325 basic_param_set_tree = proto_item_add_subtree(ti, ett_mka_basic_param_set);
326
327 proto_tree_add_item(basic_param_set_tree, hf_mka_version_id,
328 tvb, offset, 1, ENC_BIG_ENDIAN);
329 offset += 1;
330
331 proto_tree_add_item(basic_param_set_tree, hf_mka_keyserver_priority,
332 tvb, offset, 1, ENC_BIG_ENDIAN);
333 offset += 1;
334
335 proto_tree_add_item(basic_param_set_tree, hf_mka_key_server,
336 tvb, offset, 1, ENC_BIG_ENDIAN);
337 proto_tree_add_item(basic_param_set_tree, hf_mka_macsec_desired,
338 tvb, offset, 1, ENC_BIG_ENDIAN);
339 proto_tree_add_item(basic_param_set_tree, hf_mka_macsec_capability,
340 tvb, offset, 1, ENC_BIG_ENDIAN);
341
342 if (tvb_get_uint8(tvb, offset) & 0x80)
343 {
344 col_append_sep_str(pinfo->cinfo, COL_INFO, NULL, "Key Server");
345 }
346
347 proto_tree_add_uint(basic_param_set_tree, hf_mka_param_body_length,
348 tvb, offset, 2, basic_param_set_len);
349 offset += 2;
350
351 proto_tree_add_item(basic_param_set_tree, hf_mka_sci,
352 tvb, offset, 8, ENC_NA);
353 offset += 8;
354
355 proto_tree_add_item(basic_param_set_tree, hf_mka_actor_mi,
356 tvb, offset, 12, ENC_NA);
357 offset += 12;
358
359 proto_tree_add_item(basic_param_set_tree, hf_mka_actor_mn,
360 tvb, offset, 4, ENC_NA);
361 offset += 4;
362
363 proto_tree_add_item(basic_param_set_tree, hf_mka_algo_agility,
364 tvb, offset, 4, ENC_NA);
365 offset += 4;
366
367 cak_len = basic_param_set_len - 28;
368 proto_tree_add_item(basic_param_set_tree, hf_mka_cak_name,
369 tvb, offset, cak_len, ENC_NA);
370 mka_add_ckn_info(basic_param_set_tree, tvb, offset, cak_len);
371 offset += cak_len;
372
373 if (basic_param_set_len%4) {
374 int padding_len = (4 - (basic_param_set_len % 4));
375
376 proto_tree_add_item(basic_param_set_tree, hf_mka_padding,
377 tvb, offset, padding_len, ENC_NA);
378
379 offset += padding_len;
380 }
381
382 *offset_ptr = offset;
383 }
384
385 static void
386 dissect_peer_list(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, int *offset_ptr, bool key_server_ssci_flag)
387 {
388 int offset = *offset_ptr;
389 proto_tree *peer_list_set_tree;
390 proto_tree *ti;
391 int hf_peer;
392 int16_t peer_list_len;
393
394 if (tvb_get_uint8(tvb, offset) == LIVE_PEER_LIST_TYPE) {
395 hf_peer = hf_mka_live_peer_list_set;
396 } else {
397 hf_peer = hf_mka_potential_peer_list_set;
398 }
399
400 peer_list_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
401 ti = proto_tree_add_item(mka_tree, hf_peer, tvb, offset, peer_list_len + 4, ENC_NA);
402 peer_list_set_tree = proto_item_add_subtree(ti, ett_mka_peer_list_set);
403
404 proto_tree_add_item(peer_list_set_tree, hf_mka_param_set_type,
405 tvb, offset, 1, ENC_BIG_ENDIAN);
406 offset += 1;
407
408 if (key_server_ssci_flag && (hf_peer == hf_mka_live_peer_list_set))
409 {
410 /* XXX - The presence of this field is non-trivial to find out. See IEEE 802.1X-2020, Section 11.11.3
411 * Only present in MKPDU's with:
412 * - MKA version 3 (that's covered), and
413 * - In Live Peer list parameter set (that's covered), and
414 * - A Distributed SAK parameter set present (which could be before or after this parameter set), but only
415 * - A Distributed SAK parameter set with XPN Cipher suites (requires to look into the contents),
416 * otherwise 0.
417 */
418 proto_tree_add_item(peer_list_set_tree, hf_mka_key_server_ssci,
419 tvb, offset, 1, ENC_BIG_ENDIAN);
420 }
421
422 offset += 1;
423
424 proto_tree_add_uint(peer_list_set_tree, hf_mka_param_body_length,
425 tvb, offset, 2, peer_list_len);
426 offset += 2;
427
428 while (peer_list_len >= 16) {
429 proto_tree_add_item(peer_list_set_tree, hf_mka_peer_mi,
430 tvb, offset, 12, ENC_NA);
431 offset += 12;
432
433 proto_tree_add_item(peer_list_set_tree, hf_mka_peer_mn,
434 tvb, offset, 4, ENC_NA);
435 offset += 4;
436
437 peer_list_len -= 16;
438 }
439
440 if (peer_list_len != 0) {
441 proto_tree_add_expert(peer_list_set_tree, pinfo, &ei_mka_undecoded, tvb, offset, peer_list_len);
442 offset += peer_list_len;
443 }
444
445 *offset_ptr = offset;
446 }
447
448 static void
449 dissect_sak_use(proto_tree *mka_tree, packet_info *pinfo _U_, tvbuff_t *tvb, int *offset_ptr)
450 {
451 int offset = *offset_ptr;
452 proto_tree *sak_use_set_tree;
453 proto_tree *ti;
454 uint16_t sak_use_len;
455
456 sak_use_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
457 ti = proto_tree_add_item(mka_tree, hf_mka_macsec_sak_use_set, tvb, offset, sak_use_len + 4, ENC_NA);
458 sak_use_set_tree = proto_item_add_subtree(ti, ett_mka_sak_use_set);
459
460 proto_tree_add_item(sak_use_set_tree, hf_mka_param_set_type,
461 tvb, offset, 1, ENC_BIG_ENDIAN);
462 offset += 1;
463
464 proto_tree_add_item(sak_use_set_tree, hf_mka_latest_key_an,
465 tvb, offset, 1, ENC_BIG_ENDIAN);
466 proto_tree_add_item(sak_use_set_tree, hf_mka_latest_key_tx,
467 tvb, offset, 1, ENC_BIG_ENDIAN);
468 proto_tree_add_item(sak_use_set_tree, hf_mka_latest_key_rx,
469 tvb, offset, 1, ENC_BIG_ENDIAN);
470
471
472 proto_tree_add_item(sak_use_set_tree, hf_mka_old_key_an,
473 tvb, offset, 1, ENC_BIG_ENDIAN);
474 proto_tree_add_item(sak_use_set_tree, hf_mka_old_key_tx,
475 tvb, offset, 1, ENC_BIG_ENDIAN);
476 proto_tree_add_item(sak_use_set_tree, hf_mka_old_key_rx,
477 tvb, offset, 1, ENC_BIG_ENDIAN);
478
479 offset += 1;
480
481 proto_tree_add_item(sak_use_set_tree, hf_mka_plain_tx,
482 tvb, offset, 1, ENC_BIG_ENDIAN);
483 proto_tree_add_item(sak_use_set_tree, hf_mka_plain_rx,
484 tvb, offset, 1, ENC_BIG_ENDIAN);
485
486 proto_tree_add_item(sak_use_set_tree, hf_mka_delay_protect,
487 tvb, offset, 1, ENC_BIG_ENDIAN);
488
489 proto_tree_add_uint(sak_use_set_tree, hf_mka_param_body_length,
490 tvb, offset, 2, sak_use_len);
491
492 offset += 2;
493
494 /*
495 * 802.1X-2020 specifies only 0 or 40 are valid! See Figure 11-10 Note d
496 */
497 if (sak_use_len == 0) /* MACsec not supported */
498 {
499 /* Nothing */
500 }
501 else if (sak_use_len == 40) /* MACsec supported */
502 {
503 proto_tree_add_item(sak_use_set_tree, hf_mka_latest_key_server_mi,
504 tvb, offset, 12, ENC_NA);
505 offset += 12;
506
507 proto_tree_add_item(sak_use_set_tree, hf_mka_latest_key_number,
508 tvb, offset, 4, ENC_NA);
509 offset += 4;
510
511 proto_tree_add_item(sak_use_set_tree, hf_mka_latest_lowest_acceptable_pn,
512 tvb, offset, 4, ENC_NA);
513 offset += 4;
514
515 proto_tree_add_item(sak_use_set_tree, hf_mka_old_key_server_mi,
516 tvb, offset, 12, ENC_NA);
517 offset += 12;
518
519 proto_tree_add_item(sak_use_set_tree, hf_mka_old_key_number,
520 tvb, offset, 4, ENC_NA);
521 offset += 4;
522
523 proto_tree_add_item(sak_use_set_tree, hf_mka_old_lowest_acceptable_pn,
524 tvb, offset, 4, ENC_NA);
525 offset += 4;
526 }
527 else
528 {
529 proto_tree_add_expert(sak_use_set_tree, pinfo, &ei_mka_undecoded, tvb, offset, sak_use_len);
530 offset += sak_use_len;
531 }
532
533 *offset_ptr = offset;
534 }
535
536 static void
537 dissect_distributed_sak(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, int *offset_ptr)
538 {
539 int offset = *offset_ptr;
540 uint16_t distributed_sak_len;
541 proto_tree *distributed_sak_tree;
542 proto_tree *ti;
543
544 distributed_sak_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
545 ti = proto_tree_add_item(mka_tree, hf_mka_distributed_sak_set, tvb, offset, distributed_sak_len + 4, ENC_NA);
546 distributed_sak_tree = proto_item_add_subtree(ti, ett_mka_distributed_sak_set);
547
548 proto_tree_add_item(distributed_sak_tree, hf_mka_param_set_type,
549 tvb, offset, 1, ENC_BIG_ENDIAN);
550 offset += 1;
551
552 proto_tree_add_item(distributed_sak_tree, hf_mka_distributed_an,
553 tvb, offset, 1, ENC_BIG_ENDIAN);
554 proto_tree_add_item(distributed_sak_tree, hf_mka_confidentiality_offset,
555 tvb, offset, 1, ENC_BIG_ENDIAN);
556 offset += 1;
557
558 proto_tree_add_uint(distributed_sak_tree, hf_mka_param_body_length,
559 tvb, offset, 2, distributed_sak_len);
560 offset += 2;
561
562 if (distributed_sak_len == 0) // Plain text
563 {
564 // Nothing
565 }
566 else if (distributed_sak_len == 28) // GCM-AES-128
567 {
568 proto_tree_add_item(distributed_sak_tree, hf_mka_key_number,
569 tvb, offset, 4, ENC_NA);
570 offset += 4;
571
572 proto_tree_add_item(distributed_sak_tree, hf_mka_aes_key_wrap_sak,
573 tvb, offset, 24, ENC_NA);
574 offset += 24;
575 }
576 else if (distributed_sak_len >= 36) // Other than default cipher
577 {
578 proto_tree_add_item(distributed_sak_tree, hf_mka_key_number,
579 tvb, offset, 4, ENC_NA);
580 offset += 4;
581
582 proto_tree_add_item(distributed_sak_tree, hf_mka_macsec_cipher_suite,
583 tvb, offset, 8, ENC_NA);
584 offset += 8;
585
586 proto_tree_add_item(distributed_sak_tree, hf_mka_aes_key_wrap_sak,
587 tvb, offset, distributed_sak_len - 12, ENC_NA);
588 offset += (distributed_sak_len - 12);
589 }
590 else
591 {
592 proto_tree_add_expert(distributed_sak_tree, pinfo, &ei_mka_undecoded, tvb, offset, distributed_sak_len);
593 offset += distributed_sak_len;
594 }
595
596 if (distributed_sak_len%4) {
597 int padding_len = (4 - (distributed_sak_len % 4));
598
599 proto_tree_add_item(distributed_sak_tree, hf_mka_padding,
600 tvb, offset, padding_len, ENC_NA);
601
602 offset += padding_len;
603 }
604
605 *offset_ptr = offset;
606 }
607
608 static void
609 dissect_distributed_cak(proto_tree *mka_tree, packet_info *pinfo _U_, tvbuff_t *tvb, int *offset_ptr)
610 {
611 int offset = *offset_ptr;
612 uint16_t distributed_cak_len;
613 proto_tree *distributed_cak_tree;
614 proto_tree *ti;
615 uint16_t cak_len;
616
617 distributed_cak_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
618 ti = proto_tree_add_item(mka_tree, hf_mka_distributed_cak_set, tvb, offset, distributed_cak_len + 4, ENC_NA);
619 distributed_cak_tree = proto_item_add_subtree(ti, ett_mka_distributed_cak_set);
620
621 proto_tree_add_item(distributed_cak_tree, hf_mka_param_set_type,
622 tvb, offset, 1, ENC_BIG_ENDIAN);
623 offset += 2;
624
625 proto_tree_add_uint(distributed_cak_tree, hf_mka_param_body_length,
626 tvb, offset, 2, distributed_cak_len);
627 offset += 2;
628
629 proto_tree_add_item(distributed_cak_tree, hf_mka_aes_key_wrap_cak,
630 tvb, offset, 24, ENC_NA);
631 offset += 24;
632
633 cak_len = distributed_cak_len - 24;
634 proto_tree_add_item(distributed_cak_tree, hf_mka_cak_name,
635 tvb, offset, cak_len, ENC_NA);
636 mka_add_ckn_info(distributed_cak_tree, tvb, offset, cak_len);
637 offset += cak_len;
638
639 if (distributed_cak_len%4) {
640 int padding_len = (4 - (distributed_cak_len % 4));
641
642 proto_tree_add_item(distributed_cak_tree, hf_mka_padding,
643 tvb, offset, padding_len, ENC_NA);
644
645 offset += padding_len;
646 }
647
648 *offset_ptr = offset;
649 }
650
651 static void
652 dissect_kmd(proto_tree *mka_tree, packet_info *pinfo _U_, tvbuff_t *tvb, int *offset_ptr)
653 {
654 int offset = *offset_ptr;
655 uint16_t kmd_len;
656 proto_tree *kmd_set_tree;
657 proto_tree *ti;
658
659 kmd_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
660 ti = proto_tree_add_item(mka_tree, hf_mka_kmd_set, tvb, offset, kmd_len + 4, ENC_NA);
661 kmd_set_tree = proto_item_add_subtree(ti, ett_mka_kmd_set);
662
663 proto_tree_add_item(kmd_set_tree, hf_mka_param_set_type,
664 tvb, offset, 1, ENC_BIG_ENDIAN);
665 offset += 2;
666
667 proto_tree_add_uint(kmd_set_tree, hf_mka_param_body_length,
668 tvb, offset, 2, kmd_len);
669 offset += 2;
670
671 proto_tree_add_item(kmd_set_tree, hf_mka_kmd,
672 tvb, offset, kmd_len, ENC_NA);
673 offset += kmd_len;
674
675 *offset_ptr = offset;
676 }
677
678 static void
679 dissect_announcement(proto_tree *mka_tree, packet_info *pinfo, tvbuff_t *tvb, int *offset_ptr)
