epan/crypt/dot11decrypt_int.h

   1 /** @file
   2  *
   3  * Copyright (c) 2006 CACE Technologies, Davis (California)
   4  * All rights reserved.
   5  *
   6  * SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)
   7  */
   8
   9 #ifndef _DOT11DECRYPT_INT_H
  10 #define _DOT11DECRYPT_INT_H
  11
  12 /****************************************************************************/
  13 /*      File includes                                                           */
  14
  15 #include "dot11decrypt_system.h"
  16
  17 #include "ws_attributes.h"
  18 #include <wsutil/wsgcrypt.h>
  19
  20 /****************************************************************************/
  21
  22 /****************************************************************************/
  23 /* Definitions                                                                  */
  24
  25 /* IEEE 802.11 packet type values                                               */
  26 #define DOT11DECRYPT_TYPE_MANAGEMENT            0
  27 #define DOT11DECRYPT_TYPE_CONTROL                       1
  28 #define DOT11DECRYPT_TYPE_DATA                  2
  29
  30 /* IEEE 802.11 packet subtype values                                            */
  31 #define DOT11DECRYPT_SUBTYPE_ASSOC_REQ          0
  32 #define DOT11DECRYPT_SUBTYPE_ASSOC_RESP         1
  33 #define DOT11DECRYPT_SUBTYPE_REASSOC_REQ                2
  34 #define DOT11DECRYPT_SUBTYPE_REASSOC_RESP               3
  35 #define DOT11DECRYPT_SUBTYPE_PROBE_REQ          4
  36 #define DOT11DECRYPT_SUBTYPE_PROBE_RESP         5
  37 #define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT  6
  38 #define DOT11DECRYPT_SUBTYPE_BEACON                     8
  39 #define DOT11DECRYPT_SUBTYPE_ATIM                       9
  40 #define DOT11DECRYPT_SUBTYPE_DISASS                     10
  41 #define DOT11DECRYPT_SUBTYPE_AUTHENTICATION             11
  42 #define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION   12
  43 #define DOT11DECRYPT_SUBTYPE_ACTION                     13
  44 #define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK              14
  45
  46 /* IEEE 802.11 cipher suite selectors */
  47 #define DOT11DECRYPT_CIPHER_USE_GROUP           0
  48 #define DOT11DECRYPT_CIPHER_WEP40               1
  49 #define DOT11DECRYPT_CIPHER_TKIP                2
  50 #define DOT11DECRYPT_CIPHER_CCMP                4
  51 #define DOT11DECRYPT_CIPHER_WEP104              5
  52 #define DOT11DECRYPT_CIPHER_BIP_CMAC            6
  53 #define DOT11DECRYPT_CIPHER_GROUP_NA            7
  54 #define DOT11DECRYPT_CIPHER_GCMP                8
  55 #define DOT11DECRYPT_CIPHER_GCMP256             9
  56 #define DOT11DECRYPT_CIPHER_CCMP256             10
  57 #define DOT11DECRYPT_CIPHER_BIP_GMAC            11
  58 #define DOT11DECRYPT_CIPHER_BIP_GMAC256         12
  59 #define DOT11DECRYPT_CIPHER_BIP_CMAC256         13
  60
  61 /*
  62  * Min length of encrypted data (TKIP=21bytes, CCMP=17bytes)
  63  * CCMP = 8 octets of CCMP header, 1 octet of data, 8 octets of MIC.
