diff --git a/src/isi-sim.c b/src/isi-sim.c index 2294b70..c88fee2 100644 --- a/src/isi-sim.c +++ b/src/isi-sim.c @@ -24,9 +24,13 @@ #include #include +#include +#include + #include "packet-isi.h" #include "isi-sim.h" + static const value_string isi_sim_message_id[] = { {0x19, "SIM_NETWORK_INFO_REQ"}, {0x1A, "SIM_NETWORK_INFO_RESP"}, @@ -136,16 +140,22 @@ static const value_string isi_sim_cause[] = { {0x4D, "SIM_SERV_FILE_NOT_AVAILABLE"} }; -static const value_string isi_sim_hlpmn_countries[] = { - {0x32F4, "United Kingdom (234)"} +static const value_string isi_sim_pb_subblock[] = { + {0xE4, "SIM_PB_INFO_REQUEST"}, + {0xFB, "SIM_PB_STATUS"}, + {0xFE, "SIM_PB_LOCATION"}, + {0xFF, "SIM_PB_LOCATION_SEARCH"}, }; -static const value_string isi_sim_hlpmn_operators[] = { - {0x01, "O2 - UK (10)"}, - {0x02, "3 UK (20)"}, - {0x33, "Orange UK (33)"}, +static const value_string isi_sim_pb_type[] = { + {0xC8, "SIM_PB_ADN"}, }; +static const value_string isi_sim_pb_tag[] = { + {0xCA, "SIM_PB_ANR"}, + {0xDD, "SIM_PB_EMAIL"}, + {0xF7, "SIM_PB_SNE"}, +}; static dissector_handle_t isi_sim_handle; static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *tree); @@ -154,8 +164,23 @@ static guint32 hf_isi_sim_message_id = -1; static guint32 hf_isi_sim_service_type = -1; static guint32 hf_isi_sim_cause = -1; static guint32 hf_isi_sim_secondary_cause = -1; -static guint32 hf_isi_sim_hlpmn_countries = -1; -static guint32 hf_isi_sim_hlpmn_operators = -1; + +static int hf_isi_sim_subblock_count = -1; +static int hf_isi_sim_subblock_size = -1; + +static guint32 hf_isi_sim_pb_subblock = -1; +static guint32 hf_isi_sim_pb_type = -1; +static guint32 hf_isi_sim_pb_location = -1; +static guint32 hf_isi_sim_pb_tag_count = -1; +static guint32 hf_isi_sim_pb_tag = -1; + +/* static int hf_isi_sim_imsi_byte_1 = -1; +static int hf_isi_sim_imsi_byte_2 = -1; */ + +tvbuff_t *next_tvb; +int reported_length, available_length; + +static int hf_isi_sim_imsi_length = -1; void proto_reg_handoff_isi_sim(void) { static gboolean initialized=FALSE; @@ -176,11 +201,24 @@ void proto_register_isi_sim(void) { { "Cause", "isi.sim.cause", FT_UINT8, BASE_HEX, isi_sim_cause, 0x0, "Cause", HFILL }}, { &hf_isi_sim_secondary_cause, { "Secondary Cause", "isi.sim.secondary_cause", FT_UINT8, BASE_HEX, isi_sim_cause, 0x0, "Secondary Cause", HFILL }}, - { &hf_isi_sim_hlpmn_countries, - { "Country", "isi.sim.hlpmn_country", FT_UINT16, BASE_HEX, isi_sim_hlpmn_countries, 0x0, "Country", HFILL }}, - { &hf_isi_sim_hlpmn_operators, - { "Operator", "isi.sim.hlpmn_operator", FT_UINT8, BASE_HEX, isi_sim_hlpmn_operators, 0x0, "Operator", HFILL }} - + {&hf_isi_sim_subblock_count, + { "Subblock Count", "isi.sim.subblock_count", FT_UINT8, BASE_DEC, NULL, 0x0, "Subblock Count", HFILL }}, + {&hf_isi_sim_subblock_size, + { "Subblock Size", "isi.sim.subblock_size", FT_UINT8, BASE_DEC, NULL, 0x0, "Subblock Size", HFILL }}, + { &hf_isi_sim_pb_subblock, + { "Subblock", "isi.sim.pb.subblock", FT_UINT8, BASE_HEX, isi_sim_pb_subblock, 0x0, "Subblock", HFILL }}, + { &hf_isi_sim_pb_type, + { "Phonebook Type", "isi.sim.pb.type", FT_UINT8, BASE_HEX, isi_sim_pb_type, 