3 * Routines to dissect WTLS component of WAP traffic.
5 * $Id: packet-wtls.c,v 1.22 2002/08/28 21:00:37 jmayer Exp $
7 * Ethereal - Network traffic analyzer
8 * By Gerald Combs <gerald@ethereal.com>
9 * Copyright 1998 Gerald Combs
11 * WAP dissector based on original work by Ben Fowler
12 * Updated by Neil Hunter <neil.hunter@energis-squared.com>
13 * WTLS support by Alexandre P. Ferreira (Splice IP)
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version 2
18 * of the License, or (at your option) any later version.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
37 #ifdef NEED_SNPRINTF_H
38 # include "snprintf.h"
43 #include <epan/packet.h>
44 #include "packet-wap.h"
45 #include "packet-wtls.h"
47 /* File scoped variables for the protocol and registered fields */
48 static int proto_wtls = HF_EMPTY;
50 /* These fields used by fixed part of header */
51 static int hf_wtls_record = HF_EMPTY;
52 static int hf_wtls_record_type = HF_EMPTY;
53 static int hf_wtls_record_length = HF_EMPTY;
54 static int hf_wtls_record_sequence = HF_EMPTY;
55 static int hf_wtls_record_ciphered = HF_EMPTY;
56 static int hf_wtls_hands = HF_EMPTY;
57 static int hf_wtls_hands_type = HF_EMPTY;
58 static int hf_wtls_hands_length = HF_EMPTY;
59 static int hf_wtls_hands_cli_hello = HF_EMPTY;
60 static int hf_wtls_hands_cli_hello_version = HF_EMPTY;
61 static int hf_wtls_hands_cli_hello_gmt = HF_EMPTY;
62 static int hf_wtls_hands_cli_hello_random = HF_EMPTY;
63 static int hf_wtls_hands_cli_hello_session = HF_EMPTY;
64 static int hf_wtls_hands_cli_hello_session_str = HF_EMPTY;
65 static int hf_wtls_hands_cli_hello_cli_key_id = HF_EMPTY;
66 static int hf_wtls_hands_cli_hello_cli_key_len = HF_EMPTY;
67 static int hf_wtls_hands_cli_hello_trust_key_id = HF_EMPTY;
68 static int hf_wtls_hands_cli_hello_key_exchange =HF_EMPTY;
69 static int hf_wtls_hands_cli_hello_key_exchange_suite =HF_EMPTY;
70 static int hf_wtls_hands_cli_hello_key_parameter_index =HF_EMPTY;
71 static int hf_wtls_hands_cli_hello_key_parameter_set =HF_EMPTY;
72 static int hf_wtls_hands_cli_hello_key_identifier_type =HF_EMPTY;
73 static int hf_wtls_hands_cli_hello_key_identifier_charset =HF_EMPTY;
74 static int hf_wtls_hands_cli_hello_key_identifier_size =HF_EMPTY;
75 static int hf_wtls_hands_cli_hello_key_identifier =HF_EMPTY;
76 static int hf_wtls_hands_cli_hello_key_identifier_str =HF_EMPTY;
77 static int hf_wtls_hands_cli_hello_cipher_suite =HF_EMPTY;
78 static int hf_wtls_hands_cli_hello_cipher_suite_item =HF_EMPTY;
79 static int hf_wtls_hands_cli_hello_compression_methods =HF_EMPTY;
80 static int hf_wtls_hands_cli_hello_compression =HF_EMPTY;
81 static int hf_wtls_hands_cli_hello_sequence_mode =HF_EMPTY;
82 static int hf_wtls_hands_cli_hello_key_refresh =HF_EMPTY;
83 static int hf_wtls_hands_serv_hello = HF_EMPTY;
84 static int hf_wtls_hands_serv_hello_version = HF_EMPTY;
85 static int hf_wtls_hands_serv_hello_gmt = HF_EMPTY;
86 static int hf_wtls_hands_serv_hello_random = HF_EMPTY;
87 static int hf_wtls_hands_serv_hello_session = HF_EMPTY;
88 static int hf_wtls_hands_serv_hello_session_str = HF_EMPTY;
89 static int hf_wtls_hands_serv_hello_cli_key_id =HF_EMPTY;
90 static int hf_wtls_hands_serv_hello_cipher_suite_item =HF_EMPTY;
91 static int hf_wtls_hands_serv_hello_cipher_bulk =HF_EMPTY;
92 static int hf_wtls_hands_serv_hello_cipher_mac =HF_EMPTY;
93 static int hf_wtls_hands_serv_hello_compression =HF_EMPTY;
94 static int hf_wtls_hands_serv_hello_sequence_mode =HF_EMPTY;
95 static int hf_wtls_hands_serv_hello_key_refresh =HF_EMPTY;
96 static int hf_wtls_hands_certificates =HF_EMPTY;
97 static int hf_wtls_hands_certificate =HF_EMPTY;
98 static int hf_wtls_hands_certificate_type =HF_EMPTY;
99 static int hf_wtls_hands_certificate_wtls_version =HF_EMPTY;
100 static int hf_wtls_hands_certificate_wtls_signature_type =HF_EMPTY;
101 static int hf_wtls_hands_certificate_wtls_issuer_type =HF_EMPTY;
102 static int hf_wtls_hands_certificate_wtls_issuer_charset =HF_EMPTY;
103 static int hf_wtls_hands_certificate_wtls_issuer_size =HF_EMPTY;
104 static int hf_wtls_hands_certificate_wtls_issuer_name =HF_EMPTY;
105 static int hf_wtls_hands_certificate_wtls_valid_not_before =HF_EMPTY;
106 static int hf_wtls_hands_certificate_wtls_valid_not_after =HF_EMPTY;
107 static int hf_wtls_hands_certificate_wtls_subject_type =HF_EMPTY;
108 static int hf_wtls_hands_certificate_wtls_subject_charset =HF_EMPTY;
109 static int hf_wtls_hands_certificate_wtls_subject_size = HF_EMPTY;
110 static int hf_wtls_hands_certificate_wtls_subject_name = HF_EMPTY;
111 static int hf_wtls_hands_certificate_wtls_public_key_type = HF_EMPTY;
112 static int hf_wtls_hands_certificate_wtls_key_parameter_index = HF_EMPTY;
113 static int hf_wtls_hands_certificate_wtls_key_parameter_set = HF_EMPTY;
114 static int hf_wtls_hands_certificate_wtls_rsa_exponent = HF_EMPTY;
115 static int hf_wtls_hands_certificate_wtls_rsa_modules = HF_EMPTY;
116 static int hf_wtls_hands_certificate_wtls_signature = HF_EMPTY;
117 static int hf_wtls_alert = HF_EMPTY;
118 static int hf_wtls_alert_level = HF_EMPTY;
119 static int hf_wtls_alert_description = HF_EMPTY;
121 /* Initialize the subtree pointers */
122 static gint ett_wtls = ETT_EMPTY;
123 static gint ett_wtls_rec = ETT_EMPTY;
124 static gint ett_wtls_msg_type = ETT_EMPTY;
