2 * Routines for Fibre Channel Security Protocol (FC-SP)
3 * This decoder is for FC-SP version 1.1
4 * Copyright 2003, Dinesh G Dutt <ddutt@cisco.com>
8 * Ethereal - Network traffic analyzer
9 * By Gerald Combs <gerald@ethereal.com>
10 * Copyright 1998 Gerald Combs
12 * Copied from WHATEVER_FILE_YOU_USED (where "WHATEVER_FILE_YOU_USED"
13 * is a dissector file; if you just copied this from README.developer,
14 * don't bother with the "Copied from" - you don't even need to put
15 * in a "Copied from" if you copied an existing dissector, especially
16 * if the bulk of the code in the new dissector is your code)
18 * This program is free software; you can redistribute it and/or
19 * modify it under the terms of the GNU General Public License
20 * as published by the Free Software Foundation; either version 2
21 * of the License, or (at your option) any later version.
23 * This program is distributed in the hope that it will be useful,
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 * GNU General Public License for more details.
28 * You should have received a copy of the GNU General Public License
29 * along with this program; if not, write to the Free Software
30 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
41 #ifdef HAVE_SYS_TYPES_H
42 # include <sys/types.h>
45 #ifdef HAVE_NETINET_IN_H
46 # include <netinet/in.h>
51 #include <epan/prefs.h>
52 #include <epan/packet.h>
53 #include <epan/conversation.h>
54 #include <epan/etypes.h>
55 #include "packet-fc.h"
58 #define FC_AUTH_MSG_AUTH_REJECT 0x0A
59 #define FC_AUTH_MSG_AUTH_NEGOTIATE 0x0B
60 #define FC_AUTH_MSG_AUTH_DONE 0x0C
61 #define FC_AUTH_DHCHAP_CHALLENGE 0x10
62 #define FC_AUTH_DHCHAP_REPLY 0x11
63 #define FC_AUTH_DHCHAP_SUCCESS 0x12
64 #define FC_AUTH_FCAP_REQUEST 0x13
65 #define FC_AUTH_FCAP_ACKNOWLEDGE 0x14
66 #define FC_AUTH_FCAP_CONFIRM 0x15
67 #define FC_AUTH_FCPAP_INIT 0x16
68 #define FC_AUTH_FCPAP_ACCEPT 0x17
69 #define FC_AUTH_FCPAP_COMPLETE 0x18
71 #define FC_AUTH_NAME_TYPE_WWN 0x1
73 #define FC_AUTH_PROTO_TYPE_DHCHAP 0x1
74 #define FC_AUTH_PROTO_TYPE_FCAP 0x2
76 #define FC_AUTH_DHCHAP_HASH_MD5 0x5
77 #define FC_AUTH_DHCHAP_HASH_SHA1 0x6
79 #define FC_AUTH_DHCHAP_PARAM_HASHLIST 0x1
80 #define FC_AUTH_DHCHAP_PARAM_DHgIDLIST 0x2
82 /* Initialize the protocol and registered fields */
83 static int proto_fcsp = -1;
84 static int hf_auth_proto_ver = -1;
85 static int hf_auth_msg_code = -1;
86 static int hf_auth_flags = -1;
87 static int hf_auth_len = -1;
88 static int hf_auth_tid = -1;
89 static int hf_auth_initiator_wwn = -1;
90 static int hf_auth_initiator_name = -1;
91 static int hf_auth_usable_proto = -1;
92 static int hf_auth_rjt_code = -1;
93 static int hf_auth_rjt_codedet = -1;
94 static int hf_auth_responder_wwn = -1;
95 static int hf_auth_responder_name = -1;
96 static int hf_auth_dhchap_groupid = -1;
97 static int hf_auth_dhchap_hashid = -1;
98 static int hf_auth_dhchap_chal_len = -1;
99 static int hf_auth_dhchap_val_len = -1;
100 static int hf_auth_dhchap_rsp_len = -1;
101 static int hf_auth_initiator_name_type = -1;
102 static int hf_auth_initiator_name_len = -1;
103 static int hf_auth_responder_name_len = -1;
104 static int hf_auth_responder_name_type = -1;
105 static int hf_auth_proto_type = -1;
106 static int hf_auth_proto_param_len = -1;
107 static int hf_auth_dhchap_param_tag = -1;
108 static int hf_auth_dhchap_param_len = -1;
109 static int hf_auth_dhchap_hash_type = -1;
110 static int hf_auth_dhchap_group_type = -1;
111 static int hf_auth_dhchap_dhvalue = -1;
112 static int hf_auth_dhchap_chal_value = -1;
113 static int hf_auth_dhchap_rsp_value = -1;
115 /* Initialize the subtree pointers */
116 static gint ett_fcsp = -1;
118 static dissector_handle_t data_handle;
120 static const value_string fcauth_msgcode_vals[] = {
121 {FC_AUTH_MSG_AUTH_REJECT, "AUTH_Reject"},
122 {FC_AUTH_MSG_AUTH_NEGOTIATE, "AUTH_Negotiate"},
123 {FC_AUTH_MSG_AUTH_DONE, "AUTH_Done"},
124 {FC_AUTH_DHCHAP_CHALLENGE, "DHCHAP_Challenge"},
125 {FC_AUTH_DHCHAP_REPLY, "DHCHAP_Reply"},
126 {FC_AUTH_DHCHAP_SUCCESS, "DHCHAP_Success"},
127 {FC_AUTH_FCAP_REQUEST, "FCAP_Request"},
128 {FC_AUTH_FCAP_ACKNOWLEDGE, "FCAP_Acknowledge"},
129 {FC_AUTH_FCAP_CONFIRM, "FCAP_Confirm"},
130 {FC_AUTH_FCPAP_INIT, "FCPAP_Init"},
131 {FC_AUTH_FCPAP_ACCEPT, "FCPAP_Accept"},
132 {FC_AUTH_FCPAP_COMPLETE, "FCPAP_Complete"},
136 static const value_string fcauth_rjtcode_vals[] = {
137 {0x01, "Authentication Failure"},
138 {0x02, "Logical Error"},
142 static const value_string fcauth_rjtcode_detail_vals[] = {
143 {0x01, "Authentication Mechanism Not Usable"},
144 {0x02, "DH Group Not Usable"},
145 {0x03, "Hash Algorithm Not Usable"},
146 {0x04, "Authentication Protocol Instance Already Started"},
147 {0x05, "Authentication Failed "},
148 {0x06, "Incorrect Payload "},
149 {0x07, "Incorrect Authentication Protocol Message"},
150 {0x08, "Protocol Reset"},
154 static const value_string fcauth_dhchap_param_vals[] = {
155 {FC_AUTH_DHCHAP_PARAM_HASHLIST, "HashList"},
156 {FC_AUTH_DHCHAP_PARAM_DHgIDLIST, "DHgIDList"},
160 static const value_string fcauth_dhchap_hash_algo_vals[] = {
161 {FC_AUTH_DHCHAP_HASH_MD5, "MD5"},
162 {FC_AUTH_DHCHAP_HASH_SHA1, "SHA-1"},
166 static const value_string fcauth_name_type_vals[] = {
167 {FC_AUTH_NAME_TYPE_WWN, "WWN"},
171 static const value_string fcauth_proto_type_vals[] = {
172 {FC_AUTH_PROTO_TYPE_DHCHAP, "DHCHAP"},
173 {FC_AUTH_PROTO_TYPE_FCAP, "FCAP"},
177 static const value_string fcauth_dhchap_dhgid_vals[] = {
179 {1, "DH Group 1024"},
180 {2, "DH Group 1280"},
181 {3, "DH Group 1536"},
182 {4, "DH Group 2048"},
186 /* this format is required because a script is used to build the C function
187 that calls all the protocol registration.
