2 * Anything in Anything protocol
3 * Copyright 2008, Jelmer Vernooij <jelmer@samba.org>
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
9 * SPDX-License-Identifier: GPL-2.0-or-later
11 * ref: http://unfix.org/~jeroen/archive/drafts/draft-massar-v6ops-ayiya-02.html#anchor4
16 #include <epan/packet.h>
17 #include <epan/ipproto.h>
19 void proto_register_ayiya(void);
20 void proto_reg_handoff_ayiya(void);
22 static dissector_table_t ip_dissector_table;
24 static int proto_ayiya = -1;
25 static int hf_id_len = -1;
26 static int hf_id_type = -1;
27 static int hf_sig_len = -1;
28 static int hf_hash_method = -1;
29 static int hf_auth_method = -1;
30 static int hf_opcode = -1;
31 static int hf_next_header = -1;
32 static int hf_epoch = -1;
33 static int hf_identity = -1;
34 static int hf_signature = -1;
36 static gint ett_ayiya = -1;
38 static dissector_handle_t ayiya_handle = NULL;
40 static const value_string identity_types[] = {
43 { 0x2, "ASCII string" },
47 static const value_string hash_methods[] = {
54 static const value_string auth_methods[] = {
55 { 0x0, "No authentication" },
56 { 0x1, "Hash using a Shared Secret" },
57 { 0x2, "Hash using a public/private key method" },
61 #define OPCODE_FORWARD 1
63 static const value_string opcodes[] = {
64 { 0x0, "No Operation / Heartbeat" },
66 { 0x2, "Echo Request" },
67 { 0x3, "Echo Request and Forward" },
68 { 0x4, "Echo Response" },
70 { 0x6, "Query Request" },
71 { 0x7, "Query Response" },
75 #define UDP_PORT_AYIYA 5072
78 dissect_ayiya(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
80 proto_tree *ayiya_tree;
82 int idlen, siglen, ayiya_len;
83 guint8 next_header, opcode;
86 idlen = 1 << tvb_get_bits8(tvb, 0, 4);
87 siglen = tvb_get_bits8(tvb, 8, 4) * 4;
88 opcode = tvb_get_bits8(tvb, 20, 4);
89 next_header = tvb_get_guint8(tvb, 3);
91 ayiya_len = 8+idlen+siglen;
93 col_set_str(pinfo->cinfo, COL_PROTOCOL, "AYIYA");
97 ti = proto_tree_add_protocol_format( tree, proto_ayiya, tvb,
98 offset, ayiya_len, "AYIYA" );
99 ayiya_tree = proto_item_add_subtree(ti, ett_ayiya);
101 proto_tree_add_bits_item(ayiya_tree, hf_id_len, tvb, 0, 4, ENC_BIG_ENDIAN);
102 proto_tree_add_bits_item(ayiya_tree, hf_id_type, tvb, 4, 4, ENC_BIG_ENDIAN);
103 proto_tree_add_bits_item(ayiya_tree, hf_sig_len, tvb, 8, 4, ENC_BIG_ENDIAN);
104 proto_tree_add_bits_item(ayiya_tree, hf_hash_method, tvb, 12, 4, ENC_BIG_ENDIAN);
105 proto_tree_add_bits_item(ayiya_tree, hf_auth_method, tvb, 16, 4, ENC_BIG_ENDIAN);
106 proto_tree_add_bits_item(ayiya_tree, hf_opcode, tvb, 20, 4, ENC_BIG_ENDIAN);
107 proto_tree_add_uint_format_value(ayiya_tree, hf_next_header, tvb,
110 ipprotostr(next_header), next_header);
111 proto_tree_add_item(ayiya_tree, hf_epoch, tvb, 4, 4, ENC_TIME_SECS|ENC_BIG_ENDIAN);
112 proto_tree_add_item(ayiya_tree, hf_identity, tvb, 8, idlen, ENC_NA);
113 proto_tree_add_item(ayiya_tree, hf_signature, tvb, 8+idlen, siglen, ENC_NA);
118 payload = tvb_new_subset_remaining(tvb, offset);
119 dissector_try_uint(ip_dissector_table, next_header, payload, pinfo, tree);
123 return tvb_captured_length(tvb);
127 proto_register_ayiya(void)
129 static hf_register_info hf[] = {
131 { "Identity field length", "ayiya.idlen", FT_UINT8,
132 BASE_HEX, NULL, 0x0, NULL, HFILL
136 { "Identity field type", "ayiya.idtype", FT_UINT8,
137 BASE_HEX, VALS(identity_types), 0x0, NULL, HFILL
141 { "Signature Length", "ayiya.siglen", FT_UINT8,
142 BASE_HEX, NULL, 0x0, NULL, HFILL
146 { "Hash method", "ayiya.hashmethod", FT_UINT8,
147 BASE_HEX, VALS(hash_methods), 0x0, NULL, HFILL
151 { "Authentication method", "ayiya.authmethod", FT_UINT8,
152 BASE_HEX, VALS(auth_methods), 0x0, NULL, HFILL
156 { "Operation Code", "ayiya.opcode", FT_UINT8,
157 BASE_HEX, VALS(opcodes), 0x0, NULL, HFILL
161 { "Next Header", "ayiya.nextheader", FT_UINT8,
162 BASE_HEX, NULL, 0x0, NULL, HFILL
166 { "Epoch", "ayiya.epoch", FT_ABSOLUTE_TIME,
167 ABSOLUTE_TIME_LOCAL, NULL, 0x0, NULL, HFILL
171 { "Identity", "ayiya.identity", FT_BYTES,
172 BASE_NONE, NULL, 0x0, NULL, HFILL
176 { "Signature", "ayiya.signature", FT_BYTES,
177 BASE_NONE, NULL, 0x0, NULL, HFILL
181 static gint *ett[] = {
185 proto_ayiya = proto_register_protocol("Anything in Anything Protocol",
187 ayiya_handle = register_dissector("ayiya", dissect_ayiya, proto_ayiya);
188 proto_register_field_array(proto_ayiya, hf, array_length(hf));
189 proto_register_subtree_array(ett, array_length(ett));
193 proto_reg_handoff_ayiya(void)
195 dissector_add_uint_with_preference("udp.port", UDP_PORT_AYIYA, ayiya_handle);
197 ip_dissector_table = find_dissector_table("ip.proto");
201 * Editor modelines - https://www.wireshark.org/tools/modelines.html
206 * indent-tabs-mode: nil
209 * vi: set shiftwidth=4 tabstop=8 expandtab:
210 * :indentSize=4:tabSize=8:noTabs=true: