1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
|
/** @file
*
* Copyright (c) 2006 CACE Technologies, Davis (California)
* All rights reserved.
*
* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)
*/
#ifndef _DOT11DECRYPT_INT_H
#define _DOT11DECRYPT_INT_H
/****************************************************************************/
/* File includes */
#include "dot11decrypt_system.h"
#include "ws_attributes.h"
#include <wsutil/wsgcrypt.h>
/****************************************************************************/
/****************************************************************************/
/* Definitions */
/* IEEE 802.11 packet type values */
#define DOT11DECRYPT_TYPE_MANAGEMENT 0
#define DOT11DECRYPT_TYPE_CONTROL 1
#define DOT11DECRYPT_TYPE_DATA 2
/* IEEE 802.11 packet subtype values */
#define DOT11DECRYPT_SUBTYPE_ASSOC_REQ 0
#define DOT11DECRYPT_SUBTYPE_ASSOC_RESP 1
#define DOT11DECRYPT_SUBTYPE_REASSOC_REQ 2
#define DOT11DECRYPT_SUBTYPE_REASSOC_RESP 3
#define DOT11DECRYPT_SUBTYPE_PROBE_REQ 4
#define DOT11DECRYPT_SUBTYPE_PROBE_RESP 5
#define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT 6
#define DOT11DECRYPT_SUBTYPE_BEACON 8
#define DOT11DECRYPT_SUBTYPE_ATIM 9
#define DOT11DECRYPT_SUBTYPE_DISASS 10
#define DOT11DECRYPT_SUBTYPE_AUTHENTICATION 11
#define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION 12
#define DOT11DECRYPT_SUBTYPE_ACTION 13
#define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK 14
/*
* Min length of encrypted data (TKIP=21bytes, CCMP=17bytes)
* CCMP = 8 octets of CCMP header, 1 octet of data, 8 octets of MIC.
* TKIP = 4 octets of IV/Key ID, 4 octets of Extended IV, 1 octet of data,
* 8 octets of MIC, 4 octets of ICV
*/
#define DOT11DECRYPT_CRYPTED_DATA_MINLEN 17
#define DOT11DECRYPT_TA_OFFSET 10
/* */
/****************************************************************************/
/****************************************************************************/
/* Macro definitions */
/**
* Macros to get various bits of a 802.11 control frame
*/
#define DOT11DECRYPT_TYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 2) & 0x3)
#define DOT11DECRYPT_SUBTYPE(FrameControl_0) (uint8_t)((FrameControl_0 >> 4) & 0xF)
#define DOT11DECRYPT_DS_BITS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x3)
#define DOT11DECRYPT_TO_DS(FrameControl_1) (uint8_t)(FrameControl_1 & 0x1)
#define DOT11DECRYPT_FROM_DS(FrameControl_1) (uint8_t)((FrameControl_1 >> 1) & 0x1)
#define DOT11DECRYPT_WEP(FrameControl_1) (uint8_t)((FrameControl_1 >> 6) & 0x1)
/**
* Get the Key ID from the Initialization Vector (last byte)
*/
#define DOT11DECRYPT_EXTIV(KeyID) ((KeyID >> 5) & 0x1)
#define DOT11DECRYPT_KEY_INDEX(KeyID) ((KeyID >> 6) & 0x3) /** Used to determine TKIP group key from unicast (group = 1, unicast = 0) */
/* Macros to get various bits of an EAPOL frame */
#define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1) ((unsigned char)(KeyInfo_1 & 0x3))
#define DOT11DECRYPT_EAP_KEY(KeyInfo_1) ((KeyInfo_1 >> 3) & 0x1)
#define DOT11DECRYPT_EAP_INST(KeyInfo_1) ((KeyInfo_1 >> 6) & 0x1)
#define DOT11DECRYPT_EAP_ACK(KeyInfo_1) ((KeyInfo_1 >> 7) & 0x1)
#define DOT11DECRYPT_EAP_MIC(KeyInfo_0) (KeyInfo_0 & 0x1)
#define DOT11DECRYPT_EAP_SEC(KeyInfo_0) ((KeyInfo_0 >> 1) & 0x1)
/* Note: copied from net80211/ieee80211.h */
#define DOT11DECRYPT_FC1_DIR_MASK 0x03
#define DOT11DECRYPT_FC1_DIR_DSTODS 0x03 /* AP ->AP */
#define DOT11DECRYPT_FC0_SUBTYPE_QOS 0x80
#define DOT11DECRYPT_FC0_TYPE_DATA 0x08
#define DOT11DECRYPT_FC0_TYPE_MASK 0x0c
#define DOT11DECRYPT_SEQ_FRAG_MASK 0x000f
#define DOT11DECRYPT_QOS_HAS_SEQ(wh) \
(((wh)->fc[0] & \
(DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
(DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))
#define DOT11DECRYPT_ADDR_COPY(dst,src) memcpy(dst, src, DOT11DECRYPT_MAC_LEN)
#define DOT11DECRYPT_IS_4ADDRESS(wh) \
((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
#define DOT11DECRYPT_IS_QOS_DATA(wh) DOT11DECRYPT_QOS_HAS_SEQ(wh)
/****************************************************************************/
/****************************************************************************/
/* Structure definitions */
/*
* XXX - According to the thread at
* https://www.wireshark.org/lists/wireshark-dev/200612/msg00384.html we
* shouldn't have to worry about packing our structs, since the largest
* elements are 8 bits wide.
*/
#ifdef _MSC_VER /* MS Visual C++ */
#pragma pack(push)
#pragma pack(1)
#endif
/* Definition of IEEE 802.11 frame (without the address 4) */
typedef struct _DOT11DECRYPT_MAC_FRAME {
unsigned char fc[2];
unsigned char dur[2];
unsigned char addr1[DOT11DECRYPT_MAC_LEN];
unsigned char addr2[DOT11DECRYPT_MAC_LEN];
unsigned char addr3[DOT11DECRYPT_MAC_LEN];
unsigned char seq[2];
} DOT11DECRYPT_MAC_FRAME, *PDOT11DECRYPT_MAC_FRAME;
/* Definition of IEEE 802.11 frame (with the address 4) */
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4 {
unsigned char fc[2];
unsigned char dur[2];
unsigned char addr1[DOT11DECRYPT_MAC_LEN];
unsigned char addr2[DOT11DECRYPT_MAC_LEN];
unsigned char addr3[DOT11DECRYPT_MAC_LEN];
unsigned char seq[2];
unsigned char addr4[DOT11DECRYPT_MAC_LEN];
} DOT11DECRYPT_MAC_FRAME_ADDR4, *PDOT11DECRYPT_MAC_FRAME_ADDR4;
/* Definition of IEEE 802.11 frame (without the address 4, with QOS) */
typedef struct _DOT11DECRYPT_MAC_FRAME_QOS {
unsigned char fc[2];
unsigned char dur[2];
unsigned char addr1[DOT11DECRYPT_MAC_LEN];
unsigned char addr2[DOT11DECRYPT_MAC_LEN];
unsigned char addr3[DOT11DECRYPT_MAC_LEN];
unsigned char seq[2];
unsigned char qos[2];
} DOT11DECRYPT_MAC_FRAME_QOS, *PDOT11DECRYPT_MAC_FRAME_QOS;
/* Definition of IEEE 802.11 frame (with the address 4 and QOS) */
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4_QOS {
unsigned char fc[2];
unsigned char dur[2];
unsigned char addr1[DOT11DECRYPT_MAC_LEN];
unsigned char addr2[DOT11DECRYPT_MAC_LEN];
unsigned char addr3[DOT11DECRYPT_MAC_LEN];
unsigned char seq[2];
unsigned char addr4[DOT11DECRYPT_MAC_LEN];
unsigned char qos[2];
} DOT11DECRYPT_MAC_FRAME_ADDR4_QOS, *PDOT11DECRYPT_MAC_FRAME_ADDR4_QOS;
#ifdef _MSC_VER /* MS Visual C++ */
#pragma pack(pop)
#endif
/******************************************************************************/
int Dot11DecryptCcmpDecrypt(
uint8_t *m,
int mac_header_len,
int len,
uint8_t *TK1,
int tk_len,
int mic_len);
int Dot11DecryptGcmpDecrypt(
uint8_t *m,
int mac_header_len,
int len,
uint8_t *TK1,
int tk_len);
int Dot11DecryptTkipDecrypt(
unsigned char *tkip_mpdu,
size_t mpdu_len,
unsigned char TA[DOT11DECRYPT_MAC_LEN],
unsigned char TK[DOT11DECRYPT_TK_LEN])
;
#endif
|
