DTLS: add support for use_srtp extension (RFC 5764)

Decryption support will be added later. Tested with dtls-srtp-ws-sip.pcapng from the linked bug. Change-Id: Ida1a2da754ef9aef16ad15ff64455b6f8e703ffd Ping-Bug: 13193 Reviewed-on: https://code.wireshark.org/review/18996 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
author: Peter Wu <peter@lekensteyn.nl> 2016-11-30 21:43:09 +0100
committer: Alexis La Goutte <alexis.lagoutte@gmail.com> 2016-12-06 05:58:39 +0000
commit: 89bc07c5d59ead31cad3ab5eea4378b6bb60bce9 (patch)
tree: 535fc1fc686d9a4e4ed54b62e575a7865c6a046b /epan/dissectors/packet-dtls.c
parent: f96e9d067ba314c947a3caeafc909e9542042a64 (diff)
download: wireshark-89bc07c5d59ead31cad3ab5eea4378b6bb60bce9.tar.gz
1 files changed, 86 insertions, 1 deletions
diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c
index 21e3ec6226..ef4fe3736f 100644
--- a/epan/dissectors/packet-dtls.c
+++ b/epan/dissectors/packet-dtls.c
@@ -78,6 +78,17 @@ static proto_tree *top_tree;
  *
  *********************************************************************/
 
+/* https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml */
+static const value_string srtp_protection_profile_vals[] = {
+  { 0x0001, "SRTP_AES128_CM_HMAC_SHA1_80" }, /* RFC 5764 */
+  { 0x0002, "SRTP_AES128_CM_HMAC_SHA1_32" },
+  { 0x0005, "SRTP_NULL_HMAC_SHA1_80" },
+  { 0x0006, "SRTP_NULL_HMAC_SHA1_32" },
+  { 0x0007, "SRTP_AEAD_AES_128_GCM" }, /* RFC 7714 */
+  { 0x0008, "SRTP_AEAD_AES_256_GCM" },
+  { 0x00, NULL },
+};
+
 /* Initialize the protocol and registered fields */
 static gint dtls_tap                            = -1;
 static gint exported_pdu_tap                    = -1;
@@ -116,6 +127,11 @@ static gint hf_dtls_fragment_count              = -1;
 static gint hf_dtls_reassembled_in              = -1;
 static gint hf_dtls_reassembled_length          = -1;
 
+static gint hf_dtls_hs_ext_use_srtp_protection_profiles_length  = -1;
+static gint hf_dtls_hs_ext_use_srtp_protection_profile          = -1;
+static gint hf_dtls_hs_ext_use_srtp_mki_length                  = -1;
+static gint hf_dtls_hs_ext_use_srtp_mki                         = -1;
+
 /* header fields used in ssl-utils, but defined here. */
 static dtls_hfs_t dtls_hfs = { -1, -1 };
 
@@ -1298,7 +1314,7 @@ dissect_dtls_handshake(tvbuff_t *tvb, packet_info *pinfo,
 
           case SSL_HND_HELLO_RETRY_REQUEST:
             ssl_dissect_hnd_hello_retry_request(&dissect_dtls_hf, sub_tvb, pinfo, ssl_hand_tree,
-                                                0, length, session, ssl);
+                                                0, length, session, ssl, TRUE);
             break;
 
           case SSL_HND_CERTIFICATE:
@@ -1478,6 +1494,59 @@ dissect_dtls_hnd_hello_verify_request(tvbuff_t *tvb, proto_tree *tree,
   return offset;
 }
 
+gint
+dtls_dissect_hnd_hello_ext_use_srtp(tvbuff_t *tvb, proto_tree *tree,
+                                    guint32 offset, guint32 ext_len)
+{
+  /* From https://tools.ietf.org/html/rfc5764#section-4.1.1
+   *
+   * uint8 SRTPProtectionProfile[2];
+   *
+   * struct {
+   *    SRTPProtectionProfiles SRTPProtectionProfiles;
+   *    opaque srtp_mki<0..255>;
+   * } UseSRTPData;
+   *
+   * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+   */
+
+  guint32 profiles_length, profiles_end, mki_length;
+
+  if (ext_len < 2) {
+    /* XXX expert info, record too small */
+    return offset + ext_len;
+  }
+
+  /* SRTPProtectionProfiles list length */
+  proto_tree_add_item_ret_uint(tree, hf_dtls_hs_ext_use_srtp_protection_profiles_length,
+      tvb, offset, 2, ENC_BIG_ENDIAN, &profiles_length);
+  if (profiles_length > ext_len - 2) {
+    /* XXX expert info because length exceeds extension_data field */
+    profiles_length = ext_len - 2;
+  }
+  offset += 2;
+
+  /* SRTPProtectionProfiles list items */
+  profiles_end = offset + profiles_length;
+  while (offset < profiles_end) {
+    proto_tree_add_item(tree, hf_dtls_hs_ext_use_srtp_protection_profile,
+        tvb, offset, 2, ENC_BIG_ENDIAN);
+    offset += 2;
+  }
+
+  /* MKI */
+  proto_tree_add_item_ret_uint(tree, hf_dtls_hs_ext_use_srtp_mki_length,
+      tvb, offset, 1, ENC_NA, &mki_length);
+  offset++;
+  if (mki_length > 0) {
+    proto_tree_add_item(tree, hf_dtls_hs_ext_use_srtp_mki,
+        tvb, offset, mki_length, ENC_NA);
+    offset += mki_length;
+  }
+
+  return offset;
+}
+
 /*********************************************************************
  *
  * Support Functions
@@ -1754,6 +1823,22 @@ proto_register_dtls(void)
       { "Reassembled DTLS length", "dtls.reassembled.length",
         FT_UINT32, BASE_DEC, NULL, 0x00, NULL, HFILL }
     },
+    { &hf_dtls_hs_ext_use_srtp_protection_profiles_length,
+      { "SRTP Protection Profiles Length", "dtls.use_srtp.protection_profiles_length",
+        FT_UINT16, BASE_DEC, NULL, 0x00, NULL, HFILL }
+    },
+    { &hf_dtls_hs_ext_use_srtp_protection_profile,
+      { "SRTP Protection Profile", "dtls.use_srtp.protection_profile",
+        FT_UINT16, BASE_HEX, VALS(srtp_protection_profile_vals), 0x00, NULL, HFILL }
+    },
+    { &hf_dtls_hs_ext_use_srtp_mki_length,
+      { "MKI Length", "dtls.use_srtp.mki_length",
+        FT_UINT8, BASE_DEC, NULL, 0x00, NULL, HFILL }
+    },
+    { &hf_dtls_hs_ext_use_srtp_mki,
+      { "MKI", "dtls.use_srtp.mki",
+        FT_BYTES, BASE_NONE, NULL, 0x00, NULL, HFILL }
+    },
     SSL_COMMON_HF_LIST(dissect_dtls_hf, "dtls")
   };
author	Peter Wu <peter@lekensteyn.nl>	2016-11-30 21:43:09 +0100
committer	Alexis La Goutte <alexis.lagoutte@gmail.com>	2016-12-06 05:58:39 +0000
commit	89bc07c5d59ead31cad3ab5eea4378b6bb60bce9 (patch)
tree	535fc1fc686d9a4e4ed54b62e575a7865c6a046b /epan/dissectors/packet-dtls.c
parent	f96e9d067ba314c947a3caeafc909e9542042a64 (diff)
download	wireshark-89bc07c5d59ead31cad3ab5eea4378b6bb60bce9.tar.gz