  64  * TKIP = 4 octets of IV/Key ID, 4 octets of Extended IV, 1 octet of data,
  65  *  8 octets of MIC, 4 octets of ICV
  66  */
  67 #define DOT11DECRYPT_CRYPTED_DATA_MINLEN        17
  68
  69 #define DOT11DECRYPT_TA_OFFSET  10
  70
  71 /*                                                                              */
  72 /****************************************************************************/
  73
  74 /****************************************************************************/
  75 /* Macro definitions                                                            */
  76
  77 /**
  78  * Macros to get various bits of a 802.11 control frame
  79  */
  80 #define DOT11DECRYPT_TYPE(FrameControl_0)               (uint8_t)((FrameControl_0 >> 2) & 0x3)
  81 #define DOT11DECRYPT_SUBTYPE(FrameControl_0)    (uint8_t)((FrameControl_0 >> 4) & 0xF)
  82 #define DOT11DECRYPT_DS_BITS(FrameControl_1)    (uint8_t)(FrameControl_1 & 0x3)
  83 #define DOT11DECRYPT_TO_DS(FrameControl_1)              (uint8_t)(FrameControl_1 & 0x1)
  84 #define DOT11DECRYPT_FROM_DS(FrameControl_1)    (uint8_t)((FrameControl_1 >> 1) & 0x1)
  85 #define DOT11DECRYPT_WEP(FrameControl_1)                (uint8_t)((FrameControl_1 >> 6) & 0x1)
  86
  87 /**
  88  * Get the Key ID from the Initialization Vector (last byte)
  89  */
  90 #define DOT11DECRYPT_EXTIV(KeyID)       ((KeyID >> 5) & 0x1)
  91
  92 #define DOT11DECRYPT_KEY_INDEX(KeyID)   ((KeyID >> 6) & 0x3)  /** Used to determine TKIP group key from unicast (group = 1, unicast = 0) */
  93
  94 /* Macros to get various bits of an EAPOL frame                         */
  95 #define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1)       ((unsigned char)(KeyInfo_1 & 0x3))
  96 #define DOT11DECRYPT_EAP_KEY(KeyInfo_1)         ((KeyInfo_1 >> 3) & 0x1)
  97 #define DOT11DECRYPT_EAP_INST(KeyInfo_1)                ((KeyInfo_1 >> 6) & 0x1)
  98 #define DOT11DECRYPT_EAP_ACK(KeyInfo_1)         ((KeyInfo_1 >> 7) & 0x1)
  99 #define DOT11DECRYPT_EAP_MIC(KeyInfo_0)         (KeyInfo_0 & 0x1)
 100 #define DOT11DECRYPT_EAP_SEC(KeyInfo_0)         ((KeyInfo_0 >> 1) & 0x1)
 101
 102 /* Note: copied from net80211/ieee80211.h                                       */
 103 #define DOT11DECRYPT_FC1_DIR_MASK                  0x03
 104 #define DOT11DECRYPT_FC1_DIR_DSTODS                0x03    /* AP ->AP  */
 105 #define DOT11DECRYPT_FC0_SUBTYPE_QOS               0x80
 106 #define DOT11DECRYPT_FC0_TYPE_DATA                 0x08
 107 #define DOT11DECRYPT_FC0_TYPE_MASK                 0x0c
 108 #define DOT11DECRYPT_SEQ_FRAG_MASK                 0x000f
 109 #define DOT11DECRYPT_QOS_HAS_SEQ(wh) \
 110         (((wh)->fc[0] & \
 111         (DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
 112         (DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))
 113
 114 #define DOT11DECRYPT_ADDR_COPY(dst,src) memcpy(dst, src, DOT11DECRYPT_MAC_LEN)
 115
 116 #define DOT11DECRYPT_IS_4ADDRESS(wh) \
 117         ((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
 118 #define DOT11DECRYPT_IS_QOS_DATA(wh) DOT11DECRYPT_QOS_HAS_SEQ(wh)
 119
 120 /****************************************************************************/
 121
 122 /****************************************************************************/
 123 /* Structure definitions                                                        */
 124
 125 /*
 126  * XXX - According to the thread at
 127  * https://lists.wireshark.org/archives/wireshark-dev/200612/msg00384.html we
 128  * shouldn't have to worry about packing our structs, since the largest
 129  * elements are 8 bits wide.
