Wireshark 4.7.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
Functions
dot11decrypt_util.h File Reference
#include "dot11decrypt_int.h"

Go to the source code of this file.

Functions

void dot11decrypt_construct_aad (PDOT11DECRYPT_MAC_FRAME wh, const uint8_t *A1, const uint8_t *A2, const uint8_t *A3, uint8_t *aad, size_t *aad_len)
 Constructs the AAD (Additional Authentication Data) for a 802.11 MAC frame.
 
bool dot11decrypt_prf (const uint8_t *key, size_t key_len, const char *label, const uint8_t *context, size_t context_len, int hash_algo, uint8_t *output, size_t output_len)
 IEEE 802.11-2016 12.7.1.2 PRF (Pseudo Random Function)
 
bool dot11decrypt_kdf (const uint8_t *key, size_t key_len, const char *label, const uint8_t *context, size_t context_len, int hash_algo, uint8_t *output, size_t output_len)
 Perform a KDF (Key Derivation Function) using the specified parameters.
 
bool dot11decrypt_derive_pmk_r0 (const uint8_t *xxkey, size_t xxkey_len, const uint8_t *ssid, size_t ssid_len, const uint8_t mdid[2], const uint8_t *r0kh_id, size_t r0kh_id_len, const uint8_t s0kh_id[6], int hash_algo, uint8_t *pmk_r0, size_t *pmk_r0_len, uint8_t pmk_r0_name[16])
 Derive PMK-R0 using the provided parameters.
 
bool dot11decrypt_derive_pmk_r1 (const uint8_t *pmk_r0, size_t pmk_r0_len, const uint8_t *pmk_r0_name, const uint8_t *r1kh_id, const uint8_t *s1kh_id, int hash_algo, uint8_t *pmk_r1, size_t *pmk_r1_len, uint8_t *pmk_r1_name)
 Derive PMK-R1 from PMK-R0 using a key derivation function.
 
bool dot11decrypt_derive_ft_ptk (const uint8_t *pmk_r1, size_t pmk_r1_len, const uint8_t *pmk_r1_name, const uint8_t *snonce, const uint8_t *anonce, const uint8_t *bssid, const uint8_t *sta_addr, int hash_algo, uint8_t *ptk, const size_t ptk_len, uint8_t *ptk_name)
 Derive the FT PTK using the provided parameters.
 

Detailed Description

Copyright (c) 2002-2005 Sam Leffler, Errno Consulting Copyright (c) 2006 CACE Technologies, Davis (California) All rights reserved.

SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)

Function Documentation

◆ dot11decrypt_construct_aad()

void dot11decrypt_construct_aad ( PDOT11DECRYPT_MAC_FRAME  wh,
const uint8_t *  A1,
const uint8_t *  A2,
const uint8_t *  A3,
uint8_t *  aad,
size_t *  aad_len 
)

Constructs the AAD (Additional Authentication Data) for a 802.11 MAC frame.

Parameters
whPointer to the DOT11DECRYPT_MAC_FRAME structure containing the MAC header.
A1Pointer to the first address field of the MAC frame.
A2Pointer to the second address field of the MAC frame.
A3Pointer to the third address field of the MAC frame.
aadBuffer to store the constructed AAD.
aad_lenPointer to store the length of the constructed AAD.

◆ dot11decrypt_derive_ft_ptk()

bool dot11decrypt_derive_ft_ptk ( const uint8_t *  pmk_r1,
size_t  pmk_r1_len,
const uint8_t *  pmk_r1_name,
const uint8_t *  snonce,
const uint8_t *  anonce,
const uint8_t *  bssid,
const uint8_t *  sta_addr,
int  hash_algo,
uint8_t *  ptk,
const size_t  ptk_len,
uint8_t *  ptk_name 
)

Derive the FT PTK using the provided parameters.

Derive PTK for FT AKMS. See IEE 802.11-2016 12.7.1.7.5 PTK

PTK = KDF-Hash-Length(PMK-R1, "FT-PTK", SNonce || ANonce || BSSID || STA-ADDR) PTKName = Truncate-128( SHA-256(PMKR1Name || "FT-PTKN" || SNonce || ANonce || BSSID || STA-ADDR))

Parameters
pmk_r1Pointer to the PMK_R1 value.
pmk_r1_lenLength of the PMK_R1 value.
pmk_r1_nameName associated with the PMK_R1.
snonceSession nonce.
anonceAuthenticator nonce.
bssidBase station address.
sta_addrStation address.
hash_algoHash algorithm to use.
ptkPointer to store the derived PTK.
ptk_lenLength of the PTK buffer.
ptk_nameName associated with the PTK.
Returns
void

◆ dot11decrypt_derive_pmk_r0()

bool dot11decrypt_derive_pmk_r0 ( const uint8_t *  xxkey,
size_t  xxkey_len,
const uint8_t *  ssid,
size_t  ssid_len,
const uint8_t  mdid[2],
const uint8_t *  r0kh_id,
size_t  r0kh_id_len,
const uint8_t  s0kh_id[6],
int  hash_algo,
uint8_t *  pmk_r0,
size_t *  pmk_r0_len,
uint8_t  pmk_r0_name[16] 
)

Derive PMK-R0 using the provided parameters.

