sre
/
isi-wireshark-plugin
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update SIM

master
Tyson Key 2011-01-16 00:05:57 +01:00 committed by Sebastian Reichel
parent 50695f39d4
commit baad7c6b3a
1 changed files with 136 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
src/isi-sim.c
View File

@ -24,9 +24,13 @@
#include <epan/prefs.h>
#include <epan/packet.h>
#include <epan/dissectors/packet-e212.h>
#include <epan/bitswap.h>
#include "packet-isi.h"
#include "isi-sim.h"
static const value_string isi_sim_message_id[] = {
{0x19, "SIM_NETWORK_INFO_REQ"},
{0x1A, "SIM_NETWORK_INFO_RESP"},
@ -136,16 +140,22 @@ static const value_string isi_sim_cause[] = {
{0x4D, "SIM_SERV_FILE_NOT_AVAILABLE"}
};
static const value_string isi_sim_hlpmn_countries[] = {
{0x32F4, "United Kingdom (234)"}
static const value_string isi_sim_pb_subblock[] = {
{0xE4, "SIM_PB_INFO_REQUEST"},
{0xFB, "SIM_PB_STATUS"},
{0xFE, "SIM_PB_LOCATION"},
{0xFF, "SIM_PB_LOCATION_SEARCH"},
};
static const value_string isi_sim_hlpmn_operators[] = {
{0x01, "O2 - UK (10)"},
{0x02, "3 UK (20)"},
{0x33, "Orange UK (33)"},
static const value_string isi_sim_pb_type[] = {
{0xC8, "SIM_PB_ADN"},
};
static const value_string isi_sim_pb_tag[] = {
{0xCA, "SIM_PB_ANR"},
{0xDD, "SIM_PB_EMAIL"},
{0xF7, "SIM_PB_SNE"},
};
static dissector_handle_t isi_sim_handle;
static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *tree);
@ -154,8 +164,23 @@ static guint32 hf_isi_sim_message_id = -1;
static guint32 hf_isi_sim_service_type = -1;
static guint32 hf_isi_sim_cause = -1;
static guint32 hf_isi_sim_secondary_cause = -1;
static guint32 hf_isi_sim_hlpmn_countries = -1;
static guint32 hf_isi_sim_hlpmn_operators = -1;
static int hf_isi_sim_subblock_count = -1;
static int hf_isi_sim_subblock_size = -1;
static guint32 hf_isi_sim_pb_subblock = -1;
static guint32 hf_isi_sim_pb_type = -1;
static guint32 hf_isi_sim_pb_location = -1;
static guint32 hf_isi_sim_pb_tag_count = -1;
static guint32 hf_isi_sim_pb_tag = -1;
/* static int hf_isi_sim_imsi_byte_1 = -1;
static int hf_isi_sim_imsi_byte_2 = -1; */
tvbuff_t *next_tvb;
int reported_length, available_length;
static int hf_isi_sim_imsi_length = -1;
void proto_reg_handoff_isi_sim(void) {
static gboolean initialized=FALSE;
@ -176,11 +201,24 @@ void proto_register_isi_sim(void) {
{ "Cause", "isi.sim.cause", FT_UINT8, BASE_HEX, isi_sim_cause, 0x0, "Cause", HFILL }},
{ &hf_isi_sim_secondary_cause,
{ "Secondary Cause", "isi.sim.secondary_cause", FT_UINT8, BASE_HEX, isi_sim_cause, 0x0, "Secondary Cause", HFILL }},
{ &hf_isi_sim_hlpmn_countries,
{ "Country", "isi.sim.hlpmn_country", FT_UINT16, BASE_HEX, isi_sim_hlpmn_countries, 0x0, "Country", HFILL }},
{ &hf_isi_sim_hlpmn_operators,
{ "Operator", "isi.sim.hlpmn_operator", FT_UINT8, BASE_HEX, isi_sim_hlpmn_operators, 0x0, "Operator", HFILL }}
{&hf_isi_sim_subblock_count,
{ "Subblock Count", "isi.sim.subblock_count", FT_UINT8, BASE_DEC, NULL, 0x0, "Subblock Count", HFILL }},
{&hf_isi_sim_subblock_size,
{ "Subblock Size", "isi.sim.subblock_size", FT_UINT8, BASE_DEC, NULL, 0x0, "Subblock Size", HFILL }},
{ &hf_isi_sim_pb_subblock,
{ "Subblock", "isi.sim.pb.subblock", FT_UINT8, BASE_HEX, isi_sim_pb_subblock, 0x0, "Subblock", HFILL }},
{ &hf_isi_sim_pb_type,
{ "Phonebook Type", "isi.sim.pb.type", FT_UINT8, BASE_HEX, isi_sim_pb_type, 0x0, "Phonebook Type", HFILL }},
{&hf_isi_sim_pb_location,
{ "Phonebook Location", "isi.sim.pb.location", FT_UINT8, BASE_DEC, NULL, 0x0, "Phonebook Location", HFILL }},
{&hf_isi_sim_pb_tag_count,
{ "Tag Count", "isi.sim.pb.tag.count", FT_UINT8, BASE_DEC, NULL, 0x0, "Tag Count", HFILL }},
{ &hf_isi_sim_pb_tag,
{ "Phonebook Item Type", "isi.sim.pb.tag", FT_UINT8, BASE_HEX, isi_sim_pb_tag, 0x0, "Phonebook Item Type", HFILL }},
/* {&hf_isi_sim_imsi_byte_1,
{ "IMSI Byte 1", "isi.sim.imsi.byte1", FT_UINT16, BASE_HEX, NULL, 0xF0, NULL, HFILL }},*/
{&hf_isi_sim_imsi_length,
{ "IMSI Length", "isi.sim.imsi.length", FT_UINT8, BASE_DEC, NULL, 0, NULL, HFILL }},
};
proto_register_field_array(proto_isi, hf, array_length(hf));
@ -221,9 +259,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
code = tvb_get_guint8(tvb, 1);
switch(code) {
case 0x2F:
proto_tree_add_item(tree, hf_isi_sim_hlpmn_countries, tvb, 3, 2, FALSE);
proto_tree_add_item(tree, hf_isi_sim_hlpmn_operators, tvb, 5, 1, FALSE);
dissect_e212_mcc_mnc(tvb, pinfo, tree, 3, 1);
col_set_str(pinfo->cinfo, COL_INFO, "Network Information Response: Home PLMN");
break;
default:
@ -231,7 +267,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0x1D: /* SIM_IMSI_REQ_READ_IMSI */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
