From: mdw Date: Wed, 15 Oct 2003 09:30:53 +0000 (+0000) Subject: Add support for Ethereal protocol analysis. X-Git-Tag: 1.0.0pre6~3 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/commitdiff_plain/165db1a8d131ee6f8244ca392c7ae2074b030774 Add support for Ethereal protocol analysis. --- diff --git a/acconfig.h b/acconfig.h index 84e4a148..f7462e36 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: acconfig.h,v 1.3 2003/07/13 11:38:39 mdw Exp $ + * $Id: acconfig.h,v 1.4 2003/10/15 09:30:18 mdw Exp $ * * Configuration header for TrIPE * @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: acconfig.h,v $ + * Revision 1.4 2003/10/15 09:30:18 mdw + * Add support for Ethereal protocol analysis. + * * Revision 1.3 2003/07/13 11:38:39 mdw * Fix formatting. * @@ -67,6 +70,11 @@ * built-in `tun' devices. */ #undef TUN_TYPE +/* Define if your Ethereal plugin headers are broken (e.g., Debian 3.0) but + * you're running some sensible ELF system, and I should try to bodge around + * the damage. */ +#undef ETHEREAL_BUGGERED + @BOTTOM@ /*----- That's all, folks -------------------------------------------------*/ diff --git a/configure.in b/configure.in index af41f1f8..b2049dcd 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ -dnl -*-fundamental-*- +dnl -*-autoconf-*- dnl -dnl $Id: configure.in,v 1.12 2003/07/13 11:54:40 mdw Exp $ +dnl $Id: configure.in,v 1.13 2003/10/15 09:30:18 mdw Exp $ dnl dnl Configuration script for TrIPE dnl @@ -28,6 +28,9 @@ dnl Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. dnl ----- Revision history -------------------------------------------------- dnl dnl $Log: configure.in,v $ +dnl Revision 1.13 2003/10/15 09:30:18 mdw +dnl Add support for Ethereal protocol analysis. +dnl dnl Revision 1.12 2003/07/13 11:54:40 mdw dnl Version bump. dnl @@ -67,7 +70,9 @@ AM_INIT_AUTOMAKE(tripe, 1.0.0pre5) AM_CONFIG_HEADER(config.h) AC_CANONICAL_HOST +AC_PROG_MAKE_SET AC_PROG_CC +AM_PROG_LIBTOOL mdw_GCC_FLAGS([-Wall]) mdw_OPT_TRACE @@ -77,6 +82,16 @@ AC_ARG_WITH([linux-includes], [CFLAGS="$CFLAGS -I$withval"], [:]) +DIRS="" +AC_ARG_WITH([ethereal], +[ --with-ethereal build and install Ethereal plugin], +[case "$withval" in + no) ethereal=false;; + yes) ethereal='${prefix}/lib/ethereal/plugins';; + *) ethereal=$withval;; +esac], +[ethereal=false]) + case $host_os in linux*) case `uname -r` in @@ -103,8 +118,59 @@ esac AC_SUBST(tun) mdw_MLIB(2.0.0) -mdw_CATACOMB(2.0.0, [CFLAGS="$CFLAGS $CATACOMB_CFLAGS"]) +mdw_CATACOMB(2.0.1, [CFLAGS="$CFLAGS $CATACOMB_CFLAGS"]) + +if test "$ethereal" != false; then + AM_PATH_GLIB([1.2.0], [], AC_MSG_ERROR([failed to find GLib]), [gmodule]) + bad=true + mdw_CFLAGS=$CFLAGS + AC_CACHE_CHECK([how to find the Ethereal headers], + [mdw_cv_ethereal_includes], [ + for i in "" "-I/usr/include/ethereal"; do + CFLAGS="$GLIB_CFLAGS $i" + AC_TRY_COMPILE([ +#include +#include +#include +], [ + dissector_handle_t dh; + dh = creat_dissector_handle(0, 0); + ], [bad=false; break]) + done + if $bad; then + AC_MSG_ERROR([failed to find Ethereal headers]) + fi + mdw_cv_ethereal_includes=$i + CFLAGS=$mdw_CFLAGS + ]) + AC_CACHE_CHECK([whether the Ethereal headers are broken], + [mdw_cv_ethereal_buggered], [ + CFLAGS="$GLIB_CFLAGS $i" + AC_TRY_COMPILE([ +#include +#include +#include +#include +], [ + G_MODULE_EXPORT void plugin_init(plugin_address_table_t *pat) + { + plugin_address_table_init(pat); + } + ], [mdw_cv_ethereal_buggered=no], [mdw_cv_ethereal_buggered=yes]) + CFLAGS=$mdw_CFLAGS + ]) + if test $mdw_cv_ethereal_buggered = yes; then + AC_DEFINE(ETHEREAL_BUGGERED) + fi + + ETHEREAL_CFLAGS="$CFLAGS $GLIB_CFLAGS $mdw_cv_ethereal_includes" + ETHEREAL_PLUGIN_DIR=$ethereal + AC_SUBST(ETHEREAL_CFLAGS) + AC_SUBST(ETHEREAL_PLUGIN_DIR) + DIRS="$DIRS ethereal" +fi -AC_OUTPUT(Makefile doc/Makefile tripe-init) +AC_SUBST(DIRS) +AC_OUTPUT(Makefile doc/Makefile ethereal/Makefile tripe-init) dnl ----- That's all, folks ------------------------------------------------- diff --git a/ethereal/.cvsignore b/ethereal/.cvsignore new file mode 100644 index 00000000..70845e08 --- /dev/null +++ b/ethereal/.cvsignore @@ -0,0 +1 @@ +Makefile.in diff --git a/ethereal/Makefile.am b/ethereal/Makefile.am new file mode 100644 index 00000000..a2c43ee3 --- /dev/null +++ b/ethereal/Makefile.am @@ -0,0 +1,46 @@ +## -*-makefile-*- +## +## $Id: Makefile.am,v 1.1 2003/10/15 09:30:19 mdw Exp $ +## +## Makefile fragment for Ethereal plugin +## +## (c) 2003 Straylight/Edgeware +## + +##----- Licensing notice ---------------------------------------------------- +## +## This file is part of Trivial IP Encryption (TrIPE). +## +## TrIPE is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## TrIPE is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with TrIPE; if not, write to the Free Software Foundation, +## Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +##----- Revision history ---------------------------------------------------- +## +## $Log: Makefile.am,v $ +## Revision 1.1 2003/10/15 09:30:19 mdw +## Add support for Ethereal protocol analysis. +## + +AUTOMAKE_OPTIONS = foreign + +CFLAGS = -I$(top_srcdir) -I$(top_builddir) @ETHEREAL_CFLAGS@ + +plugindir = @ETHEREAL_PLUGIN_DIR@ +plugin_LTLIBRARIES = tripe.la + +tripe_la_SOURCES = packet-tripe.c +tripe_la_LDFLAGS = -module -avoid-version +LIBS = + +##----- That's all, folks --------------------------------------------------- diff --git a/ethereal/cap b/ethereal/cap new file mode 100644 index 00000000..04dec611 Binary files /dev/null and b/ethereal/cap differ diff --git a/ethereal/packet-tripe.c b/ethereal/packet-tripe.c new file mode 100644 index 00000000..93f1e0e0 --- /dev/null +++ b/ethereal/packet-tripe.c @@ -0,0 +1,375 @@ +/* -*-c-*- + * + * $Id: packet-tripe.c,v 1.1 2003/10/15 09:30:19 mdw Exp $ + * + * TrIPE protocol dissector for Ethereal + * + * (c) 2003 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Trivial IP Encryption (TrIPE). + * + * TrIPE is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * TrIPE is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with TrIPE; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: packet-tripe.c,v $ + * Revision 1.1 2003/10/15 09:30:19 mdw + * Add support for Ethereal protocol analysis. + * + */ + +/*----- Header files ------------------------------------------------------*/ + +#include "config.h" + +#include +#include +#include + +#include + +#include +#include +#include + +#ifdef ETHEREAL_BUGGERED +# define plugin_address_table_t void +# define plugin_address_table_init(x) +#else +# include +#endif + +#include "tripe-protocol.h" + +/*----- Static variables --------------------------------------------------*/ + +static int proto_tripe = -1; + +typedef struct hfmp { int hf, hf_len, hf_val, tt; } hfmp; + +static int hf_tripe_cat = -1; +static int hf_tripe_packet_type = -1; +static int hf_tripe_ct = -1; +static int hf_tripe_ct_seq = -1; +static int hf_tripe_ct_iv = -1; +static int hf_tripe_ct_cbc = -1; +static int hf_tripe_ct_mac = -1; +static int hf_tripe_kx_type = -1; +static hfmp hf_tripe_kx_mychal = { -1, -1, -1, -1 }; +static int hf_tripe_kx_mycookie = -1; +static int hf_tripe_kx_yourcookie = -1; +static hfmp hf_tripe_kx_check = { -1, -1, -1, -1 }; +static int hf_tripe_huh = -1; + +static int tt_tripe = -1; +static int tt_tripe_ct = -1; + +G_MODULE_EXPORT const gchar version[] = VERSION; + +/*----- Main code ---------------------------------------------------------*/ + +static gint gethash(proto_tree *tt, int hf, tvbuff_t *b, gint off) +{ + proto_tree_add_item(tt, hf, b, off, 20, FALSE); + return (off + 20); +} + +static gint getmp(proto_tree *tt, const hfmp *hf, tvbuff_t *b, gint off) +{ + guint16 len = tvb_get_ntohs(b, off); + proto_item *ti = proto_tree_add_item(tt, hf->hf, b, off, len + 2, FALSE); + tt = proto_item_add_subtree(ti, hf->tt); + proto_tree_add_item(tt, hf->hf_len, b, off, 2, FALSE); + proto_tree_add_item(tt, hf->hf_val, b, off + 2, len, FALSE); + return (off + 2 + len); +} + +static void dissect_tripe(tvbuff_t *b, packet_info *p, proto_tree *t) +{ + proto_item *ti; + proto_tree *tt; + guint8 ty; + gint off = tvb_raw_offset(b); + guint32 seq; + + /* --- Initialize the summary cells --- */ + + if (check_col(p->cinfo, COL_PROTOCOL)) + col_set_str(p->cinfo, COL_PROTOCOL, "TrIPE"); + ty = tvb_get_guint8(b, 0); + if (check_col(p->cinfo, COL_INFO)) { + col_clear(p->cinfo, COL_INFO); + switch (ty & MSG_CATMASK) { + case MSG_PACKET: + switch (ty & MSG_TYPEMASK) { + case 0: + col_set_str(p->cinfo, COL_INFO, "Packet data"); + break; + default: + col_add_fstr(p->cinfo, COL_INFO, + "Packet data, unknown type code %u", + ty & MSG_TYPEMASK); + break; + } + break; + case MSG_KEYEXCH: + switch (ty & MSG_TYPEMASK) { + case KX_PRECHAL: + col_set_str(p->cinfo, COL_INFO, "Key exchange, prechallenge"); + break; + case KX_COOKIE: + col_set_str(p->cinfo, COL_INFO, "Key exchange, cookie"); + break; + case KX_CHAL: + col_set_str(p->cinfo, COL_INFO, "Key exchange, challenge"); + break; + case KX_REPLY: + col_set_str(p->cinfo, COL_INFO, "Key exchange, reply"); + break; + case KX_SWITCH: + col_set_str(p->cinfo, COL_INFO, "Key exchange, switch request"); + break; + case KX_SWITCHOK: + col_set_str(p->cinfo, COL_INFO, "Key exchange, switch response"); + break; + default: + col_add_fstr(p->cinfo, COL_INFO, + "Key exchange, unknown type code %u", + ty & MSG_TYPEMASK); + break; + } + break; + default: + col_add_fstr(p->cinfo, COL_INFO, + "Unknown category code %u, unknown type code %u", + ty & MSG_CATMASK, ty & MSG_TYPEMASK); + break; + } + } + + /* --- Fill in the tree --- */ + + if (t) { + ti = proto_tree_add_item(t, proto_tripe, b, 0, -1, FALSE); + tt = proto_item_add_subtree(ti, tt_tripe); + + proto_tree_add_item(tt, hf_tripe_cat, b, 0, 1, FALSE); + + off = 1; + switch (ty & MSG_CATMASK) { + case MSG_PACKET: + proto_tree_add_item(tt, hf_tripe_packet_type, b, 0, 1, FALSE); + switch (ty & MSG_TYPEMASK) { + case 0: + goto ct; + default: + goto huh; + } + break; + case MSG_KEYEXCH: + proto_tree_add_item(tt, hf_tripe_kx_type, b, 0, 1, FALSE); + switch (ty & MSG_TYPEMASK) { + case KX_PRECHAL: + off = getmp(tt, &hf_tripe_kx_mychal, b, off); + goto tail; + case KX_COOKIE: + off = getmp(tt, &hf_tripe_kx_mychal, b, off); + off = gethash(tt, hf_tripe_kx_yourcookie, b, off); + goto tail; + case KX_CHAL: + off = getmp(tt, &hf_tripe_kx_mychal, b, off); + off = gethash(tt, hf_tripe_kx_yourcookie, b, off); + off = getmp(tt, &hf_tripe_kx_check, b, off); + goto tail; + case KX_REPLY: + off = gethash(tt, hf_tripe_kx_mycookie, b, off); + off = gethash(tt, hf_tripe_kx_yourcookie, b, off); + off = getmp(tt, &hf_tripe_kx_check, b, off); + goto ct; + case KX_SWITCH: + off = gethash(tt, hf_tripe_kx_mycookie, b, off); + off = gethash(tt, hf_tripe_kx_yourcookie, b, off); + goto ct; + case KX_SWITCHOK: + goto ct; + default: + goto huh; + } + break; + default: + goto huh; + } + tail: + if (tvb_offset_exists(b, off)) + goto huh; + goto done; + huh: + proto_tree_add_item(tt, hf_tripe_huh, b, off, -1, FALSE); + goto done; + ct: + ti = proto_tree_add_item(tt, hf_tripe_ct, b, off, -1, FALSE); + seq = tvb_get_ntohl(b, off + 10); + proto_item_set_text(ti, "Encrypted ciphertext (sequence number %lu)", + (unsigned long)seq); + tt = proto_item_add_subtree(ti, tt_tripe_ct); + proto_tree_add_item(tt, hf_tripe_ct_mac, b, off, 10, FALSE); + off += 10; + proto_tree_add_item(tt, hf_tripe_ct_seq, b, off, 4, FALSE); + off += 4; + proto_tree_add_item(tt, hf_tripe_ct_iv, b, off, 8, FALSE); + off += 8; + proto_tree_add_item(ti, hf_tripe_ct_cbc, b, off, -1, FALSE); + goto done; + done:; + } +} + +void proto_register_tripe(void) +{ + static value_string vs_kxtype[] = { + { KX_PRECHAL, "KX_PRECHAL (prechallenge)" }, + { KX_COOKIE, "KX_COOKIE (cookie)" }, + { KX_CHAL, "KX_CHAL (challenge)" }, + { KX_REPLY, "KX_REPLY (reply)" }, + { KX_SWITCH, "KX_SWITCH (switch request)" }, + { KX_SWITCHOK, "KX_SWITCHOK (switch response)" }, + { 0, 0 } + }; + + static hf_register_info hfs[] = { + &hf_tripe_cat, { + "Message category", "tripe.cat", + FT_UINT8, BASE_HEX, 0, MSG_CATMASK + }, + &hf_tripe_packet_type, { + "Packet message type", "tripe.packet.type", + FT_UINT8, BASE_HEX, 0, MSG_TYPEMASK, + "This is the TrIPE packet type subcode." + }, + &hf_tripe_ct, { + "Encrypted ciphertext", "tripe.ct", + FT_BYTES, BASE_NONE, 0, 0, + "This is an encrypted message." + }, + &hf_tripe_ct_seq, { + "Ciphertext sequence number", "tripe.ct.seq", + FT_UINT32, BASE_DEC, 0, 0, + "This is the unique sequence number for the ciphertext." + }, + &hf_tripe_ct_iv, { + "Ciphertext initialization vector", "tripe.ct.iv", + FT_BYTES, BASE_NONE, 0, 0, + "This is the initialization vector used for the actual encryption." + }, + &hf_tripe_ct_cbc, { + "CBC-encrypted data", "tripe.ct.cbc", + FT_BYTES, BASE_NONE, 0, 0, + "This is the CBC-encrypted message. Reading it ought to be hard." + }, + &hf_tripe_ct_mac, { + "Message authentication code", "tripe.ct.mac", + FT_BYTES, BASE_NONE, 0, 0, + "This is the message authentication code for the ciphertext." + }, + &hf_tripe_kx_type, { + "Key-exchange message type", "tripe.kx.type", + FT_UINT8, BASE_HEX, vs_kxtype, MSG_TYPEMASK, + "This is the TrIPE key-exchange type subcode." + }, + &hf_tripe_kx_mychal.hf, { + "Sender's challenge data", "tripe.kx.mychal", + FT_BYTES, BASE_NONE, 0, 0, + "This is the sender's challenge