osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Rename airpdcap to dot11decrypt. 

Our 802.11 decryption code isn't tied to any specific product. Change
the file and API names to dot11decrypt.

Change-Id: I14fd951be3ae9b656a4e1959067fc0bdcc681ee2
Reviewed-on: https://code.wireshark.org/review/26058
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit is contained in:
Gerald Combs 2018-02-23 09:43:29 -08:00 committed by Michael Mann
parent 3785f53089
commit e73e3580f6
29 changed files with 973 additions and 993 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
caputils/airpcap_loader.c
View File

@ -13,7 +13,7 @@
#include <glib.h>
#include <epan/crypt/airpdcap_ws.h>
#include <epan/crypt/dot11decrypt_ws.h>
#include <epan/strutil.h>
#include <wsutil/file_util.h>
#include <wsutil/frequency-utils.h>

2
caputils/airpcap_loader.h
View File

@ -13,7 +13,7 @@
#ifndef __AIRPCAP_LOADER_H__
#define __AIRPCAP_LOADER_H__
#include <epan/crypt/airpdcap_system.h>
#include <epan/crypt/dot11decrypt_system.h>
#ifdef __cplusplus
extern "C" {

6
debian/libwireshark0.symbols vendored
View File

@ -1,11 +1,11 @@
libwireshark.so.0 libwireshark0 #MINVER#
AdmissionRejectReason_vals@Base 1.9.1
AirPDcapDestroyContext@Base 1.9.1
AirPDcapInitContext@Base 1.9.1
BandRejectReason_vals@Base 1.9.1
CommandCode_vals_ext@Base 1.9.1
DisengageReason_vals@Base 1.9.1
DisengageRejectReason_vals@Base 1.9.1
Dot11DecryptDestroyContext@Base 2.5.0
Dot11DecryptInitContext@Base 2.5.0
EBCDIC_to_ASCII1@Base 1.9.1
EBCDIC_to_ASCII@Base 1.9.1
FacilityReason_vals@Base 1.9.1
@ -40,7 +40,6 @@ libwireshark.so.0 libwireshark0 #MINVER#
address_type_get_by_name@Base 2.1.0
addresses_ports_reassembly_table_functions@Base 1.9.1
addresses_reassembly_table_functions@Base 1.9.1
airpdcap_ctx@Base 1.9.1
analyze_q708_ispc@Base 1.9.1
ansi_a_bsmap_strings@Base 1.9.1
ansi_a_dtap_strings@Base 1.9.1
@ -480,6 +479,7 @@ libwireshark.so.0 libwireshark0 #MINVER#
dissector_try_string_new@Base 2.5.0
dissector_try_uint@Base 1.9.1
dissector_try_uint_new@Base 1.12.0~rc1
dot11decrypt_ctx@Base 2.5.0
draw_tap_listeners@Base 1.9.1
dscp_short_vals_ext@Base 2.0.0
dscp_vals_ext@Base 1.9.1

2
debian/libwsutil0.symbols vendored
View File

@ -1,5 +1,5 @@
libwsutil.so.0 libwsutil0 #MINVER#
AirPDcapWepDecrypt@Base 1.10.0
Dot11DecryptWepDecrypt@Base 2.5.0
Eax_Decrypt@Base 1.12.0~rc1
adler32_bytes@Base 1.12.0~rc1
adler32_str@Base 1.12.0~rc1

4
epan/Makefile.am
View File

@ -310,7 +310,7 @@ endif
# Add the object files for missing routines, if any.
#
libwireshark_la_LIBADD = \
crypt/libairpdcap.la \
crypt/libdot11decrypt.la \
ftypes/libftypes.la \
dfilter/libdfilter.la \
dissectors/libdissectors.la \
@ -333,7 +333,7 @@ libwireshark_la_LIBADD = \
@GLIB_LIBS@
libwireshark_la_DEPENDENCIES = \
crypt/libairpdcap.la \
crypt/libdot11decrypt.la \
ftypes/libftypes.la \
dfilter/libdfilter.la \
dissectors/libdissectors.la \

8
epan/crypt/CMakeLists.txt
View File

@ -27,10 +27,10 @@ include_directories(
)
set(CRYPT_FILES
airpdcap.c
airpdcap_ccmp.c
airpdcap_rijndael.c
airpdcap_tkip.c
dot11decrypt.c
dot11decrypt_ccmp.c
dot11decrypt_rijndael.c
dot11decrypt_tkip.c
${CUSTOM_CRYPT_SRC}
)
source_group(crypt FILES ${CRYPT_FILES})

28
epan/crypt/Makefile.am
View File

@ -1,5 +1,5 @@
# Makefile.am
# Automake file for the airpdcap for Wireshark
# Automake file for 802.11 decryption for Wireshark
#
# Wireshark - Network traffic analyzer
# By Gerald Combs <gerald@wireshark.org>
@ -23,28 +23,28 @@ include $(top_srcdir)/Makefile.am.inc
AM_CPPFLAGS = $(INCLUDEDIRS) $(WS_CPPFLAGS) $(GLIB_CFLAGS) $(LIBGCRYPT_CFLAGS)
noinst_LTLIBRARIES = libairpdcap.la
noinst_LTLIBRARIES = libdot11decrypt.la
include Custom.common
CRYPT_SOURCES = \
airpdcap.c \
airpdcap_ccmp.c \
airpdcap_rijndael.c \
airpdcap_tkip.c
dot11decrypt.c \
dot11decrypt_ccmp.c \
dot11decrypt_rijndael.c \
dot11decrypt_tkip.c
CRYPT_INCLUDES = \
airpdcap_debug.h \
airpdcap_interop.h \
airpdcap_int.h \
airpdcap_rijndael.h \
airpdcap_system.h \
airpdcap_user.h \
airpdcap_ws.h \
dot11decrypt_debug.h \
dot11decrypt_interop.h \
dot11decrypt_int.h \
dot11decrypt_rijndael.h \
dot11decrypt_system.h \
dot11decrypt_user.h \
dot11decrypt_ws.h \
kasumi.h \
wep-wpadefs.h
libairpdcap_la_SOURCES = \
libdot11decrypt_la_SOURCES = \
$(CRYPT_SOURCES) \
$(CRYPT_INCLUDES) \
$(CUSTOM_CRYPTO_SRC)

1049
epan/crypt/airpdcap.c → epan/crypt/dot11decrypt.c
View File

File diff suppressed because it is too large Load Diff

80
epan/crypt/airpdcap_ccmp.c → epan/crypt/dot11decrypt_ccmp.c
View File

@ -1,4 +1,4 @@
/* airpdcap_ccmp.c
/* dot11decrypt_ccmp.c
*
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
* Copyright (c) 2006 CACE Technologies, Davis (California)
@ -39,12 +39,12 @@
/****************************************************************************/
/* File includes */
#include "config.h"
#include "airpdcap_system.h"
#include "airpdcap_int.h"
#include "dot11decrypt_system.h"
#include "dot11decrypt_int.h"
#include "airpdcap_rijndael.h"
#include "dot11decrypt_rijndael.h"
#include "airpdcap_debug.h"
#include "dot11decrypt_debug.h"
#include <glib.h>
#include <wsutil/wsgcrypt.h>
@ -54,16 +54,16 @@
#define AES_BLOCK_LEN 16
/* Note: copied from net80211/ieee80211.h */
#define AIRPDCAP_FC1_DIR_MASK 0x03
#define AIRPDCAP_FC1_DIR_DSTODS 0x03 /* AP ->AP */
#define AIRPDCAP_FC0_SUBTYPE_QOS 0x80
#define AIRPDCAP_FC0_TYPE_DATA 0x08
#define AIRPDCAP_FC0_TYPE_MASK 0x0c
#define AIRPDCAP_SEQ_FRAG_MASK 0x000f
#define AIRPDCAP_QOS_HAS_SEQ(wh) \
#define DOT11DECRYPT_FC1_DIR_MASK 0x03
#define DOT11DECRYPT_FC1_DIR_DSTODS 0x03 /* AP ->AP */
#define DOT11DECRYPT_FC0_SUBTYPE_QOS 0x80
#define DOT11DECRYPT_FC0_TYPE_DATA 0x08
#define DOT11DECRYPT_FC0_TYPE_MASK 0x0c
#define DOT11DECRYPT_SEQ_FRAG_MASK 0x000f
#define DOT11DECRYPT_QOS_HAS_SEQ(wh) \
(((wh)->fc[0] & \
(AIRPDCAP_FC0_TYPE_MASK | AIRPDCAP_FC0_SUBTYPE_QOS)) == \
(AIRPDCAP_FC0_TYPE_DATA | AIRPDCAP_FC0_SUBTYPE_QOS))
(DOT11DECRYPT_FC0_TYPE_MASK | DOT11DECRYPT_FC0_SUBTYPE_QOS)) == \
(DOT11DECRYPT_FC0_TYPE_DATA | DOT11DECRYPT_FC0_SUBTYPE_QOS))
/****************************************************************************/
/* Internal macros */
@ -83,14 +83,14 @@
((((UINT64)((UINT16)((b4 << 0) | (b5 << 8)))) << 32) | \
((UINT32)((b0 << 0) | (b1 << 8) | (b2 << 16) | (b3 << 24))))
#define AIRPDCAP_ADDR_COPY(dst,src) memcpy(dst,src,AIRPDCAP_MAC_LEN)
#define DOT11DECRYPT_ADDR_COPY(dst,src) memcpy(dst,src,DOT11DECRYPT_MAC_LEN)
/****************************************************************************/
/* Internal function prototypes declarations */
static void ccmp_init_blocks(
gcry_cipher_hd_t rijndael_handle,
PAIRPDCAP_MAC_FRAME wh,
PDOT11DECRYPT_MAC_FRAME wh,
UINT64 pn,
size_t dlen,
UINT8 b0[AES_BLOCK_LEN],
@ -104,7 +104,7 @@ static void ccmp_init_blocks(
static void ccmp_init_blocks(
gcry_cipher_hd_t rijndael_handle,
PAIRPDCAP_MAC_FRAME wh,
PDOT11DECRYPT_MAC_FRAME wh,
UINT64 pn,
size_t dlen,
UINT8 b0[AES_BLOCK_LEN],
@ -112,10 +112,10 @@ static void ccmp_init_blocks(
UINT8 a[AES_BLOCK_LEN],
UINT8 b[AES_BLOCK_LEN])
{
UINT8 mgmt = (AIRPDCAP_TYPE(wh->fc[0]) == AIRPDCAP_TYPE_MANAGEMENT);
UINT8 mgmt = (DOT11DECRYPT_TYPE(wh->fc[0]) == DOT11DECRYPT_TYPE_MANAGEMENT);
#define IS_4ADDRESS(wh) \
((wh->fc[1] & AIRPDCAP_FC1_DIR_MASK) == AIRPDCAP_FC1_DIR_DSTODS)
#define IS_QOS_DATA(wh) AIRPDCAP_QOS_HAS_SEQ(wh)
((wh->fc[1] & DOT11DECRYPT_FC1_DIR_MASK) == DOT11DECRYPT_FC1_DIR_DSTODS)
#define IS_QOS_DATA(wh) DOT11DECRYPT_QOS_HAS_SEQ(wh)
memset(aad, 0, 2*AES_BLOCK_LEN);
@ -126,7 +126,7 @@ static void ccmp_init_blocks(
* Dlen */
b0[0] = 0x59;
/* NB: b0[1] set below */
AIRPDCAP_ADDR_COPY(b0 + 2, wh->addr2);
DOT11DECRYPT_ADDR_COPY(b0 + 2, wh->addr2);
b0[8] = (UINT8)(pn >> 40);
b0[9] = (UINT8)(pn >> 32);
b0[10] = (UINT8)(pn >> 24);
@ -151,8 +151,8 @@ static void ccmp_init_blocks(
aad[2] = wh->fc[0];
aad[3] = (UINT8)(wh->fc[1] & 0xc7); /* XXX magic #s */
/* NB: we know 3 addresses are contiguous */
memcpy(aad + 4, &wh->addr1[0], 3 * AIRPDCAP_MAC_LEN);
aad[22] = (UINT8)(wh->seq[0] & AIRPDCAP_SEQ_FRAG_MASK);
memcpy(aad + 4, &wh->addr1[0], 3 * DOT11DECRYPT_MAC_LEN);
aad[22] = (UINT8)(wh->seq[0] & DOT11DECRYPT_SEQ_FRAG_MASK);
aad[23] = 0; /* all bits masked */
/*
* Construct variable-length portion of AAD based
@ -165,24 +165,24 @@ static void ccmp_init_blocks(
* a QOS frame.
*/
if (IS_4ADDRESS(wh)) {
AIRPDCAP_ADDR_COPY(aad + 24,
((PAIRPDCAP_MAC_FRAME_ADDR4)wh)->addr4);
DOT11DECRYPT_ADDR_COPY(aad + 24,
((PDOT11DECRYPT_MAC_FRAME_ADDR4)wh)->addr4);
if (IS_QOS_DATA(wh)) {
PAIRPDCAP_MAC_FRAME_ADDR4_QOS qwh4 =
(PAIRPDCAP_MAC_FRAME_ADDR4_QOS) wh;
PDOT11DECRYPT_MAC_FRAME_ADDR4_QOS qwh4 =
(PDOT11DECRYPT_MAC_FRAME_ADDR4_QOS) wh;
aad[30] = (UINT8)(qwh4->qos[0] & 0x0f);/* just priority bits */
aad[31] = 0;
b0[1] = aad[30];
aad[1] = 22 + AIRPDCAP_MAC_LEN + 2;
aad[1] = 22 + DOT11DECRYPT_MAC_LEN + 2;
} else {
memset(&aad[30], 0, 2);
b0[1] = 0;
aad[1] = 22 + AIRPDCAP_MAC_LEN;
aad[1] = 22 + DOT11DECRYPT_MAC_LEN;
}
} else {
if (IS_QOS_DATA(wh)) {
PAIRPDCAP_MAC_FRAME_QOS qwh =
(PAIRPDCAP_MAC_FRAME_QOS) wh;
PDOT11DECRYPT_MAC_FRAME_QOS qwh =
(PDOT11DECRYPT_MAC_FRAME_QOS) wh;
aad[24] = (UINT8)(qwh->qos[0] & 0x0f); /* just priority bits */
aad[25] = 0;
b0[1] = aad[24];
@ -212,13 +212,13 @@ static void ccmp_init_blocks(
#undef IS_4ADDRESS
}
INT AirPDcapCcmpDecrypt(
INT Dot11DecryptCcmpDecrypt(
UINT8 *m,
gint mac_header_len,
INT len,
UCHAR TK1[16])
{
PAIRPDCAP_MAC_FRAME wh;
PDOT11DECRYPT_MAC_FRAME wh;
UINT8 aad[2 * AES_BLOCK_LEN];
UINT8 b0[AES_BLOCK_LEN], b[AES_BLOCK_LEN], a[AES_BLOCK_LEN];
UINT8 mic[AES_BLOCK_LEN];
@ -241,19 +241,19 @@ INT AirPDcapCcmpDecrypt(
return 1;
}
wh = (PAIRPDCAP_MAC_FRAME )m;
data_len = len - (z + AIRPDCAP_CCMP_HEADER+AIRPDCAP_CCMP_TRAILER);
wh = (PDOT11DECRYPT_MAC_FRAME )m;
data_len = len - (z + DOT11DECRYPT_CCMP_HEADER+DOT11DECRYPT_CCMP_TRAILER);
if (data_len < 1) {
gcry_cipher_close(rijndael_handle);
return 0;
}
ccmp_init_blocks(rijndael_handle, wh, PN, data_len, b0, aad, a, b);
memcpy(mic, m+len-AIRPDCAP_CCMP_TRAILER, AIRPDCAP_CCMP_TRAILER);
XOR_BLOCK(mic, b, AIRPDCAP_CCMP_TRAILER);
memcpy(mic, m+len-DOT11DECRYPT_CCMP_TRAILER, DOT11DECRYPT_CCMP_TRAILER);
XOR_BLOCK(mic, b, DOT11DECRYPT_CCMP_TRAILER);
i = 1;
pos = (UINT8 *)m + z + AIRPDCAP_CCMP_HEADER;
space = len - (z + AIRPDCAP_CCMP_HEADER);
pos = (UINT8 *)m + z + DOT11DECRYPT_CCMP_HEADER;
space = len - (z + DOT11DECRYPT_CCMP_HEADER);
if (space > data_len)
space = (UINT)data_len;
@ -269,7 +269,7 @@ INT AirPDcapCcmpDecrypt(
gcry_cipher_close(rijndael_handle);
/* MIC Key ?= MIC */
if (memcmp(mic, a, AIRPDCAP_CCMP_TRAILER) == 0) {
if (memcmp(mic, a, DOT11DECRYPT_CCMP_TRAILER) == 0) {
return 0;
}

