diff options
Diffstat (limited to 'epan/dissectors/asn1/atn-ulcs')
-rw-r--r-- | epan/dissectors/asn1/atn-ulcs/CMakeLists.txt | 41 | ||||
-rw-r--r-- | epan/dissectors/asn1/atn-ulcs/atn-ulcs.asn | 508 | ||||
-rw-r--r-- | epan/dissectors/asn1/atn-ulcs/atn-ulcs.cnf | 587 | ||||
-rw-r--r-- | epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.c | 891 | ||||
-rw-r--r-- | epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.h | 81 |
5 files changed, 2108 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/atn-ulcs/CMakeLists.txt b/epan/dissectors/asn1/atn-ulcs/CMakeLists.txt new file mode 100644 index 00000000..c95e8025 --- /dev/null +++ b/epan/dissectors/asn1/atn-ulcs/CMakeLists.txt @@ -0,0 +1,41 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# SPDX-License-Identifier: GPL-2.0-or-later +# + +set( PROTOCOL_NAME atn-ulcs ) + +set( PROTO_OPT ) + +set( EXPORT_FILES +) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + ${PROTOCOL_NAME}.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -u ) + +set( EXTRA_CNF +) + +ASN2WRS() diff --git a/epan/dissectors/asn1/atn-ulcs/atn-ulcs.asn b/epan/dissectors/asn1/atn-ulcs/atn-ulcs.asn new file mode 100644 index 00000000..de9b94e6 --- /dev/null +++ b/epan/dissectors/asn1/atn-ulcs/atn-ulcs.asn @@ -0,0 +1,508 @@ +-- File: atn-ulcs.asn +-- Sub-Volume IV ASN.1 reference definitions for ICAO Doc. 9705, +-- Second Edition +-- Version 1.1, 03 Oct 2001 + +-- The majority of the ULCS protocol definitions are specified in the ULCS +-- Technical Provisions by reference to ISO/IEC Standards and/or ITU-T +-- Recommendations. The ASN.1 definitions are reproduced here for ease of +-- reference and to allow explanatory annotations to be added. In the case of +-- any discrepancy between the definitions here and the corresponding +-- definitions defined in or referenced by the ULCS Technical Provisions, +-- the latter are assumed to take precedence. + +-- The following ASN.1 modules are included here: + +-- * General ULCS types. These are ASN.1 definitions used in the ULCS +-- Technical Provisions, though there is no equivalent ASN.1 module +-- defined there. The definitions in this module would generally be +-- incorporated into a wider "user" protocol module if using ASN.1 automated +-- tools. They are defined in a separate module here so that their syntax can +-- easily be verified by an ASN.1 syntax checker. + +-- * Connection-oriented ACSE definitions. This is equivalent to the "ACSE-1" +-- module defined in the connection-oriented ACSE protocol standard. + +-- * Information Framework. This is an extract of relevant definitions from the +-- InformationFramework module in the OSI standard "Directory : Models". The +-- types defined in this module are not actively used in the ULCS protocol, but +-- they are needed to satisfy IMPORTS statements in the ACSE definitions, and +-- to allow certain CHOICE types in the ACSE definitions to be sorted correctly +-- into canonical order. + + +-- Note.- In the following definitions, the ASN.1 comment " X" indicates +-- choice elements and optional elements in sequence types that are defined as +-- "Excluded" in the ULCS profile. That is, implementations of ULCS provisions +-- are never required to encode values for such elements (though they are +-- required to indicate the absence of these elements in all instances, by means +-- of bits in the appropriate PER preamble or choice index). + + +-- General ULCS types + +ULCS DEFINITIONS ::= BEGIN +-- *************************************************************************** +-- The following ASN.1 definitions are from Doc 9705 Sub-Volume IV, +-- section 4.3.2.6.2 +-- *************************************************************************** + +--Presentation User Data is Fully-encoded-data from +--ISO/IEC 8823-1:1994/Amd.1:1997 | ITU-T Rec. X.226/Amd. 1 + +--Fully-encoded-data ::= SEQUENCE SIZE (1, ...) OF PDV-list +Fully-encoded-data ::= SEQUENCE SIZE (1, ..., 2..MAX) OF PDV-list +-- contains one or more presentation-data-value-list (PDV-list) values +-- ATN commentary: The SIZE constraint above differs from the referenced +-- standard, which specifies (in 8.2): +-- Fully-encoded-data ::= SEQUENCE SIZE (1, ..., 2..MAX) OF PDV-list. +-- The ULCS provisions specify a simplified, but compatible, efficiency +-- constraint as there will never be more than one element in the SEQUENCE OF +-- for the foreseeable future. +-- This simplifies matters for some compilers. + +PDV-list ::= SEQUENCE { + transfer-syntax-name Transfer-syntax-name OPTIONAL, -- X + presentation-context-identifier Presentation-context-identifier, + presentation-data-values CHOICE + { single-ASN1-type [0] ABSTRACT-SYNTAX.&Type + (CONSTRAINED BY { + -- Type corresponding to presentation context identifier -- }) , -- X + octet-aligned [1] IMPLICIT OCTET STRING, -- X + arbitrary [2] IMPLICIT BIT STRING } + -- contains one or more presentation data values from the same + -- presentation context. + -- ATN Commentary: only the arbitrary BIT STRING encoding choice is used. +} + +Transfer-syntax-name ::= OBJECT IDENTIFIER -- ATN: not used for ATN Upper Layers + +Presentation-context-identifier::= INTEGER -- ATN: the following values are + -- ATN-specific +{ acse-apdu (1), + reserved (2), + user-ase-apdu (3) } (1..127, ... ) +-- ATN commentary: The SIZE constraint above differs from the referenced +-- standard, which specifies (in 8.2): +-- Presentation-context-identifier::= INTEGER (1..127, ..., 128..MAX ). +-- The ULCS provisions specify a simplified, but compatible, efficiency +-- constraint as there will never be more than 127 presentation contexts in +-- ATN for the foreseeable future. +-- This simplifies matters for some compilers. The list of defined values is +-- shown here for guidance only, and has no effect on the PER encoding. + + +END -- of ULCS definitions + +-- Connection-oriented ACSE definitions +--************************************************************************* +-- The ACSE abstract syntax from ISO/IEC 8650-1/Amd.1 | ITU-T Rec. X.227/ +-- Amd. 1 is reproduced here for ease of reference. In case of any discrepancy, +-- the ISO/IEC standard takes precedence. +--************************************************************************* + +ACSE-1 {joint-iso-itu-t association-control(2) modules(0) apdus(0) version1(1)} +-- ACSE-1 refers to ACSE version 1 +DEFINITIONS ::= +BEGIN + EXPORTS + acse-as-id, ACSE-apdu, aCSE-id, Application-context-name, AP-title, + AE-qualifier, -- AE-title, (ATN: AE-title is not needed) + AP-invocation-identifier, + AE-invocation-identifier, Mechanism-name, Authentication-value, + ACSE-requirements; + IMPORTS Name, RelativeDistinguishedName + FROM InformationFramework + { joint-iso-ccitt ds(5) module(1) informationFramework(1) 2 }; + -- The data types Name and RelativeDistinguishedName are imported + -- from ISO/IEC 9594-2 | ITU-T Rec. X.501. + -- ATN Commentary: The relevant InformationFramework extracts are given + -- below. + +-- ************************************************************************* +-- EXTERNAL +-- ************************************************************************* + +-- EXTERNAL is an ASN.1 UNIVERSAL type. The definition in the PER standard +-- ISO/IEC 8825-2 | ITU-T Rec. X.691 is assumed for ACSE. +-- The type is used in ACSE user-information +-- fields. ASN.1 compilers will not in general allow EXTERNAL to be +-- redefined (therefore 'EXTERNALt'), +-- and it is invalid ASN.1 to define a type with tag [UNIVERSAL 8] +-- +-- Workaround for bug in asn2wrs in the .cnf file +-- to handle the lack of support for tagged assignments. +-- remove that workaround once asn2wrs learns how to handle +-- tagged assignments. +-- +EXTERNALt ::= [8] IMPLICIT SEQUENCE { + direct-reference OBJECT IDENTIFIER OPTIONAL, -- X + indirect-reference INTEGER OPTIONAL, + data-value-descriptor ObjectDescriptor OPTIONAL, -- X + encoding CHOICE { + single-ASN1-type [0] ABSTRACT-SYNTAX.