Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
dot11decrypt_int.h
Go to the documentation of this file.
1
9#ifndef _DOT11DECRYPT_INT_H
10#define _DOT11DECRYPT_INT_H
11
12/****************************************************************************/
13/* File includes */
14
15#include "dot11decrypt_system.h"
16
17#include "ws_attributes.h"
18#include <wsutil/wsgcrypt.h>
19
20/****************************************************************************/
21
22/****************************************************************************/
23/* Definitions */
24
25/* IEEE 802.11 packet type values */
26#define DOT11DECRYPT_TYPE_MANAGEMENT 0
27#define DOT11DECRYPT_TYPE_CONTROL 1
28#define DOT11DECRYPT_TYPE_DATA 2
29
30/* IEEE 802.11 packet subtype values */
31#define DOT11DECRYPT_SUBTYPE_ASSOC_REQ 0
32#define DOT11DECRYPT_SUBTYPE_ASSOC_RESP 1
33#define DOT11DECRYPT_SUBTYPE_REASSOC_REQ 2
34#define DOT11DECRYPT_SUBTYPE_REASSOC_RESP 3
35#define DOT11DECRYPT_SUBTYPE_PROBE_REQ 4
36#define DOT11DECRYPT_SUBTYPE_PROBE_RESP 5
37#define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT 6
38#define DOT11DECRYPT_SUBTYPE_BEACON 8
39#define DOT11DECRYPT_SUBTYPE_ATIM 9
40#define DOT11DECRYPT_SUBTYPE_DISASS 10
41#define DOT11DECRYPT_SUBTYPE_AUTHENTICATION 11
42#define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION 12
43#define DOT11DECRYPT_SUBTYPE_ACTION 13
44#define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK 14
45
46/*
47 * Min length of encrypted data (TKIP=21bytes, CCMP=17bytes)
48 * CCMP = 8 octets of CCMP header, 1 octet of data, 8 octets of MIC.
49 * TKIP = 4 octets of IV/Key ID, 4 octets of Extended IV, 1 octet of data,
50 * 8 octets of MIC, 4 octets of ICV
51 */
52#define DOT11DECRYPT_CRYPTED_DATA_MINLEN 17
53
54#define DOT11DECRYPT_TA_OFFSET 10
55
56/* */
57/****************************************************************************/
58
59/****************************************************************************/
60/* Macro definitions */
61
65#define DOT11DECRYPT_TYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 2) & 0x3)
66#define DOT11DECRYPT_SUBTYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 4) & 0xF)
67#define DOT11DECRYPT_DS_BITS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x3)
68#define DOT11DECRYPT_TO_DS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x1)
69#define DOT11DECRYPT_FROM_DS(FrameControl_1) (uint8_t)((FrameControl_1 >> 1) & 0x1)
70#define DOT11DECRYPT_WEP(FrameControl_1) (uint8_t)((FrameControl_1 >> 6) & 0x1)
71
75#define DOT11DECRYPT_EXTIV(KeyID) ((KeyID >> 5) & 0x1)
76
77#define DOT11DECRYPT_KEY_INDEX(KeyID) ((KeyID >> 6) & 0x3)
79/* Macros to get various bits of an EAPOL frame */
80#define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1) ((unsigned char)(KeyInfo_1 & 0x3))
81#define DOT11DECRYPT_EAP_KEY(KeyInfo_1) ((KeyInfo_1 >> 3) & 0x1)
82#define DOT11DECRYPT_EAP_INST(KeyInfo_1) ((KeyInfo_1 >> 6) & 0x1)
83#define DOT11DECRYPT_EAP_ACK(KeyInfo_1) ((KeyInfo_1 >> 7) & 0x1)
84#define DOT11DECRYPT_EAP_MIC(KeyInfo_0) (KeyInfo_0 & 0x1)
85#define DOT11DECRYPT_EAP_SEC(KeyInfo_0) ((KeyInfo_0 >> 1) & 0x1)
86
87/* Note: copied from net80211/ieee80211.h */
88#define DOT11DECRYPT_FC1_DIR_MASK 0x03
89#define DOT11DECRYPT_FC1_DIR_DSTODS 0x03 /* AP ->AP */
