Wireshark  2.9.0-477-g68ec514b
The Wireshark network protocol analyzer
dot11decrypt_system.h
1 /* dot11decrypt_system.h
2  *
3  * Copyright (c) 2006 CACE Technologies, Davis (California)
4  * All rights reserved.
5  *
6  * SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)
7  */
8 
9 #ifndef _DOT11DECRYPT_SYSTEM_H
10 #define _DOT11DECRYPT_SYSTEM_H
11 
12 /************************************************************************/
13 /* Constant definitions */
14 
15 /* General definitions */
16 #ifndef TRUE
17 #define TRUE 1
18 #endif
19 #ifndef FALSE
20 #define FALSE 0
21 #endif
22 
23 #define DOT11DECRYPT_RET_SUCCESS 0
24 #define DOT11DECRYPT_RET_UNSUCCESS 1
25 
26 #define DOT11DECRYPT_RET_NO_DATA 1
27 #define DOT11DECRYPT_RET_WRONG_DATA_SIZE 2
28 #define DOT11DECRYPT_RET_REQ_DATA 3
29 #define DOT11DECRYPT_RET_NO_VALID_HANDSHAKE 4
30 #define DOT11DECRYPT_RET_NO_DATA_ENCRYPTED 5
31 
32 #define DOT11DECRYPT_RET_SUCCESS_HANDSHAKE -1
33 
34 #define DOT11DECRYPT_MAX_KEYS_NR 64
35 #define DOT11DECRYPT_MAX_SEC_ASSOCIATIONS_NR 256
36 
37 /* Decryption algorithms fields size definition (bytes) */
38 #define DOT11DECRYPT_WPA_NONCE_LEN 32
39 #define DOT11DECRYPT_WPA_PTK_LEN 64 /* TKIP uses 48 bytes, CCMP uses 64 bytes */
40 #define DOT11DECRYPT_WPA_MICKEY_LEN 16
41 
42 #define DOT11DECRYPT_WEP_128_KEY_LEN 16 /* 128 bits */
43 
44 /* General 802.11 constants */
45 #define DOT11DECRYPT_MAC_LEN 6
46 #define DOT11DECRYPT_RADIOTAP_HEADER_LEN 24
47 
48 #define DOT11DECRYPT_EAPOL_MAX_LEN 1024
49 
50 #define DOT11DECRYPT_TK_LEN 16
51 
52 /* Max length of capture data */
53 #define DOT11DECRYPT_MAX_CAPLEN 8192
54 
55 #define DOT11DECRYPT_WEP_IVLEN 3 /* 24bit */
56 #define DOT11DECRYPT_WEP_KIDLEN 1 /* 1 octet */
57 #define DOT11DECRYPT_WEP_ICV 4
58 #define DOT11DECRYPT_WEP_HEADER DOT11DECRYPT_WEP_IVLEN + DOT11DECRYPT_WEP_KIDLEN
59 #define DOT11DECRYPT_WEP_TRAILER DOT11DECRYPT_WEP_ICV
60 
61 /*
62  * 802.11i defines an extended IV for use with non-WEP ciphers.
63  * When the EXTIV bit is set in the key id byte an additional
64  * 4 bytes immediately follow the IV for TKIP. For CCMP the
65  * EXTIV bit is likewise set but the 8 bytes represent the
66  * CCMP header rather than IV+extended-IV.
