Wireshark  4.3.0
The Wireshark network protocol analyzer
dot11decrypt_int.h
Go to the documentation of this file.
1 
9 #ifndef _DOT11DECRYPT_INT_H
10 #define _DOT11DECRYPT_INT_H
11 
12 /****************************************************************************/
13 /* File includes */
14 
15 #include "dot11decrypt_system.h"
16 
17 #include "ws_attributes.h"
18 #include <wsutil/wsgcrypt.h>
19 
20 /****************************************************************************/
21 
22 /****************************************************************************/
23 /* Definitions */
24 
25 /* IEEE 802.11 packet type values */
26 #define DOT11DECRYPT_TYPE_MANAGEMENT 0
27 #define DOT11DECRYPT_TYPE_CONTROL 1
28 #define DOT11DECRYPT_TYPE_DATA 2
29 
30 /* IEEE 802.11 packet subtype values */
31 #define DOT11DECRYPT_SUBTYPE_ASSOC_REQ 0
32 #define DOT11DECRYPT_SUBTYPE_ASSOC_RESP 1
33 #define DOT11DECRYPT_SUBTYPE_REASSOC_REQ 2
34 #define DOT11DECRYPT_SUBTYPE_REASSOC_RESP 3
35 #define DOT11DECRYPT_SUBTYPE_PROBE_REQ 4
36 #define DOT11DECRYPT_SUBTYPE_PROBE_RESP 5
37 #define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT 6
38 #define DOT11DECRYPT_SUBTYPE_BEACON 8
39 #define DOT11DECRYPT_SUBTYPE_ATIM 9
40 #define DOT11DECRYPT_SUBTYPE_DISASS 10
41 #define DOT11DECRYPT_SUBTYPE_AUTHENTICATION 11
42 #define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION 12
43 #define DOT11DECRYPT_SUBTYPE_ACTION 13
44 #define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK 14
45 
46 /*
47  * Min length of encrypted data (TKIP=21bytes, CCMP=17bytes)
48  * CCMP = 8 octets of CCMP header, 1 octet of data, 8 octets of MIC.
49  * TKIP = 4 octets of IV/Key ID, 4 octets of Extended IV, 1 octet of data,
50  * 8 octets of MIC, 4 octets of ICV
51  */
52 #define DOT11DECRYPT_CRYPTED_DATA_MINLEN 17
53 
54 #define DOT11DECRYPT_TA_OFFSET 10
55 
56 /* */
57 /****************************************************************************/
58 
59 /****************************************************************************/
60 /* Macro definitions */
61 
65 #define DOT11DECRYPT_TYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 2) & 0x3)
66 #define DOT11DECRYPT_SUBTYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 4) & 0xF)
67 #define DOT11DECRYPT_DS_BITS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x3)
68 #define DOT11DECRYPT_TO_DS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x1)
69 #define DOT11DECRYPT_FROM_DS(FrameControl_1) (uint8_t)((FrameControl_1 >> 1) & 0x1)
70 #define DOT11DECRYPT_WEP(FrameControl_1) (uint8_t)((FrameControl_1 >> 6) & 0x1)
71 
75 #define DOT11DECRYPT_EXTIV(KeyID) ((KeyID >> 5) & 0x1)
76 
77 #define DOT11DECRYPT_KEY_INDEX(KeyID) ((KeyID >> 6) & 0x3)
79 /* Macros to get various bits of an EAPOL frame */
80 #define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1) ((unsigned char)(KeyInfo_1 & 0x3))
81 #define DOT11DECRYPT_EAP_KEY(KeyInfo_1) ((KeyInfo_1 >> 3) & 0x1)
82 #define DOT11DECRYPT_EAP_INST(KeyInfo_1) ((KeyInfo_1 >> 6) & 0x1)
83 #define DOT11DECRYPT_EAP_ACK(KeyInfo_1) ((KeyInfo_1 >> 7) & 0x1)
84 #define DOT11DECRYPT_EAP_MIC(KeyInfo_0) (KeyInfo_0 & 0x1)
85 #define DOT11DECRYPT_EAP_SEC(KeyInfo_0) ((KeyInfo_0 >> 1) & 0x1)
86 
87 /* Note: copied from net80211/ieee80211.h */
88 #define DOT11DECRYPT_FC1_DIR_MASK 0x03
89 #define DOT11DECRYPT_FC1_DIR_DSTODS 0x03 /* AP ->AP */
90 #define DOT11DECRYPT_FC0_SUBTYPE_QOS 0x80
91 #define DOT11DECRYPT_FC0_TYPE_DATA 0x08
92 #define DOT11DECRYPT_FC0_TYPE_MASK 0x0c
93 #define DOT11DECRYPT_SEQ_FRAG_MASK 0x000f
94 #define DOT11DECRYPT_QOS_HAS_SEQ(wh) \
95  (((wh)->fc[0] & \
96  (DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
97  (DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))
98 
99 #define DOT11DECRYPT_ADDR_COPY(dst,src) memcpy(dst, src, DOT11DECRYPT_MAC_LEN)
100 
101 #define DOT11DECRYPT_IS_4ADDRESS(wh) \
102  ((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
103 #define DOT11DECRYPT_IS_QOS_DATA(wh) DOT11DECRYPT_QOS_HAS_SEQ(wh)
104 
105 /****************************************************************************/
106 
107 /****************************************************************************/
108 /* Structure definitions */
109 
110 /*
111  * XXX - According to the thread at
112  * https://www.wireshark.org/lists/wireshark-dev/200612/msg00384.html we
113  * shouldn't have to worry about packing our structs, since the largest
114  * elements are 8 bits wide.
115  */
116 #ifdef _MSC_VER /* MS Visual C++ */
117 #pragma pack(push)
118 #pragma pack(1)
119 #endif
120 
121 /* Definition of IEEE 802.11 frame (without the address 4) */
122 typedef struct _DOT11DECRYPT_MAC_FRAME {
123  unsigned char fc[2];
124  unsigned char dur[2];
125  unsigned char addr1[DOT11DECRYPT_MAC_LEN];
126  unsigned char addr2[DOT11DECRYPT_MAC_LEN];
127  unsigned char addr3[DOT11DECRYPT_MAC_LEN];
128  unsigned char seq[2];
130 
131 /* Definition of IEEE 802.11 frame (with the address 4) */
133  unsigned char fc[2];
134  unsigned char dur[2];
135  unsigned char addr1[DOT11DECRYPT_MAC_LEN];
136  unsigned char addr2[DOT11DECRYPT_MAC_LEN];
137  unsigned char addr3[DOT11DECRYPT_MAC_LEN];
138  unsigned char seq[2];
139  unsigned char addr4[DOT11DECRYPT_MAC_LEN];
141 
142 /* Definition of IEEE 802.11 frame (without the address 4, with QOS) */
144  unsigned char fc[2];
145  unsigned char dur[2];
146  unsigned char addr1[DOT11DECRYPT_MAC_LEN];
147  unsigned char addr2[DOT11DECRYPT_MAC_LEN];
148  unsigned char addr3[DOT11DECRYPT_MAC_LEN];
149  unsigned char seq[2];
150  unsigned char qos[2];
152 
153 /* Definition of IEEE 802.11 frame (with the address 4 and QOS) */
155  unsigned char fc[2];
156  unsigned char dur[2];
157  unsigned char addr1[DOT11DECRYPT_MAC_LEN];
158  unsigned char addr2[DOT11DECRYPT_MAC_LEN];
159  unsigned char addr3[DOT11DECRYPT_MAC_LEN];
160  unsigned char seq[2];
161  unsigned char addr4[DOT11DECRYPT_MAC_LEN];
162  unsigned char qos[2];
164 
165 #ifdef _MSC_VER /* MS Visual C++ */
166 #pragma pack(pop)
167 #endif
168 
169 /******************************************************************************/
170 
171 int Dot11DecryptCcmpDecrypt(
172  uint8_t *m,
173  int mac_header_len,
174  int len,
175  uint8_t *TK1,
176  int tk_len,
177  int mic_len);
178 
179 int Dot11DecryptGcmpDecrypt(
180  uint8_t *m,
181  int mac_header_len,
182  int len,
183  uint8_t *TK1,
184  int tk_len);
185 
186 int Dot11DecryptTkipDecrypt(
187  unsigned char *tkip_mpdu,
188  size_t mpdu_len,
189  unsigned char TA[DOT11DECRYPT_MAC_LEN],
190  unsigned char TK[DOT11DECRYPT_TK_LEN])
191  ;
192 
193 #endif
Definition: dot11decrypt_int.h:154
Definition: dot11decrypt_int.h:132
Definition: dot11decrypt_int.h:143
Definition: dot11decrypt_int.h:122