680 {
681 int offset = *offset_ptr;
682 uint16_t announcement_len;
683 proto_tree *announcement_set_tree;
684 proto_tree *ti;
685 int offset2;
686
687 announcement_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
688 ti = proto_tree_add_item(mka_tree, hf_mka_announcement_set, tvb, offset, announcement_len + 4, ENC_NA);
689 announcement_set_tree = proto_item_add_subtree(ti, ett_mka_announcement_set);
690
691 proto_tree_add_item(announcement_set_tree, hf_mka_param_set_type,
692 tvb, offset, 1, ENC_BIG_ENDIAN);
693
694 offset += 2;
695
696 proto_tree_add_uint(announcement_set_tree, hf_mka_param_body_length,
697 tvb, offset, 2, announcement_len);
698 offset += 2;
699
700 offset2 = 0;
701 while (offset2 + 2 <= announcement_len) {
702 proto_tree *tlv_tree;
703 uint8_t tlv_type = ((tvb_get_uint8(tvb, offset + offset2)) & 0xfe ) >> 1;
704 uint16_t tlv_length = (tvb_get_ntohs(tvb, offset + offset2)) & 0x01ff;
705 uint16_t tlv_item_offset;
706
707 if (offset2 + 2 + tlv_length > announcement_len) {
708 break;
709 }
710
711 ti = proto_tree_add_none_format(announcement_set_tree, hf_mka_tlv_entry, tvb, offset + offset2, tlv_length + 2, "TLV entry: %s",
712 val_to_str(tlv_type, macsec_tlvs, "unknown TLV type: %d"));
713 tlv_tree = proto_item_add_subtree(ti, ett_mka_tlv);
714
715 proto_tree_add_item(tlv_tree, hf_mka_tlv_type, tvb, offset + offset2, 1, ENC_NA);
716 proto_tree_add_item(tlv_tree, hf_mka_tlv_info_string_length, tvb, offset + offset2, 2, ENC_NA);
717 offset2 += 2;
718
719 if (tlv_length > 0) {
720 switch (tlv_type) {
721 case 112: // MACsec Cipher Suites
722 tlv_item_offset = 0;
723 while (tlv_item_offset + 10 <= tlv_length) {
724 proto_tree *cipher_suite_entry;
725 uint64_t cipher_suite_id = tvb_get_uint64(tvb, offset + offset2 + tlv_item_offset + 2, ENC_BIG_ENDIAN);
726 uint16_t cipher_suite_cap = tvb_get_uint16(tvb, offset + offset2 + tlv_item_offset, ENC_BIG_ENDIAN) & 0x0003;
727
728 ti = proto_tree_add_none_format(tlv_tree, hf_mka_tlv_entry, tvb, offset + offset2, tlv_length + 2, "Cipher Suite: %s, %s",
729 val64_to_str(cipher_suite_id, macsec_cipher_suite_vals, "Unknown Cipher Suite (0x%" PRIx64 ")"),
730 val_to_str(cipher_suite_cap, macsec_capability_type_vals, "Unknown Capability (%d)"));
731 cipher_suite_entry = proto_item_add_subtree(ti, ett_mka_cipher_suite_entry);
732
733 proto_tree_add_item(cipher_suite_entry, hf_mka_tlv_cipher_suite_impl_cap, tvb, offset + offset2 + tlv_item_offset, 2, ENC_NA);
734 tlv_item_offset += 2;
735 proto_tree_add_item(cipher_suite_entry, hf_mka_macsec_cipher_suite, tvb, offset + offset2 + tlv_item_offset, 8, ENC_NA);
736 tlv_item_offset += 8;
737 }
738 break;
739
740 case 111: // Access Information
741 case 113: // Key Management Domain
742 case 114: // NID (Network Identifier)
743 // See IEEE 802.1X-2010, Section 11.11.1, Figure 11-15 and Section 11.12
744 proto_tree_add_expert(tlv_tree, pinfo, &ei_mka_unimplemented, tvb, offset + offset2, tlv_length);
745 proto_tree_add_item(tlv_tree, hf_mka_tlv_data, tvb, offset + offset2, tlv_length, ENC_NA);
746 break;
747
748 default:
749 proto_tree_add_item(tlv_tree, hf_mka_tlv_data, tvb, offset + offset2, tlv_length, ENC_NA);
750 }
751 offset2 += tlv_length;
752 }
753 }
754
755 offset += announcement_len;
756
757 if (announcement_len%4) {
758 int padding_len = (4 - (announcement_len % 4));
759
760 proto_tree_add_item(announcement_set_tree, hf_mka_padding,
761 tvb, offset, padding_len, ENC_NA);
762
763 offset += padding_len;
764 }
765
766 *offset_ptr = offset;
767 }
768
769 static void
770 dissect_xpn(proto_tree *mka_tree, packet_info *pinfo _U_, tvbuff_t *tvb, int *offset_ptr)
771 {
772 int offset = *offset_ptr;
773 uint16_t xpn_len;
774 proto_tree *xpn_set_tree;
775 proto_tree *ti;
776
777 xpn_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
778 ti = proto_tree_add_item(mka_tree, hf_mka_xpn_set, tvb, offset, xpn_len + 4, ENC_NA);
779 xpn_set_tree = proto_item_add_subtree(ti, ett_mka_xpn_set);
780
781 proto_tree_add_item(xpn_set_tree, hf_mka_param_set_type,
782 tvb, offset, 1, ENC_BIG_ENDIAN);
783 offset += 1;