67  */
68 #define DOT11DECRYPT_RSNA_EXTIV 0x20
69 #define DOT11DECRYPT_RSNA_EXTIVLEN 4 /* extended IV length */
70 #define DOT11DECRYPT_RSNA_MICLEN 8 /* trailing MIC */
71 
72 #define DOT11DECRYPT_RSNA_HEADER DOT11DECRYPT_WEP_HEADER + DOT11DECRYPT_RSNA_EXTIVLEN
73 
74 #define DOT11DECRYPT_CCMP_HEADER DOT11DECRYPT_RSNA_HEADER
75 #define DOT11DECRYPT_CCMP_TRAILER DOT11DECRYPT_RSNA_MICLEN
76 
77 #define DOT11DECRYPT_TKIP_HEADER DOT11DECRYPT_RSNA_HEADER
78 #define DOT11DECRYPT_TKIP_TRAILER DOT11DECRYPT_RSNA_MICLEN + DOT11DECRYPT_WEP_ICV
79 
80 #define DOT11DECRYPT_CRC_LEN 4
81 
82 /************************************************************************/
83 /* File includes */
84 
85 #include "dot11decrypt_interop.h"
86 #include "dot11decrypt_user.h"
87 #include "ws_symbol_export.h"
88 
89 /************************************************************************/
90 /* Macro definitions */
91 
92 /************************************************************************/
93 /* Type definitions */
94 
96  UCHAR bssid[DOT11DECRYPT_MAC_LEN];
97  UCHAR sta[DOT11DECRYPT_MAC_LEN];
99 
101  /* This is for reassociations. A linked list of old security
102  * associations is kept. GCS
103  */
104  struct _DOT11DECRYPT_SEC_ASSOCIATION* next;
105 
110  UINT8 used;
113  UINT8 handshake;
114  UINT8 validKey;
115 
116  struct {
117  UINT8 key_ver; /* Key descriptor version */
118  UINT64 pn; /* only used with CCMP AES -if needed replay check- */
119  UCHAR nonce[DOT11DECRYPT_WPA_NONCE_LEN];
120  /* used to derive PTK, ANonce stored, SNonce taken */
121  /* the 2nd packet of the 4W handshake */
122 
123  UCHAR ptk[DOT11DECRYPT_WPA_PTK_LEN]; /* session key used in decryption algorithm */
124  } wpa;
125 
126 
128 
129 typedef struct _DOT11DECRYPT_CONTEXT {
130  DOT11DECRYPT_SEC_ASSOCIATION sa[DOT11DECRYPT_MAX_SEC_ASSOCIATIONS_NR];
131  INT sa_index;
132  DOT11DECRYPT_KEY_ITEM keys[DOT11DECRYPT_MAX_KEYS_NR];
133  size_t keys_nr;
134 
135  CHAR pkt_ssid[DOT11DECRYPT_WPA_SSID_MAX_LEN];
136  size_t pkt_ssid_len;
137 
138  INT index;
139  INT first_free_index;
141 
142 /************************************************************************/
143 /* Function prototype declarations */
144 
145 #ifdef __cplusplus
146 extern "C" {
147 #endif
148 
200 extern INT Dot11DecryptPacketProcess(
201  PDOT11DECRYPT_CONTEXT ctx,
202  const guint8 *data,
203  const guint data_off,
204  const guint data_len,
205  UCHAR *decrypt_data,
206  guint32 *decrypt_len,
208  gboolean scanHandshake)
209  ;
210 
232 extern INT Dot11DecryptSetKeys(
233  PDOT11DECRYPT_CONTEXT ctx,
234  DOT11DECRYPT_KEY_ITEM keys[],
235  const size_t keys_nr)
236  ;
237 
252 INT Dot11DecryptGetKeys(
253  const PDOT11DECRYPT_CONTEXT ctx,
254  DOT11DECRYPT_KEY_ITEM keys[],
255  const size_t keys_nr)
256  ;
257 
270 INT Dot11DecryptSetLastSSID(
271  PDOT11DECRYPT_CONTEXT ctx,
272  CHAR *pkt_ssid,
273  size_t pkt_ssid_len)
274  ;
275 
289 WS_DLL_PUBLIC
290 INT Dot11DecryptInitContext(
291  PDOT11DECRYPT_CONTEXT ctx)
292  ;
293 
306 WS_DLL_PUBLIC
307 INT Dot11DecryptDestroyContext(
308  PDOT11DECRYPT_CONTEXT ctx)
309  ;
310 
311 extern INT Dot11DecryptCcmpDecrypt(
312  UINT8 *m,
313  gint mac_header_len,
314  INT len,
315  UCHAR TK1[16])
316  ;
317 extern INT Dot11DecryptTkipDecrypt(
318  UCHAR *tkip_mpdu,
319  size_t mpdu_len,
320  UCHAR TA[DOT11DECRYPT_MAC_LEN],
321  UCHAR TK[DOT11DECRYPT_TK_LEN])
322  ;
323 
324 #ifdef __cplusplus
325 }
326 #endif
327 
328 #endif /* _DOT11DECRYPT_SYSTEM_H */
UINT8 used
Definition: dot11decrypt_system.h:110
Definition: dot11decrypt_system.h:129
Definition: dot11decrypt_system.h:100
Definition: dot11decrypt_system.h:95
Definition: dot11decrypt_user.h:72
Definition: packet-isakmp.c:1672