value." + }, + &hf_tripe_kx_mychal.hf_len, { + "Challenge length", "tripe.kx.mychal.len", + FT_UINT16, BASE_DEC, 0, 0, + "This is the length of the sender's challenge value." + }, + &hf_tripe_kx_mychal.hf_val, { + "Challenge value", "tripe.kx.mychal.val", + FT_BYTES, BASE_NONE, 0, 0, + "This is the value of the sender's challenge value." + }, + &hf_tripe_kx_mycookie, { + "Sender's hashed cookie", "tripe.kx.mycookie", + FT_BYTES, BASE_NONE, 0, 0, + "This is the hash of the sender's challenge." + }, + &hf_tripe_kx_yourcookie, { + "Recipient's hashed cookie", "tripe.kx.yourcookie", + FT_BYTES, BASE_NONE, 0, 0, + "This is the hash of the recipient's challenge." + }, + &hf_tripe_kx_check.hf, { + "Challenge check-value", "tripe.kx.check", + FT_BYTES, BASE_NONE, 0, 0, + "This is an encrypted check-value which proves that the sender " + "knows the answer to the challenge, and that it is therefore honest." + }, + &hf_tripe_kx_check.hf_len, { + "Check-value length", "tripe.kx.check.len", + FT_UINT16, BASE_DEC, 0, 0, + "This is the length of the encrypted check-value." + }, + &hf_tripe_kx_check.hf_val, { + "Check-value data", "tripe.kx.check.val", + FT_BYTES, BASE_NONE, 0, 0, + "This is the actual encrypted check-value." + }, + &hf_tripe_huh, { + "Unknown data", "tripe.huh", + FT_BYTES, BASE_NONE, 0, 0, + "I don't know what's meant to appear here." + }, + }; + + static gint *tts[] = { + &tt_tripe, + &tt_tripe_ct, + &hf_tripe_kx_mychal.tt, + &hf_tripe_kx_check.tt, + }; + + proto_tripe = proto_register_protocol("TrIPE", "TrIPE", "tripe"); + proto_register_field_array(proto_tripe, hfs, array_length(hfs)); + proto_register_subtree_array(tts, array_length(tts)); +} + +void proto_reg_handoff_tripe(void) +{ + dissector_handle_t dh; + + dh = create_dissector_handle(dissect_tripe, proto_tripe); + dissector_add("udp.port", 22003, dh); +} + +G_MODULE_EXPORT void plugin_reg_handoff(void) +{ + proto_reg_handoff_tripe(); +} + +G_MODULE_EXPORT void plugin_init(plugin_address_table_t *pat) +{ + plugin_address_table_init(pat); + if (proto_tripe == -1) + proto_register_tripe(); +} + +/*----- That's all, folks -------------------------------------------------*/ diff --git a/setup b/setup index 7e4b406a..a74f9dae 100755 --- a/setup +++ b/setup @@ -3,6 +3,7 @@ set -e mklinks mkaclocal +libtoolize autoheader autoconf automake diff --git a/tripe-protocol.h b/tripe-protocol.h new file mode 100644 index 00000000..bce8f1dc --- /dev/null +++ b/tripe-protocol.h @@ -0,0 +1,117 @@ +/* -*-c-*- + * + * $Id: tripe-protocol.h,v 1.1 2003/10/15 09:30:18 mdw Exp $ + * + * Protocol definition for TrIPE + * + * (c) 2003 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Trivial IP Encryption (TrIPE). + * + * TrIPE is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * TrIPE is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with TrIPE; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: tripe-protocol.h,v $ + * Revision 1.1 2003/10/15 09:30:18 mdw + * Add support for Ethereal protocol analysis. + * + */ + +#ifndef TRIPE_PROTOCOL_H +#define TRIPE_PROTOCOL_H + +/*----- TrIPE protocol ----------------------------------------------------*/ + +/* --- TrIPE message format --- * + * + * A packet begins with a single-byte message type. The top four bits are a + * category code used to send the message to the right general place in the + * code; the bottom bits identify the actual message type. + */ + +#define MSG_CATMASK 0xf0 +#define MSG_TYPEMASK 0x0f + +/* --- Encrypted message packets --- * + * + * Messages of category @MSG_PACKET@ contain encrypted network packets. The + * message content is a symmetric-encrypted block (see below). Reception of + * a packet encrypted under a new key implicitly permits that key to be used + * to send further packets. + * + * The only packet type accepted is zero. + * + * Packets may be encrypted under any live keyset, but should use the most + * recent one. + */ + +#define MSG_PACKET 0x00 + +/* --- Key exchange packets --- */ + +#define MSG_KEYEXCH 0x10 + +#define KX_PRECHAL 0u +#define KX_COOKIE 1u +#define KX_CHAL 2u +#define KX_REPLY 3u +#define KX_SWITCH 4u +#define KX_SWITCHOK 5u +#define KX_NMSG 6u + +/* --- Symmetric encryption and keysets --- * + * + * Packets consist of an 80-bit MAC, a 32-bit sequence number, and the + * encrypted payload. + * + * The plaintext is encrypted using Blowfish in CBC mode with ciphertext + * stealing (as described in [Schneier]. The initialization vector is + * selected randomly, and prepended to the actual ciphertext. + * + * The MAC is computed using the HMAC construction with RIPEMD160 over the + * sequence number and the ciphertext (with IV); the first 80 bits of the + * output are used. (This is the minimum allowed by the draft FIPS for HMAC, + * and the recommended truncation.) + * + * A keyset consists of + * + * * an integrity (MAC) key; + * * a confidentiality (encryption) key; and + * * a sequence numbering space + * + * in each direction. The packets sent by a host encrypted under a + * particular keyset are assigned consecutive sequence numbers starting from + * zero. The receiving host must ensure that it only accepts each packet at + * most once. It should maintain a window of sequence numbers: packets with + * numbers beyond the end of the window are accepted and cause the window to + * be advanced; packets with numbers before the start of the window are + * rejected; packets with numbers which appear within the window are accepted + * only if the number has not been seen before. + * + * When a host sends a @KX_SWITCH@ or @KX_SWITCHOK@ message, it installs the + * newly-negotiated keyset in a `listen-only' state: it may not send a packet + * encrypted under the keyset until either it has received a @KX_SWITCH@ or + * @KX_SWITCHOK@ message, or a @MSG_PACKET@ encrypted under the keyset, from + * its peer. + */ + +/*----- That's all, folks -------------------------------------------------*/ + +#endif diff --git a/tripe.h b/tripe.h index 8d70c1f6..385c45a2 100644 --- a/tripe.h +++ b/tripe.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tripe.h,v 1.16 2003/07/13 11:19:49 mdw Exp $ + * $Id: tripe.h,v 1.17 2003/10/15 09:30:18 mdw Exp $ * * Main header file for TrIPE * @@ -29,9 +29,13 @@ /*----- Revision history --------------------------------------------------* * * $Log: tripe.h,v $ + * Revision 1.17 2003/10/15 09:30:18 mdw + * Add support for Ethereal protocol analysis. + * * Revision 1.16 2003/07/13 11:19:49 mdw - * Incopatible protocol fix! Include message type code under MAC tag to prevent - * cut-and-paste from key-exchange messages to general packet transport. + * Incompatible protocol fix! Include message type code under MAC tag to + * prevent cut-and-paste from key-exchange messages to general packet + * transport. * * Revision 1.15 2003/05/16 12:09:03 mdw * Allow binding to a chosen address. @@ -137,6 +141,8 @@ #include #include +#include + #include #include #include @@ -151,7 +157,7 @@ #include #include -#include "buf.h" +#include "tripe-protocol.h" #include "util.h" #undef sun @@ -188,81 +194,6 @@ #define PKBUFSZ 65536 -/*----- TrIPE protocol ----------------------------------------------------*/ - -/* --- TrIPE message format --- * - * - * A packet begins with a single-byte message type. The top four bits are a - * category code used to send the message to the right general place in the - * code; the bottom bits identify the actual message type. - */ - -#define MSG_CATMASK 0xf0 -#define MSG_TYPEMASK 0x0f - -/* --- Encrypted message packets --- * - * - * Messages of category @MSG_PACKET@ contain encrypted network packets. The - * message content is a symmetric-encrypted block (see below). Reception of - * a packet encrypted under a new key implicitly permits that key to be used - * to send further packets. - * - * The only packet type accepted is zero. - * - * Packets may be encrypted under any live keyset, but should use the most - * recent one. - */ - -#define MSG_PACKET 0x00 - -/* --- Key exchange packets --- */ - -#define MSG_KEYEXCH 0x10 - -#define KX_PRECHAL 0u -#define KX_COOKIE 1u -#define KX_CHAL 2u -#define KX_REPLY 3u -#define KX_SWITCH 4u -#define KX_SWITCHOK 5u -#define KX_NMSG 6u - -/* --- Symmetric encryption and keysets --- * - * - * Packets consist of an 80-bit MAC, a 32-bit sequence number, and the - * encrypted payload. - * - * The plaintext is encrypted using Blowfish in CBC mode with ciphertext - * stealing (as described in [Schneier]. The initialization vector is - * selected randomly, and prepended to the actual ciphertext. - * - * The MAC is computed using the HMAC construction with RIPEMD160 over the - * sequence number and the ciphertext (with IV); the first 80 bits of the - * output are used. (This is the minimum allowed by the draft FIPS for HMAC, - * and the recommended truncation.) - * - * A keyset consists of - * - * * an integrity (MAC) key; - * * a confidentiality (encryption) key; and - * * a sequence numbering space - * - * in each direction. The packets sent by a host encrypted under a - * particular keyset are assigned consecutive sequence numbers starting from - * zero. The receiving host must ensure that it only accepts each packet at - * most once. It should maintain a window of sequence numbers: packets with - * numbers beyond the end of the window are accepted and cause the window to - * be advanced; packets with numbers before the start of the window are - * rejected; packets with numbers which appear within the window are accepted - * only if the number has not been seen before. - * - * When a host sends a @KX_SWITCH@ or @KX_SWITCHOK@ message, it installs the - * newly-negotiated keyset in a `listen-only' state: it may not send a packet - * encrypted under the keyset until either it has received a @KX_SWITCH@ or - * @KX_SWITCHOK@ message, or a @MSG_PACKET@ encrypted under the keyset, from - * its peer. - */ - /*----- Cipher selections -------------------------------------------------*/ #include