70
epan/crypt/airpdcap_debug.h → epan/crypt/dot11decrypt_debug.h
View File

@ -32,66 +32,66 @@
* SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_DEBUG_H
#define _AIRPDCAP_DEBUG_H
#ifndef _DOT11DECRYPT_DEBUG_H
#define _DOT11DECRYPT_DEBUG_H
#include "airpdcap_interop.h"
#include "dot11decrypt_interop.h"
/* #define AIRPDCAP_DEBUG 1 */
/* #define DOT11DECRYPT_DEBUG 1 */
#ifdef AIRPDCAP_DEBUG
#ifdef DOT11DECRYPT_DEBUG
#ifdef __FUNCTION__
#define AIRPDCAP_DEBUG_PRINT_LINE(notdefined, msg, level) print_debug_line(__FUNCTION__, msg, level);
#define DOT11DECRYPT_DEBUG_PRINT_LINE(notdefined, msg, level) print_debug_line(__FUNCTION__, msg, level);
#else
#define AIRPDCAP_DEBUG_PRINT_LINE(function, msg, level) print_debug_line(function, msg, level);
#define DOT11DECRYPT_DEBUG_PRINT_LINE(function, msg, level) print_debug_line(function, msg, level);
#endif
#else
#ifdef __FUNCTION__
#define AIRPDCAP_DEBUG_PRINT_LINE(notdefined, msg, level)
#define DOT11DECRYPT_DEBUG_PRINT_LINE(notdefined, msg, level)
#else
#define AIRPDCAP_DEBUG_PRINT_LINE(function, msg, level)
#define DOT11DECRYPT_DEBUG_PRINT_LINE(function, msg, level)
#endif
#endif
/******************************************************************************/
/* Debug section: internal function to print debug information */
/* */
#ifdef AIRPDCAP_DEBUG
#ifdef DOT11DECRYPT_DEBUG
#include <stdio.h>
#include <time.h>
#include <epan/to_str.h>
/* Debug level definition */
#define AIRPDCAP_DEBUG_LEVEL_1 1
#define AIRPDCAP_DEBUG_LEVEL_2 2
#define AIRPDCAP_DEBUG_LEVEL_3 3
#define AIRPDCAP_DEBUG_LEVEL_4 4
#define AIRPDCAP_DEBUG_LEVEL_5 5
#define DOT11DECRYPT_DEBUG_LEVEL_1 1
#define DOT11DECRYPT_DEBUG_LEVEL_2 2
#define DOT11DECRYPT_DEBUG_LEVEL_3 3
#define DOT11DECRYPT_DEBUG_LEVEL_4 4
#define DOT11DECRYPT_DEBUG_LEVEL_5 5
#define AIRPDCAP_DEBUG_USED_LEVEL AIRPDCAP_DEBUG_LEVEL_3
#define DOT11DECRYPT_DEBUG_USED_LEVEL DOT11DECRYPT_DEBUG_LEVEL_3
static inline void print_debug_line(const CHAR *function, const CHAR *msg, const INT level)
{
if (level<=AIRPDCAP_DEBUG_USED_LEVEL)
if (level<=DOT11DECRYPT_DEBUG_USED_LEVEL)
g_warning("dbg(%d)|(%s) %s", level, function, msg);
}
#ifdef _TRACE
#ifdef __FUNCTION__
#define AIRPDCAP_DEBUG_TRACE_START(notdefined) print_debug_line(__FUNCTION__, "Start!", AIRPDCAP_DEBUG_USED_LEVEL);
#define AIRPDCAP_DEBUG_TRACE_END(notdefined) print_debug_line(__FUNCTION__, "End!", AIRPDCAP_DEBUG_USED_LEVEL);
#define DOT11DECRYPT_DEBUG_TRACE_START(notdefined) print_debug_line(__FUNCTION__, "Start!", DOT11DECRYPT_DEBUG_USED_LEVEL);
#define DOT11DECRYPT_DEBUG_TRACE_END(notdefined) print_debug_line(__FUNCTION__, "End!", DOT11DECRYPT_DEBUG_USED_LEVEL);
#else
#define AIRPDCAP_DEBUG_TRACE_START(function) print_debug_line(function, "Start!", AIRPDCAP_DEBUG_USED_LEVEL);
#define AIRPDCAP_DEBUG_TRACE_END(function) print_debug_line(function, "End!", AIRPDCAP_DEBUG_USED_LEVEL);
#define DOT11DECRYPT_DEBUG_TRACE_START(function) print_debug_line(function, "Start!", DOT11DECRYPT_DEBUG_USED_LEVEL);
#define DOT11DECRYPT_DEBUG_TRACE_END(function) print_debug_line(function, "End!", DOT11DECRYPT_DEBUG_USED_LEVEL);
#endif
#else
#ifdef __FUNCTION__
#define AIRPDCAP_DEBUG_TRACE_START(notdefined)
#define AIRPDCAP_DEBUG_TRACE_END(notdefined)
#define DOT11DECRYPT_DEBUG_TRACE_START(notdefined)
#define DOT11DECRYPT_DEBUG_TRACE_END(notdefined)
#else
#define AIRPDCAP_DEBUG_TRACE_START(function)
#define AIRPDCAP_DEBUG_TRACE_END(function)
#define DOT11DECRYPT_DEBUG_TRACE_START(function)
#define DOT11DECRYPT_DEBUG_TRACE_END(function)
#endif
#endif
@ -102,20 +102,20 @@ static inline void DEBUG_DUMP(const char* x, const guint8* y, int z)
wmem_free(NULL, tmp_str);
}
#else /* !defined AIRPDCAP_DEBUG */
#else /* !defined DOT11DECRYPT_DEBUG */
#define AIRPDCAP_DEBUG_LEVEL_1
#define AIRPDCAP_DEBUG_LEVEL_2
#define AIRPDCAP_DEBUG_LEVEL_3
#define AIRPDCAP_DEBUG_LEVEL_4
#define AIRPDCAP_DEBUG_LEVEL_5
#define DOT11DECRYPT_DEBUG_LEVEL_1
#define DOT11DECRYPT_DEBUG_LEVEL_2
#define DOT11DECRYPT_DEBUG_LEVEL_3
#define DOT11DECRYPT_DEBUG_LEVEL_4
#define DOT11DECRYPT_DEBUG_LEVEL_5
#define AIRPDCAP_DEBUG_TRACE_START(function)
#define AIRPDCAP_DEBUG_TRACE_END(function)
#define DOT11DECRYPT_DEBUG_TRACE_START(function)
#define DOT11DECRYPT_DEBUG_TRACE_END(function)
#define DEBUG_DUMP(x,y,z)
#endif /* ?defined AIRPDCAP_DEBUG */
#endif /* ?defined DOT11DECRYPT_DEBUG */
#endif /* ?defined _AIRPDCAP_DEBUG_H */
#endif /* ?defined _DOT11DECRYPT_DEBUG_H */