784
785 proto_tree_add_item(xpn_set_tree, hf_mka_suspension_time,
786 tvb, offset, 1, ENC_NA);
787 offset += 1;
788
789 proto_tree_add_uint(xpn_set_tree, hf_mka_param_body_length,
790 tvb, offset, 2, xpn_len);
791 offset += 2;
792
793 proto_tree_add_item(xpn_set_tree, hf_mka_latest_lowest_acceptable_pn,
794 tvb, offset, 4, ENC_NA);
795 offset += 4;
796
797 proto_tree_add_item(xpn_set_tree, hf_mka_old_lowest_acceptable_pn,
798 tvb, offset, 4, ENC_NA);
799 offset += 4;
800
801 *offset_ptr = offset;
802 }
803
804 static void
805 dissect_icv(proto_tree *mka_tree, packet_info *pinfo _U_, tvbuff_t *tvb, int *offset_ptr, uint16_t *icv_len)
806 {
807 int offset = *offset_ptr;
808 proto_tree *icv_set_tree;
809 proto_tree *ti;
810
811 *icv_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
812 ti = proto_tree_add_item(mka_tree, hf_mka_icv_set, tvb, offset, 4, ENC_NA);
813 icv_set_tree = proto_item_add_subtree(ti, ett_mka_icv_set);
814
815 proto_tree_add_item(icv_set_tree, hf_mka_param_set_type,
816 tvb, offset, 1, ENC_BIG_ENDIAN);
817 offset += 2;
818
819 proto_tree_add_uint(icv_set_tree, hf_mka_param_body_length,
820 tvb, offset, 2, *icv_len);
821 offset += 2;
822
823 *offset_ptr = offset;
824 }
825
826 static void
827 dissect_unknown_param_set(proto_tree *mka_tree, packet_info *pinfo _U_, tvbuff_t *tvb, int *offset_ptr)
828 {
829 int offset = *offset_ptr;
830 uint16_t param_set_len;
831 proto_tree *param_set_tree;
832 proto_tree *ti;
833
834 param_set_len = (tvb_get_ntohs(tvb, offset + 2)) & 0x0fff;
835 ti = proto_tree_add_item(mka_tree, hf_mka_unknown_set, tvb, offset, param_set_len + 4, ENC_NA);
836 param_set_tree = proto_item_add_subtree(ti, ett_mka_unknown_set);
837
838 proto_tree_add_item(param_set_tree, hf_mka_param_set_type,
839 tvb, offset, 1, ENC_BIG_ENDIAN);
840 offset += 2;
841
842 proto_tree_add_uint(param_set_tree, hf_mka_param_body_length,
843 tvb, offset, 2, param_set_len);
844 offset += 2;
845
846 proto_tree_add_item(param_set_tree, hf_mka_unknown_param_set,
847 tvb, offset, param_set_len, ENC_NA);
848
849 offset += param_set_len;
850
851 if (param_set_len%4) {
852 int padding_len = (4 - (param_set_len % 4));
853
854 proto_tree_add_item(param_set_tree, hf_mka_padding,
855 tvb, offset, padding_len, ENC_NA);
856
857 offset += padding_len;
858 }
859
860 *offset_ptr = offset;
861 }
862
863 static int
864 dissect_mka(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
865 {
866 int offset = 0;
867 uint8_t mka_version_type;
868 uint16_t icv_len = 16; // Default ICV length, see IEEE 802.1X-2010, Section 11.11
869 proto_tree *ti;
870 proto_tree *mka_tree;
871
872 col_set_str(pinfo->cinfo, COL_PROTOCOL, "EAPOL-MKA");
873 col_clear(pinfo->cinfo, COL_INFO);
874
875 ti = proto_tree_add_item(tree, proto_mka, tvb, 0, -1, ENC_NA);
876 mka_tree = proto_item_add_subtree(ti, ett_mka);
877
878 /*
879 * The 802.1X-2010 spec specifies support for MKA version 1 only.
880 * The 802.1Xbx-2014 spec specifies support for MKA version 2.
881 * The 802.1Xck-2018 spec specifies support for MKA version 3.
882 */
883 mka_version_type = tvb_get_uint8(tvb, offset);
884 if ((mka_version_type < 1) || (mka_version_type > 3)) {
885 expert_add_info(pinfo, ti, &ei_unexpected_data);
886 }
887
888 /*
889 * Basic Parameter set is always the first parameter set, dissect it first !
890 */
891 dissect_basic_paramset(mka_tree, pinfo, tvb, &offset);
892
893 while(tvb_reported_length_remaining(tvb, offset) > icv_len) {
894 col_append_sep_fstr(pinfo->cinfo, COL_INFO, NULL, "%s",
895 val_to_str_const(tvb_get_uint8(tvb, offset), param_set_type_vals, "Unknown"));
896 switch (tvb_get_uint8(tvb, offset)) {
897 case LIVE_PEER_LIST_TYPE:
898 case POTENTIAL_PEER_LIST_TYPE:
899 dissect_peer_list(mka_tree, pinfo, tvb, &offset, (mka_version_type == 3));
900 break;
901
902 case MACSEC_SAK_USE_TYPE:
903 dissect_sak_use(mka_tree, pinfo, tvb, &offset);
904 break;
905
906 case DISTRIBUTED_SAK_TYPE:
907 dissect_distributed_sak(mka_tree, pinfo, tvb, &offset);
908 break;
909
910 case DISTRIBUTED_CAK_TYPE:
911 dissect_distributed_cak(mka_tree, pinfo, tvb, &offset);
912 break;
913
914 case KMD_TYPE:
915 dissect_kmd(mka_tree, pinfo, tvb, &offset);
916 break;
917
918 case ANNOUNCEMENT_TYPE:
919 dissect_announcement(mka_tree, pinfo, tvb, &offset);
920 break;
921
922 case XPN_TYPE:
923 dissect_xpn(mka_tree, pinfo, tvb, &offset);
924 break;
925
926 case ICV_TYPE:
927 // This ICV indicator does not include the ICV itself, see IEEE 802.1X-2010, Section 11.11.1
928 dissect_icv(mka_tree, pinfo, tvb, &offset, &icv_len);
929 break;
930
931 default:
932 dissect_unknown_param_set(mka_tree, pinfo, tvb, &offset);
933 break;
934 }
935 }
936
937 proto_tree_add_item(mka_tree, hf_mka_icv, tvb, offset, icv_len, ENC_NA);
938
939 return tvb_captured_length(tvb);
940 }
941
942 void
943 proto_register_mka(void)
944 {
945 module_t *mka_module;
946 expert_module_t *expert_mka = NULL;
947
948 uat_t *mka_ckn_info_uat = NULL;
949
950 static ei_register_info ei[] = {
951 { &ei_mka_undecoded, {
952 "mka.expert.undecoded_data", PI_UNDECODED, PI_WARN, "Undecoded data", EXPFILL }},
953 { &ei_unexpected_data, {
954 "mka.expert.unexpected_data", PI_PROTOCOL, PI_WARN, "Unexpected data", EXPFILL }},
955 { &ei_mka_unimplemented, {
956 "mka.expert.unimplemented", PI_UNDECODED, PI_WARN, "Announcement TLV not handled, if you want this implemented please contact the wireshark developers", EXPFILL }}
957 };
958
959 static hf_register_info hf[] = {
960 { &hf_mka_version_id, {
961 "MKA Version Identifier", "mka.version_id",
962 FT_UINT8, BASE_DEC, NULL, 0x0,
963 NULL, HFILL }},
964
965 { &hf_mka_basic_param_set, {
966 "Basic Parameter set", "mka.basic_param_set",
967 FT_NONE, BASE_NONE, NULL, 0x0,
968 NULL, HFILL }},
969
970 { &hf_mka_live_peer_list_set, {
971 "Live Peer List Parameter set", "mka.live_peer_list_set",
972 FT_NONE, BASE_NONE, NULL, 0x0,
973 NULL, HFILL }},
974
975 { &hf_mka_potential_peer_list_set, {
976 "Potential Peer List Parameter set", "mka.potential_peer_list_set",
977 FT_NONE, BASE_NONE, NULL, 0x0,
978 NULL, HFILL }},
979
980 { &hf_mka_macsec_sak_use_set, {
981 "MACsec SAK Use parameter set", "mka.macsec_sak_use_set",
982 FT_NONE, BASE_NONE, NULL, 0x0,
983 NULL, HFILL }},
984
985 { &hf_mka_distributed_sak_set, {
986 "Distributed SAK parameter set", "mka.distributed_sak_set",
987 FT_NONE, BASE_NONE, NULL, 0x0,
988 NULL, HFILL }},
989
990 { &hf_mka_distributed_cak_set, {
991 "Distributed CAK parameter set", "mka.distributed_cak_set",
992 FT_NONE, BASE_NONE, NULL, 0x0,
993 NULL, HFILL }},
994
995 { &hf_mka_kmd_set, {
996 "Key Management Domain set", "mka.kmd_set",
997 FT_NONE, BASE_NONE, NULL, 0x0,
998 NULL, HFILL }},
999
1000 { &hf_mka_announcement_set, {
1001 "Announcement parameter set", "mka.announcement_set",
1002 FT_NONE, BASE_NONE, NULL, 0x0,
1003 NULL, HFILL }},
1004
1005 { &hf_mka_xpn_set, {
1006 "Extended Packet Numbering set", "mka.xpn_set",
1007 FT_NONE, BASE_NONE, NULL, 0x0,
1008 NULL, HFILL }},
1009
1010 { &hf_mka_unknown_set, {
1011 "Unknown parameter set", "mka.unknown_set",
1012 FT_NONE, BASE_NONE, NULL, 0x0,
1013 NULL, HFILL }},
1014
1015 { &hf_mka_unknown_param_set, {
1016 "Unknown parameter set", "mka.unknown_param_set",
1017 FT_BYTES, BASE_NONE, NULL, 0x0,
1018 NULL, HFILL }},
1019
1020 { &hf_mka_icv_set, {
1021 "Integrity Check Value Indicator", "mka.icv_indicator",
1022 FT_NONE, BASE_NONE, NULL, 0x0,
1023 NULL, HFILL }},
1024
1025 { &hf_mka_param_set_type, {
1026 "Parameter set type", "mka.param_set_type",
1027 FT_UINT8, BASE_DEC, VALS(param_set_type_vals), 0x0,
1028 NULL, HFILL }},
1029
1030 { &hf_mka_keyserver_priority, {
1031 "Key Server Priority", "mka.ks_prio",
1032 FT_UINT8, BASE_DEC, NULL, 0x0,
1033 NULL, HFILL }},
1034
1035 { &hf_mka_key_server, {
1036 "Key Server", "mka.key_server",
1037 FT_BOOLEAN, 8, NULL, 0x80,
1038 NULL, HFILL }},
1039
1040 { &hf_mka_macsec_desired, {
1041 "MACsec Desired", "mka.macsec_desired",
1042 FT_BOOLEAN, 8, NULL, 0x40,
1043 NULL, HFILL }},
1044
1045 { &hf_mka_macsec_capability, {
1046 "MACsec Capability", "mka.macsec_capability",
1047 FT_UINT8, BASE_DEC, VALS(macsec_capability_type_vals), 0x30,
1048 NULL, HFILL }},
1049
1050 { &hf_mka_param_body_length, {
1051 "Parameter set body length", "mka.param_body_length",
