search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MSWSP: fix dissect_mswsp_smb()
[wireshark-wip.git] / epan / dissectors / packet-wtls.c
blob86770526b9fe4e5a08d147db6b87b89e1593b5e2
1 /* packet-wtls.c
2 *
3 * Routines to dissect WTLS component of WAP traffic.
4 *
5 * $Id$
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
10 *
11 * WAP dissector based on original work by Ben Fowler
12 * Updated by Neil Hunter <neil.hunter@energis-squared.com>
13 * WTLS support by Alexandre P. Ferreira (Splice IP)
14 *
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version 2
18 * of the License, or (at your option) any later version.
19 *
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 */
29
30 #include "config.h"
31
32 #ifdef DEBUG
33 #include <stdio.h>
34 #endif
35
36 #include <glib.h>
37
38 #include <epan/packet.h>
39 #include "packet-wap.h"
40 #include "packet-wtls.h"
41
42 /* File scoped variables for the protocol and registered fields */
43 static int proto_wtls = HF_EMPTY;
44
45 /* These fields used by fixed part of header */
46 static int hf_wtls_record = HF_EMPTY;
47 static int hf_wtls_record_type = HF_EMPTY;
48 static int hf_wtls_record_length = HF_EMPTY;
49 static int hf_wtls_record_sequence = HF_EMPTY;
50 static int hf_wtls_record_ciphered = HF_EMPTY;
51 static int hf_wtls_hands = HF_EMPTY;
52 static int hf_wtls_hands_type = HF_EMPTY;
53 static int hf_wtls_hands_length = HF_EMPTY;
54 static int hf_wtls_hands_cli_hello = HF_EMPTY;
55 static int hf_wtls_hands_cli_hello_version = HF_EMPTY;
56 static int hf_wtls_hands_cli_hello_gmt = HF_EMPTY;
57 static int hf_wtls_hands_cli_hello_random = HF_EMPTY;
58 static int hf_wtls_hands_cli_hello_session = HF_EMPTY;
59 static int hf_wtls_hands_cli_hello_session_str = HF_EMPTY;
60 static int hf_wtls_hands_cli_hello_cli_key_id = HF_EMPTY;
61 static int hf_wtls_hands_cli_hello_cli_key_len = HF_EMPTY;
62 static int hf_wtls_hands_cli_hello_trust_key_id = HF_EMPTY;
63 static int hf_wtls_hands_cli_hello_key_exchange = HF_EMPTY;
64 static int hf_wtls_hands_cli_hello_key_exchange_suite = HF_EMPTY;
65 static int hf_wtls_hands_cli_hello_key_parameter_index = HF_EMPTY;
66 static int hf_wtls_hands_cli_hello_key_parameter_set = HF_EMPTY;
67 static int hf_wtls_hands_cli_hello_key_identifier_type = HF_EMPTY;
68 static int hf_wtls_hands_cli_hello_key_identifier_charset = HF_EMPTY;
69 static int hf_wtls_hands_cli_hello_key_identifier_size = HF_EMPTY;
70 static int hf_wtls_hands_cli_hello_key_identifier = HF_EMPTY;
71 static int hf_wtls_hands_cli_hello_key_identifier_str = HF_EMPTY;
72 static int hf_wtls_hands_cli_hello_cipher_suite = HF_EMPTY;
73 static int hf_wtls_hands_cli_hello_cipher_suite_item = HF_EMPTY;
74 static int hf_wtls_hands_cli_hello_compression_methods = HF_EMPTY;
75 static int hf_wtls_hands_cli_hello_compression = HF_EMPTY;
76 static int hf_wtls_hands_cli_hello_sequence_mode = HF_EMPTY;
77 static int hf_wtls_hands_cli_hello_key_refresh = HF_EMPTY;
78 static int hf_wtls_hands_serv_hello = HF_EMPTY;
79 static int hf_wtls_hands_serv_hello_version = HF_EMPTY;
80 static int hf_wtls_hands_serv_hello_gmt = HF_EMPTY;
81 static int hf_wtls_hands_serv_hello_random = HF_EMPTY;
82 static int hf_wtls_hands_serv_hello_session = HF_EMPTY;
83 static int hf_wtls_hands_serv_hello_session_str = HF_EMPTY;
84 static int hf_wtls_hands_serv_hello_cli_key_id = HF_EMPTY;
85 static int hf_wtls_hands_serv_hello_cipher_suite_item = HF_EMPTY;
86 static int hf_wtls_hands_serv_hello_cipher_bulk = HF_EMPTY;
87 static int hf_wtls_hands_serv_hello_cipher_mac = HF_EMPTY;
88 static int hf_wtls_hands_serv_hello_compression = HF_EMPTY;
89 static int hf_wtls_hands_serv_hello_sequence_mode = HF_EMPTY;
90 static int hf_wtls_hands_serv_hello_key_refresh = HF_EMPTY;
91 static int hf_wtls_hands_certificates = HF_EMPTY;
92 static int hf_wtls_hands_certificate = HF_EMPTY;
93 static int hf_wtls_hands_certificate_type = HF_EMPTY;
94 static int hf_wtls_hands_certificate_wtls_version = HF_EMPTY;
95 static int hf_wtls_hands_certificate_wtls_signature_type = HF_EMPTY;
96 static int hf_wtls_hands_certificate_wtls_issuer_type = HF_EMPTY;
97 static int hf_wtls_hands_certificate_wtls_issuer_charset = HF_EMPTY;
98 static int hf_wtls_hands_certificate_wtls_issuer_size = HF_EMPTY;
99 static int hf_wtls_hands_certificate_wtls_issuer_name = HF_EMPTY;
100 static int hf_wtls_hands_certificate_wtls_valid_not_before = HF_EMPTY;
101 static int hf_wtls_hands_certificate_wtls_valid_not_after = HF_EMPTY;
102 static int hf_wtls_hands_certificate_wtls_subject_type = HF_EMPTY;
103 static int hf_wtls_hands_certificate_wtls_subject_charset = HF_EMPTY;
104 static int hf_wtls_hands_certificate_wtls_subject_size = HF_EMPTY;
105 static int hf_wtls_hands_certificate_wtls_subject_name = HF_EMPTY;
106 static int hf_wtls_hands_certificate_wtls_public_key_type = HF_EMPTY;
107 static int hf_wtls_hands_certificate_wtls_key_parameter_index = HF_EMPTY;
108 static int hf_wtls_hands_certificate_wtls_key_parameter_set = HF_EMPTY;
109 static int hf_wtls_hands_certificate_wtls_rsa_exponent = HF_EMPTY;
110 static int hf_wtls_hands_certificate_wtls_rsa_modules = HF_EMPTY;
111 static int hf_wtls_hands_certificate_wtls_signature = HF_EMPTY;
112 static int hf_wtls_alert = HF_EMPTY;
113 static int hf_wtls_alert_level = HF_EMPTY;
114 static int hf_wtls_alert_description = HF_EMPTY;
115
116 /* Initialize the subtree pointers */
117 static gint ett_wtls = ETT_EMPTY;
118 static gint ett_wtls_rec = ETT_EMPTY;
119 static gint ett_wtls_msg_type = ETT_EMPTY;
120 static gint ett_wtls_msg_type_item = ETT_EMPTY;
121 static gint ett_wtls_msg_type_item_sub = ETT_EMPTY;
122 static gint ett_wtls_msg_type_item_sub_sub = ETT_EMPTY;
123
124 static const value_string wtls_vals_record_type[] = {
125 { 1, "change_cipher_data" },
126 { 2, "alert" },
127 { 3, "handshake" },
128 { 4, "application_data" },
129 { 0, NULL }
130 };
131 static value_string_ext wtls_vals_record_type_ext = VALUE_STRING_EXT_INIT(wtls_vals_record_type);
132
133 static const value_string wtls_vals_cipher_bulk[] = {
134 { 0, "Null" },
135 { 1, "RC5 CBC 40" },
136 { 2, "RC5 CBC 56" },
137 { 3, "RC5 CBC" },
138 { 4, "DES CBC 40" },
139 { 5, "DES CBC" },
140 { 6, "3DES CBC cwEDE40" },
141 { 7, "IDEA CBC 40" },
142 { 8, "IDEA CBC 56" },
143 { 9, "IDEA CBC" },
144 { 0, NULL }
145 };
