Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
packet-bluetooth.h
1/* packet-bluetooth.h
2 *
3 * Wireshark - Network traffic analyzer
4 * By Gerald Combs <[email protected]>
5 * Copyright 1998 Gerald Combs
6 *
7 * SPDX-License-Identifier: GPL-2.0-or-later
8 */
9
10#ifndef __PACKET_BLUETOOTH_H__
11#define __PACKET_BLUETOOTH_H__
12
13#include <epan/packet.h>
14#include "packet-usb.h"
15#include "packet-ubertooth.h"
16
17#ifdef __cplusplus
18extern "C" {
19#endif /* __cplusplus */
20
21#define PROTO_DATA_BLUETOOTH_SERVICE_UUID 0
22
23#define BLUETOOTH_DATA_SRC 0
24#define BLUETOOTH_DATA_DST 1
25
26#define HCI_H4_TYPE_CMD 0x01
27#define HCI_H4_TYPE_ACL 0x02
28#define HCI_H4_TYPE_SCO 0x03
29#define HCI_H4_TYPE_EVT 0x04
30#define HCI_H4_TYPE_ISO 0x05
31
32#define HCI_OGF_LINK_CONTROL 0x01
33#define HCI_OGF_LINK_POLICY 0x02
34#define HCI_OGF_HOST_CONTROLLER 0x03
35#define HCI_OGF_INFORMATIONAL 0x04
36#define HCI_OGF_STATUS 0x05
37#define HCI_OGF_TESTING 0x06
38#define HCI_OGF_LOW_ENERGY 0x08
39#define HCI_OGF_LOGO_TESTING 0x3e
40#define HCI_OGF_VENDOR_SPECIFIC 0x3f
41
42#define HCI_VENDOR_DEFAULT 0
43
44#define DID_VENDOR_ID_SOURCE_BLUETOOTH_SIG 1
45#define DID_VENDOR_ID_SOURCE_USB_FORUM 2
46
47#define ACCESS_ADDRESS_ADVERTISING 0x8e89bed6
48
49extern int proto_bluetooth;
50
51extern const value_string bluetooth_address_type_vals[];
52
53#define STATUS_SUCCESS 0x00
54
55#define UUID_GATT_PRIMARY_SERVICE_DECLARATION 0x2800
56#define UUID_GATT_SECONDARY_SERVICE_DECLARATION 0x2801
57#define UUID_GATT_INCLUDE_DECLARATION 0x2802
58#define UUID_GATT_CHARACTERISTIC_DECLARATION 0x2803
59
60/* We support Bluetooth over various interfaces, interface_id and adapter_id
61 is used to decode further payload. Case: there is a host. Host has X
62 interfaces. Each interface has Y adapter. Each adapter has ACL handle or
63 L2CAP CID. ACL handle has L2CAP CID and/or L2CAP PSM. L2CAP CID or
64 L2CAP PSM has RFCOMM channel or other end-protocol like OBEX, AVRCP, HID,
65 AVDTP, BNEP etc. RFCOMM channel has end-protocol like OBEX, HFP, etc.
66 Important note: correct payload decoding should store needed data using
67 key contain interface_id, adapter_id, ..., last_channel_type (for example
68 RFCOMM channel, transaction_id, frame number etc. )
69
70 interface_id - interface id provided by Wireshark, see "frame.interface_id",
71 in case where is only one interface id HCI_INTERFACE_DEFAULT
72 is used (for example open BTSNOOP file with HCI H4 protocol)
73 adapter_id - identified Bluetooth device (interface, for example Linux
74 hci0, hci1, etc.)