90#define DOT11DECRYPT_FC0_SUBTYPE_QOS 0x80
91#define DOT11DECRYPT_FC0_TYPE_DATA 0x08
92#define DOT11DECRYPT_FC0_TYPE_MASK 0x0c
93#define DOT11DECRYPT_SEQ_FRAG_MASK 0x000f
94#define DOT11DECRYPT_QOS_HAS_SEQ(wh) \
95 (((wh)->fc[0] & \
96 (DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
97 (DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))
98
99#define DOT11DECRYPT_ADDR_COPY(dst,src) memcpy(dst, src, DOT11DECRYPT_MAC_LEN)
100
101#define DOT11DECRYPT_IS_4ADDRESS(wh) \
102 ((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
103#define DOT11DECRYPT_IS_QOS_DATA(wh) DOT11DECRYPT_QOS_HAS_SEQ(wh)
104
105/****************************************************************************/
106
107/****************************************************************************/
108/* Structure definitions */
109
110/*
111 * XXX - According to the thread at
112 * https://lists.wireshark.org/archives/wireshark-dev/200612/msg00384.html we
113 * shouldn't have to worry about packing our structs, since the largest
114 * elements are 8 bits wide.
115 */
116#ifdef _MSC_VER /* MS Visual C++ */
117#pragma pack(push)
118#pragma pack(1)
119#endif
120
121/* Definition of IEEE 802.11 frame (without the address 4) */
123 unsigned char fc[2];
124 unsigned char dur[2];
125 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
126 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
127 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
128 unsigned char seq[2];
130
131/* Definition of IEEE 802.11 frame (with the address 4) */
133 unsigned char fc[2];
134 unsigned char dur[2];
135 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
136 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
137 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
138 unsigned char seq[2];
139 unsigned char addr4[DOT11DECRYPT_MAC_LEN];
141
142/* Definition of IEEE 802.11 frame (without the address 4, with QOS) */
144 unsigned char fc[2];
145 unsigned char dur[2];
146 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
147 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
148 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
149 unsigned char seq[2];
150 unsigned char qos[2];
152
153/* Definition of IEEE 802.11 frame (with the address 4 and QOS) */
155 unsigned char fc[2];
156 unsigned char dur[2];
157 unsigned char addr1[DOT11DECRYPT_MAC_LEN];
158 unsigned char addr2[DOT11DECRYPT_MAC_LEN];
159 unsigned char addr3[DOT11DECRYPT_MAC_LEN];
160 unsigned char seq[2];
161 unsigned char addr4[DOT11DECRYPT_MAC_LEN];
162 unsigned char qos[2];
164
165#ifdef _MSC_VER /* MS Visual C++ */
166#pragma pack(pop)
167#endif
168
169/******************************************************************************/
170
171int Dot11DecryptCcmpDecrypt(
172 uint8_t *m,
173 int mac_header_len,
174 int len,
175 uint8_t *TK1,
176 int tk_len,
177 int mic_len);
178
179int Dot11DecryptGcmpDecrypt(
180 uint8_t *m,
181 int mac_header_len,
182 int len,
183 uint8_t *TK1,
184 int tk_len);
185
186int Dot11DecryptTkipDecrypt(
187 unsigned char *tkip_mpdu,
188 size_t mpdu_len,
189 unsigned char TA[DOT11DECRYPT_MAC_LEN],
190 unsigned char TK[DOT11DECRYPT_TK_LEN])
191 ;
192
193#endif
Definition dot11decrypt_int.h:154
Definition dot11decrypt_int.h:132
Definition dot11decrypt_int.h:143
Definition dot11decrypt_int.h:122