146 static value_string_ext wtls_vals_cipher_bulk_ext = VALUE_STRING_EXT_INIT(wtls_vals_cipher_bulk);
147
148 static const value_string wtls_vals_cipher_mac[] = {
149 { 0, "SHA 0" },
150 { 1, "SHA 40 " },
151 { 2, "SHA 80" },
152 { 3, "SHA" },
153 { 4, "SHA XOR 40" },
154 { 5, "MD5 40" },
155 { 6, "MD5 80" },
156 { 7, "MD5" },
157 { 0, NULL }
158 };
159 static value_string_ext wtls_vals_cipher_mac_ext = VALUE_STRING_EXT_INIT(wtls_vals_cipher_mac);
160
161 static const value_string wtls_vals_handshake_type[] = {
162 { 0, "Hello Request" },
163 { 1, "Client Hello" },
164 { 2, "Server Hello" },
165 { 11, "Certificate" },
166 { 12, "Server Key Exchange" },
167 { 13, "Certificate Request" },
168 { 14, "Server Hello Done" },
169 { 15, "Certificate Verify" },
170 { 16, "Client Key Exchange" },
171 { 20, "Finished" },
172 { 0, NULL }
173 };
174 static value_string_ext wtls_vals_handshake_type_ext = VALUE_STRING_EXT_INIT(wtls_vals_handshake_type);
175
176 static const value_string wtls_vals_key_exchange_suite[] = {
177 { 0, "NULL" },
178 { 1, "Shared Secret" },
179 { 2, "Diffie Hellman Anonymous" },
180 { 3, "Diffie Hellman Anonymous 512" },
181 { 4, "Diffie Hellman Anonymous 768" },
182 { 5, "RSA Anonymous" },
183 { 6, "RSA Anonymous 512" },
184 { 7, "RSA Anonymous 768" },
185 { 8, "RSA" },
186 { 9, "RSA 512" },
187 { 10, "RSA 768" },
188 { 11, "EC Diffie Hellman Anonymous" },
189 { 12, "EC Diffie Hellman Anonymous 113" },
190 { 13, "EC Diffie Hellman Anonymous 131" },
191 { 14, "EC Diffie Hellman ECDSA" },
192 { 15, "EC Diffie Hellman Anonymous Uncomp" },
193 { 16, "EC Diffie Hellman Anonymous Uncomp 113" },
194 { 17, "EC Diffie Hellman Anonymous Uncomp 131" },
195 { 18, "EC Diffie Hellman ECDSA Uncomp" },
196 { 0x00, NULL }
197 };
198 static value_string_ext wtls_vals_key_exchange_suite_ext = VALUE_STRING_EXT_INIT(wtls_vals_key_exchange_suite);
199
200 static const value_string wtls_vals_identifier_type[] = {
201 { 0, "No identifier" },
202 { 1, "Textual Name" },
203 { 2, "Binary Name" },
204 { 254, "SHA-1 Hash of Public Key" },
205 { 255, "x509 Distinguished Name" },
206 { 0, NULL }
207 };
208 static value_string_ext wtls_vals_identifier_type_ext = VALUE_STRING_EXT_INIT(wtls_vals_identifier_type);
209
210 static const value_string wtls_vals_certificate_type[] = {
211 { 1, "WTLS" },
212 { 2, "X.509" },
213 { 3, "X.968" },
214 { 4, "URL" },
215 { 0, NULL }
216 };
217 static value_string_ext wtls_vals_certificate_type_ext = VALUE_STRING_EXT_INIT(wtls_vals_certificate_type);
218
219 static const value_string wtls_vals_compression[] = {
220 { 0, "Null" },
221 { 0, NULL }
222 };
223
224 static const value_string wtls_vals_sequence_mode[] = {
225 { 0, "Off" },
226 { 1, "Implicit" },
227 { 2, "Explicit" },
228 { 0, NULL }
229 };
230
231 static const value_string wtls_vals_certificate_signature[] = {
232 { 0, "Anonymous" },
233 { 1, "ECDSA_SHA" },
234 { 2, "RSA_SHA" },
235 { 0, NULL }
236 };
237
238 static const value_string wtls_vals_public_key_type[] = {
239 { 2, "RSA" },
240 { 3, "ECDH" },
241 { 4, "ECSA" },
242 { 0, NULL }
243 };
244
245 static const value_string wtls_vals_alert_level[] = {
246 { 1, "Warning" },
247 { 2, "Critical" },
248 { 3, "Fatal" },
249 { 0, NULL }
250 };
251
252 static const value_string wtls_vals_alert_description[] = {
253 { 0, "connection_close_notify"},
254 { 1, "session_close_notify"},
255 { 5, "no_connection"},
256 { 10, "unexpected_message"},
257 { 11, "time_required"},
258 { 20, "bad_record_mac"},
259 { 21, "decryption_failed"},
260 { 22, "record_overflow"},
261 { 30, "decompression_failure"},
262 { 40, "handshake_failure"},
263 { 42, "bad_certificate"},
264 { 43, "unsupported_certificate"},
265 { 44, "certificate_revoked"},
266 { 45, "certificate_expired"},
267 { 46, "certificate_unknown"},
268 { 47, "illegal_parameter"},
269 { 48, "unknown_ca"},
270 { 49, "access_denied"},
271 { 50, "decode_error"},
272 { 51, "decrypt_error"},
273 { 52, "unknown_key_id"},
274 { 53, "disabled_key_id"},
275 { 54, "key_exchange_disabled"},
276 { 55, "session_not_ready"},
277 { 56, "unknown_parameter_index"},
278 { 57, "duplicate_finished_received"},
279 { 60, "export_restriction"},
280 { 70, "protocol_version"},
281 { 71, "insufficient_security"},
282 { 80, "internal_error"},
283 { 90, "user_canceled"},
284 { 100, "no_renegotiation"},
285 { 0, NULL }
286 };
287 static value_string_ext wtls_vals_alert_description_ext = VALUE_STRING_EXT_INIT(wtls_vals_alert_description);
288
289 #define WTLS_RECORD_TYPE_LENGTH 0x80
290 #define WTLS_RECORD_TYPE_SEQUENCE 0x40
291 #define WTLS_RECORD_TYPE_CIPHER_CUR 0x20
292 #define WTLS_RECORD_CONTENT_TYPE 0x0f
293
294 #define WTLS_ALERT 0x02
295 #define WTLS_PLAIN_HANDSHAKE 0x03
296
297 #define WTLS_HANDSHAKE_CLIENT_HELLO 1
298 #define WTLS_HANDSHAKE_SERVER_HELLO 2
299 #define WTLS_HANDSHAKE_CERTIFICATE 11
300
301 #define CERTIFICATE_WTLS 1
302 #define CERTIFICATE_X509 2
303 #define CERTIFICATE_X968 3
304 #define CERTIFICATE_URL 4
305
306 #define IDENTIFIER_NULL 0
307 #define IDENTIFIER_TEXT 1
308 #define IDENTIFIER_BIN 2
309 #define IDENTIFIER_SHA_1 254
310 #define IDENTIFIER_X509 255
311
312 #define PUBLIC_KEY_RSA 2
313 #define PUBLIC_KEY_ECDH 3
314 #define PUBLIC_KEY_ECDSA 4
315
316 static void dissect_wtls_handshake (proto_tree *, tvbuff_t *, guint, guint);
317
318 /* Code to actually dissect the packets */
319 static void
320 dissect_wtls(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
321 {
322 int offset = 0;
323
324 char pdut;
325 guint count = 0;
326 guint offset_wtls = 0;
327
328 /* Set up structures we will need to add the protocol subtree and manage it */
329 proto_item *ti;
330 proto_tree *wtls_tree;
331 proto_tree *wtls_rec_tree;
332 proto_tree *wtls_msg_type_tree;
333
334 switch ( pinfo->match_uint )
335 {
336 case UDP_PORT_WTLS_WSP:
337 col_set_str(pinfo->cinfo, COL_PROTOCOL, "WTLS+WSP" );
338 break;
339 case UDP_PORT_WTLS_WTP_WSP:
340 col_set_str(pinfo->cinfo, COL_PROTOCOL, "WTLS+WTP+WSP" );
341 break;
342 }
343
344 /* Develop the string to put in the Info column */
345 col_set_str(pinfo->cinfo, COL_INFO, "WTLS");
346
347 /* In the interest of speed, if "tree" is NULL, don't do any work not
348 necessary to generate protocol tree items. */
349
350 if (tree) {
351 ti = proto_tree_add_item(tree, proto_wtls, tvb, offset_wtls,
352 -1, ENC_NA);
353 wtls_tree = proto_item_add_subtree(ti, ett_wtls);