0x0, "Phonebook Type", HFILL }}, + {&hf_isi_sim_pb_location, + { "Phonebook Location", "isi.sim.pb.location", FT_UINT8, BASE_DEC, NULL, 0x0, "Phonebook Location", HFILL }}, + {&hf_isi_sim_pb_tag_count, + { "Tag Count", "isi.sim.pb.tag.count", FT_UINT8, BASE_DEC, NULL, 0x0, "Tag Count", HFILL }}, + { &hf_isi_sim_pb_tag, + { "Phonebook Item Type", "isi.sim.pb.tag", FT_UINT8, BASE_HEX, isi_sim_pb_tag, 0x0, "Phonebook Item Type", HFILL }}, + /* {&hf_isi_sim_imsi_byte_1, + { "IMSI Byte 1", "isi.sim.imsi.byte1", FT_UINT16, BASE_HEX, NULL, 0xF0, NULL, HFILL }},*/ + {&hf_isi_sim_imsi_length, + { "IMSI Length", "isi.sim.imsi.length", FT_UINT8, BASE_DEC, NULL, 0, NULL, HFILL }}, }; proto_register_field_array(proto_isi, hf, array_length(hf)); @@ -221,9 +259,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr code = tvb_get_guint8(tvb, 1); switch(code) { case 0x2F: - proto_tree_add_item(tree, hf_isi_sim_hlpmn_countries, tvb, 3, 2, FALSE); - proto_tree_add_item(tree, hf_isi_sim_hlpmn_operators, tvb, 5, 1, FALSE); - + dissect_e212_mcc_mnc(tvb, pinfo, tree, 3, 1); col_set_str(pinfo->cinfo, COL_INFO, "Network Information Response: Home PLMN"); break; default: @@ -231,7 +267,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0x1D: /* SIM_IMSI_REQ_READ_IMSI */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); code = tvb_get_guint8(tvb, 1); @@ -243,15 +279,61 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; case 0x1E: /* SIM_IMSI_RESP_READ_IMSI */ + proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); + + /* If properly decoded, an IMSI should look like 234 100 733569423 in split Base10 + + 0000 1e 2d 01 08 | 29 43 01 | 70 33 65 49 32 + 92 34 10 | 07 33 56 94 23 + + Switch 0x29 to produce 0x92 + + AND 0x92 with 0xF0 to strip the leading 9 + + Switch 0x43 to produce 0x34 + + Concatenate 0x02 and 0x34 to produce 0x02 34 - which is our MCC for the UK + + Switch 0x01 to produce 0x10 - first byte of the MNC + + Switch 0x70 to produce 0x07 - second bit of the MNC, and first bit of the MSIN + + Remainder of MSIN follows: + + Switch 0x33 to produce 0x33 + + Switch 0x65 to produce 0x56 + + Switch 0x49 to produce 0x94 + + Switch 0x32 to produce 0x23 + + When regrouped, we should have something that looks like 0x02|0x34|0x10|0x07|0x33|0x56|0x94|0x23 + + Can we use the E212 dissector? + No, it appears that the current version of the dissector is hard-coded in a way that ignores all of our set-up work. :( + + */ + code = tvb_get_guint8(tvb, 1); switch(code) { default: + proto_tree_add_item(tree, hf_isi_sim_imsi_length, tvb, 3, 1, FALSE); + + /* + next_tvb = tvb_new_subset(tvb, 0, -1, -1); + proto_tree_add_item(tree, hf_isi_sim_imsi_byte_1, next_tvb, 4, 1, ENC_LITTLE_ENDIAN); + dissect_e212_mcc_mnc(next_tvb, pinfo, tree, 4, FALSE ); + proto_tree_add_item(tree, hf_E212_msin, tvb, 2, 7, FALSE); + + */ + col_set_str(pinfo->cinfo, COL_INFO, "Read IMSI Response"); break; } break; - + case 0x21: /* SIM_SERV_PROV_NAME_REQ */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); code = tvb_get_guint8(tvb, 1); @@ -261,7 +343,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0x22: /* SIM_SERV_PROV_NAME_RESP */ code = tvb_get_guint8(tvb, 1); switch(code) { @@ -275,7 +357,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0xBA: /* SIM_READ_FIELD_REQ */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); code = tvb_get_guint8(tvb, 1); @@ -288,7 +370,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0xBB: /* SIM_READ_FIELD_RESP */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); code = tvb_get_guint8(tvb, 1); @@ -302,7 +384,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0xBC: /* SIM_SMS_REQ */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); code = tvb_get_guint8(tvb, 1); @@ -312,7 +394,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0xBD: /* SIM_SMS_RESP */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); code = tvb_get_guint8(tvb, 1); @@ -324,7 +406,35 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; case 0xDC: /* SIM_PB_REQ_SIM_PB_READ */ + + /* A phonebook record in a typical O2 UK SIM card issued in 2009 can hold: + + * A name encoded in UTF-16/UCS-2 - up to 18 (or 15 double-byte/accented) characters can be entered on an S60 device + * Up to 2 telephone numbers - up to 2 * 20 (or 40-1 field) characters can be entered on an S60 device + * An e-mail address encoded in UTF-16/UCS-2 - up to 40 characters can be entered on an S60 device + + Up to 250 of these records can be stored, and 9 of them are pre-populated on a brand new card. + + */ proto_tree_add_item(tree, hf_isi_sim_service_type, tvb, 1, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_subblock_count, tvb, 2, 2, ENC_LITTLE_ENDIAN); + proto_tree_add_item(tree, hf_isi_sim_pb_subblock, tvb, 4, 1, FALSE); + + //Should probably be 8, and not 2048... Officially starts/ends at 5/3, I think. + proto_tree_add_item(tree, hf_isi_sim_subblock_size, tvb, 6, 2, ENC_LITTLE_ENDIAN); + + proto_tree_add_item(tree, hf_isi_sim_pb_type, tvb, 8, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_pb_location, tvb, 9, 2, FALSE); + + proto_tree_add_item(tree, hf_isi_sim_pb_subblock, tvb, 12, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_subblock_count, tvb, 13, 2, ENC_BIG_ENDIAN); + + proto_tree_add_item(tree, hf_isi_sim_pb_tag_count, tvb, 15, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_pb_type, tvb, 18, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_pb_tag, tvb, 20, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_pb_tag, tvb, 22, 1, FALSE); + proto_tree_add_item(tree, hf_isi_sim_pb_tag, tvb, 24, 1, FALSE); + code = tvb_get_guint8(tvb, 1); switch(code) { default: @@ -342,7 +452,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0xEF: /* SIM_IND */ code = tvb_get_guint8(tvb, 1); switch(code) { @@ -351,7 +461,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + case 0xF0: /* SIM_COMMON_MESSAGE */ proto_tree_add_item(tree, hf_isi_sim_cause, tvb, 1, 1, FALSE); proto_tree_add_item(tree, hf_isi_sim_secondary_cause, tvb, 2, 1, FALSE); @@ -368,7 +478,7 @@ static void dissect_isi_sim(tvbuff_t *tvb, packet_info *pinfo, proto_item *isitr break; } break; - + default: col_set_str(pinfo->cinfo, COL_INFO, "Unknown type"); break;