@ -243,15 +279,61 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
case 0x1E: /* SIM_IMSI_RESP_READ_IMSI */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
/* If properly decoded, an IMSI should look like 234 100 733569423 in split Base10
0000 1e 2d 01 08 | 29 43 01 | 70 33 65 49 32
92 34 10 | 07 33 56 94 23
Switch 0x29 to produce 0x92
AND 0x92 with 0xF0 to strip the leading 9
Switch 0x43 to produce 0x34
Concatenate 0x02 and 0x34 to produce 0x02 34 - which is our MCC for the UK
Switch 0x01 to produce 0x10 - first byte of the MNC
Switch 0x70 to produce 0x07 - second bit of the MNC, and first bit of the MSIN
Remainder of MSIN follows:
Switch 0x33 to produce 0x33
Switch 0x65 to produce 0x56
Switch 0x49 to produce 0x94
Switch 0x32 to produce 0x23
When regrouped, we should have something that looks like 0x02|0x34|0x10|0x07|0x33|0x56|0x94|0x23
Can we use the E212 dissector?
No, it appears that the current version of the dissector is hard-coded in a way that ignores all of our set-up work. :(
*/
code = tvb_get_guint8(tvb, 1);
switch(code) {
default:
proto_tree_add_item(tree, hf_isi_sim_imsi_length, tvb, 3, 1, FALSE);
/*
next_tvb = tvb_new_subset(tvb, 0, -1, -1);
proto_tree_add_item(tree, hf_isi_sim_imsi_byte_1, next_tvb, 4, 1, ENC_LITTLE_ENDIAN);
dissect_e212_mcc_mnc(next_tvb, pinfo, tree, 4, FALSE );
proto_tree_add_item(tree, hf_E212_msin, tvb, 2, 7, FALSE);
*/
col_set_str(pinfo->cinfo, COL_INFO, "Read IMSI Response");
break;
}
break;
case 0x21: /* SIM_SERV_PROV_NAME_REQ */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
@ -261,7 +343,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0x22: /* SIM_SERV_PROV_NAME_RESP */
code = tvb_get_guint8(tvb, 1);
switch(code) {
@ -275,7 +357,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0xBA: /* SIM_READ_FIELD_REQ */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
@ -288,7 +370,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0xBB: /* SIM_READ_FIELD_RESP */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
@ -302,7 +384,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0xBC: /* SIM_SMS_REQ */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
@ -312,7 +394,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0xBD: /* SIM_SMS_RESP */
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
@ -324,7 +406,35 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
case 0xDC: /* SIM_PB_REQ_SIM_PB_READ */
/* A phonebook record in a typical O2 UK SIM card issued in 2009 can hold:
* A name encoded in UTF-16/UCS-2 - up to 18 (or 15 double-byte/accented) characters can be entered on an S60 device
* Up to 2 telephone numbers - up to 2 * 20 (or 40-1 field) characters can be entered on an S60 device
* An e-mail address encoded in UTF-16/UCS-2 - up to 40 characters can be entered on an S60 device
Up to 250 of these records can be stored, and 9 of them are pre-populated on a brand new card.
*/
proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_subblock_count, tvb, 2, 2, ENC_LITTLE_ENDIAN);
proto_tree_add_item(tree, hf_isi_sim_pb_subblock, tvb, 4, 1, FALSE);
//Should probably be 8, and not 2048... Officially starts/ends at 5/3, I think.
proto_tree_add_item(tree, hf_isi_sim_subblock_size, tvb, 6, 2, ENC_LITTLE_ENDIAN);
proto_tree_add_item(tree, hf_isi_sim_pb_type, tvb, 8, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_pb_location, tvb, 9, 2, FALSE);
proto_tree_add_item(tree, hf_isi_sim_pb_subblock, tvb, 12, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_subblock_count, tvb, 13, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(tree, hf_isi_sim_pb_tag_count, tvb, 15, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_pb_type, tvb, 18, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_pb_tag, tvb, 20, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_pb_tag, tvb, 22, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_pb_tag, tvb, 24, 1, FALSE);
code = tvb_get_guint8(tvb, 1);
switch(code) {
default:
@ -342,7 +452,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0xEF: /* SIM_IND */
code = tvb_get_guint8(tvb, 1);
switch(code) {
@ -351,7 +461,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
case 0xF0: /* SIM_COMMON_MESSAGE */
proto_tree_add_item(tree, hf_isi_sim_cause, tvb, 1, 1, FALSE);
proto_tree_add_item(tree, hf_isi_sim_secondary_cause, tvb, 2, 1, FALSE);
@ -368,7 +478,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr
break;
}
break;
default:
col_set_str(pinfo->cinfo, COL_INFO, "Unknown type");
break;