125 static gint ett_wtls_msg_type_item = ETT_EMPTY;
126 static gint ett_wtls_msg_type_item_sub = ETT_EMPTY;
127 static gint ett_wtls_msg_type_item_sub_sub = ETT_EMPTY;
129 /* Handles for WTP and WSP dissectors */
130 static dissector_handle_t wtp_handle;
131 static dissector_handle_t wsp_handle;
133 static const value_string wtls_vals_record_type[] = {
134 { 1, "change_cipher_data" },
137 { 4, "application_data" },
141 static const value_string wtls_vals_cipher_bulk[] = {
148 { 6, "3DES CBC cwEDE40" },
149 { 7, "IDEA CBC 40" },
150 { 8, "IDEA CBC 56" },
155 static const value_string wtls_vals_cipher_mac[] = {
167 static const value_string wtls_vals_handshake_type[] = {
168 { 0, "Hello Request" },
169 { 1, "Client Hello" },
170 { 2, "Server Hello" },
171 { 11, "Certificate" },
172 { 12, "Server Key Exchange" },
173 { 13, "Certificate Request" },
174 { 14, "Server Hello Done" },
175 { 15, "Certificate Verify" },
176 { 16, "Client Key Exchange" },
181 static const value_string wtls_vals_key_exchange_suite[] = {
183 { 1, "Shared Secret" },
184 { 2, "Diffie Hellman Anonymous" },
185 { 3, "Diffie Hellman Anonymous 512" },
186 { 4, "Diffie Hellman Anonymous 768" },
187 { 5, "RSA Anonymous" },
188 { 6, "RSA Anonymous 512" },
189 { 7, "RSA Anonymous 768" },
193 { 11, "EC Diffie Hellman Anonymous" },
194 { 12, "EC Diffie Hellman Anonymous 113" },
195 { 13, "EC Diffie Hellman Anonymous 131" },
196 { 14, "EC Diffie Hellman ECDSA" },
197 { 15, "EC Diffie Hellman Anonymous Uncomp" },
198 { 16, "EC Diffie Hellman Anonymous Uncomp 113" },
199 { 17, "EC Diffie Hellman Anonymous Uncomp 131" },
200 { 18, "EC Diffie Hellman ECDSA Uncomp" },
204 static const value_string wtls_vals_identifier_type[] = {
205 { 0, "No identifier" },
206 { 1, "Textual Name" },
207 { 2, "Binary Name" },
208 { 254, "SHA-1 Hash of Public Key" },
209 { 255, "x509 Distinguished Name" },
213 static const value_string wtls_vals_certificate_type[] = {
221 static const value_string wtls_vals_compression[] = {
226 static const value_string wtls_vals_sequence_mode[] = {
233 static const value_string wtls_vals_certificate_signature[] = {
240 static const value_string wtls_vals_public_key_type[] = {
247 static const value_string wtls_vals_alert_level[] = {
254 static const value_string wtls_vals_alert_description[] = {
255 { 0,"connection_close_notify"},
256 { 1,"session_close_notify"},
257 { 5,"no_connection"},
258 { 10,"unexpected_message"},
259 { 11,"time_required"},
260 { 20,"bad_record_mac"},
261 { 21,"decryption_failed"},
262 { 22,"record_overflow"},
263 { 30,"decompression_failure"},
264 { 40,"handshake_failure"},
265 { 42,"bad_certificate"},
266 { 43,"unsupported_certificate"},
267 { 44,"certificate_revoked"},
268 { 45,"certificate_expired"},
269 { 46,"certificate_unknown"},
270 { 47,"illegal_parameter"},
272 { 49,"access_denied"},
273 { 50,"decode_error"},
274 { 51,"decrypt_error"},
275 { 52,"unknown_key_id"},
276 { 53,"disabled_key_id"},
277 { 54,"key_exchange_disabled"},
278 { 55,"session_not_ready"},
279 { 56,"unknown_parameter_index"},
280 { 57,"duplicate_finished_received"},
281 { 60,"export_restriction"},
282 { 70,"protocol_version"},
283 { 71,"insufficient_security"},
284 { 80,"internal_error"},
285 { 90,"user_canceled"},
286 { 100,"no_renegotiation"},
290 #define WTLS_RECORD_TYPE_LENGTH 0x80
291 #define WTLS_RECORD_TYPE_SEQUENCE 0x40
292 #define WTLS_RECORD_TYPE_CIPHER_CUR 0x20
293 #define WTLS_RECORD_CONTENT_TYPE 0x0f
295 #define WTLS_ALERT 0x02
296 #define WTLS_PLAIN_HANDSHAKE 0x03
298 #define WTLS_HANDSHAKE_CLIENT_HELLO 1
299 #define WTLS_HANDSHAKE_SERVER_HELLO 2
300 #define WTLS_HANDSHAKE_CERTIFICATE 11
302 #define CERTIFICATE_WTLS 1
303 #define CERTIFICATE_X509 2
304 #define CERTIFICATE_X968 3
305 #define CERTIFICATE_URL 4
307 #define IDENTIFIER_NULL 0
308 #define IDENTIFIER_TEXT 1
309 #define IDENTIFIER_BIN 2
310 #define IDENTIFIER_SHA_1 254
311 #define IDENTIFIER_X509 255
313 #define PUBLIC_KEY_RSA 2
314 #define PUBLIC_KEY_ECDH 3
315 #define PUBLIC_KEY_ECDSA 4
317 static void dissect_wtls_handshake (proto_tree *, tvbuff_t *, guint, guint);
319 /* Code to actually dissect the packets */
321 dissect_wtls(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
328 guint offset_wtls = 0;
330 /* Set up structures we will need to add the protocol subtree and manage it */
332 proto_tree *wtls_tree;
333 proto_tree *wtls_rec_tree;
334 proto_tree *wtls_msg_type_tree;
336 if (check_col(pinfo->cinfo, COL_PROTOCOL))
338 switch ( pinfo->match_port )
340 case UDP_PORT_WTLS_WSP:
341 col_set_str(pinfo->cinfo, COL_PROTOCOL, "WTLS+WSP" );
343 case UDP_PORT_WTLS_WTP_WSP:
344 col_set_str(pinfo->cinfo, COL_PROTOCOL, "WTLS+WTP+WSP" );
349 /* Develop the string to put in the Info column */
350 if (check_col(pinfo->cinfo, COL_INFO)) {
351 col_set_str(pinfo->cinfo, COL_INFO, "WTLS" );
354 /* In the interest of speed, if "tree" is NULL, don't do any work not
355 necessary to generate protocol tree items. */
358 ti = proto_tree_add_item(tree, proto_wtls, tvb, offset_wtls,
359 -1, bo_little_endian);
360 wtls_tree = proto_item_add_subtree(ti, ett_wtls);
362 for (offset_wtls=0; offset_wtls < (tvb_reported_length(tvb)-1);) {
363 pdut = tvb_get_guint8 (tvb, offset_wtls);
365 offset = offset_wtls+1;
367 if (pdut & WTLS_RECORD_TYPE_SEQUENCE) {