118
epan/crypt/airpdcap_int.h → epan/crypt/dot11decrypt_int.h
View File

@ -32,14 +32,14 @@
* SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_INT_H
#define _AIRPDCAP_INT_H
#ifndef _DOT11DECRYPT_INT_H
#define _DOT11DECRYPT_INT_H
/****************************************************************************/
/* File includes */
#include "airpdcap_interop.h"
#include "airpdcap_system.h"
#include "dot11decrypt_interop.h"
#include "dot11decrypt_system.h"
/****************************************************************************/
@ -47,30 +47,30 @@
/* Definitions */
/* IEEE 802.11 packet type values */
#define AIRPDCAP_TYPE_MANAGEMENT 0
#define AIRPDCAP_TYPE_CONTROL 1
#define AIRPDCAP_TYPE_DATA 2
#define DOT11DECRYPT_TYPE_MANAGEMENT 0
#define DOT11DECRYPT_TYPE_CONTROL 1
#define DOT11DECRYPT_TYPE_DATA 2
/* IEEE 802.11 packet subtype values */
#define AIRPDCAP_SUBTYPE_ASSOC_REQ 0
#define AIRPDCAP_SUBTYPE_ASSOC_RESP 1
#define AIRPDCAP_SUBTYPE_REASSOC_REQ 2
#define AIRPDCAP_SUBTYPE_REASSOC_RESP 3
#define AIRPDCAP_SUBTYPE_PROBE_REQ 4
#define AIRPDCAP_SUBTYPE_PROBE_RESP 5
#define AIRPDCAP_SUBTYPE_MEASUREMENT_PILOT 6
#define AIRPDCAP_SUBTYPE_BEACON 8
#define AIRPDCAP_SUBTYPE_ATIM 9
#define AIRPDCAP_SUBTYPE_DISASS 10
#define AIRPDCAP_SUBTYPE_AUTHENTICATION 11
#define AIRPDCAP_SUBTYPE_DEAUTHENTICATION 12
#define AIRPDCAP_SUBTYPE_ACTION 13
#define AIRPDCAP_SUBTYPE_ACTION_NO_ACK 14
#define DOT11DECRYPT_SUBTYPE_ASSOC_REQ 0
#define DOT11DECRYPT_SUBTYPE_ASSOC_RESP 1
#define DOT11DECRYPT_SUBTYPE_REASSOC_REQ 2
#define DOT11DECRYPT_SUBTYPE_REASSOC_RESP 3
#define DOT11DECRYPT_SUBTYPE_PROBE_REQ 4
#define DOT11DECRYPT_SUBTYPE_PROBE_RESP 5
#define DOT11DECRYPT_SUBTYPE_MEASUREMENT_PILOT 6
#define DOT11DECRYPT_SUBTYPE_BEACON 8
#define DOT11DECRYPT_SUBTYPE_ATIM 9
#define DOT11DECRYPT_SUBTYPE_DISASS 10
#define DOT11DECRYPT_SUBTYPE_AUTHENTICATION 11
#define DOT11DECRYPT_SUBTYPE_DEAUTHENTICATION 12
#define DOT11DECRYPT_SUBTYPE_ACTION 13
#define DOT11DECRYPT_SUBTYPE_ACTION_NO_ACK 14
/* Min length of encrypted data (TKIP=21bytes, CCMP=17bytes) */
#define AIRPDCAP_CRYPTED_DATA_MINLEN 17
#define DOT11DECRYPT_CRYPTED_DATA_MINLEN 17
#define AIRPDCAP_TA_OFFSET 10
#define DOT11DECRYPT_TA_OFFSET 10
/* */
/****************************************************************************/
@ -81,27 +81,27 @@
/**
* Macros to get various bits of a 802.11 control frame
*/
#define AIRPDCAP_TYPE(FrameControl_0) (UINT8)((FrameControl_0 >> 2) & 0x3)
#define AIRPDCAP_SUBTYPE(FrameControl_0) (UINT8)((FrameControl_0 >> 4) & 0xF)
#define AIRPDCAP_DS_BITS(FrameControl_1) (UINT8)(FrameControl_1 & 0x3)
#define AIRPDCAP_TO_DS(FrameControl_1) (UINT8)(FrameControl_1 & 0x1)
#define AIRPDCAP_FROM_DS(FrameControl_1) (UINT8)((FrameControl_1 >> 1) & 0x1)
#define AIRPDCAP_WEP(FrameControl_1) (UINT8)((FrameControl_1 >> 6) & 0x1)
#define DOT11DECRYPT_TYPE(FrameControl_0) (UINT8)((FrameControl_0 >> 2) & 0x3)
#define DOT11DECRYPT_SUBTYPE(FrameControl_0) (UINT8)((FrameControl_0 >> 4) & 0xF)
#define DOT11DECRYPT_DS_BITS(FrameControl_1) (UINT8)(FrameControl_1 & 0x3)
#define DOT11DECRYPT_TO_DS(FrameControl_1) (UINT8)(FrameControl_1 & 0x1)
#define DOT11DECRYPT_FROM_DS(FrameControl_1) (UINT8)((FrameControl_1 >> 1) & 0x1)
#define DOT11DECRYPT_WEP(FrameControl_1) (UINT8)((FrameControl_1 >> 6) & 0x1)
/**
* Get the Key ID from the Initialization Vector (last byte)
*/
#define AIRPDCAP_EXTIV(KeyID) ((KeyID >> 5) & 0x1)
#define DOT11DECRYPT_EXTIV(KeyID) ((KeyID >> 5) & 0x1)
#define AIRPDCAP_KEY_INDEX(KeyID) ((KeyID >> 6) & 0x3) /** Used to determine TKIP group key from unicast (group = 1, unicast = 0) */
#define DOT11DECRYPT_KEY_INDEX(KeyID) ((KeyID >> 6) & 0x3) /** Used to determine TKIP group key from unicast (group = 1, unicast = 0) */
/* Macros to get various bits of an EAPOL frame */
#define AIRPDCAP_EAP_KEY_DESCR_VER(KeyInfo_1) ((UCHAR)(KeyInfo_1 & 0x3))
#define AIRPDCAP_EAP_KEY(KeyInfo_1) ((KeyInfo_1 >> 3) & 0x1)
#define AIRPDCAP_EAP_INST(KeyInfo_1) ((KeyInfo_1 >> 6) & 0x1)
#define AIRPDCAP_EAP_ACK(KeyInfo_1) ((KeyInfo_1 >> 7) & 0x1)
#define AIRPDCAP_EAP_MIC(KeyInfo_0) (KeyInfo_0 & 0x1)
#define AIRPDCAP_EAP_SEC(KeyInfo_0) ((KeyInfo_0 >> 1) & 0x1)
#define DOT11DECRYPT_EAP_KEY_DESCR_VER(KeyInfo_1) ((UCHAR)(KeyInfo_1 & 0x3))
#define DOT11DECRYPT_EAP_KEY(KeyInfo_1) ((KeyInfo_1 >> 3) & 0x1)
#define DOT11DECRYPT_EAP_INST(KeyInfo_1) ((KeyInfo_1 >> 6) & 0x1)
#define DOT11DECRYPT_EAP_ACK(KeyInfo_1) ((KeyInfo_1 >> 7) & 0x1)
#define DOT11DECRYPT_EAP_MIC(KeyInfo_0) (KeyInfo_0 & 0x1)
#define DOT11DECRYPT_EAP_SEC(KeyInfo_0) ((KeyInfo_0 >> 1) & 0x1)
/****************************************************************************/
@ -120,48 +120,48 @@
#endif
/* Definition of IEEE 802.11 frame (without the address 4) */
typedef struct _AIRPDCAP_MAC_FRAME {
typedef struct _DOT11DECRYPT_MAC_FRAME {
UCHAR fc[2];
UCHAR dur[2];
UCHAR addr1[AIRPDCAP_MAC_LEN];
UCHAR addr2[AIRPDCAP_MAC_LEN];
UCHAR addr3[AIRPDCAP_MAC_LEN];
UCHAR addr1[DOT11DECRYPT_MAC_LEN];
UCHAR addr2[DOT11DECRYPT_MAC_LEN];
UCHAR addr3[DOT11DECRYPT_MAC_LEN];
UCHAR seq[2];
} AIRPDCAP_MAC_FRAME, *PAIRPDCAP_MAC_FRAME;
} DOT11DECRYPT_MAC_FRAME, *PDOT11DECRYPT_MAC_FRAME;
/* Definition of IEEE 802.11 frame (with the address 4) */
typedef struct _AIRPDCAP_MAC_FRAME_ADDR4 {
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4 {
UCHAR fc[2];
UCHAR dur[2];
UCHAR addr1[AIRPDCAP_MAC_LEN];
UCHAR addr2[AIRPDCAP_MAC_LEN];
UCHAR addr3[AIRPDCAP_MAC_LEN];
UCHAR addr1[DOT11DECRYPT_MAC_LEN];
UCHAR addr2[DOT11DECRYPT_MAC_LEN];
UCHAR addr3[DOT11DECRYPT_MAC_LEN];
UCHAR seq[2];
UCHAR addr4[AIRPDCAP_MAC_LEN];
} AIRPDCAP_MAC_FRAME_ADDR4, *PAIRPDCAP_MAC_FRAME_ADDR4;
UCHAR addr4[DOT11DECRYPT_MAC_LEN];
} DOT11DECRYPT_MAC_FRAME_ADDR4, *PDOT11DECRYPT_MAC_FRAME_ADDR4;
/* Definition of IEEE 802.11 frame (without the address 4, with QOS) */
typedef struct _AIRPDCAP_MAC_FRAME_QOS {
typedef struct _DOT11DECRYPT_MAC_FRAME_QOS {
UCHAR fc[2];
UCHAR dur[2];
UCHAR addr1[AIRPDCAP_MAC_LEN];
UCHAR addr2[AIRPDCAP_MAC_LEN];
UCHAR addr3[AIRPDCAP_MAC_LEN];
UCHAR addr1[DOT11DECRYPT_MAC_LEN];
UCHAR addr2[DOT11DECRYPT_MAC_LEN];
UCHAR addr3[DOT11DECRYPT_MAC_LEN];
UCHAR seq[2];
UCHAR qos[2];
} AIRPDCAP_MAC_FRAME_QOS, *PAIRPDCAP_MAC_FRAME_QOS;
} DOT11DECRYPT_MAC_FRAME_QOS, *PDOT11DECRYPT_MAC_FRAME_QOS;
/* Definition of IEEE 802.11 frame (with the address 4 and QOS) */
typedef struct _AIRPDCAP_MAC_FRAME_ADDR4_QOS {
typedef struct _DOT11DECRYPT_MAC_FRAME_ADDR4_QOS {
UCHAR fc[2];
UCHAR dur[2];
UCHAR addr1[AIRPDCAP_MAC_LEN];
UCHAR addr2[AIRPDCAP_MAC_LEN];
UCHAR addr3[AIRPDCAP_MAC_LEN];
UCHAR addr1[DOT11DECRYPT_MAC_LEN];
UCHAR addr2[DOT11DECRYPT_MAC_LEN];
UCHAR addr3[DOT11DECRYPT_MAC_LEN];
UCHAR seq[2];
UCHAR addr4[AIRPDCAP_MAC_LEN];
UCHAR addr4[DOT11DECRYPT_MAC_LEN];
UCHAR qos[2];
} AIRPDCAP_MAC_FRAME_ADDR4_QOS, *PAIRPDCAP_MAC_FRAME_ADDR4_QOS;
} DOT11DECRYPT_MAC_FRAME_ADDR4_QOS, *PDOT11DECRYPT_MAC_FRAME_ADDR4_QOS;
#ifdef _MSC_VER /* MS Visual C++ */
#pragma pack(pop)

21
epan/crypt/airpdcap_interop.h → epan/crypt/dot11decrypt_interop.h
View File

@ -1,4 +1,4 @@
/* airpdcap_interop.h
/* dot11decrypt_interop.h
*
* Copyright (c) 2006 CACE Technologies, Davis (California)
* All rights reserved.
@ -32,8 +32,8 @@
* SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_INTEROP_H
#define _AIRPDCAP_INTEROP_H
#ifndef _DOT11DECRYPT_INTEROP_H
#define _DOT11DECRYPT_INTEROP_H
/**
* Cast data types commonly used (e.g. UINT16) to their
@ -87,17 +87,4 @@ typedef gchar CHAR;
typedef guchar UCHAR;
#endif
#ifdef _WIN32
#include <winsock2.h> /* ntohs() */
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h> /* ntohs() */
#endif
#ifndef ntohs
#undef ntohs
#define ntohs(value) g_ntohs(value)
#endif
#endif /* _AIRPDCAP_INTEROP_H */
#endif /* _DOT11DECRYPT_INTEROP_H */

6
epan/crypt/airpdcap_rijndael.c → epan/crypt/dot11decrypt_rijndael.c
View File

@ -1,5 +1,5 @@
/**
* airpdcap_rijndael.c
* dot11decrypt_rijndael.c
*
* @version 3.0 (December 2000)
*
@ -24,9 +24,9 @@
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "airpdcap_rijndael.h"
#include "dot11decrypt_rijndael.h"
#include "airpdcap_debug.h"
#include "dot11decrypt_debug.h"
#include <glib.h>
#include <wsutil/wsgcrypt.h>

8
epan/crypt/airpdcap_rijndael.h → epan/crypt/dot11decrypt_rijndael.h
View File

@ -1,5 +1,5 @@
/**
* airpdcap_rijndael.h
* dot11decrypt_rijndael.h
*
* @version 3.0 (December 2000)
*
@ -24,13 +24,13 @@
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_RIJNDAEL
#define _AIRPDCAP_RIJNDAEL
#ifndef _DOT11DECRYPT_RIJNDAEL
#define _DOT11DECRYPT_RIJNDAEL
/******************************************************************************/
/* File includes */
/* */
#include "airpdcap_interop.h"
#include "dot11decrypt_interop.h"
/* */
/* */
/******************************************************************************/

