Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
dot11decrypt_int.h
Go to the documentation of this file.
1
9#ifndef _DOT11DECRYPT_INT_H
10#define _DOT11DECRYPT_INT_H
11
12/****************************************************************************/
13/* File includes */
14
15#include "dot11decrypt_system.h"
16
17#include "ws_attributes.h"
18#include <wsutil/wsgcrypt.h>
19
20/****************************************************************************/
21
22/****************************************************************************/
23/* Definitions */
24
25/* IEEE 802.11 packet type values */
26#define DOT11DECRYPT_TYPE_MANAGEMENT 0
27#define DOT11DECRYPT_TYPE_CONTROL 1
28#define DOT11DECRYPT_TYPE_DATA 2
29
30/* IEEE 802.11 packet subtype values */
31#define DOT11DECRYPT_SUBTYPE_ASSOC_REQ 0
32#define DOT11DECRYPT_SUBTYPE_ASSOC_RESP 1
33#define DOT11DECRYPT_SUBTYPE_REASSOC_REQ 2
34#define DOT11DECRYPT_SUBTYPE_REASSOC_RESP 3
35#define DOT11DECRYPT_SUBTYPE_PROBE_REQ 4
36#define DOT11DECRYPT_SUBTYPE_PROBE_RESP 5
37#define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT 6
38#define DOT11DECRYPT_SUBTYPE_BEACON 8
39#define DOT11DECRYPT_SUBTYPE_ATIM 9
40#define DOT11DECRYPT_SUBTYPE_DISASS 10
41#define DOT11DECRYPT_SUBTYPE_AUTHENTICATION 11
42#define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION 12
43#define DOT11DECRYPT_SUBTYPE_ACTION 13
44#define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK 14
45
46/* IEEE 802.11 cipher suite selectors */
47#define DOT11DECRYPT_CIPHER_USE_GROUP 0
48#define DOT11DECRYPT_CIPHER_WEP40 1
49#define DOT11DECRYPT_CIPHER_TKIP 2
50#define DOT11DECRYPT_CIPHER_CCMP 4
51#define DOT11DECRYPT_CIPHER_WEP104 5
52#define DOT11DECRYPT_CIPHER_BIP_CMAC 6
53#define DOT11DECRYPT_CIPHER_GROUP_NA 7
54#define DOT11DECRYPT_CIPHER_GCMP 8
55#define DOT11DECRYPT_CIPHER_GCMP256 9
56#define DOT11DECRYPT_CIPHER_CCMP256 10
57#define DOT11DECRYPT_CIPHER_BIP_GMAC 11
58#define DOT11DECRYPT_CIPHER_BIP_GMAC256 12
59#define DOT11DECRYPT_CIPHER_BIP_CMAC256 13
60
61/*
62 * Min length of encrypted data (TKIP=21bytes, CCMP=17bytes)
63 * CCMP = 8 octets of CCMP header, 1 octet of data, 8 octets of MIC.
64 * TKIP = 4 octets of IV/Key ID, 4 octets of Extended IV, 1 octet of data,
65 * 8 octets of MIC, 4 octets of ICV
66 */
67#define DOT11DECRYPT_CRYPTED_DATA_MINLEN 17
68
69#define DOT11DECRYPT_TA_OFFSET 10
70
71/* */
72/****************************************************************************/
73
74/****************************************************************************/
75/* Macro definitions */
76
80#define DOT11DECRYPT_TYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 2) & 0x3)
81#define DOT11DECRYPT_SUBTYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 4) & 0xF)
82#define DOT11DECRYPT_DS_BITS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x3)
83#define DOT11DECRYPT_TO_DS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x1)
84#define DOT11DECRYPT_FROM_DS(FrameControl_1) (uint8_t)((FrameControl_1 >> 1) & 0x1)
85#define DOT11DECRYPT_WEP(FrameControl_1) (uint8_t)((FrameControl_1 >> 6) & 0x1)
86
90#define DOT11DECRYPT_EXTIV(KeyID) ((KeyID >> 5) & 0x1)
91
92#define DOT11DECRYPT_KEY_INDEX(KeyID) ((KeyID >> 6) & 0x3)
94/* Macros to get various bits of an EAPOL frame */
95#define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1) ((unsigned char)(KeyInfo_1 & 0x3))
96#define DOT11DECRYPT_EAP_KEY(KeyInfo_1) ((KeyInfo_1 >> 3) & 0x1)
97#define DOT11DECRYPT_EAP_INST(KeyInfo_1) ((KeyInfo_1 >> 6) & 0x1)
98#define DOT11DECRYPT_EAP_ACK(KeyInfo_1) ((KeyInfo_1 >> 7) & 0x1)
99#define DOT11DECRYPT_EAP_MIC(KeyInfo_0) (KeyInfo_0 & 0x1)
100#define DOT11DECRYPT_EAP_SEC(KeyInfo_0) ((KeyInfo_0 >> 1) & 0x1)
101
102/* Note: copied from net80211/ieee80211.h */
103#define DOT11DECRYPT_FC1_DIR_MASK 0x03
104#define DOT11DECRYPT_FC1_DIR_DSTODS 0x03 /* AP ->AP */
105#define DOT11DECRYPT_FC0_SUBTYPE_QOS 0x80
106#define DOT11DECRYPT_FC0_TYPE_DATA 0x08