354
355 for (offset_wtls=0; offset_wtls < (tvb_reported_length(tvb)-1);) {
356 pdut = tvb_get_guint8 (tvb, offset_wtls);
357
358 offset = offset_wtls+1;
359
360 if (pdut & WTLS_RECORD_TYPE_SEQUENCE) {
361 offset+=2;
362 }
363 if (pdut & WTLS_RECORD_TYPE_LENGTH) {
364 count = tvb_get_ntohs(tvb, offset);
365 offset+=2;
366 count += offset-offset_wtls;
367 }
368 else {
369 count = tvb_length_remaining (tvb, offset_wtls);
370 }
371 ti = proto_tree_add_uint(wtls_tree, hf_wtls_record, tvb, offset_wtls,
372 count, pdut);
373 wtls_rec_tree = proto_item_add_subtree(ti, ett_wtls_rec);
374
375 offset = offset_wtls;
376
377 proto_tree_add_item (wtls_rec_tree, hf_wtls_record_type,
378 tvb,offset,1,ENC_BIG_ENDIAN);
379
380 offset++;
381
382 offset_wtls += count;
383
384 if (pdut & WTLS_RECORD_TYPE_SEQUENCE) {
385 proto_tree_add_item (wtls_rec_tree, hf_wtls_record_sequence,
386 tvb,offset,2,ENC_BIG_ENDIAN);
387 offset+=2;
388 }
389 if (pdut & WTLS_RECORD_TYPE_LENGTH) {
390 count = tvb_get_ntohs(tvb, offset);
391 proto_tree_add_item (wtls_rec_tree, hf_wtls_record_length,
392 tvb,offset,2,ENC_BIG_ENDIAN);
393 offset+=2;
394 }
395 else {
396 count = tvb_length_remaining (tvb, offset);
397 }
398
399 if (pdut & WTLS_RECORD_TYPE_CIPHER_CUR) {
400 proto_tree_add_item (wtls_rec_tree, hf_wtls_record_ciphered,
401 tvb,offset,count,ENC_NA);
402 continue;
403 }
404
405 switch (pdut & WTLS_RECORD_CONTENT_TYPE) {
406 case WTLS_PLAIN_HANDSHAKE :
407 dissect_wtls_handshake(wtls_rec_tree,tvb,offset,count);
408 break;
409 case WTLS_ALERT :
410 ti = proto_tree_add_item(wtls_rec_tree, hf_wtls_alert, tvb, offset,
411 count, ENC_NA);
412 wtls_msg_type_tree = proto_item_add_subtree(ti, ett_wtls_msg_type);
413 proto_tree_add_item (wtls_msg_type_tree, hf_wtls_alert_level,
414 tvb,offset,1,ENC_BIG_ENDIAN);
415 offset+=1;
416 proto_tree_add_item (wtls_msg_type_tree, hf_wtls_alert_description,
417 tvb,offset,1,ENC_BIG_ENDIAN);
418 /*offset+=1;*/
419 break;
420 default:
421 /*offset+=count;*/
422 break;
423 }
424 }
425 }
426 }
427
428 static int
429 add_text_identifier(tvbuff_t *tvb, int offset, int hf_charset,
430 int hf_size, int hf_str, proto_tree *tree)
431 {
432 guint8 size;
433 int client_size = 0;
434
435 proto_tree_add_item(tree, hf_charset, tvb, offset, 2, ENC_BIG_ENDIAN);
436 offset+=2;
437 size = tvb_get_guint8 (tvb, offset);
438 proto_tree_add_item(tree, hf_size, tvb, offset, 1, ENC_BIG_ENDIAN);
439 offset++;
440 proto_tree_add_item(tree, hf_str, tvb, offset, size, ENC_BIG_ENDIAN);
441 /*offset+=size;*/
442 client_size+=size+3;
443 #ifdef DEBUG
444 fprintf(stderr, "text id size = %d, client_size = %d\n",
445 size, client_size);
446 #endif /* DEBUG */
447 return client_size;
448 }
449
450 static int
451 add_session_id(proto_tree *tree, int hf, int hf_str, tvbuff_t *tvb, int offset)
452 {
453 guint count;
454 guint i;
455 guint64 session_id;
456 header_field_info *hfinfo;
457
458 count = tvb_get_guint8(tvb, offset);
459 if (count == 0)
460 proto_tree_add_string (tree, hf_str, tvb, offset, count+1, "NULL");
461 else if (count <= 8) {
462 session_id = 0;
463 for (i = 0; i < count; i++)
464 session_id = (session_id << 8) | tvb_get_guint8(tvb, offset + i);
465 proto_tree_add_uint64 (tree, hf, tvb, offset, count+1, session_id);
466 } else {
467 hfinfo = proto_registrar_get_nth(hf);
468 proto_tree_add_text (tree, tvb, offset, count+1, "%s: %s",
469 hfinfo->name, tvb_bytes_to_str(tvb, offset+1, count));
470 }
471 return offset+1+count;
472 }
473
474 static void
475 dissect_wtls_handshake(proto_tree *tree, tvbuff_t *tvb, guint offset, guint count)
476 {
477 char pdu_msg_type;
478 nstime_t timeValue;
479 int client_size = 0;
480 guint value = 0;
481 int size = 0;
482 guint public_key = 0;
483 char valStr[1024];
484 const char *valBulk = NULL;
485 const char *valMac = NULL;
486
487 proto_item *ti;
488 proto_item *cli_key_item;
489 proto_tree *wtls_msg_type_tree;
490 proto_tree *wtls_msg_type_item_tree;
491 proto_tree *wtls_msg_type_item_sub_tree;
492 proto_tree *wtls_msg_type_item_sub_sub_tree;
493
494 pdu_msg_type = tvb_get_guint8 (tvb, offset);
495 ti = proto_tree_add_uint(tree, hf_wtls_hands, tvb, offset,count, pdu_msg_type);
496 wtls_msg_type_tree = proto_item_add_subtree(ti, ett_wtls_msg_type);
497
498 proto_tree_add_item (wtls_msg_type_tree, hf_wtls_hands_type,
499 tvb,offset,1,ENC_BIG_ENDIAN);
500 offset+=1;
501 count = tvb_get_ntohs (tvb, offset);
502 proto_tree_add_item (wtls_msg_type_tree, hf_wtls_hands_length,
503 tvb,offset,2,ENC_BIG_ENDIAN);
504 offset+=2;
505 switch(pdu_msg_type) {
506 case WTLS_HANDSHAKE_CLIENT_HELLO :
507 ti = proto_tree_add_item(wtls_msg_type_tree, hf_wtls_hands_cli_hello, tvb, offset,
508 count, ENC_NA);
509 wtls_msg_type_item_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item);
510 proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_version,
511 tvb,offset,1,ENC_BIG_ENDIAN);
512 offset++;
513 timeValue.secs = tvb_get_ntohl (tvb, offset);
514 timeValue.nsecs = 0;
515 proto_tree_add_time (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_gmt, tvb,
516 offset, 4, &timeValue);
517 offset+=4;
518 proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_random,
519 tvb,offset,12,ENC_NA);
520 offset+=12;
521 offset = add_session_id (wtls_msg_type_item_tree,
522 hf_wtls_hands_cli_hello_session,
523 hf_wtls_hands_cli_hello_session_str,
524 tvb, offset);
525
526 /* process client_key_ids structure */
527 count = tvb_get_ntohs (tvb, offset);
528 ti = proto_tree_add_item(wtls_msg_type_item_tree,
529 hf_wtls_hands_cli_hello_cli_key_id, tvb, offset,
530 count+2, ENC_NA);
531 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
532
533 /* display length of client_key_ids structure */
534 proto_tree_add_item(wtls_msg_type_item_sub_tree,
535 hf_wtls_hands_cli_hello_cli_key_len,
536 tvb,offset,2,ENC_BIG_ENDIAN);
537 offset+=2;
538
539 /* cycle through client_key_ids entries */
540 for (;count > 0;count-=client_size) {
541 /* get encryption suite id (one byte) */
542 value = tvb_get_guint8 (tvb, offset);
543 cli_key_item = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
544 hf_wtls_hands_cli_hello_key_exchange, tvb, offset,1,
545 value);
546 client_size=1;
547 wtls_msg_type_item_sub_sub_tree = proto_item_add_subtree(cli_key_item,
548 ett_wtls_msg_type_item_sub_sub);
549 proto_tree_add_uint(wtls_msg_type_item_sub_sub_tree,