 130  */
 131 #ifdef _MSC_VER         /* MS Visual C++ */
 132 #pragma pack(push)
 133 #pragma pack(1)
 134 #endif
 135
 136 /* Definition of IEEE 802.11 frame (without the address 4)                      */
 137 typedef struct _DOT11DECRYPT_MAC_FRAME {
 138         unsigned char   fc[2];
 139         unsigned char   dur[2];
 140         unsigned char   addr1[DOT11DECRYPT_MAC_LEN];
 141         unsigned char   addr2[DOT11DECRYPT_MAC_LEN];
 142         unsigned char   addr3[DOT11DECRYPT_MAC_LEN];
 143         unsigned char   seq[2];
 144 } DOT11DECRYPT_MAC_FRAME, *PDOT11DECRYPT_MAC_FRAME;
 145
 146 /* Definition of IEEE 802.11 frame (with the address 4)                 */
 147 typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4 {
 148         unsigned char   fc[2];
 149         unsigned char   dur[2];
 150         unsigned char   addr1[DOT11DECRYPT_MAC_LEN];
 151         unsigned char   addr2[DOT11DECRYPT_MAC_LEN];
 152         unsigned char   addr3[DOT11DECRYPT_MAC_LEN];
 153         unsigned char   seq[2];
 154         unsigned char   addr4[DOT11DECRYPT_MAC_LEN];
 155 } DOT11DECRYPT_MAC_FRAME_ADDR4, *PDOT11DECRYPT_MAC_FRAME_ADDR4;
 156
 157 /* Definition of IEEE 802.11 frame (without the address 4, with QOS)            */
 158 typedef struct _DOT11DECRYPT_MAC_FRAME_QOS {
 159         unsigned char   fc[2];
 160         unsigned char   dur[2];
 161         unsigned char   addr1[DOT11DECRYPT_MAC_LEN];
 162         unsigned char   addr2[DOT11DECRYPT_MAC_LEN];
 163         unsigned char   addr3[DOT11DECRYPT_MAC_LEN];
 164         unsigned char   seq[2];
 165         unsigned char   qos[2];
 166 } DOT11DECRYPT_MAC_FRAME_QOS, *PDOT11DECRYPT_MAC_FRAME_QOS;
 167
 168 /* Definition of IEEE 802.11 frame (with the address 4 and QOS)         */
 169 typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4_QOS {
 170         unsigned char   fc[2];
 171         unsigned char   dur[2];
 172         unsigned char   addr1[DOT11DECRYPT_MAC_LEN];
 173         unsigned char   addr2[DOT11DECRYPT_MAC_LEN];
 174         unsigned char   addr3[DOT11DECRYPT_MAC_LEN];
 175         unsigned char   seq[2];
 176         unsigned char   addr4[DOT11DECRYPT_MAC_LEN];
 177         unsigned char   qos[2];
 178 } DOT11DECRYPT_MAC_FRAME_ADDR4_QOS, *PDOT11DECRYPT_MAC_FRAME_ADDR4_QOS;
 179
 180 #ifdef _MSC_VER         /* MS Visual C++ */
 181 #pragma pack(pop)
 182 #endif
 183
 184 /******************************************************************************/
 185
 186 int Dot11DecryptCcmpDecrypt(
 187         uint8_t *m,
 188         int mac_header_len,
 189         int len,
 190         uint8_t *TK1,
 191         int tk_len,
 192         int mic_len);
 193
 194 int Dot11DecryptGcmpDecrypt(
 195         uint8_t *m,
 196         int mac_header_len,
 197         int len,
 198         uint8_t *TK1,
 199         int tk_len);
 200
 201 int Dot11DecryptTkipDecrypt(
 202         unsigned char *tkip_mpdu,
 203         size_t mpdu_len,
 204         unsigned char TA[DOT11DECRYPT_MAC_LEN],
 205         unsigned char TK[DOT11DECRYPT_TK_LEN])
 206         ;
 207
 208 #endif