1052 FT_UINT16, BASE_DEC, NULL, 0x0fff,
1053 NULL, HFILL }},
1054
1055 { &hf_mka_sci, {
1056 "SCI", "mka.sci",
1057 FT_BYTES, BASE_NONE, NULL, 0x0,
1058 NULL, HFILL }},
1059
1060 { &hf_mka_actor_mi, {
1061 "Actor Member Identifier", "mka.actor_mi",
1062 FT_BYTES, BASE_NONE, NULL, 0x0,
1063 NULL, HFILL }},
1064
1065 { &hf_mka_actor_mn, {
1066 "Actor Message Number", "mka.actor_mn",
1067 FT_BYTES, BASE_NONE, NULL, 0x0,
1068 NULL, HFILL }},
1069
1070 { &hf_mka_algo_agility, {
1071 "Algorithm Agility", "mka.algo_agility",
1072 FT_UINT32, BASE_HEX, VALS(algo_agility_vals), 0x0,
1073 NULL, HFILL }},
1074
1075 { &hf_mka_cak_name, {
1076 "CAK Name", "mka.cak_name",
1077 FT_BYTES, BASE_NONE, NULL, 0x0,
1078 NULL, HFILL }},
1079
1080 { &hf_mka_cak_name_info, {
1081 "CAK Name Info", "mka.cak_name.info",
1082 FT_STRING, BASE_NONE, NULL, 0x0,
1083 NULL, HFILL }},
1084
1085 { &hf_mka_padding, {
1086 "Padding", "mka.padding",
1087 FT_BYTES, BASE_NONE, NULL, 0x0,
1088 NULL, HFILL }},
1089
1090 { &hf_mka_key_server_ssci, {
1091 "Key Server SSCI (LSB)", "mka.key_server_ssci",
1092 FT_UINT8, BASE_HEX, NULL, 0x0,
1093 "Only present combined with Distributed SAK parameter set with XPN cipher suite", HFILL }},
1094
1095 { &hf_mka_peer_mi, {
1096 "Peer Member Identifier", "mka.peer_mi",
1097 FT_BYTES, BASE_NONE, NULL, 0x0,
1098 NULL, HFILL }},
1099
1100 { &hf_mka_peer_mn, {
1101 "Peer Message Number", "mka.peer_mn",
1102 FT_BYTES, BASE_NONE, NULL, 0x0,
1103 NULL, HFILL }},
1104
1105 { &hf_mka_latest_key_an, {
1106 "Latest Key AN", "mka.latest_key_an",
1107 FT_UINT8, BASE_DEC, NULL, 0xc0,
1108 NULL, HFILL }},
1109
1110 { &hf_mka_latest_key_tx, {
1111 "Latest Key tx", "mka.latest_key_tx",
1112 FT_BOOLEAN, 8, NULL, 0x20,
1113 NULL, HFILL }},
1114
1115 { &hf_mka_latest_key_rx, {
1116 "Latest Key rx", "mka.latest_key_rx",
1117 FT_BOOLEAN, 8, NULL, 0x10,
1118 NULL, HFILL }},
1119
1120 { &hf_mka_old_key_an, {
1121 "Old Key AN", "mka.old_key_an",
1122 FT_UINT8, BASE_DEC, NULL, 0x0c,
1123 NULL, HFILL }},
1124
1125 { &hf_mka_old_key_tx, {
1126 "Old Key tx", "mka.old_key_tx",
1127 FT_BOOLEAN, 8, NULL, 0x02,
1128 NULL, HFILL }},
1129
1130 { &hf_mka_old_key_rx, {
1131 "Old Key rx", "mka.old_key_rx",
1132 FT_BOOLEAN, 8, NULL, 0x01,
1133 NULL, HFILL }},
1134
1135 { &hf_mka_plain_tx, {
1136 "Plain tx", "mka.plain_tx",
1137 FT_BOOLEAN, 8, NULL, 0x80,
1138 NULL, HFILL }},
1139
1140 { &hf_mka_plain_rx, {
1141 "Plain rx", "mka.plain_rx",
1142 FT_BOOLEAN, 8, NULL, 0x40,
1143 NULL, HFILL }},
1144
1145 { &hf_mka_delay_protect, {
1146 "Delay protect", "mka.delay_protect",
1147 FT_BOOLEAN, 8, NULL, 0x10,
1148 NULL, HFILL }},
1149
1150 { &hf_mka_latest_key_server_mi, {
1151 "Latest Key: Key Server Member Identifier", "mka.latest_key_server_mi",
1152 FT_BYTES, BASE_NONE, NULL, 0x0,
1153 NULL, HFILL }},
1154
1155 { &hf_mka_latest_key_number, {
1156 "Latest Key: Key Number", "mka.latest_key_number",
1157 FT_BYTES, BASE_NONE, NULL, 0x0,
1158 NULL, HFILL }},
1159
1160 { &hf_mka_latest_lowest_acceptable_pn, {
1161 "Latest Key: Lowest Acceptable PN (32 MSB)", "mka.latest_lowest_acceptable_pn",
1162 FT_BYTES, BASE_NONE, NULL, 0x0,
1163 NULL, HFILL }},
1164
1165 { &hf_mka_old_key_server_mi, {
1166 "Old Key: Key Server Member Identifier", "mka.old_key_server_mi",
1167 FT_BYTES, BASE_NONE, NULL, 0x0,
1168 NULL, HFILL }},
1169
1170 { &hf_mka_old_key_number, {
1171 "Old Key: Key Number", "mka.old_key_number",
1172 FT_BYTES, BASE_NONE, NULL, 0x0,
1173 NULL, HFILL }},
1174
1175 { &hf_mka_old_lowest_acceptable_pn, {
1176 "Old Key: Lowest Acceptable PN (32 MSB)", "mka.old_lowest_acceptable_pn",
1177 FT_BYTES, BASE_NONE, NULL, 0x0,
1178 NULL, HFILL }},
1179
1180 { &hf_mka_distributed_an, {
1181 "Distributed AN", "mka.distributed_an",
1182 FT_UINT8, BASE_DEC, NULL, 0xc0,
1183 NULL, HFILL }},
1184
1185 { &hf_mka_confidentiality_offset, {
1186 "Confidentiality Offset", "mka.confidentiality_offset",
1187 FT_UINT8, BASE_DEC, VALS(confidentiality_offset_vals), 0x30,
1188 NULL, HFILL }},
1189
1190 { &hf_mka_key_number, {
1191 "Key Number", "mka.key_number",
1192 FT_BYTES, BASE_NONE, NULL, 0x0,
1193 NULL, HFILL }},