75*/
76#define HCI_INTERFACE_DEFAULT 0
77#define HCI_ADAPTER_DEFAULT 0
78
79typedef enum {
80 BT_PD_NONE, /* no protocol data */
81 BT_PD_BTHCI, /* struct bthci_phdr * */
82 BT_PD_BTMON, /* struct btmon_phdr * */
83 BT_PD_URB_INFO, /* urb_info_t * */
84 BT_PD_UBERTOOTH_DATA /* ubertooth_data_t * */
85} bt_protocol_data_type;
86
87/* chandle_sessions: interface_id + adapter_id + connection_handle + frame_number -> connect_in_frame, disconnect_in_frame */
88/* chandle_to_bdaddr: interface_id + adapter_id + connection_handle + frame_number -> bd_addr[6] */
89/* chandle_to_mode: interface_id + adapter_id + connection_handle + frame_number -> mode */
90/* shandle_to_chandle: interface_id + adapter_id + stream_handle + frame_number -> connection_handle */
91/* bdaddr_to_name: bd_addr[6] + frame_number -> name */
92/* bdaddr_to_role: bd_addr[6] + frame_number -> role */
93/* localhost_bdaddr: interface_id + adapter_id + frame_number -> bd_addr[6] */
94/* localhost_name: interface_id + adapter_id + frame_number -> name */
95typedef struct _bluetooth_data_t {
96 uint32_t interface_id;
97 uint32_t adapter_id;
98 uint32_t *adapter_disconnect_in_frame;
99 wmem_tree_t *chandle_sessions;
100 wmem_tree_t *chandle_to_bdaddr;
101 wmem_tree_t *chandle_to_mode;
102 wmem_tree_t *shandle_to_chandle;
103 wmem_tree_t *bdaddr_to_name;
104 wmem_tree_t *bdaddr_to_role;
105 wmem_tree_t *localhost_bdaddr;
106 wmem_tree_t *localhost_name;
107 wmem_tree_t *hci_vendors;
108
109 bt_protocol_data_type previous_protocol_data_type;
110 union {
111 void *none;
112 struct bthci_phdr *bthci;
113 struct btmon_phdr *btmon;
114 urb_info_t *urb;
115 ubertooth_data_t *ubertooth_data;
116 } previous_protocol_data;
117
118} bluetooth_data_t;
119
120#define BT_LINK_TYPE_UNKNOWN 0
121#define BT_LINK_TYPE_ACL 1
122#define BT_LINK_TYPE_SCO 2
123#define BT_LINK_TYPE_LL 3
124#define BT_LINK_TYPE_ISO 4
125
126typedef struct _chandle_session_t {
127 uint32_t connect_in_frame;
128 uint32_t disconnect_in_frame;
129 uint32_t link_type;
130} chandle_session_t;
131
132typedef struct _remote_bdaddr_t {
133 uint32_t interface_id;
134 uint32_t adapter_id;
135 uint16_t chandle;
136 uint8_t bd_addr[6];
137} remote_bdaddr_t;
138
139typedef struct _device_name_t {
140 uint32_t bd_addr_oui;
141 uint32_t bd_addr_id;
142 char *name;
143} device_name_t;
144
145typedef struct _device_role_t {
146 uint32_t role;
147 uint32_t change_in_frame;
148} device_role_t;
149
150typedef struct _connection_mode_t {
151 int32_t mode;
152 uint32_t change_in_frame;
153} connection_mode_t;
154
155typedef struct _stream_connection_handle_pair_t {
156 int32_t chandle;
157 uint32_t change_in_frame;
158} stream_connection_handle_pair_t;
159
160#define ROLE_UNKNOWN 0
161#define ROLE_CENTRAL 1
162#define ROLE_PERIPHERAL 2
163
164typedef struct _localhost_bdaddr_entry_t {
165 uint32_t interface_id;
166 uint32_t adapter_id;
167 uint8_t bd_addr[6];
168} localhost_bdaddr_entry_t;
169
170typedef struct _localhost_name_entry_t {
171 uint32_t interface_id;
172 uint32_t adapter_id;
173 char *name;
