Wireshark-bugs: [Wireshark-bugs] [Bug 6155] New: Dissector for the USB Integrated Circuit Card I

Date: Fri, 22 Jul 2011 08:43:36 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6155

           Summary: Dissector for the USB Integrated Circuit Card
                    Interface Device Class (CCID)
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: tyson.key@xxxxxxxxx


Created an attachment (id=6701)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6701)
The latest version of the dissector, after implementing dissection of 0x6F
packets.

Build Information:
Version 1.7.0 (SVN Rev 37346 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.0, with GLib 2.26.0, with libpcap
1.2.0-PRE-GIT_2011_03_23, with libz 1.2.5, with POSIX capabilities (Linux),
without libpcre, with SMI 0.4.8, without c-ares, without ADNS, without Lua,
without Python, without GnuTLS, without Gcrypt, without Kerberos, without
GeoIP,
without PortAudio, without AirPcap.

Running on Linux 2.6.35.6-45.fc14.i686, with libpcap version
1.2.0-PRE-GIT_2011_03_23, with libz 1.2.5.

Built using gcc 4.5.1 20100924 (Red Hat 4.5.1-4).

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
I've implemented a reasonable subset of a dissector for the USB CCID
specification (as described at
http://www.usb.org/developers/devclass_docs/DWG_Smart-Card_CCID_Rev110.pdf),
during the course of experimenting with an ACS ACR122U ISO 14443 card reader
and MiFare tokens.

It currently identifies all of the message types listed in that specification,
and mostly attempts to dissect the payloads of the following types: 
 * 0x61
 * 0x62
 * 0x63
 * 0x65
 * 0x6C
 * 0x80
 * 0x81

These were selected as they were either the easiest to implement initially, or
were otherwise the most commonplace within my trace files; although I'll
probably implement others if there is sufficient demand. 

Only URB_BULK packets with bInterfaceClass 0x0B are supported, as the nature of
the CCID protocol is poorly suited to being handled heuristically. Dissection
of URB_CONTROL packets, and additional, CCID-specific descriptors is
unimplemented.

I've also ignored certain value/description lookup tables for the time being,
until I can find an optimal way of describing and implementing them. 

For type 0x80 (RDR_to_PC_DataBlock) and 0x6F (PC_to_RDR_XfrBlock) packets, the
generic data dissector is used to deal with command result/data payloads, since
attempting to deal with those would require additional dissectors to deal with
different command sets from different readers and cards/tokens. 

Ideally, I'd like to see the third-party ISO 7816/GSM SIM card dissector at
http://bb.osmocom.org/trac/wiki/SIMtrace integrated eventually, along with a
mechanism for letting users switch protocols appropriately. Said mechanism
would probably be useful when it comes to implementing support for ISO
14443(A/B) or vendor-proprietary protocols, and various systems implemented on
top (e.g. DESFire and its ISO 7816-compatible wrapper, EMV or the NFC Forum's
LLCP) in the future.

In the meantime, I'd like to get this dissector prepared and hopefully
integrated into mainline...

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.