184
epan/crypt/airpdcap_system.h → epan/crypt/dot11decrypt_system.h
View File

@ -1,4 +1,4 @@
/* airpdcap_system.h
/* dot11decrypt_system.h
*
* Copyright (c) 2006 CACE Technologies, Davis (California)
* All rights reserved.
@ -32,8 +32,8 @@
* SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_SYSTEM_H
#define _AIRPDCAP_SYSTEM_H
#ifndef _DOT11DECRYPT_SYSTEM_H
#define _DOT11DECRYPT_SYSTEM_H
/************************************************************************/
/* Constant definitions */
@ -46,43 +46,43 @@
#define FALSE 0
#endif
#define AIRPDCAP_RET_SUCCESS 0
#define AIRPDCAP_RET_UNSUCCESS 1
#define DOT11DECRYPT_RET_SUCCESS 0
#define DOT11DECRYPT_RET_UNSUCCESS 1
#define AIRPDCAP_RET_NO_DATA 1
#define AIRPDCAP_RET_WRONG_DATA_SIZE 2
#define AIRPDCAP_RET_REQ_DATA 3
#define AIRPDCAP_RET_NO_VALID_HANDSHAKE 4
#define AIRPDCAP_RET_NO_DATA_ENCRYPTED 5
#define DOT11DECRYPT_RET_NO_DATA 1
#define DOT11DECRYPT_RET_WRONG_DATA_SIZE 2
#define DOT11DECRYPT_RET_REQ_DATA 3
#define DOT11DECRYPT_RET_NO_VALID_HANDSHAKE 4
#define DOT11DECRYPT_RET_NO_DATA_ENCRYPTED 5
#define AIRPDCAP_RET_SUCCESS_HANDSHAKE -1
#define DOT11DECRYPT_RET_SUCCESS_HANDSHAKE -1
#define AIRPDCAP_MAX_KEYS_NR 64
#define AIRPDCAP_MAX_SEC_ASSOCIATIONS_NR 256
#define DOT11DECRYPT_MAX_KEYS_NR 64
#define DOT11DECRYPT_MAX_SEC_ASSOCIATIONS_NR 256
/* Decryption algorithms fields size definition (bytes) */
#define AIRPDCAP_WPA_NONCE_LEN 32
#define AIRPDCAP_WPA_PTK_LEN 64 /* TKIP uses 48 bytes, CCMP uses 64 bytes */
#define AIRPDCAP_WPA_MICKEY_LEN 16
#define DOT11DECRYPT_WPA_NONCE_LEN 32
#define DOT11DECRYPT_WPA_PTK_LEN 64 /* TKIP uses 48 bytes, CCMP uses 64 bytes */
#define DOT11DECRYPT_WPA_MICKEY_LEN 16
#define AIRPDCAP_WEP_128_KEY_LEN 16 /* 128 bits */
#define DOT11DECRYPT_WEP_128_KEY_LEN 16 /* 128 bits */
/* General 802.11 constants */
#define AIRPDCAP_MAC_LEN 6
#define AIRPDCAP_RADIOTAP_HEADER_LEN 24
#define DOT11DECRYPT_MAC_LEN 6
#define DOT11DECRYPT_RADIOTAP_HEADER_LEN 24
#define AIRPDCAP_EAPOL_MAX_LEN 1024
#define DOT11DECRYPT_EAPOL_MAX_LEN 1024
#define AIRPDCAP_TK_LEN 16
#define DOT11DECRYPT_TK_LEN 16
/* Max length of capture data */
#define AIRPDCAP_MAX_CAPLEN 8192
#define DOT11DECRYPT_MAX_CAPLEN 8192
#define AIRPDCAP_WEP_IVLEN 3 /* 24bit */
#define AIRPDCAP_WEP_KIDLEN 1 /* 1 octet */
#define AIRPDCAP_WEP_ICV 4
#define AIRPDCAP_WEP_HEADER AIRPDCAP_WEP_IVLEN + AIRPDCAP_WEP_KIDLEN
#define AIRPDCAP_WEP_TRAILER AIRPDCAP_WEP_ICV
#define DOT11DECRYPT_WEP_IVLEN 3 /* 24bit */
#define DOT11DECRYPT_WEP_KIDLEN 1 /* 1 octet */
#define DOT11DECRYPT_WEP_ICV 4
#define DOT11DECRYPT_WEP_HEADER DOT11DECRYPT_WEP_IVLEN + DOT11DECRYPT_WEP_KIDLEN
#define DOT11DECRYPT_WEP_TRAILER DOT11DECRYPT_WEP_ICV
/*
* 802.11i defines an extended IV for use with non-WEP ciphers.
@ -91,25 +91,25 @@
* EXTIV bit is likewise set but the 8 bytes represent the
* CCMP header rather than IV+extended-IV.
*/
#define AIRPDCAP_RSNA_EXTIV 0x20
#define AIRPDCAP_RSNA_EXTIVLEN 4 /* extended IV length */
#define AIRPDCAP_RSNA_MICLEN 8 /* trailing MIC */
#define DOT11DECRYPT_RSNA_EXTIV 0x20
#define DOT11DECRYPT_RSNA_EXTIVLEN 4 /* extended IV length */
#define DOT11DECRYPT_RSNA_MICLEN 8 /* trailing MIC */
#define AIRPDCAP_RSNA_HEADER AIRPDCAP_WEP_HEADER + AIRPDCAP_RSNA_EXTIVLEN
#define DOT11DECRYPT_RSNA_HEADER DOT11DECRYPT_WEP_HEADER + DOT11DECRYPT_RSNA_EXTIVLEN
#define AIRPDCAP_CCMP_HEADER AIRPDCAP_RSNA_HEADER
#define AIRPDCAP_CCMP_TRAILER AIRPDCAP_RSNA_MICLEN
#define DOT11DECRYPT_CCMP_HEADER DOT11DECRYPT_RSNA_HEADER
#define DOT11DECRYPT_CCMP_TRAILER DOT11DECRYPT_RSNA_MICLEN
#define AIRPDCAP_TKIP_HEADER AIRPDCAP_RSNA_HEADER
#define AIRPDCAP_TKIP_TRAILER AIRPDCAP_RSNA_MICLEN + AIRPDCAP_WEP_ICV
#define DOT11DECRYPT_TKIP_HEADER DOT11DECRYPT_RSNA_HEADER
#define DOT11DECRYPT_TKIP_TRAILER DOT11DECRYPT_RSNA_MICLEN + DOT11DECRYPT_WEP_ICV
#define AIRPDCAP_CRC_LEN 4
#define DOT11DECRYPT_CRC_LEN 4
/************************************************************************/
/* File includes */
#include "airpdcap_interop.h"
#include "airpdcap_user.h"
#include "dot11decrypt_interop.h"
#include "dot11decrypt_user.h"
#include "ws_symbol_export.h"
/************************************************************************/
@ -118,52 +118,52 @@
/************************************************************************/
/* Type definitions */
typedef struct _AIRPDCAP_SEC_ASSOCIATION_ID {
UCHAR bssid[AIRPDCAP_MAC_LEN];
UCHAR sta[AIRPDCAP_MAC_LEN];
} AIRPDCAP_SEC_ASSOCIATION_ID, *PAIRPDCAP_SEC_ASSOCIATION_ID;
typedef struct _DOT11DECRYPT_SEC_ASSOCIATION_ID {
UCHAR bssid[DOT11DECRYPT_MAC_LEN];
UCHAR sta[DOT11DECRYPT_MAC_LEN];
} DOT11DECRYPT_SEC_ASSOCIATION_ID, *PDOT11DECRYPT_SEC_ASSOCIATION_ID;
typedef struct _AIRPDCAP_SEC_ASSOCIATION {
typedef struct _DOT11DECRYPT_SEC_ASSOCIATION {
/* This is for reassociations. A linked list of old security
* associations is kept. GCS
*/
struct _AIRPDCAP_SEC_ASSOCIATION* next;
struct _DOT11DECRYPT_SEC_ASSOCIATION* next;
/**
* This flag define whether this item is used or not. Accepted
* values are TRUE and FALSE
*/
UINT8 used;
AIRPDCAP_SEC_ASSOCIATION_ID saId;
AIRPDCAP_KEY_ITEM *key;
DOT11DECRYPT_SEC_ASSOCIATION_ID saId;
DOT11DECRYPT_KEY_ITEM *key;
UINT8 handshake;
UINT8 validKey;
struct {
UINT8 key_ver; /* Key descriptor version */
UINT64 pn; /* only used with CCMP AES -if needed replay check- */
UCHAR nonce[AIRPDCAP_WPA_NONCE_LEN];
UCHAR nonce[DOT11DECRYPT_WPA_NONCE_LEN];
/* used to derive PTK, ANonce stored, SNonce taken */
/* the 2nd packet of the 4W handshake */
UCHAR ptk[AIRPDCAP_WPA_PTK_LEN]; /* session key used in decryption algorithm */
UCHAR ptk[DOT11DECRYPT_WPA_PTK_LEN]; /* session key used in decryption algorithm */
} wpa;
} AIRPDCAP_SEC_ASSOCIATION, *PAIRPDCAP_SEC_ASSOCIATION;
} DOT11DECRYPT_SEC_ASSOCIATION, *PDOT11DECRYPT_SEC_ASSOCIATION;
typedef struct _AIRPDCAP_CONTEXT {
AIRPDCAP_SEC_ASSOCIATION sa[AIRPDCAP_MAX_SEC_ASSOCIATIONS_NR];
typedef struct _DOT11DECRYPT_CONTEXT {
DOT11DECRYPT_SEC_ASSOCIATION sa[DOT11DECRYPT_MAX_SEC_ASSOCIATIONS_NR];
INT sa_index;
AIRPDCAP_KEY_ITEM keys[AIRPDCAP_MAX_KEYS_NR];
DOT11DECRYPT_KEY_ITEM keys[DOT11DECRYPT_MAX_KEYS_NR];
size_t keys_nr;
CHAR pkt_ssid[AIRPDCAP_WPA_SSID_MAX_LEN];
CHAR pkt_ssid[DOT11DECRYPT_WPA_SSID_MAX_LEN];
size_t pkt_ssid_len;
INT index;
INT first_free_index;
} AIRPDCAP_CONTEXT, *PAIRPDCAP_CONTEXT;
} DOT11DECRYPT_CONTEXT, *PDOT11DECRYPT_CONTEXT;
/************************************************************************/
/* Function prototype declarations */
@ -183,7 +183,7 @@ extern "C" {
* @param data_len [IN] Total length of the MAC header and the payload
* @param decrypt_data [OUT] Pointer to a buffer that will contain
* decrypted data. If this parameter is set to NULL, decrypted data will
* be discarded. Must have room for at least AIRPDCAP_MAX_CAPLEN bytes.
* be discarded. Must have room for at least DOT11DECRYPT_MAX_CAPLEN bytes.
* @param decrypt_len [OUT] Length of decrypted data if decrypt_data
* is not NULL.
* @param key [OUT] Pointer to a preallocated key structure containing
@ -193,22 +193,22 @@ extern "C" {
* the 802.11 frame data is pointing to has key information and if so use
* it to setup potential decryption keys. Enables handshake return codes.
* @return
* - AIRPDCAP_RET_SUCCESS: Decryption has been done (decrypt_data and
* - DOT11DECRYPT_RET_SUCCESS: Decryption has been done (decrypt_data and
* decrypt_length will contain the packet data decrypted and the length of
* the new packet)
* - AIRPDCAP_RET_NO_DATA: The packet is not a data packet
* - AIRPDCAP_RET_WRONG_DATA_SIZE: The size of the packet is below the
* - DOT11DECRYPT_RET_NO_DATA: The packet is not a data packet
* - DOT11DECRYPT_RET_WRONG_DATA_SIZE: The size of the packet is below the
* accepted minimum
* - AIRPDCAP_RET_REQ_DATA: Required data is not available and the
* - DOT11DECRYPT_RET_REQ_DATA: Required data is not available and the
* processing must be interrupted (can also occur after decryption when
* scanHandshake is TRUE)
* - AIRPDCAP_RET_NO_DATA_ENCRYPTED: Not encrypted and no attempt to
* - DOT11DECRYPT_RET_NO_DATA_ENCRYPTED: Not encrypted and no attempt to
* extract key information
* - AIRPDCAP_RET_UNSUCCESS: Generic unspecified error (decrypt_data
* - DOT11DECRYPT_RET_UNSUCCESS: Generic unspecified error (decrypt_data
* and decrypt_length will be not modified).
* - AIRPDCAP_RET_SUCCESS_HANDSHAKE: An eapol handshake packet was successfuly parsed
* - DOT11DECRYPT_RET_SUCCESS_HANDSHAKE: An eapol handshake packet was successfuly parsed
* and key information extracted
* - AIRPDCAP_RET_NO_VALID_HANDSHAKE: The handshake is invalid or was not used
* - DOT11DECRYPT_RET_NO_VALID_HANDSHAKE: The handshake is invalid or was not used
* for some reason. For encrypted packets decryption was still successful.
* @note
* The decrypted buffer should be allocated for a size equal or greater
@ -223,14 +223,14 @@ extern "C" {
* This function is not thread-safe when used in parallel with context
* management functions on the same context.
*/
extern INT AirPDcapPacketProcess(
PAIRPDCAP_CONTEXT ctx,
extern INT Dot11DecryptPacketProcess(
PDOT11DECRYPT_CONTEXT ctx,
const guint8 *data,
const guint data_off,
const guint data_len,
UCHAR *decrypt_data,
guint32 *decrypt_len,
PAIRPDCAP_KEY_ITEM key,
PDOT11DECRYPT_KEY_ITEM key,
gboolean scanHandshake)
;
@ -239,11 +239,11 @@ extern INT AirPDcapPacketProcess(
* Any key should be well-formed, thus: it should have a defined key
* type and the specified length should be conforming WEP or WPA/WPA2
* standards. A general WEP keys could be of any length (in the range
* defined in AIRPDCAP_KEY_ITEM), if a specific WEP key is used, the
* defined in DOT11DECRYPT_KEY_ITEM), if a specific WEP key is used, the
* length of the key will be the one specified in 802.11i-2004 (40 bits or
* 104 bits).
* For WPA/WPA2 the password (passphrase and SSID), the PSK and the PMK
* are in alternative, as explain in the AIRPDCAP_KEY_ITEM structure
* are in alternative, as explain in the DOT11DECRYPT_KEY_ITEM structure
* description.
* @param ctx [IN] pointer to the current context
* @param keys [IN] an array of keys to set.
@ -255,9 +255,9 @@ extern INT AirPDcapPacketProcess(
* management functions and the packet process function on the same
* context.
*/
extern INT AirPDcapSetKeys(
PAIRPDCAP_CONTEXT ctx,
AIRPDCAP_KEY_ITEM keys[],
extern INT Dot11DecryptSetKeys(
PDOT11DECRYPT_CONTEXT ctx,
DOT11DECRYPT_KEY_ITEM keys[],
const size_t keys_nr)
;
@ -269,15 +269,15 @@ extern INT AirPDcapSetKeys(
* be able to contain at least keys_nr keys)
* @return The number of keys returned
* @note
* Any key could be modified, as stated in the AIRPDCAP_KEY_ITEM description.
* Any key could be modified, as stated in the DOT11DECRYPT_KEY_ITEM description.
* @note
* This function is not thread-safe when used in parallel with context
* management functions and the packet process function on the same
* context.
*/
INT AirPDcapGetKeys(
const PAIRPDCAP_CONTEXT ctx,
AIRPDCAP_KEY_ITEM keys[],
INT Dot11DecryptGetKeys(
const PDOT11DECRYPT_CONTEXT ctx,
DOT11DECRYPT_KEY_ITEM keys[],
const size_t keys_nr)
;
@ -289,12 +289,12 @@ INT AirPDcapGetKeys(
* @param pkt_ssid [IN] pointer to the packet's SSID
* @param pkt_ssid_len [IN] length of the packet's SSID
* @return
* AIRPDCAP_RET_SUCCESS: The key has been set.
* AIRPDCAP_RET_UNSUCCESS: The has not been set, e.g. the length was
* DOT11DECRYPT_RET_SUCCESS: The key has been set.
* DOT11DECRYPT_RET_UNSUCCESS: The has not been set, e.g. the length was
* too long.
*/
INT AirPDcapSetLastSSID(
PAIRPDCAP_CONTEXT ctx,
INT Dot11DecryptSetLastSSID(
PDOT11DECRYPT_CONTEXT ctx,
CHAR *pkt_ssid,
size_t pkt_ssid_len)
;
@ -303,8 +303,8 @@ INT AirPDcapSetLastSSID(
* Initialize a context used to manage decryption and keys collection.
* @param ctx [IN|OUT] pointer to a preallocated context structure
* @return
* AIRPDCAP_RET_SUCCESS: the context has been successfully initialized
* AIRPDCAP_RET_UNSUCCESS: the context has not been initialized
* DOT11DECRYPT_RET_SUCCESS: the context has been successfully initialized
* DOT11DECRYPT_RET_UNSUCCESS: the context has not been initialized
* @note
* Only a correctly initialized context can be used to manage decryption
* processes and keys.
@ -313,8 +313,8 @@ INT AirPDcapSetLastSSID(
* management functions and the packet process function on the same context.
*/
WS_DLL_PUBLIC
INT AirPDcapInitContext(
PAIRPDCAP_CONTEXT ctx)
INT Dot11DecryptInitContext(
PDOT11DECRYPT_CONTEXT ctx)
;
/**
@ -322,33 +322,33 @@ INT AirPDcapInitContext(
* not be used anymore.
* @param ctx [IN|OUT] pointer to the current context structure
* @return
* AIRPDCAP_RET_SUCCESS: the context has been successfully initialized
* AIRPDCAP_RET_UNSUCCESS: the context has not been initialized
* DOT11DECRYPT_RET_SUCCESS: the context has been successfully initialized
* DOT11DECRYPT_RET_UNSUCCESS: the context has not been initialized
* @note
* This function is not thread-safe when used in parallel with context
* management functions and the packet process function on the same
* context.
*/
WS_DLL_PUBLIC
INT AirPDcapDestroyContext(
PAIRPDCAP_CONTEXT ctx)
INT Dot11DecryptDestroyContext(
PDOT11DECRYPT_CONTEXT ctx)
;
extern INT AirPDcapCcmpDecrypt(
extern INT Dot11DecryptCcmpDecrypt(
UINT8 *m,
gint mac_header_len,
INT len,
UCHAR TK1[16])
;
extern INT AirPDcapTkipDecrypt(
extern INT Dot11DecryptTkipDecrypt(
UCHAR *tkip_mpdu,
size_t mpdu_len,
UCHAR TA[AIRPDCAP_MAC_LEN],
UCHAR TK[AIRPDCAP_TK_LEN])
UCHAR TA[DOT11DECRYPT_MAC_LEN],
UCHAR TK[DOT11DECRYPT_TK_LEN])
;
#ifdef __cplusplus
}
#endif
#endif /* _AIRPDCAP_SYSTEM_H */
#endif /* _DOT11DECRYPT_SYSTEM_H */