370 if (pdut & WTLS_RECORD_TYPE_LENGTH) {
371 count = tvb_get_ntohs(tvb, offset);
373 count += offset-offset_wtls;
376 count = tvb_length_remaining (tvb, offset_wtls);
378 ti = proto_tree_add_uint(wtls_tree, hf_wtls_record, tvb, offset_wtls,
380 wtls_rec_tree = proto_item_add_subtree(ti, ett_wtls_rec);
382 offset = offset_wtls;
384 ti = proto_tree_add_item (wtls_rec_tree, hf_wtls_record_type,
385 tvb,offset,1,bo_big_endian);
389 offset_wtls += count;
391 if (pdut & WTLS_RECORD_TYPE_SEQUENCE) {
392 ti = proto_tree_add_item (wtls_rec_tree, hf_wtls_record_sequence,
393 tvb,offset,2,bo_big_endian);
396 if (pdut & WTLS_RECORD_TYPE_LENGTH) {
397 count = tvb_get_ntohs(tvb, offset);
398 ti = proto_tree_add_item (wtls_rec_tree, hf_wtls_record_length,
399 tvb,offset,2,bo_big_endian);
403 count = tvb_length_remaining (tvb, offset);
406 if (pdut & WTLS_RECORD_TYPE_CIPHER_CUR) {
407 ti = proto_tree_add_item (wtls_rec_tree, hf_wtls_record_ciphered,
408 tvb,offset,count,bo_big_endian);
412 switch (pdut & WTLS_RECORD_CONTENT_TYPE) {
413 case WTLS_PLAIN_HANDSHAKE :
414 dissect_wtls_handshake(wtls_rec_tree,tvb,offset,count);
417 ti = proto_tree_add_item(wtls_rec_tree, hf_wtls_alert, tvb, offset,
418 count, bo_little_endian);
419 wtls_msg_type_tree = proto_item_add_subtree(ti, ett_wtls_msg_type);
420 pdu_msg_type = tvb_get_guint8 (tvb, offset);
421 ti = proto_tree_add_item (wtls_msg_type_tree, hf_wtls_alert_level,
422 tvb,offset,1,bo_big_endian);
424 count = tvb_get_ntohs (tvb, offset);
425 ti = proto_tree_add_item (wtls_msg_type_tree, hf_wtls_alert_description,
426 tvb,offset,1,bo_big_endian);
437 add_text_identifier(tvbuff_t *tvb, int offset, int hf_charset,
438 int hf_size, int hf_str, proto_tree *tree)
443 proto_tree_add_item(tree, hf_charset, tvb, offset, 2, bo_big_endian);
445 size = tvb_get_guint8 (tvb, offset);
446 proto_tree_add_item(tree, hf_size, tvb, offset, 1, bo_big_endian);
448 proto_tree_add_item(tree, hf_str, tvb, offset, size, bo_big_endian);
452 fprintf(stderr, "text id size = %d, client_size = %d\n",
459 dissect_wtls_handshake(proto_tree *tree, tvbuff_t *tvb, guint offset, guint count)
466 guint public_key = 0;
469 char *valBulk = NULL;
473 proto_item *cli_key_item;
474 proto_tree *wtls_msg_type_tree;
475 proto_tree *wtls_msg_type_item_tree;
476 proto_tree *wtls_msg_type_item_sub_tree;
477 proto_tree *wtls_msg_type_item_sub_sub_tree;
479 pdu_msg_type = tvb_get_guint8 (tvb, offset);
480 ti = proto_tree_add_uint(tree, hf_wtls_hands, tvb, offset,count, pdu_msg_type);
481 wtls_msg_type_tree = proto_item_add_subtree(ti, ett_wtls_msg_type);
483 ti = proto_tree_add_item (wtls_msg_type_tree, hf_wtls_hands_type,
484 tvb,offset,1,bo_big_endian);
486 count = tvb_get_ntohs (tvb, offset);
487 ti = proto_tree_add_item (wtls_msg_type_tree, hf_wtls_hands_length,
488 tvb,offset,2,bo_big_endian);
490 switch(pdu_msg_type) {
491 case WTLS_HANDSHAKE_CLIENT_HELLO :
492 ti = proto_tree_add_item(wtls_msg_type_tree, hf_wtls_hands_cli_hello, tvb, offset,
493 count, bo_little_endian);
494 wtls_msg_type_item_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item);
495 ti = proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_version,
496 tvb,offset,1,bo_big_endian);
498 timeValue.secs = tvb_get_ntohl (tvb, offset);
500 ti = proto_tree_add_time (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_gmt, tvb,
501 offset, 4, &timeValue);
503 ti = proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_random,
504 tvb,offset,12,bo_big_endian);
506 count = tvb_get_guint8(tvb, offset);
509 ti = proto_tree_add_string (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_session_str,
510 tvb,offset,count+1,"NULL");
513 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_session,
514 tvb,offset,count+1,tvb_get_guint8(tvb,offset+1));
517 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_session,
518 tvb,offset,count+1,tvb_get_ntohs(tvb,offset+1));
521 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_session,
522 tvb,offset,count+1,tvb_get_ntoh24(tvb,offset+1));
525 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_session,
526 tvb,offset,count+1,tvb_get_ntohl(tvb,offset+1));
529 ti = proto_tree_add_string (wtls_msg_type_item_tree, hf_wtls_hands_cli_hello_session_str,
530 tvb,offset,count+1,"Too big");
535 /* process client_key_ids structure */
536 count = tvb_get_ntohs (tvb, offset);
537 ti = proto_tree_add_item(wtls_msg_type_item_tree,
538 hf_wtls_hands_cli_hello_cli_key_id, tvb, offset,
539 count+2, bo_little_endian);
540 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
542 /* display length of client_key_ids structure */
543 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
544 hf_wtls_hands_cli_hello_cli_key_len,
545 tvb,offset,2,bo_big_endian);
548 /* cycle through client_key_ids entries */
549 for (;count > 0;count-=client_size) {
550 /* get encryption suite id (one byte) */
551 value = tvb_get_guint8 (tvb, offset);
552 cli_key_item = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
553 hf_wtls_hands_cli_hello_key_exchange, tvb, offset,1,
556 wtls_msg_type_item_sub_sub_tree = proto_item_add_subtree(cli_key_item,
557 ett_wtls_msg_type_item_sub_sub);
558 ti = proto_tree_add_uint(wtls_msg_type_item_sub_sub_tree,
559 hf_wtls_hands_cli_hello_key_exchange_suite,
563 fprintf(stderr, "encryption suite = %d, client_size = %d\n", value, client_size);
566 /* get parameter index (one byte) */
567 value = tvb_get_guint8 (tvb, offset);
568 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
569 hf_wtls_hands_cli_hello_key_parameter_index,
570 tvb,offset,1,bo_big_endian);
574 fprintf(stderr, "parameter index = %d, client_size = %d\n", value, client_size);
577 /* explicit parameters present in next field */
579 size = tvb_get_ntohs (tvb, offset);
580 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
581 hf_wtls_hands_cli_hello_key_parameter_set,
582 tvb,offset,size+2,bo_big_endian);
587 /* get identifier type */
588 value = tvb_get_guint8 (tvb, offset);
589 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
590 hf_wtls_hands_cli_hello_key_identifier_type,
591 tvb,offset,1,bo_big_endian);
595 fprintf(stderr, "identifier type = %d, client_size = %d\n", value, client_size);
598 /* identifier present in next field */
599 /* note: value 0x0 means no identifier */
601 case IDENTIFIER_TEXT :
602 /* text identifier */
604 size = add_text_identifier(
606 hf_wtls_hands_cli_hello_key_identifier_charset,
607 hf_wtls_hands_cli_hello_key_identifier_size,
608 hf_wtls_hands_cli_hello_key_identifier_str,
609 wtls_msg_type_item_sub_sub_tree);
613 case IDENTIFIER_BIN :
614 /* binary identifier */
615 size = tvb_get_guint8 (tvb, offset);
616 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
617 hf_wtls_hands_cli_hello_key_identifier_size,
618 tvb,offset,1,bo_big_endian);
620 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
621 hf_wtls_hands_cli_hello_key_identifier,
622 tvb,offset,size,bo_big_endian);
626 fprintf(stderr, "binary id size = %d, client_size = %d\n",
630 case IDENTIFIER_SHA_1 :
631 /* SHA-1 hash of the public key */
632 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
633 hf_wtls_hands_cli_hello_key_identifier,
634 tvb,offset,20,bo_big_endian);
638 fprintf(stderr, "SHA-1 hash size = 20, client_size = %d\n",
642 case IDENTIFIER_X509 :
643 /* X.509 distinguished name */
645 size = tvb_get_guint8 (tvb, offset);
646 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
647 hf_wtls_hands_cli_hello_key_identifier_size,
648 tvb,offset,1,bo_big_endian);
650 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
651 hf_wtls_hands_cli_hello_key_identifier,
652 tvb,offset,size,bo_big_endian);
656 fprintf(stderr, "X.509 name size = %d, client_size = %d\n",
662 proto_item_set_len(cli_key_item, client_size);
665 /* process trusted_keys structure */
666 count = tvb_get_ntohs (tvb, offset);
667 ti = proto_tree_add_item(wtls_msg_type_item_tree,
668 hf_wtls_hands_cli_hello_trust_key_id, tvb, offset,
669 count+2, bo_little_endian);
670 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
672 /* display length of trusted_keys structure */
673 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
674 hf_wtls_hands_cli_hello_cli_key_len,
675 tvb,offset,2,bo_big_endian);
678 for (;count > 0;count-=client_size) {
679 /* get encryption suite id (one byte) */
680 value = tvb_get_guint8 (tvb, offset);
681 cli_key_item = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
682 hf_wtls_hands_cli_hello_key_exchange, tvb, offset,1,
685 wtls_msg_type_item_sub_sub_tree = proto_item_add_subtree(cli_key_item,
686 ett_wtls_msg_type_item_sub_sub);
687 ti = proto_tree_add_uint(wtls_msg_type_item_sub_sub_tree,
688 hf_wtls_hands_cli_hello_key_exchange_suite,
692 fprintf(stderr, "encryption suite = %d, client_size = %d\n", value, client_size);
695 /* get parameter index (one byte) */
696 value = tvb_get_guint8 (tvb, offset);
697 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
698 hf_wtls_hands_cli_hello_key_parameter_index,
699 tvb,offset,1,bo_big_endian);
703 fprintf(stderr, "parameter index = %d, client_size = %d\n", value, client_size);
706 /* explicit parameters present in next field */
708 size = tvb_get_ntohs (tvb, offset);
709 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
710 hf_wtls_hands_cli_hello_key_parameter_set,
711 tvb,offset,size+2,bo_big_endian);
716 /* get identifier type */
717 value = tvb_get_guint8 (tvb, offset);
718 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
719 hf_wtls_hands_cli_hello_key_identifier_type,
720 tvb,offset,1,bo_big_endian);
724 fprintf(stderr, "identifier type = %d, client_size = %d\n", value, client_size);
727 /* identifier present in next field */
728 /* note: value 0x0 means no identifier */
730 case IDENTIFIER_TEXT :
731 /* text identifier */
733 size = add_text_identifier(
735 hf_wtls_hands_cli_hello_key_identifier_charset,
736 hf_wtls_hands_cli_hello_key_identifier_size,
737 hf_wtls_hands_cli_hello_key_identifier_str,
738 wtls_msg_type_item_sub_sub_tree);
742 case IDENTIFIER_BIN :
743 /* binary identifier */
744 size = tvb_get_guint8 (tvb, offset);
745 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
746 hf_wtls_hands_cli_hello_key_identifier_size,
747 tvb,offset,1,bo_big_endian);
749 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
750 hf_wtls_hands_cli_hello_key_identifier,
751 tvb,offset,size,bo_big_endian);
755 fprintf(stderr, "binary id size = %d, client_size = %d\n",
759 case IDENTIFIER_SHA_1 :
760 /* SHA-1 hash of the public key */
761 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
762 hf_wtls_hands_cli_hello_key_identifier,