190 static void dissect_fcsp_dhchap_auth_param (tvbuff_t *tvb, proto_tree *tree,
191 int offset, gint32 total_len)
193 guint16 auth_param_tag;
194 guint16 param_len = 0, i;
197 auth_param_tag = tvb_get_ntohs (tvb, offset);
200 while (total_len > 0) {
201 proto_tree_add_item (tree, hf_auth_dhchap_param_tag, tvb, offset,
203 proto_tree_add_item (tree, hf_auth_dhchap_param_len, tvb, offset+2,
206 auth_param_tag = tvb_get_ntohs (tvb, offset);
207 param_len = tvb_get_ntohs (tvb, offset+2)*4;
209 switch (auth_param_tag) {
210 case FC_AUTH_DHCHAP_PARAM_HASHLIST:
213 for (i = 0; i < param_len; i += 4) {
214 proto_tree_add_item (tree, hf_auth_dhchap_hash_type, tvb,
219 case FC_AUTH_DHCHAP_PARAM_DHgIDLIST:
222 for (i = 0; i < param_len; i += 4) {
223 proto_tree_add_item (tree, hf_auth_dhchap_group_type, tvb,
232 total_len -= param_len;
237 static void dissect_fcsp_dhchap_challenge (tvbuff_t *tvb, proto_tree *tree)
241 guint16 param_len, name_len;
244 proto_tree_add_item (tree, hf_auth_responder_name_type, tvb, offset,
246 name_type = tvb_get_ntohs (tvb, offset);
248 proto_tree_add_item (tree, hf_auth_responder_name_len, tvb, offset+2,
251 name_len = tvb_get_ntohs (tvb, offset+2);
253 if (name_type == FC_AUTH_NAME_TYPE_WWN) {
254 proto_tree_add_string (tree, hf_auth_responder_wwn, tvb, offset+4,
256 fcwwn_to_str (tvb_get_ptr (tvb, offset+4,
260 proto_tree_add_bytes (tree, hf_auth_responder_name, tvb, offset+4,
261 name_len, tvb_get_ptr (tvb, offset+4, name_len));
263 offset += (4+name_len);
265 proto_tree_add_item (tree, hf_auth_dhchap_hash_type, tvb, offset,
267 proto_tree_add_item (tree, hf_auth_dhchap_group_type, tvb, offset+4,
269 proto_tree_add_item (tree, hf_auth_dhchap_chal_len, tvb, offset+8,
271 param_len = tvb_get_ntohl (tvb, offset+8);
273 proto_tree_add_bytes (tree, hf_auth_dhchap_chal_value, tvb, offset+12,
275 tvb_get_ptr (tvb, offset+12, param_len));
276 offset += (param_len + 12);
278 proto_tree_add_item (tree, hf_auth_dhchap_val_len, tvb, offset, 4, 0);
279 param_len = tvb_get_ntohl (tvb, offset);
281 proto_tree_add_bytes (tree, hf_auth_dhchap_dhvalue, tvb, offset+4,
283 tvb_get_ptr (tvb, offset+4, param_len));
288 static void dissect_fcsp_dhchap_reply (tvbuff_t *tvb, proto_tree *tree)
294 proto_tree_add_item (tree, hf_auth_dhchap_rsp_len, tvb, offset, 4, 0);
295 param_len = tvb_get_ntohl (tvb, offset);
297 proto_tree_add_bytes (tree, hf_auth_dhchap_rsp_value, tvb, offset+4,
299 tvb_get_ptr (tvb, offset+4, param_len));
300 offset += (param_len + 4);
302 proto_tree_add_item (tree, hf_auth_dhchap_val_len, tvb, offset, 4, 0);
303 param_len = tvb_get_ntohl (tvb, offset);
305 proto_tree_add_bytes (tree, hf_auth_dhchap_dhvalue, tvb, offset+4,
307 tvb_get_ptr (tvb, offset+4, param_len));
308 offset += (param_len + 4);
310 proto_tree_add_item (tree, hf_auth_dhchap_chal_len, tvb, offset, 4, 0);
311 param_len = tvb_get_ntohl (tvb, offset);
313 proto_tree_add_bytes (tree, hf_auth_dhchap_chal_value, tvb, offset+4,
315 tvb_get_ptr (tvb, offset+4, param_len));
319 static void dissect_fcsp_dhchap_success (tvbuff_t *tvb, proto_tree *tree)
325 proto_tree_add_item (tree, hf_auth_dhchap_rsp_len, tvb, offset, 4, 0);
326 param_len = tvb_get_ntohl (tvb, offset);
328 proto_tree_add_bytes (tree, hf_auth_dhchap_rsp_value, tvb, offset+4,
330 tvb_get_ptr (tvb, offset+4, param_len));
335 static void dissect_fcsp_auth_negotiate (tvbuff_t *tvb, proto_tree *tree)
338 guint16 name_type, name_len, proto_type, param_len;
339 guint32 num_protos, i;
342 proto_tree_add_item (tree, hf_auth_initiator_name_type, tvb, offset,
344 name_type = tvb_get_ntohs (tvb, offset);
346 proto_tree_add_item (tree, hf_auth_initiator_name_len, tvb, offset+2,
348 name_len = tvb_get_ntohs (tvb, offset+2);
350 if (name_type == FC_AUTH_NAME_TYPE_WWN) {
351 proto_tree_add_string (tree, hf_auth_initiator_wwn, tvb, offset+4, 8,
352 fcwwn_to_str (tvb_get_ptr (tvb, offset+4, 8)));
355 proto_tree_add_bytes (tree, hf_auth_initiator_name, tvb, offset+4,
356 name_len, tvb_get_ptr (tvb, offset+4,
360 offset += (4+name_len);
362 proto_tree_add_item (tree, hf_auth_usable_proto, tvb, offset, 4, 0);
363 num_protos = tvb_get_ntohl (tvb, offset);
366 for (i = 0; i < num_protos; i++) {
367 proto_tree_add_item (tree, hf_auth_proto_param_len, tvb, offset, 4, 0);
368 param_len = tvb_get_ntohl (tvb, offset);
371 if (tvb_bytes_exist (tvb, offset, param_len)) {
372 proto_type = tvb_get_ntohl (tvb, offset);
374 proto_tree_add_item (tree, hf_auth_proto_type, tvb, offset, 4, 0);
375 switch (proto_type) {
376 case FC_AUTH_PROTO_TYPE_DHCHAP:
377 dissect_fcsp_dhchap_auth_param (tvb, tree, offset+4, param_len);
379 case FC_AUTH_PROTO_TYPE_FCAP:
390 static void dissect_fcsp_auth_done (tvbuff_t *tvb _U_, proto_tree *tree _U_)
394 static void dissect_fcsp_auth_rjt (tvbuff_t *tvb, proto_tree *tree)
399 proto_tree_add_item (tree, hf_auth_rjt_code, tvb, offset, 1, 0);
400 proto_tree_add_item (tree, hf_auth_rjt_codedet, tvb, offset+1, 1, 0);
404 static void dissect_fcsp (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
406 proto_item *ti = NULL;
409 proto_tree *fcsp_tree = NULL;
411 /* Make entry in the Info column on summary display */
412 opcode = tvb_get_guint8 (tvb, 2);
414 if (check_col (pinfo->cinfo, COL_INFO)) {
415 col_set_str (pinfo->cinfo, COL_INFO,
416 val_to_str (opcode, fcauth_msgcode_vals, "0x%x"));
420 ti = proto_tree_add_protocol_format (tree, proto_fcsp, tvb, 0,
421 tvb_length (tvb), "FC-SP");
422 fcsp_tree = proto_item_add_subtree (ti, ett_fcsp);
424 proto_tree_add_item (fcsp_tree, hf_auth_flags, tvb, offset+1, 1, 0);
425 proto_tree_add_item (fcsp_tree, hf_auth_msg_code, tvb, offset+2, 1, 0);
426 proto_tree_add_item (fcsp_tree, hf_auth_proto_ver, tvb, offset+3, 1,
428 proto_tree_add_item (fcsp_tree, hf_auth_len, tvb, offset+4, 4, 0);
429 proto_tree_add_item (fcsp_tree, hf_auth_tid, tvb, offset+8, 4, 0);
432 case FC_AUTH_MSG_AUTH_REJECT:
433 dissect_fcsp_auth_rjt (tvb, tree);
435 case FC_AUTH_MSG_AUTH_NEGOTIATE:
436 dissect_fcsp_auth_negotiate (tvb, tree);
438 case FC_AUTH_MSG_AUTH_DONE:
439 dissect_fcsp_auth_done (tvb, tree);
441 case FC_AUTH_DHCHAP_CHALLENGE:
442 dissect_fcsp_dhchap_challenge (tvb, tree);
444 case FC_AUTH_DHCHAP_REPLY:
445 dissect_fcsp_dhchap_reply (tvb, tree);
447 case FC_AUTH_DHCHAP_SUCCESS:
448 dissect_fcsp_dhchap_success (tvb, tree);
450 case FC_AUTH_FCAP_REQUEST:
451 case FC_AUTH_FCAP_ACKNOWLEDGE:
452 case FC_AUTH_FCAP_CONFIRM:
453 case FC_AUTH_FCPAP_INIT:
454 case FC_AUTH_FCPAP_ACCEPT:
455 case FC_AUTH_FCPAP_COMPLETE:
456 proto_tree_add_text (fcsp_tree, tvb, offset+12, tvb_length (tvb),
457 "FCAP Decoding Not Supported");
466 proto_register_fcsp (void)
468 /* Setup list of header fields See Section 1.6.1 for details*/
469 static hf_register_info hf[] = {
470 { &hf_auth_proto_ver,
471 {"Protocol Version", "fcsp.version", FT_UINT8, BASE_HEX, NULL,
474 {"Message Code", "fcsp.opcode", FT_UINT8, BASE_HEX,
475 VALS (fcauth_msgcode_vals), 0x0, "", HFILL}},
477 {"Flags", "fcsp.flags", FT_UINT8, BASE_HEX, NULL, 0x0, "",
480 {"Packet Length", "fcsp.len", FT_UINT32, BASE_DEC, NULL, 0x0,
483 {"Transaction Identifier", "fcsp.tid", FT_UINT32, BASE_HEX, NULL,
485 { &hf_auth_initiator_wwn,
486 {"Initiator Name (WWN)", "fcsp.initwwn", FT_STRING, BASE_HEX, NULL,
488 { &hf_auth_initiator_name,
489 {"Initiator Name (Unknown Type)", "fcsp.initname", FT_BYTES,
490 BASE_HEX, NULL, 0x0, "", HFILL}},
491 { &hf_auth_initiator_name_type,
492 {"Initiator Name Type", "fcsp.initnametype", FT_UINT16, BASE_HEX,
493 VALS (fcauth_name_type_vals), 0x0, "", HFILL}},
494 { &hf_auth_initiator_name_len,
495 {"Initiator Name Length", "fcsp.initnamelen", FT_UINT16, BASE_DEC,
496 NULL, 0x0, "", HFILL}},
497 { &hf_auth_usable_proto,
498 {"Number of Usable Protocols", "fcsp.usableproto", FT_UINT32,
499 BASE_DEC, NULL, 0x0, "", HFILL}},
501 {"Reason Code", "fcsp.rjtcode", FT_UINT8, BASE_DEC,
502 VALS (fcauth_rjtcode_vals), 0x0, "", HFILL}},
503 { &hf_auth_rjt_codedet,
504 {"Reason Code Explanation", "fcsp.rjtcodet", FT_UINT8, BASE_DEC,
505 VALS (fcauth_rjtcode_detail_vals), 0x0, "", HFILL}},
506 { &hf_auth_responder_wwn,
507 {"Responder Name (WWN)", "fcsp.rspwwn", FT_STRING, BASE_HEX, NULL,
509 { &hf_auth_responder_name,
510 {"Responder Name (Unknown Type)", "fcsp.rspname", FT_BYTES, BASE_HEX,
511 NULL, 0x0, "", HFILL}},
512 { &hf_auth_responder_name_type,
513 {"Responder Name Type", "fcsp.rspnametype", FT_UINT16, BASE_HEX,
514 VALS (fcauth_name_type_vals), 0x0, "", HFILL}},
515 { &hf_auth_responder_name_len,
516 {"Responder Name Type", "fcsp.rspnamelen", FT_UINT16, BASE_DEC,
517 NULL, 0x0, "", HFILL}},
518 { &hf_auth_dhchap_hashid,
519 {"Hash Identifier", "fcsp.dhchap.hashid", FT_UINT32, BASE_HEX, NULL, 0x0,
521 { &hf_auth_dhchap_groupid,
522 {"DH Group Identifier", "fcsp.dhchap.groupid", FT_UINT32, BASE_HEX, NULL,
524 { &hf_auth_dhchap_chal_len,
525 {"Challenge Value Length", "fcsp.dhchap.challen", FT_UINT32, BASE_DEC,
526 NULL, 0x0, "", HFILL}},
527 { &hf_auth_dhchap_val_len,
528 {"DH Value Length", "fcsp.dhchap.vallen", FT_UINT32, BASE_DEC, NULL,
530 { &hf_auth_dhchap_rsp_len,
531 {"Response Value Length", "fcsp.dhchap.rsplen", FT_UINT32, BASE_DEC,
532 NULL, 0x0, "", HFILL}},
533 { &hf_auth_proto_type,
534 {"Authentication Protocol Type", "fcsp.proto", FT_UINT32, BASE_DEC,
535 VALS (fcauth_proto_type_vals), 0x0, "", HFILL}},
536 { &hf_auth_proto_param_len,
537 {"Protocol Parameters Length", "fcsp.protoparamlen", FT_UINT32,
538 BASE_DEC, NULL, 0x0, "", HFILL}},
539 { &hf_auth_dhchap_param_tag,
540 {"Parameter Tag", "fcsp.dhchap.paramtype", FT_UINT16, BASE_HEX,
541 VALS (fcauth_dhchap_param_vals), 0x0, "", HFILL}},
542 { &hf_auth_dhchap_param_len,
543 {"Parameter Length", "fcsp.dhchap.paramlen", FT_UINT16, BASE_DEC,
544 NULL, 0x0, "", HFILL}},
545 { &hf_auth_dhchap_hash_type,
546 {"Hash Algorithm", "fcsp.dhchap.hashtype", FT_UINT32, BASE_DEC,
547 VALS (fcauth_dhchap_hash_algo_vals), 0x0, "", HFILL}},
548 { &hf_auth_dhchap_group_type,
549 {"DH Group", "fcsp.dhchap.dhgid", FT_UINT32, BASE_DEC,
550 VALS (fcauth_dhchap_dhgid_vals), 0x0, "", HFILL}},
551 { &hf_auth_dhchap_chal_value,
552 {"Challenge Value", "fcsp.dhchap.chalval", FT_BYTES, BASE_HEX,
553 NULL, 0x0, "", HFILL}},
554 { &hf_auth_dhchap_dhvalue,
555 {"DH Value", "fcsp.dhchap.dhvalue", FT_BYTES, BASE_HEX, NULL, 0x0,
557 { &hf_auth_dhchap_rsp_value,
558 {"Response Value", "fcsp.dhchap.rspval", FT_BYTES, BASE_HEX, NULL,
564 /* Setup protocol subtree array */
565 static gint *ett[] = {
569 /* Register the protocol name and description */
570 proto_fcsp = proto_register_protocol ("Fibre Channel Security Protocol",
573 register_dissector("fcsp", dissect_fcsp, proto_fcsp);
574 /* Required function calls to register the header fields and subtrees used */
575 proto_register_field_array(proto_fcsp, hf, array_length(hf));
576 proto_register_subtree_array(ett, array_length(ett));
578 data_handle = find_dissector("data");
581 /* If this dissector uses sub-dissector registration add a registration routine.
582 This format is required because a script is used to find these routines and
583 create the code that calls these routines.
586 proto_reg_handoff_fcsp (void)
588 dissector_handle_t fcsp_handle;
590 fcsp_handle = create_dissector_handle (dissect_fcsp, proto_fcsp);
592 data_handle = find_dissector ("data");