550 hf_wtls_hands_cli_hello_key_exchange_suite,
551 tvb,offset,1,value);
552 offset++;
553 #ifdef DEBUG
554 fprintf(stderr, "encryption suite = %d, client_size = %d\n", value, client_size);
555 #endif /* DEBUG */
556
557 /* get parameter index (one byte) */
558 value = tvb_get_guint8 (tvb, offset);
559 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
560 hf_wtls_hands_cli_hello_key_parameter_index,
561 tvb,offset,1,ENC_BIG_ENDIAN);
562 offset++;
563 client_size++;
564 #ifdef DEBUG
565 fprintf(stderr, "parameter index = %d, client_size = %d\n", value, client_size);
566 #endif /* DEBUG */
567
568 /* explicit parameters present in next field */
569 if (value == 0xff) {
570 size = tvb_get_ntohs (tvb, offset);
571 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
572 hf_wtls_hands_cli_hello_key_parameter_set,
573 tvb,offset,size+2,ENC_ASCII|ENC_NA);
574 offset+=size+2;
575 client_size+=size+2;
576 }
577
578 /* get identifier type */
579 value = tvb_get_guint8 (tvb, offset);
580 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
581 hf_wtls_hands_cli_hello_key_identifier_type,
582 tvb,offset,1,ENC_BIG_ENDIAN);
583 offset++;
584 client_size++;
585 #ifdef DEBUG
586 fprintf(stderr, "identifier type = %d, client_size = %d\n", value, client_size);
587 #endif /* DEBUG */
588
589 /* identifier present in next field */
590 /* note: value 0x0 means no identifier */
591 switch(value) {
592 case IDENTIFIER_TEXT :
593 /* text identifier */
594 /* not tested */
595 size = add_text_identifier(
596 tvb, offset,
597 hf_wtls_hands_cli_hello_key_identifier_charset,
598 hf_wtls_hands_cli_hello_key_identifier_size,
599 hf_wtls_hands_cli_hello_key_identifier_str,
600 wtls_msg_type_item_sub_sub_tree);
601 offset += size;
602 client_size += size;
603 break;
604 case IDENTIFIER_BIN :
605 /* binary identifier */
606 size = tvb_get_guint8 (tvb, offset);
607 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
608 hf_wtls_hands_cli_hello_key_identifier_size,
609 tvb,offset,1,ENC_BIG_ENDIAN);
610 offset++;
611 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
612 hf_wtls_hands_cli_hello_key_identifier,
613 tvb,offset,size,ENC_NA);
614 offset+=size;
615 client_size+=size+1;
616 #ifdef DEBUG
617 fprintf(stderr, "binary id size = %d, client_size = %d\n",
618 size, client_size);
619 #endif /* DEBUG */
620 break;
621 case IDENTIFIER_SHA_1 :
622 /* SHA-1 hash of the public key */
623 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
624 hf_wtls_hands_cli_hello_key_identifier,
625 tvb,offset,20,ENC_NA);
626 offset+=20;
627 client_size+=20;
628 #ifdef DEBUG
629 fprintf(stderr, "SHA-1 hash size = 20, client_size = %d\n",
630 client_size);
631 #endif /* DEBUG */
632 break;
633 case IDENTIFIER_X509 :
634 /* X.509 distinguished name */
635 /* not tested */
636 size = tvb_get_guint8 (tvb, offset);
637 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
638 hf_wtls_hands_cli_hello_key_identifier_size,
639 tvb,offset,1,ENC_BIG_ENDIAN);
640 offset++;
641 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
642 hf_wtls_hands_cli_hello_key_identifier,
643 tvb,offset,size,ENC_NA);
644 offset+=size;
645 client_size+=size+1;
646 #ifdef DEBUG
647 fprintf(stderr, "X.509 name size = %d, client_size = %d\n",
648 size, client_size);
649 #endif /* DEBUG */
650 break;
651 }
652
653 proto_item_set_len(cli_key_item, client_size);
654 }
655
656 /* process trusted_keys structure */
657 count = tvb_get_ntohs (tvb, offset);
658 ti = proto_tree_add_item(wtls_msg_type_item_tree,
659 hf_wtls_hands_cli_hello_trust_key_id, tvb, offset,
660 count+2, ENC_NA);
661 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
662
663 /* display length of trusted_keys structure */
664 proto_tree_add_item(wtls_msg_type_item_sub_tree,
665 hf_wtls_hands_cli_hello_cli_key_len,
666 tvb,offset,2,ENC_BIG_ENDIAN);
667
668 offset+=2;
669 for (;count > 0;count-=client_size) {
670 /* get encryption suite id (one byte) */
671 value = tvb_get_guint8 (tvb, offset);
672 cli_key_item = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
673 hf_wtls_hands_cli_hello_key_exchange, tvb, offset,1,
674 value);
675 client_size=1;
676 wtls_msg_type_item_sub_sub_tree = proto_item_add_subtree(cli_key_item,
677 ett_wtls_msg_type_item_sub_sub);
678 proto_tree_add_uint(wtls_msg_type_item_sub_sub_tree,
679 hf_wtls_hands_cli_hello_key_exchange_suite,
680 tvb,offset,1,value);
681 offset++;
682 #ifdef DEBUG
683 fprintf(stderr, "encryption suite = %d, client_size = %d\n", value, client_size);
684 #endif /* DEBUG */
685
686 /* get parameter index (one byte) */
687 value = tvb_get_guint8 (tvb, offset);
688 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
689 hf_wtls_hands_cli_hello_key_parameter_index,
690 tvb,offset,1,ENC_BIG_ENDIAN);
691 offset++;
692 client_size++;
693 #ifdef DEBUG
694 fprintf(stderr, "parameter index = %d, client_size = %d\n", value, client_size);
695 #endif /* DEBUG */
696
697 /* explicit parameters present in next field */
698 if (value == 0xff) {
699 size = tvb_get_ntohs (tvb, offset);
700 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
701 hf_wtls_hands_cli_hello_key_parameter_set,
702 tvb,offset,size+2,ENC_ASCII|ENC_NA);
703 offset+=size+2;
704 client_size+=size+2;
705 }
706
707 /* get identifier type */
708 value = tvb_get_guint8 (tvb, offset);
709 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
710 hf_wtls_hands_cli_hello_key_identifier_type,
711 tvb,offset,1,ENC_BIG_ENDIAN);
712 offset++;
713 client_size++;
714 #ifdef DEBUG
715 fprintf(stderr, "identifier type = %d, client_size = %d\n", value, client_size);
716 #endif /* DEBUG */
717
718 /* identifier present in next field */
719 /* note: value 0x0 means no identifier */
720 switch (value) {
721 case IDENTIFIER_TEXT :
722 /* text identifier */
723 /* not tested */
724 size = add_text_identifier(
725 tvb, offset,
726 hf_wtls_hands_cli_hello_key_identifier_charset,
727 hf_wtls_hands_cli_hello_key_identifier_size,
728 hf_wtls_hands_cli_hello_key_identifier_str,
729 wtls_msg_type_item_sub_sub_tree);
730 offset += size;
731 client_size += size;
732 break;
733 case IDENTIFIER_BIN :
734 /* binary identifier */
735 size = tvb_get_guint8 (tvb, offset);
736 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
737 hf_wtls_hands_cli_hello_key_identifier_size,
738 tvb,offset,1,ENC_BIG_ENDIAN);
739 offset++;