38
epan/crypt/airpdcap_tkip.c → epan/crypt/dot11decrypt_tkip.c
View File

@ -35,10 +35,10 @@
/* */
#include <wsutil/pint.h>
#include <wsutil/crc32.h>
#include "airpdcap_system.h"
#include "airpdcap_int.h"
#include "dot11decrypt_system.h"
#include "dot11decrypt_int.h"
#include "airpdcap_debug.h"
#include "dot11decrypt_debug.h"
/* */
/******************************************************************************/
@ -47,21 +47,21 @@
/* */
#define PHASE1_LOOP_COUNT 8
#define AIRPDCAP_TTAK_LEN 6
#define DOT11DECRYPT_TTAK_LEN 6
/* */
/******************************************************************************/
/******************************************************************************/
/* Internal function prototypes declarations */
/* */
static void AirPDcapTkipMixingPhase1(
static void Dot11DecryptTkipMixingPhase1(
UINT16 *TTAK,
const UINT8 *TK,
const UINT8 *TA,
UINT32 TSC)
;
static void AirPDcapTkipMixingPhase2(
static void Dot11DecryptTkipMixingPhase2(
UINT8 *wep_seed,
const UINT8 *TK,
UINT16 *PPK,
@ -144,7 +144,7 @@ static const UINT16 Sbox[256] = {
/******************************************************************************/
/* Function definitions */
static void AirPDcapTkipMixingPhase1(
static void Dot11DecryptTkipMixingPhase1(
UINT16 *TTAK,
const UINT8 *TK,
const UINT8 *TA,
@ -169,7 +169,7 @@ static void AirPDcapTkipMixingPhase1(
}
}
static void AirPDcapTkipMixingPhase2(
static void Dot11DecryptTkipMixingPhase2(
UINT8 *wep_seed,
const UINT8 *TK,
UINT16 *TTAK,
@ -209,18 +209,18 @@ static void AirPDcapTkipMixingPhase2(
/* Note: taken from FreeBSD source code, RELENG 6, */
/* sys/net80211/ieee80211_crypto_tkip.c, 936 */
INT AirPDcapTkipDecrypt(
INT Dot11DecryptTkipDecrypt(
UCHAR *tkip_mpdu,
size_t mpdu_len,
UCHAR TA[AIRPDCAP_MAC_LEN],
UCHAR TK[AIRPDCAP_TK_LEN])
UCHAR TA[DOT11DECRYPT_MAC_LEN],
UCHAR TK[DOT11DECRYPT_TK_LEN])
{
UINT64 TSC64;
UINT32 TSC;
UINT16 TSC16;
UINT8 *IV;
UINT16 TTAK[AIRPDCAP_TTAK_LEN];
UINT8 wep_seed[AIRPDCAP_WEP_128_KEY_LEN];
UINT16 TTAK[DOT11DECRYPT_TTAK_LEN];
UINT8 wep_seed[DOT11DECRYPT_WEP_128_KEY_LEN];
/* DEBUG_DUMP("TA", TA, 6); */
@ -233,15 +233,15 @@ INT AirPDcapTkipDecrypt(
/* We instead have to have READ_6() be returned to a UINT64 and shift *that* value. */
TSC = (UINT32)(TSC64 >> 16);
AirPDcapTkipMixingPhase1(TTAK, TK, TA, TSC);
Dot11DecryptTkipMixingPhase1(TTAK, TK, TA, TSC);
AirPDcapTkipMixingPhase2(wep_seed, TK, TTAK, TSC16);
Dot11DecryptTkipMixingPhase2(wep_seed, TK, TTAK, TSC16);
return AirPDcapWepDecrypt(
return Dot11DecryptWepDecrypt(
wep_seed,
AIRPDCAP_WEP_128_KEY_LEN,
tkip_mpdu + AIRPDCAP_TKIP_HEADER,
mpdu_len-(AIRPDCAP_TKIP_HEADER+AIRPDCAP_WEP_ICV)); /* MPDU - TKIP_HEADER - MIC */
DOT11DECRYPT_WEP_128_KEY_LEN,
tkip_mpdu + DOT11DECRYPT_TKIP_HEADER,
mpdu_len-(DOT11DECRYPT_TKIP_HEADER+DOT11DECRYPT_WEP_ICV)); /* MPDU - TKIP_HEADER - MIC */
/* TODO check (IEEE 802.11i-2004, pg. 44) */

88
epan/crypt/airpdcap_user.h → epan/crypt/dot11decrypt_user.h
View File

@ -1,4 +1,4 @@
/* airpdcap_user.h
/* dot11decrypt_user.h
*
* Copyright (c) 2006 CACE Technologies, Davis (California)
* All rights reserved.
@ -32,13 +32,13 @@
* SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_USER_H
#define _AIRPDCAP_USER_H
#ifndef _DOT11DECRYPT_USER_H
#define _DOT11DECRYPT_USER_H
/******************************************************************************/
/* File includes */
/* */
#include "airpdcap_interop.h"
#include "dot11decrypt_interop.h"
#include "ws_symbol_export.h"
/* */
@ -49,26 +49,26 @@
/* Constant definitions */
/* */
/* Decryption key types */
#define AIRPDCAP_KEY_TYPE_WEP 0
#define AIRPDCAP_KEY_TYPE_WEP_40 1
#define AIRPDCAP_KEY_TYPE_WEP_104 2
#define AIRPDCAP_KEY_TYPE_WPA_PWD 3
#define AIRPDCAP_KEY_TYPE_WPA_PSK 4
#define AIRPDCAP_KEY_TYPE_WPA_PMK 5
#define AIRPDCAP_KEY_TYPE_TKIP 6
#define AIRPDCAP_KEY_TYPE_CCMP 7
#define DOT11DECRYPT_KEY_TYPE_WEP 0
#define DOT11DECRYPT_KEY_TYPE_WEP_40 1
#define DOT11DECRYPT_KEY_TYPE_WEP_104 2
#define DOT11DECRYPT_KEY_TYPE_WPA_PWD 3
#define DOT11DECRYPT_KEY_TYPE_WPA_PSK 4
#define DOT11DECRYPT_KEY_TYPE_WPA_PMK 5
#define DOT11DECRYPT_KEY_TYPE_TKIP 6
#define DOT11DECRYPT_KEY_TYPE_CCMP 7
/* Decryption algorithms fields size definition (bytes) */
#define AIRPDCAP_WEP_KEY_MINLEN 1
#define AIRPDCAP_WEP_KEY_MAXLEN 32
#define AIRPDCAP_WEP_40_KEY_LEN 5
#define AIRPDCAP_WEP_104_KEY_LEN 13
#define DOT11DECRYPT_WEP_KEY_MINLEN 1
#define DOT11DECRYPT_WEP_KEY_MAXLEN 32
#define DOT11DECRYPT_WEP_40_KEY_LEN 5
#define DOT11DECRYPT_WEP_104_KEY_LEN 13
#define AIRPDCAP_WPA_PASSPHRASE_MIN_LEN 8
#define AIRPDCAP_WPA_PASSPHRASE_MAX_LEN 63 /* null-terminated string, the actual length of the storage is 64 */
#define AIRPDCAP_WPA_SSID_MIN_LEN 0
#define AIRPDCAP_WPA_SSID_MAX_LEN 32
#define AIRPDCAP_WPA_PSK_LEN 32
#define DOT11DECRYPT_WPA_PASSPHRASE_MIN_LEN 8
#define DOT11DECRYPT_WPA_PASSPHRASE_MAX_LEN 63 /* null-terminated string, the actual length of the storage is 64 */
#define DOT11DECRYPT_WPA_SSID_MIN_LEN 0
#define DOT11DECRYPT_WPA_SSID_MAX_LEN 32
#define DOT11DECRYPT_WPA_PSK_LEN 32
/* */
/* */
/******************************************************************************/
@ -95,13 +95,13 @@ typedef struct {
/**
* Key item used during the decryption process.
*/
typedef struct _AIRPDCAP_KEY_ITEM {
typedef struct _DOT11DECRYPT_KEY_ITEM {
/**
* Type of key. The type will remain unchanged during the
* processing, even if some fields could be changed (e.g., WPA
* fields).
* @note
* You can use constants AIRPDCAP_KEY_TYPE_xxx to indicate the
* You can use constants DOT11DECRYPT_KEY_TYPE_xxx to indicate the
* key type.
*/
UINT8 KeyType;
@ -121,22 +121,22 @@ typedef struct _AIRPDCAP_KEY_ITEM {
* For WPA and WPA2 this implementation will use standards as
* defined in 802.11i (2004) and 802.1X (2004).
*/
union AIRPDCAP_KEY_ITEMDATA {
struct AIRPDCAP_KEY_ITEMDATA_WEP {
union DOT11DECRYPT_KEY_ITEMDATA {
struct DOT11DECRYPT_KEY_ITEMDATA_WEP {
/**
* The binary value of the WEP key.
* @note
* It is accepted a key of length between
* AIRPDCAP_WEP_KEY_MINLEN and
* AIRPDCAP_WEP_KEY_MAXLEN. A WEP key
* DOT11DECRYPT_WEP_KEY_MINLEN and
* DOT11DECRYPT_WEP_KEY_MAXLEN. A WEP key
* standard-compliante should be either 40 bits
* (10 hex-digits, 5 bytes) for WEP-40 or 104 bits
* (26 hex-digits, 13 bytes) for WEP-104.
*/
UCHAR WepKey[AIRPDCAP_WEP_KEY_MAXLEN];
UCHAR WepKey[DOT11DECRYPT_WEP_KEY_MAXLEN];
/**
* The length of the WEP key. Acceptable range
* is [AIRPDCAP_WEP_KEY_MINLEN;AIRPDCAP_WEP_KEY_MAXLEN].
* is [DOT11DECRYPT_WEP_KEY_MINLEN;DOT11DECRYPT_WEP_KEY_MAXLEN].
*/
size_t WepKeyLen;
} Wep;
@ -148,36 +148,36 @@ typedef struct _AIRPDCAP_KEY_ITEM {
* three fields and necessary fields will be automatically
* calculated.
*/
struct AIRPDCAP_KEY_ITEMDATA_WPA {
UCHAR Psk[AIRPDCAP_WPA_PSK_LEN];
UCHAR Ptk[AIRPDCAP_WPA_PTK_LEN];
struct DOT11DECRYPT_KEY_ITEMDATA_WPA {
UCHAR Psk[DOT11DECRYPT_WPA_PSK_LEN];
UCHAR Ptk[DOT11DECRYPT_WPA_PTK_LEN];
} Wpa;
} KeyData;
struct AIRPDCAP_KEY_ITEMDATA_PWD {
struct DOT11DECRYPT_KEY_ITEMDATA_PWD {
/**
* The string (null-terminated) value of
* the passphrase.
*/
CHAR Passphrase[AIRPDCAP_WPA_PASSPHRASE_MAX_LEN+1];
CHAR Passphrase[DOT11DECRYPT_WPA_PASSPHRASE_MAX_LEN+1];
/**
* The value of the SSID (up to
* AIRPDCAP_WPA_SSID_MAX_LEN octets).
* DOT11DECRYPT_WPA_SSID_MAX_LEN octets).
* @note
* A zero-length SSID indicates broadcast.
*/
CHAR Ssid[AIRPDCAP_WPA_SSID_MAX_LEN];
CHAR Ssid[DOT11DECRYPT_WPA_SSID_MAX_LEN];
/**
*The length of the SSID
*/
size_t SsidLen;
} UserPwd;
} AIRPDCAP_KEY_ITEM, *PAIRPDCAP_KEY_ITEM;
} DOT11DECRYPT_KEY_ITEM, *PDOT11DECRYPT_KEY_ITEM;
/**
* Collection of keys to use to decrypt packets
*/
typedef struct _AIRPDCAP_KEYS_COLLECTION {
typedef struct _DOT11DECRYPT_KEYS_COLLECTION {
/**
* Number of stored keys
*/
@ -186,8 +186,8 @@ typedef struct _AIRPDCAP_KEYS_COLLECTION {
/**
* Array of nKeys keys
*/
AIRPDCAP_KEY_ITEM Keys[256];
} AIRPDCAP_KEYS_COLLECTION, *PAIRPDCAP_KEYS_COLLECTION;
DOT11DECRYPT_KEY_ITEM Keys[256];
} DOT11DECRYPT_KEYS_COLLECTION, *PDOT11DECRYPT_KEYS_COLLECTION;
/* */
/******************************************************************************/
@ -205,10 +205,10 @@ typedef struct _AIRPDCAP_KEYS_COLLECTION {
* - MyPassword:MySSID (WPA + plaintext password + specific SSID)
* - 01020304... (WPA + 256-bit raw key)
* @param key_type [IN] Type of key used for string. Possibilities include:
* - AIRPDCAP_KEY_TYPE_WEP (40/64-bit and 104/128-bit WEP)
* - AIRPDCAP_KEY_TYPE_WPA_PWD (WPA + plaintext password + "wildcard" SSID or
* - DOT11DECRYPT_KEY_TYPE_WEP (40/64-bit and 104/128-bit WEP)
* - DOT11DECRYPT_KEY_TYPE_WPA_PWD (WPA + plaintext password + "wildcard" SSID or
* WPA + plaintext password + specific SSID)
* - AIRPDCAP_KEY_TYPE_WPA_PSK (WPA + 256-bit raw key)
* - DOT11DECRYPT_KEY_TYPE_WPA_PSK (WPA + 256-bit raw key)
* @return A pointer to a freshly-g_malloc()ed decryption_key_t struct on
* success, or NULL on failure.
* @see get_key_string(), free_key_string()
@ -239,4 +239,4 @@ free_key_string(decryption_key_t *dk);
/******************************************************************************/
#endif /* _AIRPDCAP_USER_H */
#endif /* _DOT11DECRYPT_USER_H */