174} localhost_name_entry_t;
175
176typedef struct _bluetooth_tap_data_t {
177 uint32_t interface_id;
178 uint32_t adapter_id;
179} bluetooth_tap_data_t;
180
181typedef struct _hci_vendor_data_t {
182 uint16_t manufacturer;
183 uint16_t hci_revision;
184 uint16_t lmp_subversion;
185 uint32_t change_in_frame;
186 struct _hci_vendor_data_t *previous;
187} hci_vendor_data_t;
188
189typedef struct _uuid_t {
190 uint16_t bt_uuid;
191 uint8_t size;
192 uint8_t data[16];
193} bluetooth_uuid_t;
194
195enum bluetooth_device_type {
196 BLUETOOTH_DEVICE_BD_ADDR,
197 BLUETOOTH_DEVICE_NAME,
198 BLUETOOTH_DEVICE_LOCAL_ADAPTER,
199 BLUETOOTH_DEVICE_LOCAL_VERSION,
200 BLUETOOTH_DEVICE_REMOTE_VERSION,
201 BLUETOOTH_DEVICE_RESET,
202 BLUETOOTH_DEVICE_SCAN,
203 BLUETOOTH_DEVICE_VOICE_SETTING,
204 BLUETOOTH_DEVICE_AUTHENTICATION,
205 BLUETOOTH_DEVICE_ENCRYPTION,
206 BLUETOOTH_DEVICE_CLASS_OF_DEVICE,
207 BLUETOOTH_DEVICE_SIMPLE_PAIRING_MODE,
208 BLUETOOTH_DEVICE_PAGE_TIMEOUT,
209 BLUETOOTH_DEVICE_INQUIRY_MODE,
210 BLUETOOTH_DEVICE_MTUS,
211 BLUETOOTH_DEVICE_LE_MTU
212};
213
214typedef struct _bluetooth_device_tap_t {
215 uint32_t interface_id;
216 uint32_t adapter_id;
217
218 bool is_local;
219 bool has_bd_addr;
220 uint8_t bd_addr[6];
221 enum bluetooth_device_type type;
222 union {
223 char *name;
224 struct {
225 uint8_t hci_version;
226 uint16_t hci_revision;
227 uint8_t lmp_version;
228 uint16_t lmp_subversion;
229 uint16_t manufacturer;
230 } local_version;
231 struct {
232 uint8_t lmp_version;
233 uint16_t lmp_subversion;
234 uint16_t manufacturer;
235 } remote_version;
236 uint8_t scan;
237 uint16_t page_timeout;
238 uint8_t authentication;
239 uint8_t encryption;
240 uint32_t class_of_device;
241 uint16_t voice_setting;
242 uint8_t simple_pairing_mode;
243 uint8_t inquiry_mode;
244 struct {
245 uint16_t acl_mtu;
246 uint8_t sco_mtu;
247 uint16_t acl_packets;
248 uint16_t sco_packets;
249 } mtus;
250 struct {
251 uint16_t acl_mtu;
252 uint16_t iso_mtu;
253 uint16_t acl_packets;
254 uint16_t iso_packets;
255 } le_mtus;
256 } data;
257} bluetooth_device_tap_t;
258
259enum bluetooth_hci_summary_type {
260 BLUETOOTH_HCI_SUMMARY_OPCODE,
261 BLUETOOTH_HCI_SUMMARY_EVENT_OPCODE,
262 BLUETOOTH_HCI_SUMMARY_EVENT,
263 BLUETOOTH_HCI_SUMMARY_SUBEVENT,
264 BLUETOOTH_HCI_SUMMARY_VENDOR_OPCODE,
265 BLUETOOTH_HCI_SUMMARY_VENDOR_EVENT_OPCODE,
266 BLUETOOTH_HCI_SUMMARY_VENDOR_EVENT,
267 BLUETOOTH_HCI_SUMMARY_STATUS,
268 BLUETOOTH_HCI_SUMMARY_STATUS_PENDING,
269 BLUETOOTH_HCI_SUMMARY_REASON,
270 BLUETOOTH_HCI_SUMMARY_HARDWARE_ERROR
271};
272
273typedef struct _bluetooth_hci_summary_tap_t {
274 uint32_t interface_id;
275 uint32_t adapter_id;
276
277 uint16_t ocf;
278 uint8_t ogf;
279 uint8_t event;
280 uint8_t subevent;
281 uint8_t status;
282 uint8_t reason;
283 uint8_t hardware_error;
284
285 const char *name;
286 enum bluetooth_hci_summary_type type;
287} bluetooth_hci_summary_tap_t;
288
289typedef struct _bluetooth_eir_ad_data_t {
290 uint32_t interface_id;
291 uint32_t adapter_id;
292
293 uint8_t *bd_addr;
294} bluetooth_eir_ad_data_t;