Derive PMK-R0 and PMKR0Name. See IEEE 802.11-2016 12.7.1.7.3 PMK-R0

Parameters
xxkeyPSK / MPMK or certain part of MSK.
xxkey_lenLength of xxkey in bytes.
ssidSSID
ssid_lenLength of SSID in bytes.
mdidMDID (Mobility Domain Identifier).
r0kh_idPMK-R0 key holder identifier in the Authenticator.
r0kh_id_lenLength of r0kh_id in bytes.
s0kh_idPMK-R0 key holder in the Supplicant (STA mac address)
hash_algoHash algorithm to use for the KDF. See gcrypt available hash algorithms: https://gnupg.org/documentation/manuals/gcrypt/Available-hash-algorithms.html
[out]pmk_r0Pairwise master key, first level
pmk_r0_lenLength of pmk_r0 in bytes.
[out]pmk_r0_namePairwise master key (PMK) R0 name.

◆ dot11decrypt_derive_pmk_r1()

bool dot11decrypt_derive_pmk_r1 ( const uint8_t *  pmk_r0,
size_t  pmk_r0_len,
const uint8_t *  pmk_r0_name,
const uint8_t *  r1kh_id,
const uint8_t *  s1kh_id,
int  hash_algo,
uint8_t *  pmk_r1,
size_t *  pmk_r1_len,
uint8_t *  pmk_r1_name 
)

Derive PMK-R1 from PMK-R0 using a key derivation function.

Derive PMK-R1 and PMKR1Name. See IEEE 802.11-2016 12.7.1.7.4 PMK-R1

Parameters
pmk_r0Pointer to the PMK-R0 buffer.
pmk_r0_lenLength of the PMK-R0 buffer.
pmk_r0_nameName associated with PMK-R0.
r1kh_idR1KH ID for the key derivation.
s1kh_idS1KH ID for the key derivation.
hash_algoHash algorithm to use for the key derivation.
pmk_r1Pointer to the buffer where the derived PMK-R1 will be stored.
pmk_r1_lenPointer to the length of the PMK-R1 buffer, which will be updated with the actual length of the derived PMK-R1.
pmk_r1_namePointer to the buffer where the name for the derived PMK-R1 will be stored.
Returns
true if the derivation was successful, false otherwise.

Derive PMK-R1 and PMKR1Name. See IEEE 802.11-2016 12.7.1.7.4 PMK-R1

◆ dot11decrypt_kdf()

bool dot11decrypt_kdf ( const uint8_t *  key,
size_t  key_len,
const char *  label,
const uint8_t *  context,
size_t  context_len,
int  hash_algo,
uint8_t *  output,
size_t  output_len 
)

Perform a KDF (Key Derivation Function) using the specified parameters.

Reference: IEEE 802.11-2016 12.7.1.7.2 Key derivation function (KDF)

Parameters
keyDerivation input key.
key_lenLength of the key in bytes.
labelA string identifying the purpose of the keys derived using this KDF.
contextProvides context to identify the derived key.
context_lenLength of context in bytes.
hash_algoHash algorithm to use for the KDF. See gcrypt available hash algorithms: https://gnupg.org/documentation/manuals/gcrypt/Available-hash-algorithms.html
[out]outputDerived key.
output_lenLength of derived key in bytes.
Returns
false on error

12.7.1.7.2 Key derivation function (KDF)

Parameters
keyDerivation input key.
key_lenLength of the key in bytes.
labelA string identifying the purpose of the keys derived using this KDF.
contextProvides context to identify the derived key.
context_lenLength of context in bytes.
hash_algoHash algorithm to use for the KDF. See gcrypt available hash algorithms: https://gnupg.org/documentation/manuals/gcrypt/Available-hash-algorithms.html
[out]outputDerived key.
output_lenLength of derived key in bytes.
Returns
false on error

◆ dot11decrypt_prf()

bool dot11decrypt_prf ( const uint8_t *  key,
size_t  key_len,
const char *  label,
const uint8_t *  context,
size_t  context_len,
int  hash_algo,
uint8_t *  output,
size_t  output_len 
)

IEEE 802.11-2016 12.7.1.2 PRF (Pseudo Random Function)

Parameters
keyDerivation input key.
key_lenLength of the key in bytes.
labelUnique label for each different purpose of the PRF (named 'A' in the standard).
contextProvides context to identify the derived key (named 'B' in the standard).
context_lenLength of context in bytes.
hash_algoHash algorithm to use for the PRF. See gcrypt available hash algorithms: https://gnupg.org/documentation/manuals/gcrypt/Available-hash-algorithms.html
[out]outputDerived key.
output_lenLength of derived key in bytes.
Returns
false on error
Generated by doxygen 1.9.8