740 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
741 hf_wtls_hands_cli_hello_key_identifier,
742 tvb,offset,size,ENC_NA);
743 offset+=size;
744 client_size+=size+1;
745 #ifdef DEBUG
746 fprintf(stderr, "binary id size = %d, client_size = %d\n",
747 size, client_size);
748 #endif /* DEBUG */
749 break;
750 case IDENTIFIER_SHA_1 :
751 /* SHA-1 hash of the public key */
752 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
753 hf_wtls_hands_cli_hello_key_identifier,
754 tvb,offset,20,ENC_NA);
755 offset+=20;
756 client_size+=20;
757 #ifdef DEBUG
758 fprintf(stderr, "SHA-1 hash size = 20, client_size = %d\n",
759 client_size);
760 #endif /* DEBUG */
761 break;
762 case IDENTIFIER_X509 :
763 /* X.509 distinguished name */
764 /* not tested */
765 size = tvb_get_guint8 (tvb, offset);
766 /* need to fetch identifier and display it */
767 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
768 hf_wtls_hands_cli_hello_key_identifier_size,
769 tvb,offset,1,ENC_BIG_ENDIAN);
770 offset++;
771 proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
772 hf_wtls_hands_cli_hello_key_identifier,
773 tvb,offset,size,ENC_NA);
774 offset+=size;
775 client_size+=size+1;
776 #ifdef DEBUG
777 fprintf(stderr, "X.509 name size = %d, client_size = %d\n",
778 size, client_size);
779 #endif /* DEBUG */
780 break;
781 }
782 proto_item_set_len(cli_key_item, client_size);
783 }
784
785 /* process cipher_suites structure */
786 count = tvb_get_guint8 (tvb, offset);
787 ti = proto_tree_add_item(wtls_msg_type_item_tree,
788 hf_wtls_hands_cli_hello_cipher_suite, tvb, offset,
789 count+1, ENC_NA);
790 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
791 offset+=1;
792 for (;count > 0;count-=client_size) {
793 value = tvb_get_guint8 (tvb, offset);
794 valBulk = try_val_to_str_ext(value, &wtls_vals_cipher_bulk_ext);
795 offset++;
796 client_size=1;
797 valMac = try_val_to_str_ext(tvb_get_guint8 (tvb, offset), &wtls_vals_cipher_mac_ext);
798 if (valBulk != NULL)
799 {
800 if (valMac != NULL)
801 {
802 g_snprintf(valStr,1024,"%s, %s",valBulk,valMac);
803 }
804 else
805 {
806 g_snprintf(valStr,1024,"%s, Unknown MAC (0x%02x)",valBulk,tvb_get_guint8 (tvb, offset));
807 }
808 }
809 else
810 {
811 if (valMac != NULL)
812 {
813 g_snprintf(valStr,1024,"Unknown Bulk (0x%02x), %s",value,valMac);
814 }
815 else
816 {
817 g_snprintf(valStr,1024,"Unknown Bulk (0x%02x), Unknown MAC (0x%02x)",value,
818 tvb_get_guint8 (tvb, offset));
819 }
820 }
821 offset++;
822 client_size++;
823 proto_tree_add_string(wtls_msg_type_item_sub_tree,
824 hf_wtls_hands_cli_hello_cipher_suite_item, tvb, offset-2,2,
825 valStr);
826 }
827 count = tvb_get_guint8 (tvb, offset);
828 ti = proto_tree_add_item(wtls_msg_type_item_tree,
829 hf_wtls_hands_cli_hello_compression_methods, tvb, offset,
830 count+1, ENC_NA);
831 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
832 offset+=1;
833 for (;count > 0;count-=client_size) {
834 client_size=0;
835 proto_tree_add_item(wtls_msg_type_item_sub_tree,
836 hf_wtls_hands_cli_hello_compression, tvb, offset,1,
837 ENC_LITTLE_ENDIAN);
838 offset++;
839 client_size++;
840 }
841 proto_tree_add_item(wtls_msg_type_item_tree,
842 hf_wtls_hands_cli_hello_sequence_mode, tvb, offset,
843 1, ENC_LITTLE_ENDIAN);
844 offset++;
845 proto_tree_add_item(wtls_msg_type_item_tree,
846 hf_wtls_hands_cli_hello_key_refresh, tvb, offset,
847 1, ENC_LITTLE_ENDIAN);
848 break;
849 case WTLS_HANDSHAKE_SERVER_HELLO :
850 ti = proto_tree_add_item(wtls_msg_type_tree, hf_wtls_hands_serv_hello, tvb, offset,
851 count, ENC_NA);
852 wtls_msg_type_item_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item);
853 proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_version,
854 tvb,offset,1,ENC_BIG_ENDIAN);
855 offset++;
856 timeValue.secs = tvb_get_ntohl (tvb, offset);
857 timeValue.nsecs = 0;
858 proto_tree_add_time (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_gmt, tvb,
859 offset, 4, &timeValue);
860 offset+=4;
861 proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_random,
862 tvb,offset,12,ENC_NA);
863 offset+=12;
864 offset = add_session_id (wtls_msg_type_item_tree,
865 hf_wtls_hands_serv_hello_session,
866 hf_wtls_hands_serv_hello_session_str,
867 tvb, offset);
868 proto_tree_add_item(wtls_msg_type_item_tree,
869 hf_wtls_hands_serv_hello_cli_key_id,
870 tvb,offset,1,ENC_BIG_ENDIAN);
871 offset++;
872 cli_key_item = proto_tree_add_item(wtls_msg_type_item_tree,
873 hf_wtls_hands_serv_hello_cipher_suite_item, tvb, offset,2,
874 ENC_NA);
875 wtls_msg_type_item_sub_tree = proto_item_add_subtree(cli_key_item,
876 ett_wtls_msg_type_item_sub);
877 proto_tree_add_item(wtls_msg_type_item_sub_tree,
878 hf_wtls_hands_serv_hello_cipher_bulk,
879 tvb,offset,1,ENC_BIG_ENDIAN);
880 offset++;
881 proto_tree_add_item(wtls_msg_type_item_sub_tree,
882 hf_wtls_hands_serv_hello_cipher_mac,
883 tvb,offset,1,ENC_BIG_ENDIAN);
884 offset++;
885 proto_tree_add_item(wtls_msg_type_item_tree,
886 hf_wtls_hands_serv_hello_compression, tvb, offset,1,
887 ENC_LITTLE_ENDIAN);
888 offset++;
889 proto_tree_add_item(wtls_msg_type_item_tree,
890 hf_wtls_hands_serv_hello_sequence_mode, tvb, offset,
891 1, ENC_LITTLE_ENDIAN);
892 offset++;
893 proto_tree_add_item(wtls_msg_type_item_tree,
894 hf_wtls_hands_serv_hello_key_refresh, tvb, offset,
895 1, ENC_LITTLE_ENDIAN);
896 offset++;
897 break;
898 case WTLS_HANDSHAKE_CERTIFICATE :
899 ti = proto_tree_add_item(wtls_msg_type_tree, hf_wtls_hands_certificates,
900 tvb, offset,count, ENC_NA);
901 wtls_msg_type_item_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item);
902 count = tvb_get_ntohs (tvb, offset);
903 offset+=2;
904 for (;count > 0;count-=client_size) {
905 cli_key_item = proto_tree_add_item(wtls_msg_type_item_tree,
906 hf_wtls_hands_certificate, tvb, offset,1,
907 ENC_NA);
908 client_size=0;
909 wtls_msg_type_item_sub_tree = proto_item_add_subtree(cli_key_item,
910 ett_wtls_msg_type_item_sub);
911 proto_item_set_len(cli_key_item, client_size);
912 value = tvb_get_guint8 (tvb, offset);
913 proto_tree_add_item(wtls_msg_type_item_sub_tree,
914 hf_wtls_hands_certificate_type, tvb, offset,1,
915 ENC_LITTLE_ENDIAN);
916 offset++;
917 client_size++;
918 switch(value) {
919 case CERTIFICATE_WTLS:
920 proto_tree_add_item(wtls_msg_type_item_sub_tree,
921 hf_wtls_hands_certificate_wtls_version,
922 tvb, offset,1,
923 ENC_LITTLE_ENDIAN);
924 offset++;
925 client_size++;
926 proto_tree_add_item(wtls_msg_type_item_sub_tree,
927 hf_wtls_hands_certificate_wtls_signature_type,
928 tvb, offset,1,
929 ENC_LITTLE_ENDIAN);
930 offset++;
931 client_size++;
932 value = tvb_get_guint8 (tvb, offset);
933 proto_tree_add_item(wtls_msg_type_item_sub_tree,
934 hf_wtls_hands_certificate_wtls_issuer_type,
935 tvb, offset,1,
936 ENC_LITTLE_ENDIAN);
937 offset++;
938 client_size++;
939 switch (value) {
940 case IDENTIFIER_NULL :
941 break;
942 case IDENTIFIER_TEXT :
943 value = add_text_identifier(tvb, offset,
944 hf_wtls_hands_certificate_wtls_issuer_charset,
945 hf_wtls_hands_certificate_wtls_issuer_size,
946 hf_wtls_hands_certificate_wtls_issuer_name,
947 wtls_msg_type_item_sub_tree);
948 offset += value;
949 client_size += value;
950 break;
951 case IDENTIFIER_BIN :
952 break;
953 case IDENTIFIER_SHA_1 :
954 break;
955 case IDENTIFIER_X509 :
956 break;
957 }
958 timeValue.secs = tvb_get_ntohl (tvb, offset);
959 timeValue.nsecs = 0;
960 proto_tree_add_time (wtls_msg_type_item_sub_tree,
961 hf_wtls_hands_certificate_wtls_valid_not_before,
962 tvb, offset, 4, &timeValue);
963 offset+=4;
964 client_size+=4;
965 timeValue.secs = tvb_get_ntohl (tvb, offset);
966 timeValue.nsecs = 0;
967 proto_tree_add_time (wtls_msg_type_item_sub_tree,
968 hf_wtls_hands_certificate_wtls_valid_not_after,
969 tvb, offset, 4, &timeValue);
970 offset+=4;
971 client_size+=4;
972 value = tvb_get_guint8 (tvb, offset);
973 proto_tree_add_item(wtls_msg_type_item_sub_tree,
974 hf_wtls_hands_certificate_wtls_subject_type,
975 tvb, offset,1,
976 ENC_LITTLE_ENDIAN);
977 offset++;
978 client_size++;
979 switch (value) {
980 case IDENTIFIER_NULL :
981 break;
982 case IDENTIFIER_TEXT :
983 value = add_text_identifier(tvb, offset,
984 hf_wtls_hands_certificate_wtls_subject_charset,
985 hf_wtls_hands_certificate_wtls_subject_size,
986 hf_wtls_hands_certificate_wtls_subject_name,
987 wtls_msg_type_item_sub_tree);
988 offset += value;
989 client_size += value;
990 break;
991 case IDENTIFIER_BIN :
992 break;
993 case IDENTIFIER_SHA_1 :
994 break;
995 case IDENTIFIER_X509 :
996 break;
997 }
998 public_key = tvb_get_guint8 (tvb, offset);
999 proto_tree_add_item(wtls_msg_type_item_sub_tree,
1000 hf_wtls_hands_certificate_wtls_public_key_type,
1001 tvb, offset,1,
1002 ENC_LITTLE_ENDIAN);
1003 offset++;
1004 client_size++;
1005 value = tvb_get_guint8 (tvb, offset);
1006 proto_tree_add_item(wtls_msg_type_item_sub_tree,
1007 hf_wtls_hands_certificate_wtls_key_parameter_index,
1008 tvb,offset,1,ENC_BIG_ENDIAN);
1009 offset++;
1010 client_size++;
1011 if (value == 0xff) {
1012 size = tvb_get_ntohs (tvb, offset);
1013 proto_tree_add_item(wtls_msg_type_item_sub_tree,
1014 hf_wtls_hands_certificate_wtls_key_parameter_set,
1015 tvb,offset,size+2,ENC_ASCII|ENC_NA);
1016 offset+=size+2;
1017 client_size+=size+2;
1018 }
1019 switch (public_key) {
1020 case PUBLIC_KEY_RSA :
1021 value = tvb_get_ntohs (tvb, offset);
1022 proto_tree_add_uint(wtls_msg_type_item_sub_tree,
1023 hf_wtls_hands_certificate_wtls_rsa_exponent,
1024 tvb,offset,value+2,value*8);
1025 offset+=2+value;
1026 client_size+=2+value;
1027 value = tvb_get_ntohs (tvb, offset);
1028 proto_tree_add_uint(wtls_msg_type_item_sub_tree,
1029 hf_wtls_hands_certificate_wtls_rsa_modules,
1030 tvb,offset,value+2,value*8);
1031 offset+=2+value;
1032 client_size+=2+value;
1033 break;
1034 case PUBLIC_KEY_ECDH :
1035 break;
1036 case PUBLIC_KEY_ECDSA :
1037 break;
1038 }
1039 value = tvb_get_ntohs (tvb, offset);
1040 proto_tree_add_uint(wtls_msg_type_item_sub_tree,
1041 hf_wtls_hands_certificate_wtls_signature,
1042 tvb,offset,2+value,value*8);
1043 offset+=2+value;
1044 client_size+=2+value;
1045 break;
1046 case CERTIFICATE_X509:
1047 case CERTIFICATE_X968:
1048 value = tvb_get_ntohs (tvb, offset);
1049 offset+=2;
1050 client_size+=2;
1051 client_size += value;
1052 offset += value;
1053 break;
1054 case CERTIFICATE_URL:
1055 value = tvb_get_guint8 (tvb, offset);
1056 offset++;
1057 client_size++;
1058 client_size += value;
1059 offset += value;
1060 break;
1061 }
1062 proto_item_set_len(cli_key_item, client_size);
1063 }
1064 break;
1065 default:
1066 /*offset+=count;*/
1067 break;
1068 }
1069 }
1070
1071 /* Register the protocol with Wireshark */
1072 void
1073 proto_register_wtls(void)
1074 {
1075
1076 /* Setup list of header fields */
1077 static hf_register_info hf[] = {
1078 { &hf_wtls_record,
1079 { "Record",
1080 "wtls.record",
1081 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_record_type_ext, 0x0f,
1082 NULL, HFILL
1083 }
1084 },
1085 { &hf_wtls_record_type,
1086 { "Record Type",
1087 "wtls.rec_type",
1088 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_record_type_ext, 0x0f,
1089 NULL, HFILL
1090 }
1091 },
1092 { &hf_wtls_record_length,
1093 { "Record Length",
1094 "wtls.rec_length",
1095 FT_UINT16, BASE_DEC, NULL, 0x00,
1096 NULL, HFILL
1097 }
1098 },
1099 { &hf_wtls_record_sequence,
1100 { "Record Sequence",
1101 "wtls.rec_seq",
1102 FT_UINT16, BASE_DEC, NULL, 0x00,
1103 NULL, HFILL
1104 }
1105 },
1106 { &hf_wtls_record_ciphered,
1107 { "Record Ciphered",
1108 "wtls.rec_cipher",
1109 FT_NONE, BASE_NONE, NULL, 0x00,
1110 NULL, HFILL
1111 }
1112 },
1113 { &hf_wtls_hands,
1114 { "Handshake",
1115 "wtls.handshake",
1116 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_handshake_type_ext, 0x00,
1117 NULL, HFILL
1118 }
1119 },
1120 { &hf_wtls_hands_type,
1121 { "Type",
1122 "wtls.handshake.type",
1123 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_handshake_type_ext, 0x00,
1124 NULL, HFILL
1125 }
1126 },
1127 { &hf_wtls_hands_length,
1128 { "Length",
1129 "wtls.handshake.length",
1130 FT_UINT16, BASE_DEC, NULL, 0x00,
1131 NULL, HFILL
1132 }
1133 },
1134 { &hf_wtls_hands_cli_hello,
1135 { "Client Hello",
1136 "wtls.handshake.client_hello",
1137 FT_NONE, BASE_NONE, NULL, 0x00,
1138 NULL, HFILL
1139 }
1140 },
1141 { &hf_wtls_hands_cli_hello_version,
1142 { "Version",
1143 "wtls.handshake.client_hello.version",
1144 FT_UINT8, BASE_DEC, NULL, 0x00,
1145 NULL, HFILL
1146 }
1147 },
1148 { &hf_wtls_hands_cli_hello_gmt,
1149 { "Time GMT",
1150 "wtls.handshake.client_hello.gmt",
1151 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x00,
1152 NULL, HFILL
1153 }
1154 },
1155 { &hf_wtls_hands_cli_hello_random,
1156 { "Random",
1157 "wtls.handshake.client_hello.random",
