Wireshark 4.7.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
Classes | Macros | Typedefs | Functions
dot11decrypt_int.h File Reference
#include "dot11decrypt_system.h"
#include "ws_attributes.h"
#include <wsutil/wsgcrypt.h>

Go to the source code of this file.

Classes

struct  _DOT11DECRYPT_MAC_FRAME
 IEEE 802.11 MAC frame header without Address 4 field. More...
 
struct  _DOT11DECRYPT_MAC_FRAME_ADDR4
 IEEE 802.11 MAC frame header with Address 4 field (WDS / mesh, both To DS and From DS set). More...
 
struct  _DOT11DECRYPT_MAC_FRAME_QOS
 IEEE 802.11 MAC frame header without Address 4 field, with QoS Control field (QoS data frames). More...
 
struct  _DOT11DECRYPT_MAC_FRAME_ADDR4_QOS
 IEEE 802.11 MAC frame header with both Address 4 and QoS Control fields (WDS QoS data frames). More...
 

Macros

#define DOT11DECRYPT_TYPE_MANAGEMENT   0
 
#define DOT11DECRYPT_TYPE_CONTROL   1
 
#define DOT11DECRYPT_TYPE_DATA   2
 
#define DOT11DECRYPT_SUBTYPE_ASSOC_REQ   0
 
#define DOT11DECRYPT_SUBTYPE_ASSOC_RESP   1
 
#define DOT11DECRYPT_SUBTYPE_REASSOC_REQ   2
 
#define DOT11DECRYPT_SUBTYPE_REASSOC_RESP   3
 
#define DOT11DECRYPT_SUBTYPE_PROBE_REQ   4
 
#define DOT11DECRYPT_SUBTYPE_PROBE_RESP   5
 
#define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT   6
 
#define DOT11DECRYPT_SUBTYPE_BEACON   8
 
#define DOT11DECRYPT_SUBTYPE_ATIM   9
 
#define DOT11DECRYPT_SUBTYPE_DISASS   10
 
#define DOT11DECRYPT_SUBTYPE_AUTHENTICATION   11
 
#define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION   12
 
#define DOT11DECRYPT_SUBTYPE_ACTION   13
 
#define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK   14
 
#define DOT11DECRYPT_CIPHER_USE_GROUP   0
 
#define DOT11DECRYPT_CIPHER_WEP40   1
 
#define DOT11DECRYPT_CIPHER_TKIP   2
 
#define DOT11DECRYPT_CIPHER_CCMP   4
 
#define DOT11DECRYPT_CIPHER_WEP104   5
 
#define DOT11DECRYPT_CIPHER_BIP_CMAC   6
 
#define DOT11DECRYPT_CIPHER_GROUP_NA   7
 
#define DOT11DECRYPT_CIPHER_GCMP   8
 
#define DOT11DECRYPT_CIPHER_GCMP256   9
 
#define DOT11DECRYPT_CIPHER_CCMP256   10
 
#define DOT11DECRYPT_CIPHER_BIP_GMAC   11
 
#define DOT11DECRYPT_CIPHER_BIP_GMAC256   12
 
#define DOT11DECRYPT_CIPHER_BIP_CMAC256   13
 
#define DOT11DECRYPT_CRYPTED_DATA_MINLEN   9
 
#define DOT11DECRYPT_TA_OFFSET   10
 
#define DOT11DECRYPT_TYPE(FrameControl_0)   (uint8_t)((FrameControl_0 >> 2) & 0x3)
 
#define DOT11DECRYPT_SUBTYPE(FrameControl_0)   (uint8_t)((FrameControl_0 >> 4) & 0xF)
 
#define DOT11DECRYPT_DS_BITS(FrameControl_1)   (uint8_t)(FrameControl_1 & 0x3)
 
#define DOT11DECRYPT_TO_DS(FrameControl_1)   (uint8_t)(FrameControl_1 & 0x1)
 
#define DOT11DECRYPT_FROM_DS(FrameControl_1)   (uint8_t)((FrameControl_1 >> 1) & 0x1)
 
#define DOT11DECRYPT_WEP(FrameControl_1)   (uint8_t)((FrameControl_1 >> 6) & 0x1)
 
#define DOT11DECRYPT_EXTIV(KeyID)   ((KeyID >> 5) & 0x1)
 
#define DOT11DECRYPT_KEY_INDEX(KeyID)   ((KeyID >> 6) & 0x3) /** Used to determine TKIP group key from unicast (group = 1, unicast = 0) */
 