12
epan/crypt/airpdcap_ws.h → epan/crypt/dot11decrypt_ws.h
View File

@ -1,4 +1,4 @@
/* airpdcap_ws.h
/* dot11decrypt_ws.h
*
* Copyright (c) 2006 CACE Technologies, Davis (California)
* All rights reserved.
@ -32,20 +32,20 @@
* SUCH DAMAGE.
*/
#ifndef _AIRPDCAP_WS_H
#define _AIRPDCAP_WS_H
#ifndef _DOT11DECRYPT_WS_H
#define _DOT11DECRYPT_WS_H
#include "airpdcap_system.h"
#include "dot11decrypt_system.h"
#include "ws_symbol_export.h"
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
WS_DLL_PUBLIC AIRPDCAP_CONTEXT airpdcap_ctx;
WS_DLL_PUBLIC DOT11DECRYPT_CONTEXT dot11decrypt_ctx;
#ifdef __cplusplus
}
#endif /* __cplusplus */
#endif /* _AIRPDCAP_WS_H */
#endif /* _DOT11DECRYPT_WS_H */

114
epan/dissectors/packet-ieee80211.c
View File

@ -76,7 +76,7 @@
#include "packet-sflow.h"
#include "packet-gre.h"
#include <epan/crypt/airpdcap_ws.h>
#include <epan/crypt/dot11decrypt_ws.h>
void proto_register_ieee80211(void);
void proto_reg_handoff_ieee80211(void);
@ -161,22 +161,22 @@ uat_wep_key_record_update_cb(void* r, char** err)
dk_type = dk->type;
free_key_string(dk);
switch (dk_type) {
case AIRPDCAP_KEY_TYPE_WEP:
case AIRPDCAP_KEY_TYPE_WEP_40:
case AIRPDCAP_KEY_TYPE_WEP_104:
if (rec->key != AIRPDCAP_KEY_TYPE_WEP) {
case DOT11DECRYPT_KEY_TYPE_WEP:
case DOT11DECRYPT_KEY_TYPE_WEP_40:
case DOT11DECRYPT_KEY_TYPE_WEP_104:
if (rec->key != DOT11DECRYPT_KEY_TYPE_WEP) {
*err = g_strdup("Invalid key format");
return FALSE;
}
break;
case AIRPDCAP_KEY_TYPE_WPA_PWD:
if (rec->key != AIRPDCAP_KEY_TYPE_WPA_PWD) {
case DOT11DECRYPT_KEY_TYPE_WPA_PWD:
if (rec->key != DOT11DECRYPT_KEY_TYPE_WPA_PWD) {
*err = g_strdup("Invalid key format");
return FALSE;
}
break;
case AIRPDCAP_KEY_TYPE_WPA_PSK:
if (rec->key != AIRPDCAP_KEY_TYPE_WPA_PSK) {
case DOT11DECRYPT_KEY_TYPE_WPA_PSK:
if (rec->key != DOT11DECRYPT_KEY_TYPE_WPA_PSK) {
*err = g_strdup("Invalid key format");
return FALSE;
}
@ -211,7 +211,7 @@ ieee_80211_add_tagged_parameters(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, int tagged_parameters_len, int ftype,
association_sanity_check_t *association_sanity_check);
static tvbuff_t *try_decrypt(tvbuff_t *tvb, packet_info *pinfo, guint32 offset, guint32 len, guint8 *algorithm, guint32 *sec_header, guint32 *sec_trailer, PAIRPDCAP_KEY_ITEM used_key);
static tvbuff_t *try_decrypt(tvbuff_t *tvb, packet_info *pinfo, guint32 offset, guint32 len, guint8 *algorithm, guint32 *sec_header, guint32 *sec_trailer, PDOT11DECRYPT_KEY_ITEM used_key);
static int weak_iv(guchar *iv);
@ -2804,9 +2804,9 @@ static const value_string service_interval_granularity_vals[] = {
};
static const value_string wep_type_vals[] = {
{ AIRPDCAP_KEY_TYPE_WEP, STRING_KEY_TYPE_WEP },
{ AIRPDCAP_KEY_TYPE_WPA_PWD, STRING_KEY_TYPE_WPA_PWD },
{ AIRPDCAP_KEY_TYPE_WPA_PSK, STRING_KEY_TYPE_WPA_PSK },
{ DOT11DECRYPT_KEY_TYPE_WEP, STRING_KEY_TYPE_WEP },
{ DOT11DECRYPT_KEY_TYPE_WPA_PWD, STRING_KEY_TYPE_WPA_PWD },
{ DOT11DECRYPT_KEY_TYPE_WPA_PSK, STRING_KEY_TYPE_WPA_PSK },
{ 0x00, NULL }
};
@ -5680,7 +5680,7 @@ static const val64_string number_of_taps_values[] = {
{0, NULL}
};
AIRPDCAP_CONTEXT airpdcap_ctx;
DOT11DECRYPT_CONTEXT dot11decrypt_ctx;
#define PSMP_STA_INFO_BROADCAST 0
#define PSMP_STA_INFO_MULTICAST 1
@ -15068,7 +15068,7 @@ ieee80211_tag_ssid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* da
* assume that it's *valid* ASCII or *valid* UTF-8.)
*
* So we really should extract it as an array of ssid_len bytes,
* pass those bytes to AirPDcapSetLastSSID(), and:
* pass those bytes to Dot11DecryptSetLastSSID(), and:
*
* If the UTF-8 SSID subfield isn't set to 1, put the SSID in
* as an ENC_ASCII string;
@ -15102,7 +15102,7 @@ ieee80211_tag_ssid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* da
*/
ssid = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, ssid_len, ENC_ASCII);
if (ssid_len == (gint)tag_len) {
AirPDcapSetLastSSID(&airpdcap_ctx, (CHAR *) ssid, ssid_len);
Dot11DecryptSetLastSSID(&dot11decrypt_ctx, (CHAR *) ssid, ssid_len);
}
proto_tree_add_item(tree, hf_ieee80211_tag_ssid, tvb, offset, tag_len,
ENC_ASCII|ENC_NA);
@ -20017,7 +20017,7 @@ dissect_ieee80211_common(tvbuff_t *tvb, packet_info *pinfo,
tvbuff_t *next_tvb = NULL;
wlan_hdr_t *whdr;
AIRPDCAP_KEY_ITEM used_key;
DOT11DECRYPT_KEY_ITEM used_key;
p_add_proto_data(wmem_file_scope(), pinfo, proto_wlan, IS_DMG_KEY, GINT_TO_POINTER(isDMG));
@ -20937,7 +20937,7 @@ dissect_ieee80211_common(tvbuff_t *tvb, packet_info *pinfo,
if (enable_decryption && !pinfo->fd->flags.visited) {
const guint8 *enc_data = tvb_get_ptr(tvb, 0, hdr_len+reported_len);
/* The processing will take care of 4-way handshake sessions for WPA and WPA2 decryption */
AirPDcapPacketProcess(&airpdcap_ctx, enc_data, hdr_len, hdr_len+reported_len, NULL, 0, NULL, TRUE);
Dot11DecryptPacketProcess(&dot11decrypt_ctx, enc_data, hdr_len, hdr_len+reported_len, NULL, 0, NULL, TRUE);
}
/*
@ -21024,9 +21024,9 @@ dissect_ieee80211_common(tvbuff_t *tvb, packet_info *pinfo,
guint32 iv;
guint8 key, keybyte;
#define PROTECTION_ALG_WEP AIRPDCAP_KEY_TYPE_WEP
#define PROTECTION_ALG_TKIP AIRPDCAP_KEY_TYPE_TKIP
#define PROTECTION_ALG_CCMP AIRPDCAP_KEY_TYPE_CCMP
#define PROTECTION_ALG_WEP DOT11DECRYPT_KEY_TYPE_WEP
#define PROTECTION_ALG_TKIP DOT11DECRYPT_KEY_TYPE_TKIP
#define PROTECTION_ALG_CCMP DOT11DECRYPT_KEY_TYPE_CCMP
#define PROTECTION_ALG_RSNA PROTECTION_ALG_CCMP | PROTECTION_ALG_TKIP
guint8 algorithm=G_MAXUINT8;
#define IS_TKIP(tvb, hdr_len) (tvb_get_guint8(tvb, hdr_len + 1) == \
@ -21109,16 +21109,16 @@ dissect_ieee80211_common(tvbuff_t *tvb, packet_info *pinfo,
can_decrypt = TRUE;
/* Add Key information to packet */
bytes_to_hexstr(out_buff, used_key.KeyData.Wpa.Ptk+32, AIRPDCAP_TK_LEN); /* TK is stored in PTK at offset 32 bytes and 16 bytes long */
out_buff[2*AIRPDCAP_TK_LEN] = '\0';
bytes_to_hexstr(out_buff, used_key.KeyData.Wpa.Ptk+32, DOT11DECRYPT_TK_LEN); /* TK is stored in PTK at offset 32 bytes and 16 bytes long */
out_buff[2*DOT11DECRYPT_TK_LEN] = '\0';
if (key == 0) { /* encrypted with pairwise key */
ti = proto_tree_add_string(wep_tree, hf_ieee80211_fc_analysis_tk, tvb, 0, 0, out_buff);
PROTO_ITEM_SET_GENERATED(ti);
/* Also add the PMK used to to decrypt the packet. (PMK==PSK) */
bytes_to_hexstr(out_buff, used_key.KeyData.Wpa.Psk, AIRPDCAP_WPA_PSK_LEN); /* 32 bytes */
out_buff[2*AIRPDCAP_WPA_PSK_LEN] = '\0';
bytes_to_hexstr(out_buff, used_key.KeyData.Wpa.Psk, DOT11DECRYPT_WPA_PSK_LEN); /* 32 bytes */
out_buff[2*DOT11DECRYPT_WPA_PSK_LEN] = '\0';
ti = proto_tree_add_string(wep_tree, hf_ieee80211_fc_analysis_pmk, tvb, 0, 0, out_buff);
PROTO_ITEM_SET_GENERATED(ti);
@ -21898,12 +21898,12 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_
/* It returns the algorithm used for decryption and the header and trailer lengths. */
static tvbuff_t *
try_decrypt(tvbuff_t *tvb, packet_info *pinfo, guint offset, guint len, guint8 *algorithm, guint32 *sec_header, guint32 *sec_trailer, PAIRPDCAP_KEY_ITEM used_key)
try_decrypt(tvbuff_t *tvb, packet_info *pinfo, guint offset, guint len, guint8 *algorithm, guint32 *sec_header, guint32 *sec_trailer, PDOT11DECRYPT_KEY_ITEM used_key)
{
const guint8 *enc_data;
tvbuff_t *decr_tvb = NULL;
guint32 dec_caplen;
guchar dec_data[AIRPDCAP_MAX_CAPLEN];
guchar dec_data[DOT11DECRYPT_MAX_CAPLEN];
if (!enable_decryption)
return NULL;
@ -21911,24 +21911,24 @@ try_decrypt(tvbuff_t *tvb, packet_info *pinfo, guint offset, guint len, guint8 *
/* get the entire packet */
enc_data = tvb_get_ptr(tvb, 0, len+offset);
/* process packet with AirPDcap */
if (AirPDcapPacketProcess(&airpdcap_ctx, enc_data, offset, offset+len, dec_data, &dec_caplen,
used_key, FALSE)==AIRPDCAP_RET_SUCCESS)
/* process packet with Dot11Decrypt */
if (Dot11DecryptPacketProcess(&dot11decrypt_ctx, enc_data, offset, offset+len, dec_data, &dec_caplen,
used_key, FALSE)==DOT11DECRYPT_RET_SUCCESS)
{
guint8 *tmp;
*algorithm=used_key->KeyType;
switch (*algorithm) {
case AIRPDCAP_KEY_TYPE_WEP:
*sec_header=AIRPDCAP_WEP_HEADER;
*sec_trailer=AIRPDCAP_WEP_TRAILER;
case DOT11DECRYPT_KEY_TYPE_WEP:
*sec_header=DOT11DECRYPT_WEP_HEADER;
*sec_trailer=DOT11DECRYPT_WEP_TRAILER;
break;
case AIRPDCAP_KEY_TYPE_CCMP:
*sec_header=AIRPDCAP_RSNA_HEADER;
*sec_trailer=AIRPDCAP_CCMP_TRAILER;
case DOT11DECRYPT_KEY_TYPE_CCMP:
*sec_header=DOT11DECRYPT_RSNA_HEADER;
*sec_trailer=DOT11DECRYPT_CCMP_TRAILER;
break;
case AIRPDCAP_KEY_TYPE_TKIP:
*sec_header=AIRPDCAP_RSNA_HEADER;
*sec_trailer=AIRPDCAP_TKIP_TRAILER;
case DOT11DECRYPT_KEY_TYPE_TKIP:
*sec_header=DOT11DECRYPT_RSNA_HEADER;
*sec_trailer=DOT11DECRYPT_TKIP_TRAILER;
break;
default:
return NULL;
@ -21948,10 +21948,10 @@ try_decrypt(tvbuff_t *tvb, packet_info *pinfo, guint offset, guint len, guint8 *
/* Collect our WEP and WPA keys */
static void
set_airpdcap_keys(void)
set_dot11decrypt_keys(void)
{
guint i;
AIRPDCAP_KEYS_COLLECTION *keys = g_new(AIRPDCAP_KEYS_COLLECTION, 1);
DOT11DECRYPT_KEYS_COLLECTION *keys = g_new(DOT11DECRYPT_KEYS_COLLECTION, 1);
GByteArray *bytes = NULL;
keys->nKeys = 0;
@ -21963,21 +21963,21 @@ set_airpdcap_keys(void)
if (dk != NULL)
{
AIRPDCAP_KEY_ITEM key;
if (dk->type == AIRPDCAP_KEY_TYPE_WEP)
DOT11DECRYPT_KEY_ITEM key;
if (dk->type == DOT11DECRYPT_KEY_TYPE_WEP)
{
gboolean res;
key.KeyType = AIRPDCAP_KEY_TYPE_WEP;
key.KeyType = DOT11DECRYPT_KEY_TYPE_WEP;
bytes = g_byte_array_new();
res = hex_str_to_bytes(dk->key->str, bytes, FALSE);
if (dk->key->str && res && (bytes->len > 0) && (bytes->len <= AIRPDCAP_WEP_KEY_MAXLEN))
if (dk->key->str && res && (bytes->len > 0) && (bytes->len <= DOT11DECRYPT_WEP_KEY_MAXLEN))
{
/*
* WEP key is correct (well, the can be even or odd, so it is not
* a real check, I think... is a check performed somewhere in the
* AirPDcap function???)
* Dot11Decrypt function???)
*/
memcpy(key.KeyData.Wep.WepKey, bytes->data, bytes->len);
key.KeyData.Wep.WepKeyLen = bytes->len;
@ -21985,16 +21985,16 @@ set_airpdcap_keys(void)
keys->nKeys += 1;
}
}
else if (dk->type == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (dk->type == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
{
key.KeyType = AIRPDCAP_KEY_TYPE_WPA_PWD;
key.KeyType = DOT11DECRYPT_KEY_TYPE_WPA_PWD;
/* XXX - This just lops the end if the key off if it's too long.
* Should we handle this more gracefully? */
g_strlcpy(key.UserPwd.Passphrase, dk->key->str, AIRPDCAP_WPA_PASSPHRASE_MAX_LEN+1);
g_strlcpy(key.UserPwd.Passphrase, dk->key->str, DOT11DECRYPT_WPA_PASSPHRASE_MAX_LEN+1);
key.UserPwd.SsidLen = 0;
if ((dk->ssid != NULL) && (dk->ssid->len <= AIRPDCAP_WPA_SSID_MAX_LEN))
if ((dk->ssid != NULL) && (dk->ssid->len <= DOT11DECRYPT_WPA_SSID_MAX_LEN))
{
memcpy(key.UserPwd.Ssid, dk->ssid->data, dk->ssid->len);
key.UserPwd.SsidLen = dk->ssid->len;
@ -22003,15 +22003,15 @@ set_airpdcap_keys(void)
keys->Keys[keys->nKeys] = key;
keys->nKeys += 1;
}
else if (dk->type == AIRPDCAP_KEY_TYPE_WPA_PSK)
else if (dk->type == DOT11DECRYPT_KEY_TYPE_WPA_PSK)
{
key.KeyType = AIRPDCAP_KEY_TYPE_WPA_PSK;
key.KeyType = DOT11DECRYPT_KEY_TYPE_WPA_PSK;
bytes = g_byte_array_new();
hex_str_to_bytes(dk->key->str, bytes, FALSE);
/* XXX - Pass the correct array of bytes... */
if (bytes->len <= AIRPDCAP_WPA_PSK_LEN) {
if (bytes->len <= DOT11DECRYPT_WPA_PSK_LEN) {
memcpy(key.KeyData.Wpa.Psk, bytes->data, bytes->len);
keys->Keys[keys->nKeys] = key;
@ -22027,7 +22027,7 @@ set_airpdcap_keys(void)
}
/* Now set the keys */
AirPDcapSetKeys(&airpdcap_ctx, keys->Keys, keys->nKeys);
Dot11DecryptSetKeys(&dot11decrypt_ctx, keys->Keys, keys->nKeys);
g_free(keys);
}
@ -22036,12 +22036,12 @@ init_wepkeys(void)
{
/*
* XXX - AirPDcap - That God sends it to us beautiful (che dio ce la mandi bona)
* The next lines will add a key to the AirPDcap context. The keystring will be added
* XXX - Dot11Decrypt - That God sends it to us beautiful (che dio ce la mandi bona)
* The next lines will add a key to the Dot11Decrypt context. The keystring will be added
* to the old WEP array too, but we don't care, because the packets will come here
* already decrypted... One of these days we will fix this too
*/
set_airpdcap_keys();
set_dot11decrypt_keys();
}
/*