295
296
297extern int bluetooth_device_tap;
298extern int bluetooth_hci_summary_tap;
299
300WS_DLL_PUBLIC const value_string bluetooth_uuid_vals[];
301
302extern dissector_table_t bluetooth_uuid_table;
303
304WS_DLL_PUBLIC wmem_tree_t *bluetooth_uuids;
305
306WS_DLL_PUBLIC value_string_ext bluetooth_uuid_vals_ext;
307WS_DLL_PUBLIC value_string_ext bluetooth_company_id_vals_ext;
308extern uint32_t bluetooth_max_disconnect_in_frame;
309
310extern int dissect_bd_addr(int hf_bd_addr, packet_info *pinfo, proto_tree *tree,
311 tvbuff_t *tvb, int offset, bool is_local_bd_addr,
312 uint32_t interface_id, uint32_t adapter_id, uint8_t *bdaddr);
313
314extern void bluetooth_unit_1p25_ms(char *buf, uint32_t value);
315extern void bluetooth_unit_0p125_ms(char *buf, uint32_t value);
316
317extern bluetooth_uuid_t get_bluetooth_uuid(tvbuff_t *tvb, int offset, int size);
318WS_DLL_PUBLIC const char *print_bluetooth_uuid(wmem_allocator_t *pool, bluetooth_uuid_t *uuid);
319WS_DLL_PUBLIC const char *print_numeric_bluetooth_uuid(wmem_allocator_t *pool, bluetooth_uuid_t *uuid);
320
321extern void save_local_device_name_from_eir_ad(tvbuff_t *tvb, int offset,
322 packet_info *pinfo, uint8_t size, bluetooth_data_t *bluetooth_data);
323
324WS_DLL_PUBLIC bluetooth_data_t *
325dissect_bluetooth_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
326
327#ifdef __cplusplus
328}
329#endif /* __cplusplus */
330
331#endif
332
333/*
334 * Editor modelines - https://www.wireshark.org/tools/modelines.html
335 *
336 * Local variables:
337 * c-basic-offset: 4
338 * tab-width: 8
339 * indent-tabs-mode: nil
340 * End:
341 *
342 * vi: set shiftwidth=4 tabstop=8 expandtab:
343 * :indentSize=4:tabSize=8:noTabs=true:
344 */
_bluetooth_data_t
Definition packet-bluetooth.h:95
_bluetooth_device_tap_t
Definition packet-bluetooth.h:214
_bluetooth_eir_ad_data_t
Definition packet-bluetooth.h:289
_bluetooth_hci_summary_tap_t
Definition packet-bluetooth.h:273
_bluetooth_tap_data_t
Definition packet-bluetooth.h:176
_chandle_session_t
Definition packet-bluetooth.h:126
_connection_mode_t
Definition packet-bluetooth.h:150
_device_name_t
Definition packet-bluetooth.h:139
_device_role_t
Definition packet-bluetooth.h:145
_hci_vendor_data_t
Definition packet-bluetooth.h:181
_localhost_bdaddr_entry_t
Definition packet-bluetooth.h:164
_localhost_name_entry_t
Definition packet-bluetooth.h:170
_packet_info
Definition packet_info.h:43
_proto_node
Definition proto.h:899
_remote_bdaddr_t
Definition packet-bluetooth.h:132
_stream_connection_handle_pair_t
Definition packet-bluetooth.h:155
_ubertooth_data_t
Definition packet-ubertooth.h:17
_urb_info_t
Definition packet-usb.h:141
_uuid_t
Definition packet-bluetooth.h:189
_value_string_ext
Definition value_string.h:169
_value_string
Definition value_string.h:25
_wmem_allocator_t
Definition wmem_allocator.h:27
_wmem_tree_t
Definition wmem_tree-int.h:48
bthci_phdr
Definition wtap.h:1088
btmon_phdr
Definition wtap.h:1100
dissector_table
Definition packet.c:86
tvbuff
Definition tvbuff-int.h:35
Generated by doxygen 1.9.8