763 tvb,offset,20,bo_big_endian);
767 fprintf(stderr, "SHA-1 hash size = 20, client_size = %d\n",
771 case IDENTIFIER_X509 :
772 /* X.509 distinguished name */
774 size = tvb_get_guint8 (tvb, offset);
775 /* need to fetch identifier and display it */
776 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
777 hf_wtls_hands_cli_hello_key_identifier_size,
778 tvb,offset,1,bo_big_endian);
780 ti = proto_tree_add_item(wtls_msg_type_item_sub_sub_tree,
781 hf_wtls_hands_cli_hello_key_identifier,
782 tvb,offset,size,bo_big_endian);
786 fprintf(stderr, "X.509 name size = %d, client_size = %d\n",
791 proto_item_set_len(cli_key_item, client_size);
794 /* process cipher_suites structure */
795 count = tvb_get_guint8 (tvb, offset);
796 ti = proto_tree_add_item(wtls_msg_type_item_tree,
797 hf_wtls_hands_cli_hello_cipher_suite, tvb, offset,
798 count+1, bo_little_endian);
799 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
801 for (;count > 0;count-=client_size) {
802 value = tvb_get_guint8 (tvb, offset);
803 valBulk = match_strval(value, wtls_vals_cipher_bulk);
806 valMac = match_strval(tvb_get_guint8 (tvb, offset), wtls_vals_cipher_mac);
811 snprintf(valStr,1024,"%s, %s",valBulk,valMac);
815 snprintf(valStr,1024,"%s, Unknown MAC (0x%02x)",valBulk,tvb_get_guint8 (tvb, offset));
822 snprintf(valStr,1024,"Unknown Bulk (0x%02x), %s",value,valMac);
826 snprintf(valStr,1024,"Unknown Bulk (0x%02x), Unknown MAC (0x%02x)",value,
827 tvb_get_guint8 (tvb, offset));
832 cli_key_item = proto_tree_add_string(wtls_msg_type_item_sub_tree,
833 hf_wtls_hands_cli_hello_cipher_suite_item, tvb, offset-2,2,
836 count = tvb_get_guint8 (tvb, offset);
837 ti = proto_tree_add_item(wtls_msg_type_item_tree,
838 hf_wtls_hands_cli_hello_compression_methods, tvb, offset,
839 count+1, bo_little_endian);
840 wtls_msg_type_item_sub_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item_sub);
842 for (;count > 0;count-=client_size) {
844 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
845 hf_wtls_hands_cli_hello_compression, tvb, offset,1,
850 ti = proto_tree_add_item(wtls_msg_type_item_tree,
851 hf_wtls_hands_cli_hello_sequence_mode, tvb, offset,
852 1, bo_little_endian);
854 ti = proto_tree_add_item(wtls_msg_type_item_tree,
855 hf_wtls_hands_cli_hello_key_refresh, tvb, offset,
856 1, bo_little_endian);
858 case WTLS_HANDSHAKE_SERVER_HELLO :
859 ti = proto_tree_add_item(wtls_msg_type_tree, hf_wtls_hands_serv_hello, tvb, offset,
860 count, bo_little_endian);
861 wtls_msg_type_item_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item);
862 ti = proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_version,
863 tvb,offset,1,bo_big_endian);
865 timeValue.secs = tvb_get_ntohl (tvb, offset);
867 ti = proto_tree_add_time (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_gmt, tvb,
868 offset, 4, &timeValue);
870 ti = proto_tree_add_item (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_random,
871 tvb,offset,12,bo_big_endian);
873 count = tvb_get_guint8(tvb, offset);
876 ti = proto_tree_add_string (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_session_str,
877 tvb,offset,count+1,"NULL");
880 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_session,
881 tvb,offset,count+1,tvb_get_guint8(tvb,offset+1));
884 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_session,
885 tvb,offset,count+1,tvb_get_ntohs(tvb,offset+1));
888 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_session,
889 tvb,offset,count+1,tvb_get_ntoh24(tvb,offset+1));
892 ti = proto_tree_add_uint (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_session,
893 tvb,offset,count+1,tvb_get_ntohl(tvb,offset+1));
896 ti = proto_tree_add_string (wtls_msg_type_item_tree, hf_wtls_hands_serv_hello_session_str,
897 tvb,offset,count+1,"Too big");
901 ti = proto_tree_add_item(wtls_msg_type_item_tree,
902 hf_wtls_hands_serv_hello_cli_key_id,
903 tvb,offset,1,bo_big_endian);
905 cli_key_item = proto_tree_add_item(wtls_msg_type_item_tree,
906 hf_wtls_hands_serv_hello_cipher_suite_item, tvb, offset,2,
908 wtls_msg_type_item_sub_tree = proto_item_add_subtree(cli_key_item,
909 ett_wtls_msg_type_item_sub);
910 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
911 hf_wtls_hands_serv_hello_cipher_bulk,
912 tvb,offset,1,bo_big_endian);
914 value = tvb_get_guint8 (tvb, offset);
915 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
916 hf_wtls_hands_serv_hello_cipher_mac,
917 tvb,offset,1,bo_big_endian);
919 ti = proto_tree_add_item(wtls_msg_type_item_tree,
920 hf_wtls_hands_serv_hello_compression, tvb, offset,1,
923 ti = proto_tree_add_item(wtls_msg_type_item_tree,
924 hf_wtls_hands_serv_hello_sequence_mode, tvb, offset,
925 1, bo_little_endian);
927 ti = proto_tree_add_item(wtls_msg_type_item_tree,
928 hf_wtls_hands_serv_hello_key_refresh, tvb, offset,
929 1, bo_little_endian);
932 case WTLS_HANDSHAKE_CERTIFICATE :
933 ti = proto_tree_add_item(wtls_msg_type_tree, hf_wtls_hands_certificates,
934 tvb, offset,count, bo_little_endian);
935 wtls_msg_type_item_tree = proto_item_add_subtree(ti, ett_wtls_msg_type_item);
936 count = tvb_get_ntohs (tvb, offset);
938 for (;count > 0;count-=client_size) {
939 cli_key_item = proto_tree_add_item(wtls_msg_type_item_tree,
940 hf_wtls_hands_certificate, tvb, offset,1,
943 wtls_msg_type_item_sub_tree = proto_item_add_subtree(cli_key_item,