#define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1)   ((unsigned char)(KeyInfo_1 & 0x3))
 
#define DOT11DECRYPT_EAP_KEY(KeyInfo_1)   ((KeyInfo_1 >> 3) & 0x1)
 
#define DOT11DECRYPT_EAP_INST(KeyInfo_1)   ((KeyInfo_1 >> 6) & 0x1)
 
#define DOT11DECRYPT_EAP_ACK(KeyInfo_1)   ((KeyInfo_1 >> 7) & 0x1)
 
#define DOT11DECRYPT_EAP_MIC(KeyInfo_0)   (KeyInfo_0 & 0x1)
 
#define DOT11DECRYPT_EAP_SEC(KeyInfo_0)   ((KeyInfo_0 >> 1) & 0x1)
 
#define DOT11DECRYPT_FC1_DIR_MASK   0x03
 
#define IEEE80211_FC1_DIR_NODS   0x00 /* STA->STA */
 
#define IEEE80211_FC1_DIR_TODS   0x01 /* STA->AP */
 
#define IEEE80211_FC1_DIR_FROMDS   0x02 /* AP ->STA */
 
#define DOT11DECRYPT_FC1_DIR_DSTODS   0x03 /* AP ->AP */
 
#define DOT11DECRYPT_FC0_SUBTYPE_QOS   0x80
 
#define DOT11DECRYPT_FC0_TYPE_DATA   0x08
 
#define DOT11DECRYPT_FC0_TYPE_MASK   0x0c
 
#define DOT11DECRYPT_SEQ_FRAG_MASK   0x000f
 
#define DOT11DECRYPT_QOS_HAS_SEQ(wh)
 
#define DOT11DECRYPT_ADDR_COPY(dst, src)   memcpy(dst, src, DOT11DECRYPT_MAC_LEN)
 
#define DOT11DECRYPT_IS_4ADDRESS(wh)    ((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
 
#define DOT11DECRYPT_IS_QOS_DATA(wh)   DOT11DECRYPT_QOS_HAS_SEQ(wh)
 

Typedefs

typedef struct _DOT11DECRYPT_MAC_FRAME DOT11DECRYPT_MAC_FRAME
 IEEE 802.11 MAC frame header without Address 4 field.
 
typedef struct _DOT11DECRYPT_MAC_FRAMEPDOT11DECRYPT_MAC_FRAME
 
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4 DOT11DECRYPT_MAC_FRAME_ADDR4
 IEEE 802.11 MAC frame header with Address 4 field (WDS / mesh, both To DS and From DS set).
 
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4PDOT11DECRYPT_MAC_FRAME_ADDR4
 
typedef struct _DOT11DECRYPT_MAC_FRAME_QOS DOT11DECRYPT_MAC_FRAME_QOS
 IEEE 802.11 MAC frame header without Address 4 field, with QoS Control field (QoS data frames).
 
typedef struct _DOT11DECRYPT_MAC_FRAME_QOSPDOT11DECRYPT_MAC_FRAME_QOS
 
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4_QOS DOT11DECRYPT_MAC_FRAME_ADDR4_QOS
 IEEE 802.11 MAC frame header with both Address 4 and QoS Control fields (WDS QoS data frames).
 
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4_QOSPDOT11DECRYPT_MAC_FRAME_ADDR4_QOS
 

Functions

int Dot11DecryptCcmpDecrypt (uint8_t *m, int mac_header_len, int len, uint8_t *TK1, int tk_len, int mic_len, const uint8_t *ap_mld_mac, const uint8_t *sta_mld_mac)
 Decrypt CCMP encrypted MPDU.
 
int Dot11DecryptGcmpDecrypt (uint8_t *m, int mac_header_len, int len, uint8_t *TK1, int tk_len, const uint8_t *ap_mld_mac, const uint8_t *sta_mld_mac)
 Decrypt GCMP encrypted MPDU.
 
int Dot11DecryptTkipDecrypt (uint8_t *mpdu, size_t mac_header_len, size_t mpdu_len, unsigned char TK[16])
 Decrypt TKIP encrypted MPDU.
 
WS_DLL_PUBLIC int Dot11DecryptWepDecrypt (const unsigned char *seed, size_t seed_len, unsigned char *cypher_text, size_t data_len)
 Decrypt WEP-encrypted 802.11 payload using RC4 stream cipher.
 

Detailed Description

Copyright (c) 2006 CACE Technologies, Davis (California) All rights reserved.

SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)

Macro Definition Documentation

◆ DOT11DECRYPT_EXTIV

#define DOT11DECRYPT_EXTIV (   KeyID)    ((KeyID >> 5) & 0x1)

Get the Key ID from the Initialization Vector (last byte)

◆ DOT11DECRYPT_QOS_HAS_SEQ

#define DOT11DECRYPT_QOS_HAS_SEQ (   wh)
Value:
(((wh)->fc[0] & \
(DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
(DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))

◆ DOT11DECRYPT_TYPE

#define DOT11DECRYPT_TYPE (   FrameControl_0)    (uint8_t)((FrameControl_0 >> 2) & 0x3)

Macros to get various bits of a 802.11 control frame

Function Documentation

◆ Dot11DecryptCcmpDecrypt()

int Dot11DecryptCcmpDecrypt ( uint8_t *  m,
int  mac_header_len,
int  len,
uint8_t *  TK1,
int  tk_len,
int  mic_len,
const uint8_t *  ap_mld_mac,
const uint8_t *  sta_mld_mac 
)

Decrypt CCMP encrypted MPDU.

Parameters
mPointer to the MPDU to decrypt (in-place).
mac_header_lenLength of the MAC header in bytes.
lenTotal length of the MPDU in bytes.
TK1Pointer to the Temporal Key (TK) used for decryption.
tk_lenLength of the Temporal Key in bytes.
mic_lenLength of the Message Integrity Code (MIC) in bytes.
ap_mld_macPointer to the AP's MAC address (for MLD).
sta_mld_macPointer to the station's MAC address (for MLD).
Returns
  • -1: Length constraint is not satisfied indicating that decryption is impossible
  • 1: Decryption fails
  • 0: Decryption succeeds

◆ Dot11DecryptGcmpDecrypt()

int Dot11DecryptGcmpDecrypt ( uint8_t *  m,
int  mac_header_len,
int  len,
uint8_t *  TK1,
int  tk_len,
const uint8_t *  ap_mld_mac,
const uint8_t *  sta_mld_mac 
)

Decrypt GCMP encrypted MPDU.

Parameters
mPointer to the MPDU to decrypt (in-place).
mac_header_lenLength of the MAC header in bytes.
lenTotal length of the MPDU in bytes.
TK1Pointer to the Temporal Key (TK) used for decryption.
tk_lenLength of the Temporal Key in bytes.
ap_mld_macPointer to the AP's MAC address (for MLD).
sta_mld_macPointer to the station's MAC address (for MLD).
Returns
  • -1: Length constraint is not satisfied indicating that decryption is impossible
  • 1: Decryption fails
  • 0: Decryption succeeds

◆ Dot11DecryptTkipDecrypt()

int Dot11DecryptTkipDecrypt ( uint8_t *  mpdu,
size_t  mac_header_len,
size_t  mpdu_len,
unsigned char  TK[16] 
)

Decrypt TKIP encrypted MPDU.

Parameters
mpduPointer to the MPDU to decrypt (in-place).
mac_header_lenLength of the MAC header in bytes.
mpdu_lenTotal length of the MPDU in bytes.
TKPointer to the Temporal Key (TK) used for decryption.
Returns
  • -1: Length constraint is not satisfied indicating that decryption is impossible
  • 1: Decryption fails
  • 0: Decryption succeeds

◆ Dot11DecryptWepDecrypt()

WS_DLL_PUBLIC int Dot11DecryptWepDecrypt ( const unsigned char *  seed,
size_t  seed_len,
unsigned char *  cypher_text,
size_t  data_len 
)

Decrypt WEP-encrypted 802.11 payload using RC4 stream cipher.

Performs WEP decryption on the provided cypher_text buffer using the RC4 algorithm seeded with the specified initialization vector and WEP key. The decryption is done in-place, modifying cypher_text directly.

This function assumes the input data is WEP-encrypted and that the seed contains both the IV and the shared WEP key. It verifies the ICV assumed to follow right after the cypher_text.

Parameters
seedPointer to the RC4 seed (IV + WEP key).
seed_lenLength of the seed in bytes.
cypher_textPointer to the encrypted data buffer (will be decrypted in-place).
data_lenLength of the encrypted data in bytes.
Returns
0 on success, non-zero on failure.
Generated by doxygen 1.9.8