&Type, + octet-aligned [1] IMPLICIT OCTET STRING, -- X + arbitrary [2] IMPLICIT BIT STRING }} +-- ATN: implementations are advised to use arbitrary (BIT STRING) +-- encodings only (see Guidance Material section 2.6.5.21). +-- BIT STRING values are not padded to octet boundaries. + + +-- object identifier assignments +acse-as-id OBJECT IDENTIFIER ::= +{joint-iso-itu-t association-control(2) abstract-syntax(1) apdus(0) version1(1)} + -- may be used to reference the abstract syntax of the ACSE APDUs +aCSE-id OBJECT IDENTIFIER ::= +{ joint-iso-itu-t association-control(2) ase-id(3) acse-ase(1) version(1) } + -- may be used to identify the Association Control ASE. + +-- top level CHOICE +ACSE-apdu ::= CHOICE +{ + aarq AARQ-apdu, -- ACSE associate request pdu + aare AARE-apdu, -- ACSE associate response pdu + rlrq RLRQ-apdu, -- ACSE release request pdu + rlre RLRE-apdu, -- ACSE release response pdu + abrt ABRT-apdu, -- ACSE abort pdu + ... +} + +AARQ-apdu ::= [ APPLICATION 0 ] IMPLICIT SEQUENCE +{ protocol-version [0] IMPLICIT BIT STRING { version1 (0) } DEFAULT { version1 }, -- X + application-context-name [1] Application-context-name, + called-AP-title [2] AP-title OPTIONAL, -- X + called-AE-qualifier [3] AE-qualifier OPTIONAL, -- X + called-AP-invocation-identifier [4] AP-invocation-identifier OPTIONAL, -- X + called-AE-invocation-identifier [5] AE-invocation-identifier OPTIONAL, -- X + calling-AP-title [6] AP-title OPTIONAL, + calling-AE-qualifier [7] AE-qualifier OPTIONAL, + calling-AP-invocation-identifier [8] AP-invocation-identifier OPTIONAL, -- X + calling-AE-invocation-identifier [9] AE-invocation-identifier OPTIONAL, -- X + -- The following field is not present if only the Kernel is used. + -- ATN: For Doc 9705 ed 1/ed 2, only the Kernel is required. + sender-acse-requirements [10] IMPLICIT ACSE-requirements OPTIONAL, + -- The following field is only present if the Authentication functional + -- unit is selected. ATN: not used in Doc 9705 ed 1/ed 2. + mechanism-name [11] IMPLICIT Mechanism-name OPTIONAL, + -- The following field is only present if the Authentication functional + -- unit is selected. ATN: use is deprecated in Doc 9705 ed 1/ed 2. + calling-authentication-value [12] EXPLICIT Authentication-value OPTIONAL, + application-context-name-list [13] IMPLICIT Application-context-name-list OPTIONAL, -- X + -- The above field is only present if the Application Context Negotiation + -- functional unit is selected - never for ATN + implementation-information [29] IMPLICIT Implementation-data OPTIONAL, -- X + ..., ..., -- ATN: Note use of extension marker pair + user-information [30] IMPLICIT Association-information OPTIONAL +} + + +AARE-apdu ::= [ APPLICATION 1 ] IMPLICIT SEQUENCE +{ protocol-version [0] IMPLICIT BIT STRING{ version1 (0) } + DEFAULT { version1 }, -- X + application-context-name [1] Application-context-name, + result [2] Associate-result, + result-source-diagnostic [3] Associate-source-diagnostic, + responding-AP-title [4] AP-title OPTIONAL, -- X + responding-AE-qualifier [5] AE-qualifier OPTIONAL, -- X + responding-AP-invocation-identifier [6] AP-invocation-identifier OPTIONAL, -- X + responding-AE-invocation-identifier [7] AE-invocation-identifier OPTIONAL, -- X + -- The following field is not present if only the Kernel is used. + -- ATN: For Doc 9705 ed 1/ed 2, only the Kernel is required. + responder-acse-requirements [8] IMPLICIT ACSE-requirements OPTIONAL, + -- The following field is only present if the Authentication functional + -- unit is selected. ATN: not used in Doc 9705 ed 1/ed 2. + mechanism-name [9] IMPLICIT Mechanism-name OPTIONAL, + -- The following field is only present if the Authentication functional + -- unit is selected. ATN: use is deprecated in Doc 9705 ed 1/ed 2. + responding-authentication-value [10] EXPLICIT Authentication-value OPTIONAL, + application-context-name-list [11] IMPLICIT Application-context-name-list + OPTIONAL, -- X + -- The above field is only present if the Application Context Negotiation + -- functional unit is selected - never for ATN + implementation-information [29] IMPLICIT Implementation-data OPTIONAL, --X + ..., ..., -- ATN: Note use of extension marker pair + user-information [30] IMPLICIT Association-information OPTIONAL +} + + +RLRQ-apdu ::= [ APPLICATION 2 ] IMPLICIT SEQUENCE +{ reason [0] IMPLICIT Release-request-reason OPTIONAL, + ..., ..., -- ATN: Note use of extension marker pair + user-information [30] IMPLICIT Association-information OPTIONAL +} + + +RLRE-apdu ::= [ APPLICATION 3 ] IMPLICIT SEQUENCE +{ reason [0] IMPLICIT Release-response-reason OPTIONAL, + ..., ..., -- ATN: Note use of extension marker pair + user-information [30] IMPLICIT Association-information OPTIONAL +} + + +ABRT-apdu ::= [ APPLICATION 4 ] IMPLICIT SEQUENCE +{ abort-source [0] IMPLICIT ABRT-source, + abort-diagnostic [1] IMPLICIT ABRT-diagnostic OPTIONAL, + -- The above field is not present if only the Kernel is used. + -- ATN: For Doc 9705 ed 1/ed 2, only the Kernel is required. + ..., ..., -- ATN: Note use of extension marker pair + user-information [30] IMPLICIT Association-information OPTIONAL +} + + +ABRT-diagnostic ::= ENUMERATED +{ no-reason-given (1), + protocol-error (2), + authentication-mechanism-name-not-recognized (3), + authentication-mechanism-name-required (4), + authentication-failure (5), + authentication-required (6), + ... } + +ABRT-source ::= INTEGER { acse-service-user (0), acse-service-provider (1)} (0..1, ...) + +ACSE-requirements ::= BIT STRING +{ authentication (0), application-context-negotiation(1) } +-- ATN commentary: application-context-negotiation (bit 1) is +-- never set for ATN ULCS. Use of authentication is deprecated +-- for Doc 9705 ed 1/ed 2. + +Application-context-name-list ::= SEQUENCE OF Application-context-name +-- ATN Commentary: the above type is not used for ATN ULCS. + +Application-context-name ::= OBJECT IDENTIFIER + +-- *************************************************************************** +-- Application-entity title productions follow (not in alphabetical order) +-- *************************************************************************** +-- MG: asn2wrs cannot handle untagged CHOICEs within either a SET or a SEQUENCE. +-- https://gitlab.com/wireshark/wireshark/-/wikis/Asn2wrs_Handmassaging_the_ASN_file +AP-title ::= CHOICE { -- ATN: See encoding guidance in 2.5.11 + -- "form2" is encoded as 0 and "form1" as 1 + ap-title-form2 [0] IMPLICIT AP-title-form2, -- Object Identifier form + ap-title-form1 [1] IMPLICIT AP-title-form1, -- X (Directory name form) + ... } + +AE-qualifier ::= CHOICE {-- ATN: See encoding guidance in 2.5.11 + -- "form2" is encoded as 0 and "form1" as 1 + ae-qualifier-form2 [0] IMPLICIT AE-qualifier-form2, -- INTEGER form + ae-qualifier-form1 [1] IMPLICIT AE-qualifier-form1, -- X (RDN form) + ... } +-- ATN commentary: AE-qualifier is set to "app-type" in Doc 9705 1st and +-- 2nd editions. For forward compatibility, the value should not be +-- analysed. + +-- When both AP-title and AE-qualifier data values are present in an AARQ or +-- AARE APDU, both have the same form to allow the construction of an +-- AE-title as discussed in CCITT Rec. X.665 | ISO/IEC 9834-6. + +AP-title-form1 ::= Name -- ATN: Not used for ATN ULCS +-- The value assigned to AP-title-form1 is The Directory Name of an +-- application-process title. + +AE-qualifier-form1 ::= RelativeDistinguishedName -- ATN: Not used for ULCS +-- The value assigned to AE-qualifier-form1 is the relative distinguished name +-- of a particular application-entity of the application-process identified by +-- AP-title-form1. + +AP-title-form2 ::= OBJECT