107#define DOT11DECRYPT_FC0_TYPE_MASK 0x0c
108#define DOT11DECRYPT_SEQ_FRAG_MASK 0x000f
109#define DOT11DECRYPT_QOS_HAS_SEQ(wh) \
110 (((wh)->fc[0] & \
111 (DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
112 (DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))
113
114#define DOT11DECRYPT_ADDR_COPY(dst,src) memcpy(dst, src, DOT11DECRYPT_MAC_LEN)
115
116#define DOT11DECRYPT_IS_4ADDRESS(wh) \
117 ((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
118#define DOT11DECRYPT_IS_QOS_DATA(wh) DOT11DECRYPT_QOS_HAS_SEQ(wh)
119
120/****************************************************************************/
121
122/****************************************************************************/
123/* Structure definitions */
124
125/*
126 * XXX - According to the thread at
127 * https://lists.wireshark.org/archives/wireshark-dev/200612/msg00384.html we
128 * shouldn't have to worry about packing our structs, since the largest
129 * elements are 8 bits wide.
130 */
131#ifdef _MSC_VER /* MS Visual C++ */
132#pragma pack(push)
133#pragma pack(1)
134#endif
135
136/* Definition of IEEE 802.11 frame (without the address 4) */
137typedef struct _DOT11DECRYPT_MAC_FRAME {
138 unsigned char fc[2];
139 unsigned char dur[2];
140 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
141 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
142 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
143 unsigned char seq[2];
144} DOT11DECRYPT_MAC_FRAME, *PDOT11DECRYPT_MAC_FRAME;
145
146/* Definition of IEEE 802.11 frame (with the address 4) */
147typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4 {
148 unsigned char fc[2];
149 unsigned char dur[2];
150 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
151 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
152 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
153 unsigned char seq[2];
154 unsigned char addr4[DOT11DECRYPT_MAC_LEN];
155} DOT11DECRYPT_MAC_FRAME_ADDR4, *PDOT11DECRYPT_MAC_FRAME_ADDR4;
156
157/* Definition of IEEE 802.11 frame (without the address 4, with QOS) */
158typedef struct _DOT11DECRYPT_MAC_FRAME_QOS {
159 unsigned char fc[2];
160 unsigned char dur[2];
161 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
162 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
163 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
164 unsigned char seq[2];
165 unsigned char qos[2];
166} DOT11DECRYPT_MAC_FRAME_QOS, *PDOT11DECRYPT_MAC_FRAME_QOS;
167
168/* Definition of IEEE 802.11 frame (with the address 4 and QOS) */
169typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4_QOS {
170 unsigned char fc[2];
171 unsigned char dur[2];
172 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
173 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
174 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
175 unsigned char seq[2];
176 unsigned char addr4[DOT11DECRYPT_MAC_LEN];
177 unsigned char qos[2];
178} DOT11DECRYPT_MAC_FRAME_ADDR4_QOS, *PDOT11DECRYPT_MAC_FRAME_ADDR4_QOS;
179
180#ifdef _MSC_VER /* MS Visual C++ */
181#pragma pack(pop)
182#endif
183
184/******************************************************************************/
185
186int Dot11DecryptCcmpDecrypt(
187 uint8_t *m,
188 int mac_header_len,
189 int len,
190 uint8_t *TK1,
191 int tk_len,
192 int mic_len);
193
194int Dot11DecryptGcmpDecrypt(
195 uint8_t *m,
196 int mac_header_len,
197 int len,
198 uint8_t *TK1,
199 int tk_len);
200
201int Dot11DecryptTkipDecrypt(
202 unsigned char *tkip_mpdu,
203 size_t mpdu_len,
204 unsigned char TA[DOT11DECRYPT_MAC_LEN],
205 unsigned char TK[DOT11DECRYPT_TK_LEN])
206 ;
207
208#endif
dot11decrypt_system.h
_DOT11DECRYPT_MAC_FRAME_ADDR4_QOS
Definition dot11decrypt_int.h:169
_DOT11DECRYPT_MAC_FRAME_ADDR4
Definition dot11decrypt_int.h:147
_DOT11DECRYPT_MAC_FRAME_QOS
Definition dot11decrypt_int.h:158
_DOT11DECRYPT_MAC_FRAME
Definition dot11decrypt_int.h:137
Generated by doxygen 1.9.8