proto_ip_authentication_hdr.c

   1 /*
   2  * netsniff-ng - the packet sniffing beast
   3  * Copyright 2012 Markus Amend <markus@netsniff-ng.org>, Deutsche Flugsicherung GmbH
   4  * Subject to the GPL, version 2.
   5  *
   6  * IP Authentication Header described in RFC4302
   7  */
   8
   9 #include <stdio.h>
  10 #include <stdint.h>
  11 #include <netinet/in.h>    /* for ntohs() */
  12
  13 #include "proto.h"
  14 #include "protos.h"
  15 #include "dissector_eth.h"
  16 #include "built_in.h"
  17 #include "pkt_buff.h"
  18
  19 struct auth_hdr {
  20         uint8_t h_next_header;
  21         uint8_t h_payload_len;
  22         uint16_t h_reserved;
  23         uint32_t h_spi;
  24         uint32_t h_snf;
  25 } __packed;
  26
  27 static void auth_hdr(struct pkt_buff *pkt)
  28 {
  29         ssize_t hdr_len;
  30         size_t i;
  31         struct auth_hdr *auth_ops;
  32
  33         auth_ops = (struct auth_hdr *) pkt_pull(pkt, sizeof(*auth_ops));
  34         if (auth_ops == NULL)
  35                 return;
  36
  37         hdr_len = (auth_ops->h_payload_len * 4) + 8;
  38
  39         tprintf(" [ Authentication Header ");
  40         tprintf("NextHdr (%u), ", auth_ops->h_next_header);
  41         if (hdr_len > pkt_len(pkt) || hdr_len < 0){
  42                 tprintf("HdrLen (%u, %zd Bytes %s), ",
  43                       auth_ops->h_payload_len, hdr_len,
  44                       colorize_start_full(black, red)
  45                       "invalid" colorize_end());
  46                       return;
  47         }
  48         tprintf("HdrLen (%u, %zd Bytes), ",auth_ops->h_payload_len, hdr_len);
  49         tprintf("Reserved (0x%x), ", ntohs(auth_ops->h_reserved));
  50         /* TODO
  51          * Upgrade for Extended (64-bit) Sequence Number
  52          * http://tools.ietf.org/html/rfc4302#section-2.5.1
  53          */
  54         tprintf("SPI (0x%x), ", ntohl(auth_ops->h_spi));
  55         tprintf("SNF (0x%x), ", ntohl(auth_ops->h_snf));
  56         tprintf("ICV 0x");
  57         for (i = sizeof(struct auth_hdr); i < hdr_len; i++) {
  58                 uint8_t *data = pkt_pull(pkt, 1);
  59
  60                 if (data == NULL) {
  61                         tprintf("%sinvalid%s", colorize_start_full(black, red),
  62                                 colorize_end());
  63                         break;
  64                 }
  65
  66                 tprintf("%02x", *data);
  67         }
  68         tprintf(" ]\n");
  69
  70         pkt_set_proto(pkt, &eth_lay3, auth_ops->h_next_header);
  71 }
  72
  73 static void auth_hdr_less(struct pkt_buff *pkt)
  74 {
  75         ssize_t hdr_len;
  76         struct auth_hdr *auth_ops;
  77
  78         auth_ops = (struct auth_hdr *) pkt_pull(pkt, sizeof(*auth_ops));
  79         if (auth_ops == NULL)
  80                 return;
  81
  82         hdr_len = (auth_ops->h_payload_len * 4) + 8;
  83         if (hdr_len > pkt_len(pkt) || hdr_len < 0)
  84                 return;
  85
  86         tprintf(" AH");
  87
  88         pkt_pull(pkt, hdr_len - sizeof(*auth_ops));
  89         pkt_set_proto(pkt, &eth_lay3, auth_ops->h_next_header);
  90 }
  91
  92 struct protocol ip_auth_ops = {
  93         .key = 0x33,
  94         .print_full = auth_hdr,
  95         .print_less = auth_hdr_less,
  96 };