IDENTIFIER + +AE-qualifier-form2 ::= INTEGER + +-- ATN commentary: The AE-title productions below are commented out, +-- as they are not required for ATN ULCS. +-- AE-title ::= CHOICE { +-- ae-title-form1 AE-title-form1, +-- ae-title-form2 AE-title-form2, +-- ... } +-- +-- As defined in CCITT Rec. X.650 | ISO 7498-3, an application-entity title is +-- composed of an application-process title and an application-entity qualifier. +-- The ACSE protocol provides for the transfer of an application-entity title +-- value by the transfer of its component values. However, the following data +-- type is provided for International Standards that reference a single +-- syntactic structure for AE titles. (Not used for ATN ULCS) +-- +-- AE-title-form1 ::= Name +-- For access to The Directory (ITU-T Rec. X.500-Series | ISO/IEC 9594), an +-- AE title has AE-title-form1. +-- This value can be constructed from AP-title-form1 and AE-qualifier-form1 +-- values contained in an AARQ or AARE APDU. A discussion of forming an +-- AE-title-form1 from AP-title-form1 and AE-qualifier-form1 may be found in +-- CCITT Rec. X.665 | ISO/IEC 9834-6. +-- +-- AE-title-form2 ::= OBJECT IDENTIFIER +-- A discussion of forming an AE-title-form2 from AP-title-form2 and +-- AE-qualifier-form2 may be found in CCITT Rec. X.665 | ISO/IEC 9834-6. + +AE-invocation-identifier ::= INTEGER -- ATN: not used in ULCS +AP-invocation-identifier ::= INTEGER -- ATN: not used in ULCS +-- End of Application-entity title productions +-- *************************************************************************** + +Associate-result ::= INTEGER +{ accepted (0), + rejected-permanent (1), + rejected-transient (2) } (0..2, ...) + +Associate-source-diagnostic ::= CHOICE +{ acse-service-user [1] INTEGER + { null (0), + no-reason-given (1), + application-context-name-not-supported (2), + calling-AP-title-not-recognized (3), + calling-AP-invocation-identifier-not-recognized (4), + calling-AE-qualifier-not-recognized (5), + calling-AE-invocation-identifier-not-recognized (6), + called-AP-title-not-recognized (7), + called-AP-invocation-identifier-not-recognized (8), + called-AE-qualifier-not-recognized (9), + called-AE-invocation-identifier-not-recognized (10), + authentication-mechanism-name-not-recognized (11), + authentication-mechanism-name-required (12), + authentication-failure (13), + authentication-required (14) } (0..14 , ...), + acse-service-provider [2] INTEGER + { null (0), + no-reason-given (1), + no-common-acse-version (2) } (0..2 , ...) +} + +Association-information ::= SEQUENCE SIZE (1, ..., 0 | 2..MAX) OF EXTERNALt +-- ATN: No SIZE extensions are defined, only one EXTERNAL element is present + + + +Implementation-data ::= OCTET STRING -- ATN: Not used for ULCS + +Mechanism-name ::= OBJECT IDENTIFIER -- ATN: Not used for ULCS + +MECHANISM-NAME ::=TYPE-IDENTIFIER -- ATN: Not used for ULCS + +ObjectSet MECHANISM-NAME ::= {...} -- ATN: Not used for ULCS + +Release-request-reason ::= INTEGER {normal (0), urgent (1), user-defined (30)} (0 | 1 | 30, ...) + +Release-response-reason ::= INTEGER {normal (0), not-finished (1), user-defined (30)} (0 | 1 | 30, ...) +-- ATN commentary: For the above two types, see the encoding guidance in 2.5.10 +-- Values are encoded in 5 bits, not 3 as might be expected. + +Authentication-value ::= CHOICE -- ATN: use is deprecated in ed 1/ed 2 +{ charstring [0] IMPLICIT OCTET STRING, + bitstring [1] IMPLICIT BIT STRING, + external [2] IMPLICIT EXTERNAL, + other [3] IMPLICIT SEQUENCE { +-- other-mechanism-name MECHANISM-NAME.&id ({ObjectSet}), + other-mechanism-name OBJECT IDENTIFIER, +-- other-mechanism-value MECHANISM-NAME.&Type ({ObjectSet}{@.other-mechanism-name}) + other-mechanism-value ANY + } -- X +} +-- The abstract syntax of (calling/responding) authentication-value is +-- determined by the authentication mechanism used during association +-- establishment. The authentication mechanism is either explicitly +-- denoted by the &id field (of type OBJECT IDENTIFIER) for a mechanism +-- belonging to the class MECHANISM-NAME, or it is known implicitly by +-- prior agreement between the communicating partners. If the "other" +-- component is chosen, then the "mechanism-name" component is present +-- in accordance with ITU-T Rec. X.680|ISO/IEC 8824. If the value +-- "mechanism-name" occurs in the AARQ-apdu or the AARE-apdu, then that +-- value is the same as the value for "other-mechanism-name" +END -- of Connection-Oriented ACSE definitions + + +-- ************************************************************************* +-- The following definitions are adapted from the Directory standard +-- ISO/IEC 9594-2:1993 | ITU-T Rec. X.501 (1993 E). In case of any discrepancy, +-- the ISO/IEC standard takes precedence. +-- ************************************************************************* + +InformationFramework {joint-iso-ccitt ds(5) module(1) informationFramework(1) 2} +DEFINITIONS ::= +BEGIN +EXPORTS Name, RelativeDistinguishedName; + +Name ::= CHOICE {rdnSequence RDNSequence} +-- only one CHOICE defined + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF AttributeTypeAndValue + +AttributeTypeAndValue ::= SEQUENCE { +-- ATN commentary: The following line has been inserted to allow the Name and +-- RelativeDistinguishedName types, as used by ACSE, to be resolved by an +-- ASN.1 compiler, without introducing the unnecessary complexity +-- Of the ATTRIBUTE information object class, which is used in the +-- Directory standards. + null NULL} +-- The "real" components of AttributeTypeAndValue follow. They have been +-- commented out here, but could be restored if required, for example, for +-- sharing data types with a Directory implementation. The syntax has been +-- verified by the OSS syntax checker. +-- type ATTRIBUTE.&id ({SupportedAttributes}), +-- value ATTRIBUTE.&Type ({SupportedAttributes} {@type}) +--} + +--SupportedAttributes ATTRIBUTE ::= +-- {objectClass | aliasedEntryName, ...} + +-- ATN Commentary: ATTRIBUTE is an information object class, specified in +-- ISO/IEC 9594-2 | ITU-T Rec. X.501, using the notation defined in +-- ISO/IEC 8824-2 | ITU-T Rec. X.681. However, for ULCS implementation, it +-- is only necessary to note that the ACSE CHOICE types AP-title, +-- AE-qualifier and AE-title are all constrained to be the "form 2" variants, +-- with types Object Identifier, Integer and Object Identifier, respectively. +-- It is however necessary to know the syntax of the "form 1" variants (Name, +-- RelativeDistinguishedName and Name, respectively) so that the CHOICE +-- elements can be sorted into canonical order, based on their ASN.1 types, +-- for PER encoding (see 2.5.11). +-- +--ATTRIBUTE ::= CLASS { +-- &derivation ATTRIBUTE OPTIONAL, +-- &Type OPTIONAL, +-- &equality-match MATCHING-RULE OPTIONAL, +-- &ordering-match MATCHING-RULE OPTIONAL, +-- &substrings-match MATCHING-RULE OPTIONAL, +-- &single-valued BOOLEAN DEFAULT FALSE, +-- &collective BOOLEAN DEFAULT FALSE, +-- &no-user-modification BOOLEAN DEFAULT FALSE, +-- &usage AttributeUsage DEFAULT userApplications, +-- &id OBJECT IDENTIFIER UNIQUE } +-- +--MATCHING-RULE ::= CLASS { +-- &AssertionType OPTIONAL, +-- &id OBJECT IDENTIFIER UNIQUE } + +--objectClass ATTRIBUTE ::= { +-- &Type OBJECT IDENTIFIER, +-- &id id-at-objectClass +--} +-- +--aliasedEntryName ATTRIBUTE ::= { +-- &Type OBJECT IDENTIFIER, +-- &id id-at-aliasedEntryName +--} +-- +--AttributeUsage ::= ENUMERATED { +-- userApplications (0), +-- directoryOperation (1), +-- distributedOperation (2), +-- dSAOperation (3) } +-- +--id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} +--id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} +--id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt ds(5) attributeType(4)} + +END -- of Directory Information Framework extracts +-- +-- Editor modelines - https://www.wireshark.org/tools/modelines.html +-- +-- Local variables: +-- c-basic-offset: 4 +-- tab-width: 8 +-- indent-tabs-mode: nil +-- End: +-- +-- vi: set shiftwidth=4 tabstop=8 expandtab: +-- :indentSize=4:tabSize=8:noTabs=true: +-- diff --git a/epan/dissectors/asn1/atn-ulcs/atn-ulcs.cnf b/epan/dissectors/asn1/atn-ulcs/atn-ulcs.cnf new file mode 100644 index 00000000..793a4509 --- /dev/null +++ b/epan/dissectors/asn1/atn-ulcs/atn-ulcs.cnf @@ -0,0 +1,587 @@ +#.MODULE_IMPORT + +#.FIELD_RENAME +AARQ-apdu/protocol-version aarq-apdu_protocol-version +AARE-apdu/protocol-version aare-apdu_protocol-version +RLRE-apdu/reason rlre-apdu_response_reason +RLRQ-apdu/reason rlrq-apdu_request_reason +EXTERNALt/encoding/single-ASN1-type externalt_encoding_single-asn1-type +EXTERNALt/encoding/arbitrary externalt_encoding_arbitrary +EXTERNALt/encoding/octet-aligned externalt_encoding_octet-aligned +PDV-list/presentation-data-values/single-ASN1-type pdv-list_presentation-data-values_single-asn1-type +PDV-list/presentation-data-values/arbitrary pdv-list_presentation-data-values_arbitrary +#.END + +#.PDU + Fully-encoded-data + ACSE-apdu +#.END + + +#.FN_PARS Release-request-reason + VAL_PTR=&reason +#.END + + +#.FN_BODY Presentation-context-identifier + + offset = dissect_per_constrained_integer( + tvb, + offset, + actx, + tree, + hf_index, + 1U, + 127U, + &ulcs_context_value, + TRUE); + +#.END + +#.FN_BODY PDV-list/presentation-data-values/arbitrary + + packet_info * pinfo = actx->pinfo; + tvbuff_t *tvb_usr = NULL; + proto_tree *atn_ulcs_tree = NULL; + atn_conversation_t *atn_cv = NULL; + heur_dtbl_entry_t *hdtbl_entry; + + /* extract bitstring into new tvb buffer */ + offset = dissect_per_bit_string( + tvb, + offset, + actx, + tree, + hf_index, + NO_BOUND, + NO_BOUND, + FALSE, + NULL, + 0, + &tvb_usr, + NULL); + + if (tvb_usr) { + /* call appropiate dissector for bitstring data */ + switch(ulcs_context_value){ + case 1: /* ACSE PDU*/ + atn_ulcs_tree = proto_tree_add_subtree( + root_tree, tvb, offset, 0, + ett_atn_acse, NULL, ATN_ACSE_PROTO ); + + dissect_ACSE_apdu_PDU( + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + atn_ulcs_tree, NULL); + break; + case 3: /* USER data; call subdissector for CM, CPDLC ... */ + + /* using dstref for PDV-list only occurrs in DT */ + atn_cv = find_atn_conversation( + &pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src); + + if(atn_cv) { + switch(atn_cv->ae_qualifier){ + case cma: /* contact management */ + call_dissector_with_data( + atn_cm_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + case cpdlc: /* plain old cpdlc */ + case pmcpdlc: /* protected mode cpdlc */ + call_dissector_with_data( + atn_cpdlc_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + default: /* unknown or unhandled datalink application */ + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + &hdtbl_entry, + NULL); + break; + } + } + else{ + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + &hdtbl_entry, + NULL); + } + break; + default: + break; + } /* switch(ulcs_context_value) */ + } + +#.END + + +#.FN_BODY Authentication-value/other/other-mechanism-value + + offset=call_ber_oid_callback( + object_identifier_id, + tvb, + offset, + actx->pinfo, + tree, NULL); + +#.END + +#.FN_BODY Mechanism-name + + offset = dissect_per_object_identifier( + tvb, + offset, + actx, + tree, + hf_index, + NULL); + +#.END + + +#.FN_BODY Authentication-value/other/other-mechanism-value + + offset=call_ber_oid_callback( + object_identifier_id, + tvb, + offset, + actx->pinfo, + tree, NULL); + +#.END + +#.FN_BODY AE-qualifier-form2 + packet_info * pinfo = actx->pinfo; + atn_conversation_t *atn_cv = NULL; + guint32 ae_qualifier = 0; + + /* dissect ae-qualifier */ + offset = dissect_per_integer( + tvb, + offset, + actx, + tree, + hf_index, + &ae_qualifier); + + + /*note: */ + /* the field "calling-AE-qualifier" is optional, */ + /* which means that we can exploit it only if it is present. */ + /* We still depend on heuristical decoding of CM, CPDLC PDU's otherwise. */ + + /* AARQ/DT: dstref present, srcref is always zero */ + if((pinfo->clnp_dstref) && (!pinfo->clnp_srcref)){ + atn_cv = find_atn_conversation(&pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src ); + } + + /* AARQ/CR: srcref present, dstref is always zero */ + if((!pinfo->clnp_dstref) && (pinfo->clnp_srcref)){ + atn_cv = find_atn_conversation(&pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst ); + } + + if(atn_cv){ + atn_cv->ae_qualifier = ae_qualifier; + } +#.END + +#.FN_BODY AARQ-apdu + packet_info * pinfo = actx->pinfo; + aarq_data_t *aarq_data = NULL; + atn_conversation_t *atn_cv = NULL; + guint32 aircraft_24_bit_address = 0; + + /* AARQ/DT: dstref present, srcref is always zero */ + if((pinfo->clnp_dstref) && (!pinfo->clnp_srcref)){ + + atn_cv = find_atn_conversation( + &pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src ); + if(!atn_cv){ + atn_cv = wmem_new(wmem_file_scope(), atn_conversation_t); + atn_cv->ae_qualifier = unknown; + create_atn_conversation(&pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src , + atn_cv); + } + } + + /* AARQ/CR: srcref present, dstref is always zero */ + if((!pinfo->clnp_dstref) && (pinfo->clnp_srcref)){ + atn_cv = find_atn_conversation(&pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst ); + if(!atn_cv){ + atn_cv = wmem_new(wmem_file_scope(), atn_conversation_t); + atn_cv->ae_qualifier = unknown; + create_atn_conversation(&pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst , + atn_cv); + } + } + + /* conversation is to be created prior to decoding */ + /* of "AE-qualifier-form2" which takes place here: */ + %(DEFAULT_BODY)s + + + /* save AARQ packet data to create a conversation */ + /* when decoding the following AARE PDU */ + /* ATN applications CM and CPDLC are air/ground applications */ + /* so there is always an aircraft (with its 24-bit address) */ + /* and a ground facility. */ + /* the assumption is that there is only one open AARQ/AARE */ + /* dialog per aircraft at a time. */ + /* the aircraft's 24-bit address is used as a key to each AARQ */ + /* data. AARQ data is used to create a conversation with */ + /* air and ground endpoints (based on NSAP's and transport references) */ + /* when decoding AARE.*/ + /* note: */ + /* it may be more robust to create the conversation */ + /* in the "ositp" dissector an to merely use the conversation here */ + aircraft_24_bit_address = + get_aircraft_24_bit_address_from_nsap(pinfo); + + /* search for aarq entry */ + aarq_data = (aarq_data_t *) wmem_tree_lookup32( + aarq_data_tree, + aircraft_24_bit_address); + + if(!aarq_data){ /* aarq data not found, create new record */ + + /* alloc aarq data */ + aarq_data = wmem_new(wmem_file_scope(), aarq_data_t); + aarq_data-> aarq_pending = FALSE; + + /* insert aarq data */ + wmem_tree_insert32(aarq_data_tree ,aircraft_24_bit_address,(void*)aarq_data); + } + + /* check for pending AARQ/AARE sequences */ + /* if "aarq_data-> aarq_pending" is set this means that there is already one */ + /* AARQ/AARE sequence pending (is unwise to overwrite AARE/AARQ) */ + if (aarq_data-> aarq_pending == FALSE ) { + + /* init aarq data */ + memset(aarq_data,0,sizeof(aarq_data_t)); + + aarq_data->cv = atn_cv; + aarq_data-> aarq_pending = TRUE; + } + +#.END + + +#.FN_BODY AARE-apdu + packet_info * pinfo = actx->pinfo; + guint32 aircraft_24_bit_address = 0 ; + atn_conversation_t *atn_cv = NULL; + aarq_data_t *aarq_data = NULL; + + /* get AARQ data and use it to create a new conversation, */ + /* the conversation is used along with */ + /* AARQ's "calling ae qualifier" to determine the */ + /* type of air/ground application of each subsequent frame.*/ + /* we use this information to invoke the correct application dissector. */ + /* note: */ + /* heuristical decoding of ASN1 will not work for all cases, */ + /* for there may be CM PDU's which will exactly look like CPDLC PDU'S */ + + /* get 24-bit icao address */ + aircraft_24_bit_address = get_aircraft_24_bit_address_from_nsap(pinfo); + + /* search for aarq entry */ + aarq_data = (aarq_data_t *) wmem_tree_lookup32( + aarq_data_tree, + aircraft_24_bit_address); + + /* no aarq data present, do nothing */ + /* without both ends of the conversation and without */ + /* the "calling ae-qualifier there is no point in setting up "*/ + /* a conversation */ + if(!aarq_data) { + + return offset; + } + + /* AARE/DT: dstref present, srcref is always zero */ + if((pinfo->clnp_dstref) && (!pinfo->clnp_srcref)){ + + atn_cv = find_atn_conversation(&pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src ); + + if(!atn_cv){ /* conversation not fond */ + + /* DT has only dstref - create new conversation */ + create_atn_conversation(&pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src , + aarq_data->cv); + } + } + + /* AARE/CC: srcref and dstref present */ + if((pinfo->clnp_dstref) && (pinfo->clnp_srcref)){ + + atn_cv = find_atn_conversation( + &pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst); + + if(atn_cv){ /* conversation found. */ + + /* create new conversation for dstref */ + create_atn_conversation(&pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src , + aarq_data->cv); + + }else { /* no conversation found */ + /* as CC contains srcref *and* dstref we use both to create new records */ + create_atn_conversation(&pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst , + aarq_data->cv); + create_atn_conversation(&pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src , + aarq_data->cv); + } + } + + /* clear aarq data */ + memset(aarq_data,0,sizeof(aarq_data_t)); + aarq_data-> aarq_pending = FALSE; + + %(DEFAULT_BODY)s + + +#.END + + +#.FN_BODY Associate-result + /* extension present: last param set to true. asn2wrs didn't take notice of that */ + offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, + 0U, 2U, NULL, TRUE); +#.END + +#.FN_BODY Release-request-reason + /* extension present: last param set to true. asn2wrs didn't take notice of that */ + offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, + 0U, 30U, NULL, TRUE); +#.END + +#.FN_BODY Release-response-reason + + /* extension present: last param set to true. asn2wrs didn't take notice of that */ + offset = dissect_per_constrained_integer( + tvb, + offset, + actx, + tree, + hf_index, + 0U, + 30U, + NULL, + TRUE); + +#.END + +#.FN_BODY Mechanism-name + + offset = dissect_per_object_identifier( + tvb, + offset, + actx, + tree, + hf_index, + NULL); + +#.END + +#.FN_BODY RDNSequence + + /* + * atn-ulcs.asn currently defines + * + * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + * RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF AttributeTypeAndValue + * AttributeTypeAndValue ::= SEQUENCE { null NULL} + * + * which makes it easy to spam the dissection tree with null items. Dissect + * the first item only. + */ + offset = dissect_per_constrained_sequence_of(tvb, offset, actx, tree, hf_index, + ett_atn_ulcs_RDNSequence, RDNSequence_sequence_of, + 1, 1, FALSE); + +#.END + +#.FN_BODY RelativeDistinguishedName + + /* + * Dissect the first null item only, similar to RDNSequence. + */ + offset = dissect_per_constrained_set_of(tvb, offset, actx, tree, hf_index, + ett_atn_ulcs_RelativeDistinguishedName, RelativeDistinguishedName_set_of, + 1, 1, FALSE); + +#.END + +#.FN_BODY EXTERNALt/data-value-descriptor + + offset = dissect_per_octet_string( + tvb, + offset, + actx, + tree, + hf_index, + -1, + -1, + FALSE, + &actx->external.data_value_descriptor); + actx->external.data_value_descr_present = TRUE; + +#.END + +#.FN_BODY EXTERNALt/encoding/single-ASN1-type + + %(DEFAULT_BODY)s + +#.END + +#.FN_BODY EXTERNALt/encoding/octet-aligned + + %(DEFAULT_BODY)s + +#.END + +#.FN_BODY EXTERNALt/encoding/arbitrary + tvbuff_t *tvb_usr = NULL; + packet_info * pinfo = actx->pinfo; + atn_conversation_t *atn_cv = NULL; + heur_dtbl_entry_t *hdtbl_entry; + + /* decode bit-string user data within ACSE */ + offset = dissect_per_bit_string( + tvb, + offset, + actx, + tree, hf_index, + NO_BOUND, + NO_BOUND, + FALSE, + NULL, + 0, + &tvb_usr, + NULL); + + if (tvb_usr) { + /* DT: dstref present, srcref is always zero */ + if((pinfo->clnp_dstref) && (!pinfo->clnp_srcref)){ + + atn_cv = find_atn_conversation( + &pinfo->dst, + pinfo->clnp_dstref, + &pinfo->src); + } + /* CR: srcref present, dstref always zero */ + if((pinfo->clnp_srcref) && (!pinfo->clnp_dstref)){ + + atn_cv = find_atn_conversation( + &pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst); + } + /* CC: srcref and dstref present */ + if((pinfo->clnp_srcref) && (pinfo->clnp_dstref)){ + + atn_cv = find_atn_conversation( + &pinfo->src, + pinfo->clnp_srcref, + &pinfo->dst); + } + + if(atn_cv) { + switch(atn_cv->ae_qualifier){ + case cma: /* contact management */ + + call_dissector_with_data( + atn_cm_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + case cpdlc: /* plain old cpdlc */ + case pmcpdlc: /* protected mode cpdlc */ + + call_dissector_with_data( + atn_cpdlc_handle, + tvb_new_subset_remaining(tvb_usr, 0), + pinfo, + root_tree, + NULL); + break; + default: /* unknown or unhandled datalink application */ + + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + &hdtbl_entry, + NULL); + break; + } + }else { + + dissector_try_heuristic( + atn_ulcs_heur_subdissector_list, + tvb_new_subset_remaining(tvb_usr,0), + actx->pinfo, + root_tree, + &hdtbl_entry, + NULL); + } + } + + offset += tvb_reported_length_remaining(tvb, offset); + +#.END + +# +# Editor modelines - https://www.wireshark.org/tools/modelines.html +# +# Local variables: +# c-basic-offset: 4 +# tab-width: 8 +# indent-tabs-mode: nil +# End: +# +# vi: set shiftwidth=4 tabstop=8 expandtab: +# :indentSize=4:tabSize=8:noTabs=true: +# diff --git a/epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.c b/epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.c new file mode 100644 index 00000000..18e32836 --- /dev/null +++ b/epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.c @@ -0,0 +1,891 @@ +/* packet-atn-ulcs.c + * By Mathias Guettler <guettler@web.de> + * Copyright 2013 + * + * Routines for ATN upper layer + * protocol packet disassembly + + * ATN upper layers are embedded within OSI Layer 4 (COTP). + * + * ATN upper layers contain: + * Session Layer (NUL protocol option) + * Presentation Layer (NUL protocol option) + * ATN upper Layer/Application (ACSE PDU or PDV-list PDU) + + * ATN applications protocols (i.e. CM or CPDLC) are contained within + * ACSE user-information or PDV presentation data. + + * details see: + * http://en.wikipedia.org/wiki/CPDLC + * http://members.optusnet.com.au/~cjr/introduction.htm + + * standards: + * http://legacy.icao.int/anb/panels/acp/repository.cfm + + * note: + * We are dealing with ATN/ULCS aka ICAO Doc 9705 Ed2 here + * (don't think there is an ULCS equivalent for "FANS-1/A "). + + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +/* + developer comments: +why not using existing ses, pres and acse dissectors ? + ATN upper layers are derived from OSI standards for session, + presentation and application but the encoding differs + (it's PER instead of BER encoding to save bandwith). + Session and presentation use the "null" encoding option, + meaning that they are only present at connection establishment + and ommitted otherwise. + Instead of adapting existing dissectors it seemed simpler and cleaner + to implement everything the new atn-ulcs dissector. + +why using conversations ? + PER encoded user data is ambigous; the same encoding may apply to a CM or + CPDLC PDU. The workaround is to decode on a transport