1158 FT_NONE, BASE_NONE, NULL, 0x00,
1159 NULL, HFILL
1160 }
1161 },
1162 { &hf_wtls_hands_cli_hello_session,
1163 { "Session ID",
1164 "wtls.handshake.client_hello.sessionid",
1165 FT_UINT64, BASE_HEX_DEC, NULL, 0x00,
1166 NULL, HFILL
1167 }
1168 },
1169 { &hf_wtls_hands_cli_hello_session_str,
1170 { "Session ID",
1171 "wtls.handshake.client_hello.session.str",
1172 FT_STRING, BASE_NONE, NULL, 0x00,
1173 NULL, HFILL
1174 }
1175 },
1176 { &hf_wtls_hands_cli_hello_cli_key_id,
1177 { "Client Keys",
1178 "wtls.handshake.client_hello.client_keys_id",
1179 FT_NONE, BASE_NONE, NULL, 0x00,
1180 NULL , HFILL
1181 }
1182 },
1183 { &hf_wtls_hands_cli_hello_cli_key_len,
1184 { "Length",
1185 "wtls.handshake.client_hello.client_keys_len",
1186 FT_UINT16, BASE_DEC, NULL, 0x00,
1187 NULL , HFILL
1188 }
1189 },
1190 { &hf_wtls_hands_cli_hello_trust_key_id,
1191 { "Trusted Keys",
1192 "wtls.handshake.client_hello.trusted_keys_id",
1193 FT_NONE, BASE_NONE, NULL, 0x00,
1194 NULL , HFILL
1195 }
1196 },
1197 { &hf_wtls_hands_cli_hello_key_exchange,
1198 { "Key Exchange",
1199 "wtls.handshake.client_hello.key.key_exchange",
1200 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_key_exchange_suite_ext, 0x00,
1201 NULL, HFILL
1202 }
1203 },
1204 { &hf_wtls_hands_cli_hello_key_exchange_suite,
1205 { "Suite",
1206 "wtls.handshake.client_hello.key.key_exchange.suite",
1207 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_key_exchange_suite_ext, 0x00,
1208 NULL, HFILL
1209 }
1210 },
1211 { &hf_wtls_hands_cli_hello_key_parameter_index,
1212 { "Parameter Index",
1213 "wtls.handshake.client_hello.parameter_index",
1214 FT_UINT8, BASE_DEC, NULL, 0x00,
1215 NULL, HFILL
1216 }
1217 },
1218 { &hf_wtls_hands_cli_hello_key_parameter_set,
1219 { "Parameter Set",
1220 "wtls.handshake.client_hello.parameter",
1221 FT_STRING, BASE_NONE, NULL, 0x00,
1222 NULL, HFILL
1223 }
1224 },
1225 { &hf_wtls_hands_cli_hello_key_identifier_type,
1226 { "Identifier Type",
1227 "wtls.handshake.client_hello.ident_type",
1228 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_identifier_type_ext, 0x00,
1229 NULL, HFILL
1230 }
1231 },
1232 { &hf_wtls_hands_cli_hello_key_identifier_charset,
1233 { "Identifier CharSet",
1234 "wtls.handshake.client_hello.ident_charset",
1235 FT_UINT16, BASE_HEX|BASE_EXT_STRING, &wap_mib_enum_vals_character_sets_ext, 0x00,
1236 NULL, HFILL
1237 }
1238 },
1239 { &hf_wtls_hands_cli_hello_key_identifier_size,
1240 { "Identifier Size",
1241 "wtls.handshake.client_hello.ident_size",
1242 FT_UINT8, BASE_DEC, NULL, 0x00,
1243 NULL, HFILL
1244 }
1245 },
1246 { &hf_wtls_hands_cli_hello_key_identifier,
1247 { "Identifier",
1248 "wtls.handshake.client_hello.identifier",
1249 FT_NONE, BASE_NONE, NULL, 0x00,
1250 NULL, HFILL
1251 }
1252 },
1253 { &hf_wtls_hands_cli_hello_key_identifier_str,
1254 { "Identifier Name",
1255 "wtls.handshake.client_hello.ident_name",
1256 FT_STRING, BASE_NONE, NULL, 0x00,
1257 NULL, HFILL
1258 }
1259 },
1260 { &hf_wtls_hands_cli_hello_cipher_suite,
1261 { "Cipher Suites",
1262 "wtls.handshake.client_hello.ciphers",
1263 FT_NONE, BASE_NONE, NULL, 0x00,
1264 "Cipher Suite", HFILL
1265 }
1266 },
1267 { &hf_wtls_hands_cli_hello_cipher_suite_item,
1268 { "Cipher",
1269 "wtls.handshake.client_hello.cipher",
1270 FT_STRING, BASE_NONE, NULL, 0x00,
1271 NULL, HFILL
1272 }
1273 },
1274 { &hf_wtls_hands_cli_hello_compression_methods,
1275 { "Compression Methods",
1276 "wtls.handshake.client_hello.comp_methods",
1277 FT_NONE, BASE_NONE, NULL, 0x00,
1278 NULL, HFILL
1279 }
1280 },
1281 { &hf_wtls_hands_cli_hello_compression,
1282 { "Compression",
1283 "wtls.handshake.client_hello.compression",
1284 FT_UINT8, BASE_HEX, VALS ( wtls_vals_compression ), 0x00,
1285 NULL, HFILL
1286 }
1287 },
1288 { &hf_wtls_hands_cli_hello_sequence_mode,
1289 { "Sequence Mode",
1290 "wtls.handshake.client_hello.sequence_mode",
1291 FT_UINT8, BASE_DEC, VALS ( wtls_vals_sequence_mode ), 0x00,
1292 NULL, HFILL
1293 }
1294 },
1295 { &hf_wtls_hands_cli_hello_key_refresh,
1296 { "Refresh",
1297 "wtls.handshake.client_hello.refresh",
1298 FT_UINT8, BASE_DEC, NULL, 0x00,
1299 NULL, HFILL
1300 }
1301 },
1302 { &hf_wtls_hands_serv_hello,
1303 { "Server Hello",
1304 "wtls.handshake.server_hello",
1305 FT_NONE, BASE_NONE, NULL, 0x00,
1306 NULL, HFILL
1307 }
1308 },
1309 { &hf_wtls_hands_serv_hello_version,
1310 { "Version",
1311 "wtls.handshake.server_hello.version",
1312 FT_UINT8, BASE_DEC, NULL, 0x00,
1313 NULL, HFILL
1314 }
1315 },
1316 { &hf_wtls_hands_serv_hello_gmt,
1317 { "Time GMT",
1318 "wtls.handshake.server_hello.gmt",
1319 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x00,
1320 NULL, HFILL
1321 }
1322 },
1323 { &hf_wtls_hands_serv_hello_random,
1324 { "Random",
1325 "wtls.handshake.server_hello.random",
1326 FT_NONE, BASE_NONE, NULL, 0x00,
1327 NULL, HFILL
1328 }
1329 },
1330 { &hf_wtls_hands_serv_hello_session,
1331 { "Session ID",
1332 "wtls.handshake.server_hello.sessionid",
1333 FT_UINT64, BASE_HEX_DEC, NULL, 0x00,
1334 NULL, HFILL
1335 }
1336 },
1337 { &hf_wtls_hands_serv_hello_session_str,
1338 { "Session ID",
1339 "wtls.handshake.server_hello.session.str",
1340 FT_STRING, BASE_NONE, NULL, 0x00,
1341 NULL, HFILL
1342 }
1343 },
1344 { &hf_wtls_hands_serv_hello_cli_key_id,
1345 { "Client Key ID",
1346 "wtls.handshake.server_hello.key",
1347 FT_UINT8, BASE_HEX, NULL, 0x00,
1348 NULL, HFILL
1349 }
1350 },
1351 { &hf_wtls_hands_serv_hello_cipher_suite_item,
1352 { "Cipher",
1353 "wtls.handshake.server_hello.cipher",
1354 FT_NONE, BASE_NONE, NULL, 0x00,
1355 NULL, HFILL
1356 }
1357 },
1358 { &hf_wtls_hands_serv_hello_cipher_bulk,
1359 { "Cipher Bulk",
1360 "wtls.handshake.server_hello.cipher.bulk",
1361 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_cipher_bulk_ext, 0x00,
1362 NULL, HFILL
1363 }
1364 },
1365 { &hf_wtls_hands_serv_hello_cipher_mac,
1366 { "Cipher MAC",
1367 "wtls.handshake.server_hello.cipher.mac",
1368 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_cipher_mac_ext, 0x00,
1369 NULL, HFILL
1370 }
1371 },
1372 { &hf_wtls_hands_serv_hello_compression,
1373 { "Compression",
1374 "wtls.handshake.server_hello.compression",
1375 FT_UINT8, BASE_HEX, VALS ( wtls_vals_compression ), 0x00,
1376 NULL, HFILL
1377 }
1378 },
1379 { &hf_wtls_hands_serv_hello_sequence_mode,
1380 { "Sequence Mode",
1381 "wtls.handshake.server_hello.sequence_mode",
1382 FT_UINT8, BASE_DEC, VALS ( wtls_vals_sequence_mode ), 0x00,
1383 NULL, HFILL
1384 }
1385 },
1386 { &hf_wtls_hands_serv_hello_key_refresh,
1387 { "Refresh",
1388 "wtls.handshake.server_hello.refresh",
1389 FT_UINT8, BASE_DEC, NULL, 0x00,
1390 NULL, HFILL
1391 }
1392 },
1393 { &hf_wtls_hands_certificates,
1394 { "Certificates",
1395 "wtls.handshake.certificates",
1396 FT_NONE, BASE_NONE, NULL, 0x00,
1397 NULL, HFILL
1398 }
1399 },
1400 { &hf_wtls_hands_certificate,
1401 { "Certificate",
1402 "wtls.handshake.certificate",
1403 FT_NONE, BASE_NONE, NULL, 0x00,
1404 NULL, HFILL
1405 }
1406 },
1407 { &hf_wtls_hands_certificate_type,
1408 { "Type",
1409 "wtls.handshake.certificate.type",
1410 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_certificate_type_ext, 0x00,
1411 NULL, HFILL
1412 }
1413 },
1414 { &hf_wtls_hands_certificate_wtls_version,
1415 { "Version",
1416 "wtls.handshake.certificate.version",
1417 FT_UINT8, BASE_HEX, NULL, 0x00,
1418 NULL, HFILL
1419 }
1420 },
1421 { &hf_wtls_hands_certificate_wtls_signature_type,
1422 { "Signature Type",
1423 "wtls.handshake.certificate.signature.type",
1424 FT_UINT8, BASE_DEC, VALS ( wtls_vals_certificate_signature ), 0x00,
1425 NULL, HFILL
1426 }
1427 },
1428 { &hf_wtls_hands_certificate_wtls_signature,
1429 { "Signature Size",
1430 "wtls.handshake.certificate.signature.signature",
1431 FT_UINT32, BASE_DEC, NULL, 0x00,
1432 NULL, HFILL
1433 }
1434 },
1435 { &hf_wtls_hands_certificate_wtls_issuer_type,
1436 { "Issuer",
1437 "wtls.handshake.certificate.issuer.type",
1438 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_identifier_type_ext, 0x00,
1439 NULL, HFILL
1440 }
1441 },
1442 { &hf_wtls_hands_certificate_wtls_issuer_charset,
1443 { "Charset",
1444 "wtls.handshake.certificate.issuer.charset",
1445 FT_UINT16, BASE_HEX|BASE_EXT_STRING, &wap_mib_enum_vals_character_sets_ext, 0x00,
1446 NULL, HFILL
1447 }
1448 },
1449 { &hf_wtls_hands_certificate_wtls_issuer_size,
1450 { "Size",
1451 "wtls.handshake.certificate.issuer.size",
1452 FT_UINT8, BASE_DEC, NULL, 0x00,
1453 NULL, HFILL
1454 }
1455 },
1456 { &hf_wtls_hands_certificate_wtls_issuer_name,
1457 { "Name",
1458 "wtls.handshake.certificate.issuer.name",
1459 FT_STRING, BASE_NONE, NULL, 0x00,
1460 NULL, HFILL
1461 }
1462 },
1463 { &hf_wtls_hands_certificate_wtls_valid_not_before,
1464 { "Valid not before",
1465 "wtls.handshake.certificate.before",
1466 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x00,
1467 NULL, HFILL
1468 }
1469 },
1470 { &hf_wtls_hands_certificate_wtls_valid_not_after,
1471 { "Valid not after",
1472 "wtls.handshake.certificate.after",
1473 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x00,
1474 NULL, HFILL
1475 }
1476 },
1477 { &hf_wtls_hands_certificate_wtls_subject_type,
1478 { "Subject",
1479 "wtls.handshake.certificate.subject.type",
1480 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_identifier_type_ext, 0x00,
1481 NULL, HFILL
1482 }
1483 },
1484 { &hf_wtls_hands_certificate_wtls_subject_charset,
1485 { "Charset",
1486 "wtls.handshake.certificate.subject.charset",
1487 FT_UINT16, BASE_HEX|BASE_EXT_STRING, &wap_mib_enum_vals_character_sets_ext, 0x00,
1488 NULL, HFILL
1489 }
1490 },
1491 { &hf_wtls_hands_certificate_wtls_subject_size,
1492 { "Size",
1493 "wtls.handshake.certificate.subject.size",
1494 FT_UINT8, BASE_DEC, NULL, 0x00,
1495 NULL, HFILL
1496 }
1497 },
1498 { &hf_wtls_hands_certificate_wtls_subject_name,
1499 { "Name",
1500 "wtls.handshake.certificate.subject.name",
1501 FT_STRING, BASE_NONE, NULL, 0x00,
1502 NULL, HFILL
1503 }
1504 },
1505 { &hf_wtls_hands_certificate_wtls_public_key_type,
1506 { "Public Key Type",
1507 "wtls.handshake.certificate.public.type",
1508 FT_UINT8, BASE_DEC, VALS ( wtls_vals_public_key_type ), 0x00,
1509 NULL, HFILL
1510 }
1511 },
1512 { &hf_wtls_hands_certificate_wtls_key_parameter_index,
1513 { "Parameter Index",
1514 "wtls.handshake.certificate.parameter_index",
1515 FT_UINT8, BASE_DEC, NULL, 0x00,
1516 NULL, HFILL
1517 }
1518 },
1519 { &hf_wtls_hands_certificate_wtls_key_parameter_set,
1520 { "Parameter Set",
1521 "wtls.handshake.certificate.parameter",
1522 FT_STRING, BASE_NONE, NULL, 0x00,
1523 NULL, HFILL
1524 }
1525 },
1526 { &hf_wtls_hands_certificate_wtls_rsa_exponent,
1527 { "RSA Exponent Size",
1528 "wtls.handshake.certificate.rsa.exponent",
1529 FT_UINT32, BASE_DEC, NULL, 0x00,
1530 NULL, HFILL
1531 }
1532 },
1533 { &hf_wtls_hands_certificate_wtls_rsa_modules,
1534 { "RSA Modulus Size",
1535 "wtls.handshake.certificate.rsa.modules",
1536 FT_UINT32, BASE_DEC, NULL, 0x00,
1537 NULL, HFILL
1538 }
1539 },
1540 { &hf_wtls_alert,
1541 { "Alert",
1542 "wtls.alert",
1543 FT_NONE, BASE_NONE, NULL, 0x00,
1544 NULL, HFILL
1545 }
1546 },
1547 { &hf_wtls_alert_level,
1548 { "Level",
1549 "wtls.alert.level",
1550 FT_UINT8, BASE_DEC, VALS ( wtls_vals_alert_level ), 0x00,
1551 NULL, HFILL
1552 }
1553 },
1554 { &hf_wtls_alert_description,
1555 { "Description",
1556 "wtls.alert.description",
1557 FT_UINT8, BASE_DEC|BASE_EXT_STRING, &wtls_vals_alert_description_ext, 0x00,
1558 NULL, HFILL
1559 }
1560 },
1561 };
1562
1563 /* Setup protocol subtree array */
1564 static gint *ett[] = {
1565 &ett_wtls,
1566 &ett_wtls_rec,
1567 &ett_wtls_msg_type,
1568 &ett_wtls_msg_type_item,
1569 &ett_wtls_msg_type_item_sub,
1570 &ett_wtls_msg_type_item_sub_sub,
1571 };
1572
1573 /* Register the protocol name and description */
1574 proto_wtls = proto_register_protocol(
1575 "Wireless Transport Layer Security", /* protocol name for use by wireshark */
1576 "WTLS", /* short version of name */
1577 "wtls" /* Abbreviated protocol name, should Match IANA
1578 < URL:http://www.iana.org/assignments/port-numbers/ >
1579 */
1580 );
1581
1582 /* Required function calls to register the header fields and subtrees used */
1583 proto_register_field_array(proto_wtls, hf, array_length(hf));
1584 proto_register_subtree_array(ett, array_length(ett));
1585 }
1586
1587 void
1588 proto_reg_handoff_wtls(void)
1589 {
1590 dissector_handle_t wtls_handle;
1591
1592 wtls_handle = create_dissector_handle(dissect_wtls, proto_wtls);
1593 dissector_add_uint("udp.port", UDP_PORT_WTLS_WSP, wtls_handle);
1594 dissector_add_uint("udp.port", UDP_PORT_WTLS_WTP_WSP, wtls_handle);
1595 dissector_add_uint("udp.port", UDP_PORT_WTLS_WSP_PUSH,wtls_handle);
1596 }