20
tools/checklicenses.py
View File

@ -184,37 +184,37 @@ PATH_SPECIFIC_WHITELISTED_LICENSES = {
'UNKNOWN',
],
# The airpcap code is using BSD (3 clause)
'epan/crypt/airpdcap_interop.h': [
'epan/crypt/dot11decrypt_interop.h': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_tkip.c': [
'epan/crypt/dot11decrypt_tkip.c': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_ws.h': [
'epan/crypt/dot11decrypt_ws.h': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/wep-wpadefs.h': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_system.h': [
'epan/crypt/dot11decrypt_system.h': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_user.h': [
'epan/crypt/dot11decrypt_user.h': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_ccmp.c': [
'epan/crypt/dot11decrypt_ccmp.c': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_int.h': [
'epan/crypt/dot11decrypt_int.h': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap.c': [
'epan/crypt/dot11decrypt.c': [
'BSD (3 clause) GPL (v2)'
],
'epan/crypt/airpdcap_debug.h': [
'epan/crypt/dot11decrypt_debug.h': [
'BSD (3 clause) GPL (v2)'
],
'wsutil/airpdcap_wep.c': [
'wsutil/dot11decrypt_wep.c': [
'BSD (3 clause) GPL (v2)'
],
}

76
ui/gtk/airpcap_gui_utils.c
View File

@ -38,7 +38,7 @@
#include <epan/prefs-int.h>
#include <epan/uat-int.h>
#include <epan/strutil.h>
#include <epan/crypt/airpdcap_ws.h>
#include <epan/crypt/dot11decrypt_ws.h>
#include <epan/crypt/wep-wpadefs.h>
#include <epan/packet.h>
@ -293,7 +293,7 @@ static guint
get_wep_key(pref_t *pref, gpointer ud)
{
gchar *key_string = NULL;
guint8 key_type = AIRPDCAP_KEY_TYPE_WEP;
guint8 key_type = DOT11DECRYPT_KEY_TYPE_WEP;
keys_cb_data_t* user_data;
uat_t *uat;
guint i;
@ -322,16 +322,16 @@ get_wep_key(pref_t *pref, gpointer ud)
{
/* strip out key type if present */
if (g_ascii_strncasecmp(wep_keys->string, STRING_KEY_TYPE_WEP ":", 4) == 0) {
key_type = AIRPDCAP_KEY_TYPE_WEP;
key_type = DOT11DECRYPT_KEY_TYPE_WEP;
key_string = (gchar*)wep_keys->string+4;
}
else if (g_ascii_strncasecmp(wep_keys->string, STRING_KEY_TYPE_WPA_PWD ":", 8) == 0) {
key_string = (gchar*)wep_keys->string+8;
key_type = AIRPDCAP_KEY_TYPE_WPA_PWD;
key_type = DOT11DECRYPT_KEY_TYPE_WPA_PWD;
}
else if (g_ascii_strncasecmp(wep_keys->string, STRING_KEY_TYPE_WPA_PSK ":", 8) == 0) {
key_string = (gchar*)wep_keys->string+8;
key_type = AIRPDCAP_KEY_TYPE_WPA_PSK;
key_type = DOT11DECRYPT_KEY_TYPE_WPA_PSK;
}
else {
key_type = wep_keys->key;
@ -435,7 +435,7 @@ write_wlan_driver_wep_keys_to_registry(GList* key_list)
*/
n = g_list_length(key_list);
for(k = 0; k < n; k++ )
if (((decryption_key_t*)g_list_nth_data(key_list,k))->type == AIRPDCAP_KEY_TYPE_WEP)
if (((decryption_key_t*)g_list_nth_data(key_list,k))->type == DOT11DECRYPT_KEY_TYPE_WEP)
keys_in_list++;
/*
@ -471,14 +471,14 @@ write_wlan_driver_wep_keys_to_registry(GList* key_list)
key_item = (decryption_key_t*)g_list_nth_data(key_list,i);
/*
* XXX - The AIRPDCAP_KEY_TYPE_WEP is the only supported right now!
* XXX - The DOT11DECRYPT_KEY_TYPE_WEP is the only supported right now!
* We will have to modify the AirpcapKey structure in order to
* support the other two types! What happens now, is that simply the
* not supported keys will just be discarded (they will be saved in Wireshark though)
*/
if (key_item->type == AIRPDCAP_KEY_TYPE_WEP)
if (key_item->type == DOT11DECRYPT_KEY_TYPE_WEP)
{
KeysCollection->Keys[y].KeyType = AIRPDCAP_KEY_TYPE_WEP;
KeysCollection->Keys[y].KeyType = DOT11DECRYPT_KEY_TYPE_WEP;
new_key = g_string_new(key_item->key->str);
@ -497,11 +497,11 @@ write_wlan_driver_wep_keys_to_registry(GList* key_list)
y++;
g_string_free(new_key,TRUE);
}
else if (key_item->type == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (key_item->type == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
{
/* XXX - The driver cannot deal with this kind of key yet... */
}
else if (key_item->type == AIRPDCAP_KEY_TYPE_WPA_PMK)
else if (key_item->type == DOT11DECRYPT_KEY_TYPE_WPA_PMK)
{
/* XXX - The driver cannot deal with this kind of key yet... */
}
@ -622,7 +622,7 @@ write_wlan_wep_keys_to_registry(airpcap_if_info_t* info_if, GList* key_list)
for(i = 0; i < keys_in_list; i++)
{
KeysCollection->Keys[i].KeyType = AIRPDCAP_KEY_TYPE_WEP;
KeysCollection->Keys[i].KeyType = DOT11DECRYPT_KEY_TYPE_WEP;
/* Retrieve the Item corresponding to the i-th key */
key_item = (decryption_key_t*)g_list_nth_data(key_list,i);
@ -679,7 +679,7 @@ airpcap_get_key_string(AirpcapKey key)
dst = NULL;
src = NULL;
if (key.KeyType == AIRPDCAP_KEY_TYPE_WEP)
if (key.KeyType == DOT11DECRYPT_KEY_TYPE_WEP)
{
if (key.KeyLen != 0)
{
@ -699,11 +699,11 @@ airpcap_get_key_string(AirpcapKey key)
g_free(src);
}
}
else if (key.KeyType == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (key.KeyType == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
{
/* XXX - Add code here */
}
else if (key.KeyType == AIRPDCAP_KEY_TYPE_WPA_PMK)
else if (key.KeyType == DOT11DECRYPT_KEY_TYPE_WPA_PMK)
{
/* XXX - Add code here */
}
@ -748,7 +748,7 @@ save_wlan_driver_wep_keys(void)
for(i=0; i<keys_in_list; i++)
{
/* Only if it is a WEP key... */
if (fake_info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WEP)
if (fake_info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WEP)
{
tmp_key = airpcap_get_key_string(fake_info_if->keysCollection->Keys[i]);
key_list = g_list_append(key_list,g_strdup(tmp_key));
@ -902,11 +902,11 @@ print_key_list(GList* key_list)
g_print("BITS: %d\n",tmp->bits);
if (tmp->type == AIRPDCAP_KEY_TYPE_WEP)
if (tmp->type == DOT11DECRYPT_KEY_TYPE_WEP)
g_print("TYPE: %s\n",AIRPCAP_WEP_KEY_STRING);
else if (tmp->type == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (tmp->type == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
g_print("TYPE: %s\n",AIRPCAP_WPA_PWD_KEY_STRING);
else if (tmp->type == AIRPDCAP_KEY_TYPE_WPA_PMK)
else if (tmp->type == DOT11DECRYPT_KEY_TYPE_WPA_PMK)
g_print("TYPE: %s\n",AIRPCAP_WPA_BIN_KEY_STRING);
else
g_print("TYPE: %s\n","???");
@ -945,7 +945,7 @@ get_airpcap_device_keys(airpcap_if_info_t* info_if)
for(i=0; i<keys_in_list; i++)
{
/* Different things to do depending on the key type */
if (info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WEP)
if (info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WEP)
{
/* allocate memory for the new key item */
new_key = (decryption_key_t*)g_malloc(sizeof(decryption_key_t));
@ -968,11 +968,11 @@ get_airpcap_device_keys(airpcap_if_info_t* info_if)
/* Append the new element in the list */
key_list = g_list_append(key_list,(gpointer)new_key);
}
else if (info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
{
/* XXX - Not supported yet */
}
else if (info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WPA_PMK)
else if (info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WPA_PMK)
{
/* XXX - Not supported yet */
}
@ -1017,7 +1017,7 @@ get_airpcap_driver_keys(void)
for(i=0; i<keys_in_list; i++)
{
/* Different things to do depending on the key type */
if (fake_info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WEP)
if (fake_info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WEP)
{
/* allocate memory for the new key item */
new_key = (decryption_key_t*)g_malloc(sizeof(decryption_key_t));
@ -1040,11 +1040,11 @@ get_airpcap_driver_keys(void)
/* Append the new element in the list */
key_list = g_list_append(key_list,(gpointer)new_key);
}
else if (fake_info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (fake_info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
{
/* XXX - Not supported yet */
}
else if (fake_info_if->keysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WPA_PMK)
else if (fake_info_if->keysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WPA_PMK)
{
/* XXX - Not supported yet */
}
@ -1295,7 +1295,7 @@ keys_are_equals(decryption_key_t *k1,decryption_key_t *k2)
return FALSE;
/* XXX - Remove this check when we will have the WPA/WPA2 decryption in the Driver! */