944 ett_wtls_msg_type_item_sub);
945 proto_item_set_len(cli_key_item, client_size);
946 value = tvb_get_guint8 (tvb, offset);
947 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
948 hf_wtls_hands_certificate_type, tvb, offset,1,
953 case CERTIFICATE_WTLS:
954 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
955 hf_wtls_hands_certificate_wtls_version,
960 signature = tvb_get_guint8 (tvb, offset);
961 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
962 hf_wtls_hands_certificate_wtls_signature_type,
967 value = tvb_get_guint8 (tvb, offset);
968 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
969 hf_wtls_hands_certificate_wtls_issuer_type,
975 case IDENTIFIER_NULL :
977 case IDENTIFIER_TEXT :
978 value = add_text_identifier(tvb, offset,
979 hf_wtls_hands_certificate_wtls_issuer_charset,
980 hf_wtls_hands_certificate_wtls_issuer_size,
981 hf_wtls_hands_certificate_wtls_issuer_name,
982 wtls_msg_type_item_sub_tree);
984 client_size += value;
986 case IDENTIFIER_BIN :
988 case IDENTIFIER_SHA_1 :
990 case IDENTIFIER_X509 :
993 timeValue.secs = tvb_get_ntohl (tvb, offset);
995 ti = proto_tree_add_time (wtls_msg_type_item_sub_tree,
996 hf_wtls_hands_certificate_wtls_valid_not_before,
997 tvb, offset, 4, &timeValue);
1000 timeValue.secs = tvb_get_ntohl (tvb, offset);
1001 timeValue.nsecs = 0;
1002 ti = proto_tree_add_time (wtls_msg_type_item_sub_tree,
1003 hf_wtls_hands_certificate_wtls_valid_not_after,
1004 tvb, offset, 4, &timeValue);
1007 value = tvb_get_guint8 (tvb, offset);
1008 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
1009 hf_wtls_hands_certificate_wtls_subject_type,
1015 case IDENTIFIER_NULL :
1017 case IDENTIFIER_TEXT :
1018 value = add_text_identifier(tvb, offset,
1019 hf_wtls_hands_certificate_wtls_subject_charset,
1020 hf_wtls_hands_certificate_wtls_subject_size,
1021 hf_wtls_hands_certificate_wtls_subject_name,
1022 wtls_msg_type_item_sub_tree);
1024 client_size += value;
1026 case IDENTIFIER_BIN :
1028 case IDENTIFIER_SHA_1 :
1030 case IDENTIFIER_X509 :
1033 public_key = tvb_get_guint8 (tvb, offset);
1034 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
1035 hf_wtls_hands_certificate_wtls_public_key_type,
1040 value = tvb_get_guint8 (tvb, offset);
1041 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
1042 hf_wtls_hands_certificate_wtls_key_parameter_index,
1043 tvb,offset,1,bo_big_endian);
1046 if (value == 0xff) {
1047 size = tvb_get_ntohs (tvb, offset);
1048 ti = proto_tree_add_item(wtls_msg_type_item_sub_tree,
1049 hf_wtls_hands_certificate_wtls_key_parameter_set,
1050 tvb,offset,size+2,bo_big_endian);
1052 client_size+=size+2;
1054 switch (public_key) {
1055 case PUBLIC_KEY_RSA :
1056 value = tvb_get_ntohs (tvb, offset);
1057 ti = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
1058 hf_wtls_hands_certificate_wtls_rsa_exponent,
1059 tvb,offset,value+2,value*8);
1061 client_size+=2+value;
1062 value = tvb_get_ntohs (tvb, offset);
1063 ti = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
1064 hf_wtls_hands_certificate_wtls_rsa_modules,
1065 tvb,offset,value+2,value*8);
1067 client_size+=2+value;
1069 case PUBLIC_KEY_ECDH :
1071 case PUBLIC_KEY_ECDSA :
1074 value = tvb_get_ntohs (tvb, offset);
1075 ti = proto_tree_add_uint(wtls_msg_type_item_sub_tree,
1076 hf_wtls_hands_certificate_wtls_signature,
1077 tvb,offset,2+value,value*8);
1079 client_size+=2+value;
1081 case CERTIFICATE_X509:
1082 case CERTIFICATE_X968:
1083 value = tvb_get_ntohs (tvb, offset);
1086 client_size += value;
1089 case CERTIFICATE_URL:
1090 value = tvb_get_guint8 (tvb, offset);
1093 client_size += value;
1097 proto_item_set_len(cli_key_item, client_size);
1106 /* Register the protocol with Ethereal */
1108 proto_register_wtls(void)
1111 /* Setup list of header fields */
1112 static hf_register_info hf[] = {
1116 FT_UINT8, BASE_DEC, VALS ( wtls_vals_record_type ), 0x0f,
1120 { &hf_wtls_record_type,
1122 "wsp.wtls.rec_type",
1123 FT_UINT8, BASE_DEC, VALS ( wtls_vals_record_type ), 0x0f,
1124 "Record Type", HFILL
1127 { &hf_wtls_record_length,
1129 "wsp.wtls.rec_length",
1130 FT_UINT16, BASE_DEC, NULL, 0x00,
1131 "Record Length", HFILL
1134 { &hf_wtls_record_sequence,
1135 { "Record Sequence",
1137 FT_UINT16, BASE_DEC, NULL, 0x00,
1138 "Record Sequence", HFILL
1141 { &hf_wtls_record_ciphered,
1142 { "Record Ciphered",
1143 "wsp.wtls.rec_cipher",
1144 FT_NONE, BASE_NONE, NULL, 0x00,
1145 "Record Ciphered", HFILL
1150 "wsp.wtls.handshake",
1151 FT_UINT8, BASE_DEC, VALS ( wtls_vals_handshake_type ), 0x00,
1155 { &hf_wtls_hands_type,
1157 "wsp.wtls.handshake.type",
1158 FT_UINT8, BASE_DEC, VALS ( wtls_vals_handshake_type ), 0x00,
1162 { &hf_wtls_hands_length,
1164 "wsp.wtls.handshake.length",
1165 FT_UINT16, BASE_DEC, NULL, 0x00,
1169 { &hf_wtls_hands_cli_hello,
1171 "wsp.wtls.handshake.client_hello",
1172 FT_NONE, BASE_NONE, NULL, 0x00,
1173 "Client Hello", HFILL
1176 { &hf_wtls_hands_cli_hello_version,
1178 "wsp.wtls.handshake.client_hello.version",
1179 FT_UINT8, BASE_DEC, NULL, 0x00,
1183 { &hf_wtls_hands_cli_hello_gmt,
1185 "wsp.wtls.handshake.client_hello.gmt",
1186 FT_ABSOLUTE_TIME, BASE_NONE, NULL, 0x00,
1190 { &hf_wtls_hands_cli_hello_random,
1192 "wsp.wtls.handshake.client_hello.random",
1193 FT_NONE, BASE_NONE, NULL, 0x00,