1194
1195 { &hf_mka_aes_key_wrap_sak, {
1196 "AES Key Wrap of SAK", "mka.aes_key_wrap_sak",
1197 FT_BYTES, BASE_NONE, NULL, 0x0,
1198 NULL, HFILL }},
1199
1200 { &hf_mka_aes_key_wrap_cak, {
1201 "AES Key Wrap of CAK", "mka.aes_key_wrap_cak",
1202 FT_BYTES, BASE_NONE, NULL, 0x0,
1203 NULL, HFILL }},
1204
1205 { &hf_mka_macsec_cipher_suite, {
1206 "MACsec Cipher Suite", "mka.macsec_cipher_suite",
1207 FT_UINT64, BASE_HEX|BASE_VAL64_STRING, VALS64(macsec_cipher_suite_vals), 0x0,
1208 NULL, HFILL }},
1209
1210 { &hf_mka_kmd, {
1211 "Key Management Domain", "mka.kmd",
1212 FT_BYTES, BASE_NONE, NULL, 0x0,
1213 NULL, HFILL }},
1214
1215 { &hf_mka_suspension_time, {
1216 "Suspension time", "mka.suspension_time",
1217 FT_UINT8, BASE_DEC, NULL, 0x0,
1218 NULL, HFILL }},
1219
1220 { &hf_mka_icv, {
1221 "Integrity Check Value", "mka.icv",
1222 FT_BYTES, BASE_NONE, NULL, 0x0,
1223 NULL, HFILL }},
1224
1225 { &hf_mka_tlv_entry, {
1226 "TLV Entry", "mka.tlv_entry",
1227 FT_NONE, BASE_NONE, NULL, 0x0,
1228 NULL, HFILL }},
1229
1230 { &hf_mka_tlv_type, {
1231 "TLV Type", "mka.tlv_type",
1232 FT_UINT8, BASE_DEC, VALS(macsec_tlvs), 0xfe,
1233 NULL, HFILL }},
1234
1235 { &hf_mka_tlv_info_string_length, {
1236 "TLV Info String Length", "mka.tlv_info_string_len",
1237 FT_UINT16, BASE_DEC, NULL, 0x01ff,
1238 NULL, HFILL }},
1239
1240 { &hf_mka_tlv_data, {
1241 "TLV Data", "mka.tlv_data",
1242 FT_BYTES, BASE_NONE, NULL, 0x0,
1243 NULL, HFILL }},
1244
1245 { &hf_mka_tlv_cipher_suite_impl_cap, {
1246 "Cipher Suite Implementation Cababilities", "mka.tlv.cipher_suite_impl_cap",
1247 FT_UINT16, BASE_DEC, VALS(macsec_capability_type_vals), 0x0003,
1248 NULL, HFILL }},
1249 };
1250
1251 static int *ett[] = {
1252 &ett_mka,
1253 &ett_mka_basic_param_set,
1254 &ett_mka_peer_list_set,
1255 &ett_mka_sak_use_set,
1256 &ett_mka_distributed_sak_set,
1257 &ett_mka_distributed_cak_set,
1258 &ett_mka_kmd_set,
1259 &ett_mka_announcement_set,
1260 &ett_mka_xpn_set,
1261 &ett_mka_unknown_set,
1262 &ett_mka_icv_set,
1263 &ett_mka_tlv,
1264 &ett_mka_cipher_suite_entry
1265 };
1266
1267 proto_mka = proto_register_protocol("MACsec Key Agreement", "EAPOL-MKA", "mka");
1268 register_dissector("mka", dissect_mka, proto_mka);
1269
1270 proto_register_field_array(proto_mka, hf, array_length(hf));
1271 proto_register_subtree_array(ett, array_length(ett));
1272
1273 expert_mka = expert_register_protocol(proto_mka);
1274 expert_register_field_array(expert_mka, ei, array_length(ei));
1275
1276 mka_module = prefs_register_protocol(proto_mka, NULL);
1277
1278 /* UAT: CKN info */
1279 static uat_field_t mka_ckn_uat_fields[] = {
1280 UAT_FLD_BUFFER(mka_ckn_uat_data, ckn, "CKN", "The CKN as byte array"),
1281 UAT_FLD_CSTRING(mka_ckn_uat_data, name, "Info", "CKN information string to be displayed"),
1282 UAT_END_FIELDS
1283 };
1284
1285 mka_ckn_info_uat = uat_new("CKN Info",
1286 sizeof(mka_ckn_info_t), /* record size */
1287 DATAFILE_CKN_INFO, /* filename */
1288 true, /* from profile */
1289 (void **) &mka_ckn_uat_data, /* data_ptr */
1290 &num_mka_ckn_uat_data, /* numitems_ptr */
1291 UAT_AFFECTS_DISSECTION, /* but not fields */
1292 NULL, /* help */
1293 ckn_info_copy_cb, /* copy callback */
1294 ckn_info_update_cb, /* update callback */
1295 ckn_info_free_cb, /* free callback */
1296 ckn_info_post_update_cb, /* post update callback */
1297 ckn_info_reset_cb, /* reset callback */
1298 mka_ckn_uat_fields /* UAT field definitions */
1299 );
1300
1301 prefs_register_uat_preference(mka_module, "ckn_info", "CKN Info",
1302 "A table to define names of CKNs", mka_ckn_info_uat);
1303 }
1304
1305 void
1306 proto_reg_handoff_mka(void)
1307 {
1308 static dissector_handle_t mka_handle;
1309
1310 mka_handle = create_dissector_handle(dissect_mka, proto_mka);
1311 dissector_add_uint("eapol.type", EAPOL_MKA, mka_handle);
1312 }
1313
1314 /*
1315 * Editor modelines
1316 *
1317 * Local Variables:
1318 * c-basic-offset: 2
1319 * tab-width: 8
1320 * indent-tabs-mode: nil
1321 * End:
1322 *
1323 * ex: set shiftwidth=2 tabstop=8 expandtab:
1324 * :indentSize=2:tabSize=8:noTabs=true:
1325 */
Metzes wireshark repo