/** if ( (k1->type == AIRPDCAP_KEY_TYPE_WPA_PWD) || (k2->type == AIRPDCAP_KEY_TYPE_WPA_PWD) || (k1->type == AIRPDCAP_KEY_TYPE_WPA_PMK) || (k2->type == AIRPDCAP_KEY_TYPE_WPA_PMK) ) **/
/** if ( (k1->type == DOT11DECRYPT_KEY_TYPE_WPA_PWD) || (k2->type == DOT11DECRYPT_KEY_TYPE_WPA_PWD) || (k1->type == DOT11DECRYPT_KEY_TYPE_WPA_PMK) || (k2->type == DOT11DECRYPT_KEY_TYPE_WPA_PMK) ) **/
/** return TRUE; **/
if (g_string_equal(k1->key,k2->key) &&
@ -1341,7 +1341,7 @@ key_lists_are_equal(GList* list1, GList* list2)
for(i=0;i<n1;i++)
{
dk1=(decryption_key_t*)g_list_nth_data(list1,i);
if (dk1->type == AIRPDCAP_KEY_TYPE_WEP)
if (dk1->type == DOT11DECRYPT_KEY_TYPE_WEP)
{
wep_list1 = g_list_append(wep_list1,(gpointer)dk1);
wep_n1++;
@ -1350,7 +1350,7 @@ key_lists_are_equal(GList* list1, GList* list2)
for(i=0;i<n2;i++)
{
dk2=(decryption_key_t*)g_list_nth_data(list2,i);
if (dk2->type == AIRPDCAP_KEY_TYPE_WEP)
if (dk2->type == DOT11DECRYPT_KEY_TYPE_WEP)
{
wep_list2 = g_list_append(wep_list2,(gpointer)dk2);
wep_n2++;
@ -1584,7 +1584,7 @@ airpcap_fill_key_list(GtkListStore *key_list_store)
{
curr_key = (decryption_key_t*)g_list_nth_data(wireshark_key_list,i);
if (curr_key->type == AIRPDCAP_KEY_TYPE_WEP)
if (curr_key->type == DOT11DECRYPT_KEY_TYPE_WEP)
{
gtk_list_store_insert_with_values(key_list_store , &iter, G_MAXINT,
KL_COL_TYPE, AIRPCAP_WEP_KEY_STRING,
@ -1592,7 +1592,7 @@ airpcap_fill_key_list(GtkListStore *key_list_store)
KL_COL_SSID, "",
-1);
}
else if (curr_key->type == AIRPDCAP_KEY_TYPE_WPA_PWD)
else if (curr_key->type == DOT11DECRYPT_KEY_TYPE_WPA_PWD)
{
if (curr_key->ssid != NULL)
{
@ -1613,7 +1613,7 @@ airpcap_fill_key_list(GtkListStore *key_list_store)
-1);
}
}
else if (curr_key->type == AIRPDCAP_KEY_TYPE_WPA_PMK)
else if (curr_key->type == DOT11DECRYPT_KEY_TYPE_WPA_PMK)
{
gtk_list_store_insert_with_values(key_list_store , &iter, G_MAXINT,
KL_COL_TYPE, AIRPCAP_WPA_BIN_KEY_STRING,
@ -2044,11 +2044,11 @@ airpcap_add_keys_to_driver_from_list(GtkListStore *key_list_store, airpcap_if_in
-1);
if (g_ascii_strcasecmp(row_type,AIRPCAP_WEP_KEY_STRING) == 0)
KeysCollection->Keys[i].KeyType = AIRPDCAP_KEY_TYPE_WEP;
KeysCollection->Keys[i].KeyType = DOT11DECRYPT_KEY_TYPE_WEP;
else if (g_ascii_strcasecmp(row_type,AIRPCAP_WPA_PWD_KEY_STRING) == 0)
KeysCollection->Keys[i].KeyType = AIRPDCAP_KEY_TYPE_WPA_PWD;
KeysCollection->Keys[i].KeyType = DOT11DECRYPT_KEY_TYPE_WPA_PWD;
else if (g_ascii_strcasecmp(row_type,AIRPCAP_WPA_BIN_KEY_STRING) == 0)
KeysCollection->Keys[i].KeyType = AIRPDCAP_KEY_TYPE_WPA_PMK;
KeysCollection->Keys[i].KeyType = DOT11DECRYPT_KEY_TYPE_WPA_PMK;
/* Retrieve the Item corresponding to the i-th key */
key_len = strlen(row_key);
@ -2057,7 +2057,7 @@ airpcap_add_keys_to_driver_from_list(GtkListStore *key_list_store, airpcap_if_in
memset(&KeysCollection->Keys[i].KeyData, 0, sizeof(KeysCollection->Keys[i].KeyData));
/* Key must be saved in a different way, depending on its type... */
if (KeysCollection->Keys[i].KeyType == AIRPDCAP_KEY_TYPE_WEP)
if (KeysCollection->Keys[i].KeyType == DOT11DECRYPT_KEY_TYPE_WEP)
{
for(j = 0 ; j < key_len; j += 2)
{
@ -2127,7 +2127,7 @@ airpcap_read_and_save_decryption_keys_from_list_store(GtkListStore* key_list_sto
tmp_dk = (decryption_key_t*)g_malloc(sizeof(decryption_key_t));
tmp_dk->key = g_string_new(tmp_key);
tmp_dk->ssid = NULL;
tmp_dk->type = AIRPDCAP_KEY_TYPE_WEP;
tmp_dk->type = DOT11DECRYPT_KEY_TYPE_WEP;
tmp_dk->bits = (guint) tmp_dk->key->len * 4;
key_list = g_list_append(key_list,tmp_dk);
}
@ -2137,7 +2137,7 @@ airpcap_read_and_save_decryption_keys_from_list_store(GtkListStore* key_list_sto
tmp_dk->key = g_string_new(tmp_key);
tmp_dk->ssid = g_byte_array_new();
uri_str_to_bytes(tmp_ssid?tmp_ssid:"", tmp_dk->ssid);
tmp_dk->type = AIRPDCAP_KEY_TYPE_WPA_PWD;
tmp_dk->type = DOT11DECRYPT_KEY_TYPE_WPA_PWD;
tmp_dk->bits = 256;
key_list = g_list_append(key_list,tmp_dk);
}
@ -2146,7 +2146,7 @@ airpcap_read_and_save_decryption_keys_from_list_store(GtkListStore* key_list_sto
tmp_dk = (decryption_key_t*)g_malloc(sizeof(decryption_key_t));
tmp_dk->key = g_string_new(tmp_key);
tmp_dk->ssid = NULL; /* No SSID in this case */
tmp_dk->type = AIRPDCAP_KEY_TYPE_WPA_PMK;
tmp_dk->type = DOT11DECRYPT_KEY_TYPE_WPA_PMK;
tmp_dk->bits = 256;
key_list = g_list_append(key_list,tmp_dk);
}

6
ui/gtk/main.c
View File

@ -198,7 +198,7 @@
#include "airpcap_gui_utils.h"
#endif
#include <epan/crypt/airpdcap_ws.h>
#include <epan/crypt/dot11decrypt_ws.h>
#define INVALID_OPTION 1
@ -2018,7 +2018,7 @@ main(int argc, char *argv[])
/* initialize the funnel mini-api */
initialize_funnel_ops();
AirPDcapInitContext(&airpdcap_ctx);
Dot11DecryptInitContext(&dot11decrypt_ctx);
#ifdef _WIN32
/* Load wpcap if possible. Do this before collecting the run-time version information */
@ -2631,7 +2631,7 @@ main(int argc, char *argv[])
epan_cleanup();
extcap_cleanup();
AirPDcapDestroyContext(&airpdcap_ctx);
Dot11DecryptDestroyContext(&dot11decrypt_ctx);
#ifdef _WIN32
/* hide the (unresponsive) main window, while asking the user to close the console window */

2
ui/gtk/main_airpcap_toolbar.c
View File

@ -44,7 +44,7 @@
#include "airpcap_dlg.h"
#include "airpcap_gui_utils.h"
#include <epan/crypt/airpdcap_ws.h>
#include <epan/crypt/dot11decrypt_ws.h>
gboolean block_toolbar_signals = FALSE;

6
wireshark-qt.cpp
View File

@ -112,7 +112,7 @@
//# include "airpcap_gui_utils.h"
#endif
#include "epan/crypt/airpdcap_ws.h"
#include "epan/crypt/dot11decrypt_ws.h"
#if (QT_VERSION < QT_VERSION_CHECK(5, 0, 0))
#include <QTextCodec>
@ -544,7 +544,7 @@ int main(int argc, char *qt_argv[])
// xxx qtshark
//initialize_funnel_ops();
AirPDcapInitContext(&airpdcap_ctx);
Dot11DecryptInitContext(&dot11decrypt_ctx);
QString cf_name;
unsigned int in_file_type = WTAP_TYPE_AUTO;
@ -940,7 +940,7 @@ int main(int argc, char *qt_argv[])
extcap_cleanup();
AirPDcapDestroyContext(&airpdcap_ctx);
Dot11DecryptDestroyContext(&dot11decrypt_ctx);
#ifdef _WIN32
/* Shutdown windows sockets */

2
wsutil/.editorconfig
View File

@ -11,7 +11,7 @@ indent_size = 2
indent_style = tab
indent_size = tab
[airpdcap_wep.[ch]]
[dot11decrypt_wep.[ch]]
indent_style = tab
indent_size = tab

2
wsutil/CMakeLists.txt
View File

@ -87,7 +87,6 @@ set(WSUTIL_PUBLIC_HEADERS
set(WSUTIL_COMMON_FILES
adler32.c
airpdcap_wep.c
base32.c
base64.c
bitswap.c
@ -104,6 +103,7 @@ set(WSUTIL_COMMON_FILES
crc7.c
crc8.c
crc11.c
dot11decrypt_wep.c
eax.c
filesystem.c
frequency-utils.c

2
wsutil/Makefile.am
View File

@ -124,7 +124,6 @@ libwsutil_sse42_la_CFLAGS = $(AM_CFLAGS) $(CFLAGS_SSE42)
libwsutil_la_SOURCES = \
adler32.c \
airpdcap_wep.c \
base32.c \
base64.c \
bitswap.c \
@ -142,6 +141,7 @@ libwsutil_la_SOURCES = \
crc16.c \
crc16-plain.c \
crc32.c \
dot11decrypt_wep.c \
eax.c \
filesystem.c \
frequency-utils.c \

2
wsutil/crc32.h
View File

@ -93,7 +93,7 @@ WS_DLL_PUBLIC guint32 crc32_0x0AA725CF_seed(const guint8 *buf, guint len, guint3
*/
WS_DLL_PUBLIC guint32 crc32_0x5D6DCB_seed(const guint8 *buf, guint len, guint32 seed);
WS_DLL_PUBLIC int AirPDcapWepDecrypt(
WS_DLL_PUBLIC int Dot11DecryptWepDecrypt(
const guchar *seed,
const size_t seed_len,
guchar *cypher_text,

8
wsutil/airpdcap_wep.c → wsutil/dot11decrypt_wep.c
View File

@ -1,4 +1,4 @@
/* airpcap_wep.c
/* dot11decrypt_wep.c
*
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
* Copyright (c) 2006 CACE Technologies, Davis (California)
@ -45,7 +45,7 @@
/* Note: copied from FreeBSD source code, RELENG 6, */
/* sys/net80211/ieee80211_crypto_wep.c, 391 */
int AirPDcapWepDecrypt(
int Dot11DecryptWepDecrypt(
const guchar *seed,
const size_t seed_len,
guchar *cypher_text,
@ -90,11 +90,11 @@ int AirPDcapWepDecrypt(
S_SWAP(i, j);
if ((icv[k] ^ S[(S[i] + S[j]) & 0xff]) != *cypher_text++) {
/* ICV mismatch - drop frame */
return 1/*AIRPDCAP_RET_UNSUCCESS*/;
return 1/*DOT11DECRYPT_RET_UNSUCCESS*/;
}
}
return 0/*AIRPDCAP_RET_SUCCESS*/;
return 0/*DOT11DECRYPT_RET_SUCCESS*/;
}
/*