1197 { &hf_wtls_hands_cli_hello_session,
1199 "wsp.wtls.handshake.client_hello.sessionid",
1200 FT_UINT32, BASE_DEC, NULL, 0x00,
1204 { &hf_wtls_hands_cli_hello_session_str,
1206 "wsp.wtls.handshake.client_hello.session.str",
1207 FT_STRING, BASE_NONE, NULL, 0x00,
1211 { &hf_wtls_hands_cli_hello_cli_key_id,
1213 "wsp.wtls.handshake.client_hello.client_keys_id",
1214 FT_NONE, BASE_NONE, NULL, 0x00,
1215 "Client Keys" , HFILL
1218 { &hf_wtls_hands_cli_hello_cli_key_len,
1220 "wsp.wtls.handshake.client_hello.client_keys_len",
1221 FT_UINT16, BASE_DEC, NULL, 0x00,
1225 { &hf_wtls_hands_cli_hello_trust_key_id,
1227 "wsp.wtls.handshake.client_hello.trusted_keys_id",
1228 FT_NONE, BASE_NONE, NULL, 0x00,
1229 "Trusted Keys" , HFILL
1232 { &hf_wtls_hands_cli_hello_key_exchange,
1234 "wsp.wtls.handshake.client_hello.key.key_exchange",
1235 FT_UINT8, BASE_DEC, VALS ( wtls_vals_key_exchange_suite ), 0x00,
1236 "Key Exchange", HFILL
1239 { &hf_wtls_hands_cli_hello_key_exchange_suite,
1241 "wsp.wtls.handshake.client_hello.key.key_exchange.suite",
1242 FT_UINT8, BASE_DEC, VALS ( wtls_vals_key_exchange_suite ), 0x00,
1246 { &hf_wtls_hands_cli_hello_key_parameter_index,
1247 { "Parameter Index",
1248 "wsp.wtls.handshake.client_hello.parameter_index",
1249 FT_UINT8, BASE_DEC, NULL, 0x00,
1250 "Parameter Index", HFILL
1253 { &hf_wtls_hands_cli_hello_key_parameter_set,
1255 "wsp.wtls.handshake.client_hello.parameter",
1256 FT_STRING, BASE_NONE, NULL, 0x00,
1257 "Parameter Set", HFILL
1260 { &hf_wtls_hands_cli_hello_key_identifier_type,
1261 { "Identifier Type",
1262 "wsp.wtls.handshake.client_hello.ident_type",
1263 FT_UINT8, BASE_DEC, VALS ( wtls_vals_identifier_type ), 0x00,
1264 "Identifier Type", HFILL
1267 { &hf_wtls_hands_cli_hello_key_identifier_charset,
1268 { "Identifier CharSet",
1269 "wsp.wtls.handshake.client_hello.ident_charset",
1270 FT_UINT16, BASE_HEX, VALS ( vals_character_sets ), 0x00,
1271 "Identifier CharSet", HFILL
1274 { &hf_wtls_hands_cli_hello_key_identifier_size,
1275 { "Identifier Size",
1276 "wsp.wtls.handshake.client_hello.ident_size",
1277 FT_UINT8, BASE_DEC, NULL, 0x00,
1278 "Identifier Size", HFILL
1281 { &hf_wtls_hands_cli_hello_key_identifier,
1283 "wsp.wtls.handshake.client_hello.identifier",
1284 FT_NONE, BASE_NONE, NULL, 0x00,
1288 { &hf_wtls_hands_cli_hello_key_identifier_str,
1289 { "Identifier Name",
1290 "wsp.wtls.handshake.client_hello.ident_name",
1291 FT_STRING, BASE_NONE, NULL, 0x00,
1292 "Identifier Name", HFILL
1295 { &hf_wtls_hands_cli_hello_cipher_suite,
1297 "wsp.wtls.handshake.client_hello.ciphers",
1298 FT_NONE, BASE_NONE, NULL, 0x00,
1299 "Cipher Suite", HFILL
1302 { &hf_wtls_hands_cli_hello_cipher_suite_item,
1304 "wsp.wtls.handshake.client_hello.cipher",
1305 FT_STRING, BASE_NONE, NULL, 0x00,
1309 { &hf_wtls_hands_cli_hello_compression_methods,
1310 { "Compression Methods",
1311 "wsp.wtls.handshake.client_hello.comp_methods",
1312 FT_NONE, BASE_NONE, NULL, 0x00,
1313 "Compression Methods", HFILL
1316 { &hf_wtls_hands_cli_hello_compression,
1318 "wsp.wtls.handshake.client_hello.compression",
1319 FT_UINT8, BASE_HEX, VALS ( wtls_vals_compression ), 0x00,
1320 "Compression", HFILL
1323 { &hf_wtls_hands_cli_hello_sequence_mode,
1325 "wsp.wtls.handshake.client_hello.sequence_mode",
1326 FT_UINT8, BASE_DEC, VALS ( wtls_vals_sequence_mode ), 0x00,
1327 "Sequence Mode", HFILL
1330 { &hf_wtls_hands_cli_hello_key_refresh,
1332 "wsp.wtls.handshake.client_hello.refresh",
1333 FT_UINT8, BASE_DEC, NULL, 0x00,
1337 { &hf_wtls_hands_serv_hello,
1339 "wsp.wtls.handshake.server_hello",
1340 FT_NONE, BASE_NONE, NULL, 0x00,
1341 "Server Hello", HFILL
1344 { &hf_wtls_hands_serv_hello_version,
1346 "wsp.wtls.handshake.server_hello.version",
1347 FT_UINT8, BASE_DEC, NULL, 0x00,
1351 { &hf_wtls_hands_serv_hello_gmt,
1353 "wsp.wtls.handshake.server_hello.gmt",
1354 FT_ABSOLUTE_TIME, BASE_NONE, NULL, 0x00,
1358 { &hf_wtls_hands_serv_hello_random,
1360 "wsp.wtls.handshake.server_hello.random",
1361 FT_NONE, BASE_NONE, NULL, 0x00,
1365 { &hf_wtls_hands_serv_hello_session,
1367 "wsp.wtls.handshake.server_hello.sessionid",
1368 FT_UINT32, BASE_DEC, NULL, 0x00,
1372 { &hf_wtls_hands_serv_hello_session_str,
1374 "wsp.wtls.handshake.server_hello.session.str",
1375 FT_STRING, BASE_NONE, NULL, 0x00,
1379 { &hf_wtls_hands_serv_hello_cli_key_id,
1381 "wsp.wtls.handshake.server_hello.key",
1382 FT_UINT8, BASE_HEX, NULL, 0x00,
1383 "Client Key ID", HFILL
1386 { &hf_wtls_hands_serv_hello_cipher_suite_item,
1388 "wsp.wtls.handshake.server_hello.cipher",
1389 FT_NONE, BASE_NONE, NULL, 0x00,
1393 { &hf_wtls_hands_serv_hello_cipher_bulk,
1395 "wsp.wtls.handshake.server_hello.cipher.bulk",
1396 FT_UINT8, BASE_DEC, VALS ( wtls_vals_cipher_bulk ), 0x00,
1397 "Cipher Bulk", HFILL
1400 { &hf_wtls_hands_serv_hello_cipher_mac,
1402 "wsp.wtls.handshake.server_hello.cipher.mac",
1403 FT_UINT8, BASE_DEC, VALS ( wtls_vals_cipher_mac ), 0x00,
1407 { &hf_wtls_hands_serv_hello_compression,
1409 "wsp.wtls.handshake.server_hello.compression",
1410 FT_UINT8, BASE_HEX, VALS ( wtls_vals_compression ), 0x00,
1411 "Compression", HFILL
1414 { &hf_wtls_hands_serv_hello_sequence_mode,
1416 "wsp.wtls.handshake.server_hello.sequence_mode",
1417 FT_UINT8, BASE_DEC, VALS ( wtls_vals_sequence_mode ), 0x00,
1418 "Sequence Mode", HFILL
1421 { &hf_wtls_hands_serv_hello_key_refresh,
1423 "wsp.wtls.handshake.server_hello.refresh",
1424 FT_UINT8, BASE_DEC, NULL, 0x00,
1428 { &hf_wtls_hands_certificates,
1430 "wsp.wtls.handshake.certificates",
1431 FT_NONE, BASE_NONE, NULL, 0x00,
1432 "Certificates", HFILL
1435 { &hf_wtls_hands_certificate,
1437 "wsp.wtls.handshake.certificate",
1438 FT_NONE, BASE_NONE, NULL, 0x00,
1439 "Certificate", HFILL
1442 { &hf_wtls_hands_certificate_type,
1444 "wsp.wtls.handshake.certificate.type",
1445 FT_UINT8, BASE_DEC, VALS ( wtls_vals_certificate_type ), 0x00,
1449 { &hf_wtls_hands_certificate_wtls_version,
1451 "wsp.wtls.handshake.certificate.version",
1452 FT_UINT8, BASE_HEX, NULL, 0x00,
1456 { &hf_wtls_hands_certificate_wtls_signature_type,
1458 "wsp.wtls.handshake.certificate.signature.type",
1459 FT_UINT8, BASE_DEC, VALS ( wtls_vals_certificate_signature ), 0x00,
1460 "Signature Type", HFILL
1463 { &hf_wtls_hands_certificate_wtls_signature,
1465 "wsp.wtls.handshake.certificate.signature.signature",
1466 FT_UINT32, BASE_DEC, NULL, 0x00,
1467 "Signature Size", HFILL
1470 { &hf_wtls_hands_certificate_wtls_issuer_type,
1472 "wsp.wtls.handshake.certificate.issuer.type",
1473 FT_UINT8, BASE_DEC, VALS ( wtls_vals_identifier_type ), 0x00,
1477 { &hf_wtls_hands_certificate_wtls_issuer_charset,
1479 "wsp.wtls.handshake.certificate.issuer.charset",
1480 FT_UINT16, BASE_HEX, VALS ( vals_character_sets ), 0x00,
1484 { &hf_wtls_hands_certificate_wtls_issuer_size,
1486 "wsp.wtls.handshake.certificate.issuer.size",
1487 FT_UINT8, BASE_DEC, NULL, 0x00,
1491 { &hf_wtls_hands_certificate_wtls_issuer_name,
1493 "wsp.wtls.handshake.certificate.issuer.name",
1494 FT_STRING, BASE_NONE, NULL, 0x00,
1498 { &hf_wtls_hands_certificate_wtls_valid_not_before,
1499 { "Valid not before",
1500 "wsp.wtls.handshake.certificate.before",
1501 FT_ABSOLUTE_TIME, BASE_NONE, NULL, 0x00,
1502 "Valid not before", HFILL
1505 { &hf_wtls_hands_certificate_wtls_valid_not_after,
1506 { "Valid not after",
1507 "wsp.wtls.handshake.certificate.after",
1508 FT_ABSOLUTE_TIME, BASE_NONE, NULL, 0x00,
1509 "Valid not after", HFILL
1512 { &hf_wtls_hands_certificate_wtls_subject_type,
1514 "wsp.wtls.handshake.certificate.subject.type",
1515 FT_UINT8, BASE_DEC, VALS ( wtls_vals_identifier_type ), 0x00,
1519 { &hf_wtls_hands_certificate_wtls_subject_charset,
1521 "wsp.wtls.handshake.certificate.subject.charset",
1522 FT_UINT16, BASE_HEX, VALS ( vals_character_sets ), 0x00,
1526 { &hf_wtls_hands_certificate_wtls_subject_size,
1528 "wsp.wtls.handshake.certificate.subject.size",
1529 FT_UINT8, BASE_DEC, NULL, 0x00,
1533 { &hf_wtls_hands_certificate_wtls_subject_name,
1535 "wsp.wtls.handshake.certificate.subject.name",
1536 FT_STRING, BASE_NONE, NULL, 0x00,
1540 { &hf_wtls_hands_certificate_wtls_public_key_type,
1541 { "Public Key Type",
1542 "wsp.wtls.handshake.certificate.public.type",
1543 FT_UINT8, BASE_DEC, VALS ( wtls_vals_public_key_type ), 0x00,
1544 "Public Key Type", HFILL
1547 { &hf_wtls_hands_certificate_wtls_key_parameter_index,
1548 { "Parameter Index",
1549 "wsp.wtls.handshake.certificate.parameter_index",
1550 FT_UINT8, BASE_DEC, NULL, 0x00,
1551 "Parameter Index", HFILL
1554 { &hf_wtls_hands_certificate_wtls_key_parameter_set,
1556 "wsp.wtls.handshake.certificate.parameter",
1557 FT_STRING, BASE_NONE, NULL, 0x00,
1558 "Parameter Set", HFILL
1561 { &hf_wtls_hands_certificate_wtls_rsa_exponent,
1562 { "RSA Exponent Size",
1563 "wsp.wtls.handshake.certificate.rsa.exponent",
1564 FT_UINT32, BASE_DEC, NULL, 0x00,
1565 "RSA Exponent Size", HFILL
1568 { &hf_wtls_hands_certificate_wtls_rsa_modules,
1569 { "RSA Modulus Size",
1570 "wsp.wtls.handshake.certificate.rsa.modules",
1571 FT_UINT32, BASE_DEC, NULL, 0x00,
1572 "RSA Modulus Size", HFILL
1578 FT_NONE, BASE_NONE, NULL, 0x00,
1582 { &hf_wtls_alert_level,
1584 "wsp.wtls.alert.level",
1585 FT_UINT8, BASE_DEC, VALS ( wtls_vals_alert_level ), 0x00,
1589 { &hf_wtls_alert_description,
1591 "wsp.wtls.alert.description",
1592 FT_UINT8, BASE_DEC, VALS ( wtls_vals_alert_description ), 0x00,
1593 "Description", HFILL
1598 /* Setup protocol subtree array */
1599 static gint *ett[] = {
1603 &ett_wtls_msg_type_item,
1604 &ett_wtls_msg_type_item_sub,
1605 &ett_wtls_msg_type_item_sub_sub,
1608 /* Register the protocol name and description */
1609 proto_wtls = proto_register_protocol(
1610 "Wireless Transport Layer Security", /* protocol name for use by ethereal */
1611 "WTLS", /* short version of name */
1612 "wap-wtls" /* Abbreviated protocol name, should Match IANA
1613 < URL:http://www.isi.edu/in-notes/iana/assignments/port-numbers/ >
1617 /* Required function calls to register the header fields and subtrees used */
1618 proto_register_field_array(proto_wtls, hf, array_length(hf));
1619 proto_register_subtree_array(ett, array_length(ett));
1623 proto_reg_handoff_wtls(void)
1625 dissector_handle_t wtls_handle;
1628 * Get handles for the WTP and connectionless WSP dissectors.
1630 wtp_handle = find_dissector("wtp");
1631 wsp_handle = find_dissector("wsp-cl");
1633 wtls_handle = create_dissector_handle(dissect_wtls, proto_wtls);
1634 dissector_add("udp.port", UDP_PORT_WTLS_WSP, wtls_handle);
1635 dissector_add("udp.port", UDP_PORT_WTLS_WTP_WSP, wtls_handle);
1636 dissector_add("udp.port", UDP_PORT_WTLS_WSP_PUSH,wtls_handle);