connection basis. + I use my own version of conversations to identify + the transport connection the PDU belongs to for the standard functions + from "conversation.h" didn't work out. + +what is the use of AARQ/AARE data ? + Converstions should be maintained on the COTP layer in a standard way + for there are usually more packets available than in the layers above. + In the worst case my dissector is called from a DT packet which + has destination references but no source reference. + I have to guess the reference used the other way round + (curently I am using ACSE PDU'S used during OSI connection establishment for that). + The idea is that each ACSE AARQ is answered by ACSE AARE and having this sequence + I have all the source/destination references for this transport connection. + I use AARQ/AARE data to store the source/destination reference of AARQ as well + as the optional ae-qualifier which tells me the application and + the dissector I have to use. + This approach donesn't work well when there are interleaving AARQ/AARE sequences for + the same aircraft. + +which ATN standard is supported ? + The dissector has been tested with ICAO doc9705 Edition2 compliant traffic. + No ATN Secutity is supported. + note: + The ATN upper layers are derived from OSI standards (ICAO DOC 9705) + while ATN/IPS (ICAO DOC 9896) which is entirely based on IPV6. + +*/ + +/* + known defects/deficiencies: + +- user-information within AARE is sometines not decoded due to an unset flag + (the field is optional). As far as I can tell asn2wrs is right here, + but on the other hand I know that in all of this cases user-information + is present and is processed by the ATN end system. + Maybe a true ATN expert may help me out here. + + - The conversation handling is based on src/dst addresses as well as + source or destination references depending on the TP4 packet type. + This means that after some time these references get reused for + new conversations. This almost certain happens for traces longer + than one day rendering this dissector unsuitable for captures exceeding + this one day. + +*/ + +#include "config.h" + +#ifndef _MSC_VER +#include <stdint.h> +#endif + + +#include <epan/packet.h> +#include <epan/address.h> +#include <epan/conversation.h> +#include <epan/osi-utils.h> +#include "packet-ber.h" +#include "packet-per.h" +#include "packet-atn-ulcs.h" + +#define ATN_ACSE_PROTO "ICAO Doc9705 ULCS ACSE (ISO 8649/8650-1:1996)" +#define ATN_ULCS_PROTO "ICAO Doc9705 ULCS" + +void proto_register_atn_ulcs(void); +void proto_reg_handoff_atn_ulcs(void); + +static heur_dissector_list_t atn_ulcs_heur_subdissector_list; + +/* presentation subdissectors i.e. CM, CPDLC */ +static dissector_handle_t atn_cm_handle = NULL; +static dissector_handle_t atn_cpdlc_handle = NULL; + +static int proto_atn_ulcs = -1; +static guint32 ulcs_context_value = 0; +static const char *object_identifier_id; + +static wmem_tree_t *aarq_data_tree = NULL; +static wmem_tree_t *atn_conversation_tree = NULL; + + +static proto_tree *root_tree = NULL; + +/* forward declarations for functions generated from asn1 */ +static int dissect_atn_ulcs_T_externalt_encoding_single_asn1_type( + tvbuff_t *tvb _U_, + int offset _U_, + asn1_ctx_t *actx _U_, + proto_tree *tree _U_, + int hf_index + _U_); + +static int dissect_atn_ulcs_T_externalt_encoding_octet_aligned( + tvbuff_t *tvb _U_, + int offset _U_, + asn1_ctx_t *actx _U_, + proto_tree *tree _U_, + int hf_index _U_); + +static int dissect_atn_ulcs_T_externalt_encoding_arbitrary( + tvbuff_t *tvb _U_, + int offset _U_, + asn1_ctx_t *actx _U_, + proto_tree *tree _U_, + int hf_index _U_); + +static int dissect_ACSE_apdu_PDU( + tvbuff_t *tvb _U_, + packet_info *pinfo _U_, + proto_tree *tree _U_, + void *data _U_); + +guint32 dissect_per_object_descriptor_t( + tvbuff_t *tvb, + guint32 offset, + asn1_ctx_t *actx, + proto_tree *tree, + int hf_index, + tvbuff_t **value_tvb); + +static gint dissect_atn_ulcs( + tvbuff_t *tvb, + packet_info *pinfo, + proto_tree *tree, + void *data _U_); + +#include "packet-atn-ulcs-hf.c" + +#include "packet-atn-ulcs-ett.c" +static gint ett_atn_ulcs = -1; +static gint ett_atn_acse = -1; + +#include "packet-atn-ulcs-fn.c" + +#if 0 +/* re-implementing external data: packet-per.c */ +static const value_string per_External_encoding_vals[] = { +{ 0, "single-ASN1-type" }, +{ 1, "octet-aligned" }, +{ 2, "arbitrary" }, +{ 0, NULL } +}; + +/* re-implementing external data: packet-per.c */ +static const per_choice_t External_encoding_choice[] = +{ + { 0, + &hf_atn_ulcs_externalt_encoding_single_asn1_type, + ASN1_NO_EXTENSIONS, + dissect_atn_ulcs_T_externalt_encoding_single_asn1_type + }, + { 1, + &hf_atn_ulcs_externalt_encoding_octet_aligned, + ASN1_NO_EXTENSIONS, + dissect_atn_ulcs_T_externalt_encoding_octet_aligned + }, + { 2, + &hf_atn_ulcs_externalt_encoding_arbitrary, + ASN1_NO_EXTENSIONS, + dissect_atn_ulcs_T_externalt_encoding_arbitrary + }, + { 0, + NULL, + 0, + NULL + } +}; +#endif + +/* ATN Session layer */ +#define SES_PDU_TYPE_MASK 0xf8 +#define SES_PARAM_IND_MASK 0x04 +#define SES_PARAM_B2_MASK 0x02 +#define SES_PARAM_B1_MASK 0x01 + +static int hf_atn_ses_type = -1; +static int hf_atn_ses_param_ind = -1; +static int hf_atn_ses_param_b1 = -1; +static int hf_atn_ses_param_b2 = -1; + +static gint ett_atn_ses = -1; + +#define ATN_SES_PROTO "ICAO Doc9705 ULCS Session (ISO 8326/8327-1:1994)" + +const value_string atn_ses_param_ind[] = +{ + {0, "No Parameter Indication "}, + {1, "Parameter Indication "}, + {0, NULL } +}; + +const value_string srf_b2[] = +{ + {0, "Transport Connection is kept"}, + {1, "Transport Connection is released" }, + {0, NULL } +}; + +const value_string srf_b1[] = +{ + {0, "Transport Connection is transient"}, + {1, "Transport Connection is persistent"}, + {0, NULL } +}; + +#define SES_ATN_SCN 0xe8 +#define SES_ATN_SCNC 0xf8 +#define SES_ATN_SAC 0xf0 +#define SES_ATN_SACC 0xd8 +#define SES_ATN_SRF 0xe0 +#define SES_ATN_SRFC 0xa0 + +const value_string atn_ses_type[] = +{ + { 0x1d, "Short Connect (SCN) SPDU" }, + { 0x1f, "Short Connect Accept (SAC) SPDU" }, + { 0x1e, "Short Connect Accept Continue (SACC) SPDU" }, + { 0x1c, "Short Refuse (SRF) SPDU" }, + { 0x14, "Short Refuse Continue (SRFC) SPDU" }, + {0, NULL } +}; + +/* ATN Presentation layer */ +#define ATN_PRES_PROTO "ICAO Doc9705 ULCS Presentation (ISO 8822/8823-1:1994)" + +static int hf_atn_pres_err = -1; +static int hf_atn_pres_pdu_type = -1; +static gint ett_atn_pres = -1; + +#define ATN_SES_PRES_MASK 0xf803 +#define PRES_CPR_ER_MASK 0x70 + +/* type determined by SPDU and PPDU */ +const value_string atn_pres_vals[] = +{ + { 0xe802, "Short Presentation Connect PPDU (CP) " }, + { 0xf802, "Short Presentation Connect PPDU (CP) " }, + { 0xf002, "Short Presentation Connect Accept PPDU (CPA)" }, + { 0xd802, "Short Presentation Connect Accept PPDU (CPA)" }, + { 0xe002, "Short Presentation Connect Reject PPDU (CPR)" }, + { 0xa002, "Short Presentation Connect Reject PPDU (CPR)" }, + {0, NULL } +}; + +/* Short Presentation Connect Reject PPDU's 0yyy 00zz */ +const value_string atn_pres_err[] = +{ + { 0x00, "Presentation-user" }, + { 0x01, "Reason not specified (transient)"}, + { 0x02, "Temporary congestion (transient)"}, + { 0x03, "Local limit exceeded (transient)"}, + { 0x04, "Called presentation-address unknown (permanent)"}, + { 0x05, "Protocol version not supported (permanent)"}, + { 0x06, "Default context not supported (permanent)"}, + { 0x07, "User data not readable (permanent)"}, + { 0, NULL } +}; + +#if 0 +/* re-implementing external data: packet-per.c */ +static int atn_ulcs_Externalt_encoding( + tvbuff_t *tvb _U_, + int offset _U_, + asn1_ctx_t *actx _U_, + proto_tree *tree _U_, + int hf_index _U_) +{ + offset = dissect_per_choice( + tvb, + offset, + actx, + tree, + hf_index, + ett_atn_ulcs_EXTERNALt, + External_encoding_choice, + &actx->external.encoding); + + return offset; +} + +/* re-implementing external data: packet-per.c */ +static guint32 atn_per_external_type( + tvbuff_t *tvb _U_, + guint32 offset, + asn1_ctx_t *actx, + proto_tree *tree _U_, + int hf_index _U_, + per_type_fn type_cb) +{ + memset(&actx->external, '\0', sizeof(actx->external)); + actx->external.hf_index = -1; + actx->external.encoding = -1; + + actx->external.u.per.type_cb = type_cb; + offset = atn_ulcs_Externalt_encoding( + tvb, + offset, + actx, + tree, + hf_index); + + memset( + &actx->external, + '\0', + sizeof(actx->external)); + + actx->external.hf_index = -1; + actx->external.encoding = -1; + + return offset; +} +#endif + +/* determine 24-bit aircraft address(ARS) */ +/* from 20-byte ATN NSAP. */ +guint32 get_aircraft_24_bit_address_from_nsap( + packet_info *pinfo) +{ + const guint8* addr = NULL; + guint32 ars =0; + guint32 adr_prefix =0; + + /* check NSAP address type*/ + if( (pinfo->src.type != get_osi_address_type()) || + (pinfo->dst.type != get_osi_address_type())) { + return ars; } + + /* 20 octets address length required */ + /* for ATN */ + if( (pinfo->src.len != 20) || + (pinfo->dst.len != 20)) { + return ars; } + + /* first try source address */ + /* if the src address originates */ + /* from an aircraft it's downlink */ + + /* convert addr into 32-bit integer */ + addr = (const guint8 *)pinfo->src.data; + adr_prefix = + ((addr[0]<<24) | + (addr[1]<<16) | + (addr[2]<<8) | + addr[3] ); + + /* according to ICAO doc9507 Ed2 SV5 */ + /* clause 5.4.3.8.1.5 and 5.4.3.8.1.3 */ + /* mobile addresses contain "c1" of "41" */ + /* in the VER subfield of the NSAP */ + if((adr_prefix == 0x470027c1) || + (adr_prefix == 0x47002741)) { + /* ICAO doc9507 Ed2 SV5 5.4.3.8.4.4 */ + /* states that the ARS subfield containes */ + /* the 24-bitaddress of the aircraft */ + ars = ((addr[8])<<16) | + ((addr[9])<<8) | + (addr[10]); + } + + /* try destination address */ + /* if the src address originates */ + /* from an aircraft it's downlink */ + + /* convert addr into 32-bit integer */ + addr = (const guint8 *)pinfo->dst.data; + adr_prefix = ((addr[0]<<24) | + (addr[1]<<16) | + (addr[2]<<8) | + addr[3] ); + + /* according to ICAO doc9507 Ed2 SV5 */ + /* clause 5.4.3.8.1.5 and 5.4.3.8.1.3 */ + /* mobile addresses contain "c1" of "41" */ + /* in the VER subfield of the NSAP */ + if((adr_prefix == 0x470027c1) || + (adr_prefix == 0x47002741)) { + /* ICAO doc9507 Ed2 SV5 5.4.3.8.4.4 */ + /* states that the ARS subfield containes */ + /* the 24-bitaddress of the aircraft */ + ars = ((addr[8])<<16) | + ((addr[9])<<8) | + (addr[10]); + } + return ars; +} + +/* determine whether a PDU is uplink or downlink */ +/* by checking for known aircraft address prefices*/ +int check_heur_msg_type(packet_info *pinfo _U_) +{ + int t = no_msg; + const guint8* addr = NULL; + guint32 adr_prefix =0; + + /* check NSAP address type*/ + if( (pinfo->src.type != get_osi_address_type()) || (pinfo->dst.type != get_osi_address_type())) { + return t; } + + /* check NSAP address length; 20 octets address length required */ + if( (pinfo->src.len != 20) || (pinfo->dst.len != 20)) { + return t; } + + addr = (const guint8 *)pinfo->src.data; + + /* convert address to 32-bit integer */ + adr_prefix = ((addr[0]<<24) | (addr[1]<<16) | (addr[2]<<8) | addr[3] ); + + /* According to the published ATN NSAP adddressing scheme */ + /* in ICAO doc9705 Ed2 SV5 5.4.3.8.1.3 and 5.4.3.8.1.5 */ + /* the "VER" field shall be 0x41 ("all Mobile AINSC") or */ + /* 0xc1 ("all Mobile ATSC") for mobile stations (aka aircraft).*/ + if((adr_prefix == 0x470027c1) || (adr_prefix == 0x47002741)) { + t = dm; /* source is an aircraft: it's a downlink PDU */ + } + + addr = (const guint8 *)pinfo->dst.data; + + /* convert address to 32-bit integer */ + adr_prefix = ((addr[0]<<24) | (addr[1]<<16) | (addr[2]<<8) | addr[3] ); + + /* According to the published ATN NSAP adddressing scheme */ + /* in ICAO doc9705 Ed2 SV5 5.4.3.8.1.3 and 5.4.3.8.1.5 */ + /* the "VER" field shall be 0x41 ("all Mobile AINSC") or */ + /* 0xc1 ("all Mobile ATSC") for mobile stations (aka aircraft).*/ + if((adr_prefix == 0x470027c1) || (adr_prefix == 0x47002741)) { + t = um; /* destination is aircraft: uplink PDU */ + } + + return t; +} + +/* conversation may be used by other dissectors */ +wmem_tree_t *get_atn_conversation_tree(void){ + return atn_conversation_tree; +} + + +/* find a atn conversation tree node by an endpoint */ +/* an endpoint is identified by atn src and dst addresses */ +/* and srcref or dstref (depends on the transport packet type) */ +/* IMHO it's a hack - conversations should be maintained */ +/* at transport layer (cotp) but this isn't working yet. */ +atn_conversation_t * find_atn_conversation( + address *address1, + guint16 clnp_ref1, + address *address2 ) +{ + atn_conversation_t *cv = NULL; + guint32 key = 0; + guint32 tmp = 0; + + tmp = add_address_to_hash( tmp, address1); + key = (tmp << 16) | clnp_ref1 ; + + tmp = add_address_to_hash( tmp, address2); + key = (tmp << 24) | key ; + + /* search for atn conversation */ + cv = (atn_conversation_t *) + wmem_tree_lookup32(get_atn_conversation_tree(),key); + + return cv; +} + +/* create a atn conversation tree node */ +/* conversation data is to be allocated externally */ +/* a conversation may be referenced from both endpoints */ +atn_conversation_t * create_atn_conversation( + address *address1, + guint16 clnp_ref1, + address *address2, + atn_conversation_t *conversation) +{ + atn_conversation_t *cv = NULL; + guint32 key = 0; + guint32 tmp = 0; + + tmp = add_address_to_hash( tmp, address1); + key = (tmp << 16) | clnp_ref1 ; + + tmp = add_address_to_hash( tmp, address2); + key = (tmp << 24) | key ; + + /* search for aircraft entry */ + cv = (atn_conversation_t *) + wmem_tree_lookup32( + get_atn_conversation_tree(), + key); + + /* tree node already present */ + if(cv) { + return NULL; } + + /* insert conversation data in tree*/ + wmem_tree_insert32( + get_atn_conversation_tree(), + key, + (void*)conversation); + + return conversation; +} + +static int +dissect_atn_ulcs( + tvbuff_t *tvb, + packet_info *pinfo, + proto_tree *tree, + void *data _U_) +{ + int offset = 0; + proto_item *ti = NULL; + proto_tree *atn_ulcs_tree = NULL; + guint8 value_pres = 0; + guint8 value_ses = 0; + guint16 value_ses_pres = 0; + + root_tree = tree; + + /* data pointer */ + /* decode as PDV-list */ + if ( (int)(intptr_t) data == FALSE ) + { + ti = proto_tree_add_item( + tree, + proto_atn_ulcs, + tvb, + 0, + 0 , + ENC_NA); + + atn_ulcs_tree = proto_item_add_subtree( + ti, + ett_atn_ulcs); + + dissect_Fully_encoded_data_PDU( + tvb, + pinfo, + atn_ulcs_tree, NULL); + + return offset + + tvb_reported_length_remaining(tvb, offset ) ; + } + + /* decode as SPDU, PPDU and ACSE PDU */ + if ( (int)(intptr_t) data == TRUE ) + { + /* get session and presentation PDU's */ + value_ses_pres = tvb_get_ntohs(tvb, offset); + + /* SPDU: dissect session layer */ + atn_ulcs_tree = proto_tree_add_subtree( + tree, tvb, offset, 0, + ett_atn_ses, NULL, ATN_SES_PROTO ); + + /* get SPDU (1 octet) */ + value_ses = tvb_get_guint8(tvb, offset); + + /* SPDU type/identifier */ + proto_tree_add_item(atn_ulcs_tree, + hf_atn_ses_type, + tvb, + offset, + 1, + ENC_BIG_ENDIAN ); + + /* SPDU parameters may be present in Short Refuse */ + /* or Short Refuse Continue SPDU's */ + switch(value_ses & SES_PDU_TYPE_MASK){ + case SES_ATN_SRF: + case SES_ATN_SRFC: + + /* SPDU parameter presence */ + proto_tree_add_item(atn_ulcs_tree, + hf_atn_ses_param_ind, + tvb, + offset, + 1, + ENC_BIG_ENDIAN ); + + /* parameter B2 */ + proto_tree_add_item(atn_ulcs_tree, + hf_atn_ses_param_b2, + tvb, + offset, + 1, + ENC_BIG_ENDIAN ); + + /* parameter B1 */ + proto_tree_add_item(atn_ulcs_tree, + hf_atn_ses_param_b1, + tvb, + offset, + 1, + ENC_BIG_ENDIAN ); + + break; + default: + break; + } + offset++; + + /* PPDU: dissect presentation layer */ + atn_ulcs_tree = proto_tree_add_subtree( + tree, tvb, offset, 0, + ett_atn_pres, NULL, ATN_PRES_PROTO ); + + value_pres = tvb_get_guint8(tvb, offset); + + /* need session context to identify PPDU type */ + /* note: */ + proto_tree_add_uint_format(atn_ulcs_tree, hf_atn_pres_pdu_type, + tvb, + offset, + 1, + value_ses_pres, + "%s (0x%02x)", + val_to_str_const( value_ses_pres & ATN_SES_PRES_MASK, atn_pres_vals, "?"), + value_pres); + + /* PPDU errorcode in case of SRF/CPR */ + switch(value_ses & SES_PDU_TYPE_MASK){ + case SES_ATN_SRF: + case SES_ATN_SRFC: + proto_tree_add_item( + atn_ulcs_tree, + hf_atn_pres_err, + tvb, + offset, + 1, + ENC_BIG_ENDIAN ); + break; + default: + break; + } + + offset++; + + /* ACSE PDU: dissect application layer */ + atn_ulcs_tree = proto_tree_add_subtree( + tree, tvb, offset, 0, + ett_atn_acse, NULL, ATN_ACSE_PROTO ); + + dissect_ACSE_apdu_PDU( + tvb_new_subset_remaining(tvb, offset), + pinfo, + atn_ulcs_tree, NULL); + + return offset + + tvb_reported_length_remaining(tvb, offset ); + } + return offset; +} + +static gboolean dissect_atn_ulcs_heur( + tvbuff_t *tvb, + packet_info *pinfo, + proto_tree *tree, + void *data _U_) +{ + /* do we have enough data*/ + /* at least session + presentation data or pdv-list */ + if (tvb_captured_length(tvb) < 2){ + return FALSE; } + + /* check for session/presentation/ACSE PDU's */ + /* SPDU and PPDU are one octet each */ + switch( tvb_get_ntohs(tvb, 0) & 0xf8ff ){ + case 0xe802: /* SCN + CP*/ + case 0xf802: /* SCNC + CP */ + case 0xf002: /* SAC + CPA */ + case 0xd802: /* SACC + CPA */ + case 0xe002: /* SRF + CPR + R0 */ + case 0xe012: /* SRF + CPR + R1 */ + case 0xe022: /* SRF + CPR + R2 */ + case 0xe032: /* SRF + CPR + R3 */ + case 0xe042: /* SRF + CPR + R4 */ + case 0xe052: /* SRF + CPR + R5 */ + case 0xe062: /* SRF + CPR + R6 */ + case 0xe072: /* SRF + CPR + R7 */ + case 0xa002: /* SRFC + CPR + R0*/ + case 0xa012: /* SRFC + CPR + R1*/ + case 0xa022: /* SRFC + CPR + R2*/ + case 0xa032: /* SRFC + CPR + R3*/ + case 0xa042: /* SRFC + CPR + R4*/ + case 0xa052: /* SRFC + CPR + R5*/ + case 0xa062: /* SRFC + CPR + R6*/ + case 0xa072: /* SRFC + CPR + R7*/ + /* indicate to dissector routine */ + /* that a least SPDU, PPDU and */ + /* ACSE PDU is present */ + dissect_atn_ulcs( + tvb, + pinfo, + tree, + (void*) TRUE); + return TRUE; + default: /* no SPDU */ + break; + } + + /* try to detect "Fully-encoded-data" heuristically */ + /* the constants listed match the ASN.1 PER encoding */ + /* of PDV-List */ + switch( tvb_get_ntohs(tvb, 0) & 0xfff0 ){ + case 0x0020: /* acse-apdu */ + case 0x00a0: /* user-ase-apdu */ + /* indicate to dissector routine */ + /* that a PDV-list PDU is present */ + /* */ + /* PDV-list PDU may contain */ + /* application protocol data (CM, CPDLC) */ + /* or an ACSE PDU */ + dissect_atn_ulcs(tvb, pinfo, tree, (void*) FALSE); + return TRUE; + break; + default: /* no or unsupported PDU */ + break; + } + return FALSE; +} + +void proto_register_atn_ulcs (void) +{ + static hf_register_info hf_atn_ulcs[] = { + #include "packet-atn-ulcs-hfarr.c" + {&hf_atn_ses_type, + { "SPDU Type", + "atn-ulcs.ses.type", + FT_UINT8, + BASE_HEX, + VALS(atn_ses_type), + 0xf8, + "Indicates presence of session parameters", + HFILL}}, + {&hf_atn_ses_param_ind, + { "SPDU Parameter Indication", + "atn-ulcs.ses.parameter-indication", + FT_UINT8, + BASE_HEX, + VALS(atn_ses_param_ind), + SES_PARAM_IND_MASK, + "Indicates presence of session parameters", + HFILL}}, + {&hf_atn_ses_param_b1, + { "SRF Parameter B1", + "atn-ulcs.ses.srf-b1", + FT_UINT8, + BASE_HEX, + VALS(srf_b1), + 0x01, + "Determines if transport connection reject is transient or persistent", + HFILL}}, + {&hf_atn_ses_param_b2, + { "SRF Parameter B2", + "atn-ulcs.ses.srf-b2", + FT_UINT8, + BASE_HEX, + VALS(srf_b2), + 0x02, + "Determines if transport connection is retained or released", + HFILL}}, + { &hf_atn_pres_err, + { "Error Code", "atn-ulcs.pres.cpr-error", + FT_UINT8, + BASE_HEX, + VALS(atn_pres_err), + PRES_CPR_ER_MASK, + NULL, + HFILL}}, + { &hf_atn_pres_pdu_type, + { "PDU type", "atn-ulcs.pres.pdu_type", + FT_UINT16, + BASE_HEX, + NULL, + ATN_SES_PRES_MASK, + NULL, + HFILL}}, + }; + + static gint *ett[] = { + #include "packet-atn-ulcs-ettarr.c" + &ett_atn_ses, + &ett_atn_pres, + &ett_atn_acse, + &ett_atn_ulcs + }; + + proto_atn_ulcs = proto_register_protocol ( + ATN_ULCS_PROTO , + "ATN-ULCS", + "atn-ulcs"); + + proto_register_field_array ( + proto_atn_ulcs, + hf_atn_ulcs, + array_length(hf_atn_ulcs)); + + proto_register_subtree_array ( + ett, + array_length (ett)); + + register_dissector( + "atn-ulcs", + dissect_atn_ulcs, + proto_atn_ulcs); + + /* initiate sub dissector list */ + atn_ulcs_heur_subdissector_list = register_heur_dissector_list("atn-ulcs", proto_atn_ulcs); + + /* init aare/aare data */ + aarq_data_tree = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); + + atn_conversation_tree = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); +} + +void proto_reg_handoff_atn_ulcs(void) +{ + atn_cm_handle = find_dissector_add_dependency("atn-cm", proto_atn_ulcs); + atn_cpdlc_handle = find_dissector_add_dependency("atn-cpdlc", proto_atn_ulcs); + + /* add session dissector to cotp dissector list dissector list*/ + heur_dissector_add( + "cotp", + dissect_atn_ulcs_heur, + "ATN-ULCS over COTP", + "atn-ucls_cotp", + proto_atn_ulcs, HEURISTIC_ENABLE); +} + +/* + * Editor modelines - https://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * vi: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ diff --git a/epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.h b/epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.h new file mode 100644 index 00000000..872403f8 --- /dev/null +++ b/epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.h @@ -0,0 +1,81 @@ +/* packet-atn-ulcs.h + * Definitions for atn packet disassembly structures and routines + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ +#ifndef PACKET_ATN_ULCS_H +#define PACKET_ATN_ULCS_H + +#include "packet.h" + +#include <epan/wmem_scopes.h> + +enum msg_type { + um, + dm, + no_msg +}; + +enum ae_qualifier { + ads = 0, + cma =1, /* contact management (CM) */ + cpdlc = 2, /* "plain old" CPDLC */ + ati = 3 , + arf =10 , + met =11, + gac =12, + pmcpdlc =22, /* "protected mode" CPDLC */ + unknown = -1 +}; + +typedef struct atn_conversation_t { + gint ae_qualifier; /* A/G application type */ +} atn_conversation_t; + +atn_conversation_t * create_atn_conversation( + address*, + guint16, + address*, + atn_conversation_t*); + +atn_conversation_t * find_atn_conversation( + address*, + guint16, + address*); + +/* struct for conversation data reconstruction used in AARQ and AARE */ +/* if transport data is larger than 32 octets AARQ/AARE is contained */ +/* within DT frames which have only dest_ref, but no src_ref */ +/* if AARQ/AARQ is contained within CR/CC only src_ref is present in CR */ +/* while CC provides src_ref and dstref */ +typedef struct aarq_data_t { + gboolean aarq_pending; /* flag tells whether AARQ/sequence is pending (true) */ + /* required not to mix up different AARQ/AARE sequences */ + /* during simoultanous establishment of transport connections */ + /* i.e. GND facility initialises cpcstart and cmcontact at the same time */ + atn_conversation_t* cv; /* pointer to AARQ conversation */ +} aarq_data_t; + +wmem_tree_t *get_atn_conversation_tree(void); + +guint32 get_aircraft_24_bit_address_from_nsap(packet_info *); +int check_heur_msg_type(packet_info *); + +#endif + +/* + * Editor modelines - https://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * vi: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ |