libwifi 0.0.3
An 802.11 Frame Parsing and Generation library in C
security.h
Go to the documentation of this file.
1/* Copyright 2021 The libwifi Authors
2 *
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#ifndef LIBWIFI_CORE_SECURITY_H
17#define LIBWIFI_CORE_SECURITY_H
18
19#include <stdint.h>
20
21/* 802.1X Key Information Field Values */
22#define EAPOL_KEY_INFO_M1 0x008A
23#define EAPOL_KEY_INFO_M2 0x010A
24#define EAPOL_KEY_INFO_M3 0x13CA
25#define EAPOL_KEY_INFO_M4 0x030A
26
27/* Sane maximum value for Cipher Suite Count */
28#define LIBWIFI_MAX_CIPHER_SUITES 6
29
30/* Cipher Suite OUIs for WPA and RSN */
31#define MICROSOFT_OUI "\x00\x50\xF2"
32#define CIPHER_SUITE_OUI "\x00\x0F\xAC"
33
34/* Common Microsoft Vendor Types */
35#define MICROSOFT_OUI_TYPE_WPA 1
36#define MICROSOFT_OUI_TYPE_WMM 2
37#define MICROSOFT_OUI_TYPE_WPS 4
38
39/* Cipher Suite Values */
40#define CIPHER_SUITE_GROUP 0 /* WPA1/2 */
41#define CIPHER_SUITE_WEP40 1 /* WEP */
42#define CIPHER_SUITE_TKIP 2 /* WPA1/2 */
43#define CIPHER_SUITE_RESERVED 3 /* WPA1/2 */
44#define CIPHER_SUITE_CCMP128 4 /* WPA2 */
45#define CIPHER_SUITE_WEP104 5 /* WEP */
46#define CIPHER_SUITE_BIP_CMAC128 6 /* WPA2 */
47#define CIPHER_SUITE_NOTALLOWED 7 /* WPA2 */
48#define CIPHER_SUITE_GCMP128 8 /* WPA3 */
49#define CIPHER_SUITE_GCMP256 9 /* WPA3 */
50#define CIPHER_SUITE_CCMP256 10 /* WPA3 */
51#define CIPHER_SUITE_BIP_GMAC128 11 /* WPA3 */
52#define CIPHER_SUITE_BIP_GMAC256 12 /* WPA3 */
53#define CIPHER_SUITE_BIP_CMAC256 13 /* WPA3 */
54
55/* Auth Key Management Suite Values */
56#define AKM_SUITE_RESERVED 0 /* WPA1/2 */
57#define AKM_SUITE_1X 1 /* WPA1/2 */
58#define AKM_SUITE_PSK 2 /* WPA1/2 */
59#define AKM_SUITE_1X_FT 3 /* WPA1/2 */
60#define AKM_SUITE_PSK_FT 4 /* WPA2 */
61#define AKM_SUITE_1X_SHA256 5 /* WPA2 */
62#define AKM_SUITE_PSK_SHA256 6 /* WPA2 */
63#define AKM_SUITE_TDLS 7 /* WPA2 */
64#define AKM_SUITE_SAE 8 /* WPA3 */
65#define AKM_SUITE_SAE_FT 9 /* WPA3 */
66#define AKM_SUITE_AP_PEER 10 /* WPA3 */
67#define AKM_SUITE_1X_SUITEB_SHA256 11 /* WPA3 */
68#define AKM_SUITE_1X_SUITEB_SHA384 12 /* WPA3 */
69#define AKM_SUITE_1X_FT_SHA384 13 /* WPA3 */
70#define AKM_SUITE_FILS_SHA256 14 /* WPA3 */
71#define AKM_SUITE_FILS_SHA384 15 /* WPA3 */
72#define AKM_SUITE_FILS_SHA256_FT 16 /* WPA3 */
73#define AKM_SUITE_FILS_SHA384_FT 17 /* WPA3 */
74#define AKM_SUITE_OWE 18 /* WPA3 */
75#define AKM_PSK_SHA384_FT 19 /* WPA3 */
76#define AKM_PSK_SHA384 20 /* WPA3 */
77
78/* Authentication Scheme Values */
79#define AUTH_OPEN 0
80#define AUTH_SHARED_KEY 1
81#define AUTH_FAST_BSS 2
82#define AUTH_SAE 3
83#define AUTH_VENDOR 65535
84
85/* libwifi Security Type Values for libwifi_bss encryption_info */
86#define WEP (1ULL << 1)
87#define WPA (1ULL << 2)
88#define WPA2 (1ULL << 3)
89#define WPA3 (1ULL << 4)
90
91/* libwifi Group or Multicast Cipher Values for libwifi_bss encryption_info */
92#define LIBWIFI_GROUP_CIPHER_SUITE_WEP40 (1ULL << 5)
93#define LIBWIFI_GROUP_CIPHER_SUITE_TKIP (1ULL << 6)
94#define LIBWIFI_GROUP_CIPHER_SUITE_RESERVED (1ULL << 7)
95#define LIBWIFI_GROUP_CIPHER_SUITE_CCMP128 (1ULL << 8)
96#define LIBWIFI_GROUP_CIPHER_SUITE_WEP104 (1ULL << 9)
97#define LIBWIFI_GROUP_CIPHER_SUITE_BIP_CMAC128 (1ULL << 10)
98#define LIBWIFI_GROUP_CIPHER_SUITE_NOTALLOWED (1ULL << 11)
99#define LIBWIFI_GROUP_CIPHER_SUITE_GCMP128 (1ULL << 12)
100#define LIBWIFI_GROUP_CIPHER_SUITE_GCMP256 (1ULL << 13)
101#define LIBWIFI_GROUP_CIPHER_SUITE_CCMP256 (1ULL << 14)
102#define LIBWIFI_GROUP_CIPHER_SUITE_BIP_GMAC128 (1ULL << 15)
103#define LIBWIFI_GROUP_CIPHER_SUITE_BIP_GMAC256 (1ULL << 16)
104#define LIBWIFI_GROUP_CIPHER_SUITE_BIP_CMAC256 (1ULL << 17)
105
106/* libwifi Pairwise or Unicast Cipher Values for libwifi_bss encryption_info */
107#define LIBWIFI_PAIRWISE_SUITE_GROUP (1ULL << 18)
108#define LIBWIFI_PAIRWISE_CIPHER_SUITE_WEP40 (1ULL << 19)
109#define LIBWIFI_PAIRWISE_CIPHER_SUITE_TKIP (1ULL << 20)
110#define LIBWIFI_PAIRWISE_CIPHER_SUITE_RESERVED (1ULL << 21)
111#define LIBWIFI_PAIRWISE_CIPHER_SUITE_CCMP128 (1ULL << 22)
112#define LIBWIFI_PAIRWISE_CIPHER_SUITE_WEP104 (1ULL << 23)
113#define LIBWIFI_PAIRWISE_CIPHER_SUITE_BIP_CMAC128 (1ULL << 24)
114#define LIBWIFI_PAIRWISE_CIPHER_SUITE_NOTALLOWED (1ULL << 25)
115#define LIBWIFI_PAIRWISE_CIPHER_SUITE_GCMP128 (1ULL << 26)
116#define LIBWIFI_PAIRWISE_CIPHER_SUITE_GCMP256 (1ULL << 27)
117#define LIBWIFI_PAIRWISE_CIPHER_SUITE_CCMP256 (1ULL << 28)
118#define LIBWIFI_PAIRWISE_CIPHER_SUITE_BIP_GMAC128 (1ULL << 29)
119#define LIBWIFI_PAIRWISE_CIPHER_SUITE_BIP_GMAC256 (1ULL << 30)
120#define LIBWIFI_PAIRWISE_CIPHER_SUITE_BIP_CMAC256 (1ULL << 31)
121
122/* libwifi Auth Key Management Values for libwifi_bss encryption_info */
123#define LIBWIFI_AKM_SUITE_RESERVED (1ULL << 32)
124#define LIBWIFI_AKM_SUITE_1X (1ULL << 33)
125#define LIBWIFI_AKM_SUITE_PSK (1ULL << 34)
126#define LIBWIFI_AKM_SUITE_1X_FT (1ULL << 35)
127#define LIBWIFI_AKM_SUITE_PSK_FT (1ULL << 36)
128#define LIBWIFI_AKM_SUITE_1X_SHA256 (1ULL << 37)
129#define LIBWIFI_AKM_SUITE_PSK_SHA256 (1ULL << 39)
130#define LIBWIFI_AKM_SUITE_TDLS (1ULL << 40)
131#define LIBWIFI_AKM_SUITE_SAE (1ULL << 41)
132#define LIBWIFI_AKM_SUITE_SAE_FT (1ULL << 42)
133#define LIBWIFI_AKM_SUITE_AP_PEER (1ULL << 43)
134#define LIBWIFI_AKM_SUITE_1X_SUITEB_SHA256 (1ULL << 44)
135#define LIBWIFI_AKM_SUITE_1X_SUITEB_SHA384 (1ULL << 45)
136#define LIBWIFI_AKM_SUITE_1X_FT_SHA384 (1ULL << 46)
137#define LIBWIFI_AKM_SUITE_FILS_SHA256 (1ULL << 47)
138#define LIBWIFI_AKM_SUITE_FILS_SHA384 (1ULL << 48)
139#define LIBWIFI_AKM_SUITE_FILS_SHA256_FT (1ULL << 49)
140#define LIBWIFI_AKM_SUITE_FILS_SHA384_FT (1ULL << 50)
141#define LIBWIFI_AKM_SUITE_OWE (1ULL << 51)
142#define LIBWIFI_AKM_PSK_SHA384_FT (1ULL << 52)
143#define LIBWIFI_AKM_PSK_SHA384 (1ULL << 53)
144
145/* libwifi Authentication Scheme Values for libwifi_bss encryption_info */
146#define LIBWIFI_AUTH_OPEN (1ULL << 54)
147#define LIBWIFI_AUTH_SHARED_KEY (1ULL << 55)
148#define LIBWIFI_AUTH_FAST_BSS (1ULL << 56)
149#define LIBWIFI_AUTH_SAE (1ULL << 57)
150#define LIBWIFI_AUTH_VENDOR (1ULL << 58)
151
152/* libwifi RSN Capability flags */
153#define LIBWIFI_RSN_CAPAB_PREAUTH (1 << 0)
154#define LIBWIFI_RSN_CAPAB_PAIRWISE (1 << 1)
155#define LIBWIFI_RSN_CAPAB_PTKSA_REPLAY (1 << 2 | 1 << 3)
156#define LIBWIFI_RSN_CAPAB_GTKSA_REPLAY (1 << 4 | 1 << 5)
157#define LIBWIFI_RSN_CAPAB_MFP_REQUIRED (1 << 6)
158#define LIBWIFI_RSN_CAPAB_MFP_CAPABLE (1 << 7)
159#define LIBWIFI_RSN_CAPAB_JOINT_RSNA (1 << 8)
160#define LIBWIFI_RSN_CAPAB_PEERKEY (1 << 9)
161#define LIBWIFI_RSN_CAPAB_EXT_KEY_ID (1 << 13)
162
172struct libwifi_cipher_suite {
173 unsigned char oui[3];
174 uint8_t suite_type;
175} __attribute__((packed));
176
193struct libwifi_wpa_info {
194 uint16_t wpa_version;
195 struct libwifi_cipher_suite multicast_cipher_suite;
196 uint16_t num_unicast_cipher_suites;
197 struct libwifi_cipher_suite unicast_cipher_suites[LIBWIFI_MAX_CIPHER_SUITES];
198 uint16_t num_auth_key_mgmt_suites;
199 struct libwifi_cipher_suite auth_key_mgmt_suites[LIBWIFI_MAX_CIPHER_SUITES];
200} __attribute__((packed));
201
220struct libwifi_rsn_info {
221 uint16_t rsn_version;
222 struct libwifi_cipher_suite group_cipher_suite;
223 int num_pairwise_cipher_suites;
224 struct libwifi_cipher_suite pairwise_cipher_suites[LIBWIFI_MAX_CIPHER_SUITES];
225 int num_auth_key_mgmt_suites;
226 struct libwifi_cipher_suite auth_key_mgmt_suites[LIBWIFI_MAX_CIPHER_SUITES];
227 uint16_t rsn_capabilities;
228} __attribute__((packed));
229
230/*
231 * libwifi Representation of the 802.1X/EAPOL Key Information section
232 * ┌───────────────────────────────────┐
233 * │ Key Information │ ── 2 Bytes
234 * ├───────────────────────────────────┤
235 * │ Key Length │ ── 2 Bytes
236 * ├───────────────────────────────────┤
237 * │ Replay Counter │ ── 8 Bytes
238 * ├───────────────────────────────────┤
239 * │ WPA Key Nonce │ ── 32 Bytes
240 * ├───────────────────────────────────┤
241 * │ WPA Key IV │ ── 16 Bytes
242 * ├───────────────────────────────────┤
243 * │ WPA Key RSC │ ── 8 Bytes
244 * ├───────────────────────────────────┤
245 * │ WPA Key ID │ ── 8 Bytes
246 * ├───────────────────────────────────┤
247 * │ WPA Key MIC │ ── 16 Bytes
248 * ├───────────────────────────────────┤
249 * │ WPA Key Data Length │ ── 4 Bytes
250 * ├───────────────────────────────────┤
251 * │ WPA Key Data │ ── Variable
252 * └───────────────────────────────────┘
253 */
254struct libwifi_wpa_key_info {
255 uint16_t information;
256 uint16_t key_length;
257 uint64_t replay_counter;
258 unsigned char nonce[32];
259 unsigned char iv[16];
260 unsigned char rsc[8];
261 unsigned char id[8];
262 unsigned char mic[16];
263 uint16_t key_data_length;
264 unsigned char *key_data;
265} __attribute__((packed));
266
281struct libwifi_wpa_auth_data {
282 uint8_t version;
283 uint8_t type;
284 uint16_t length;
285 uint8_t descriptor;
286 struct libwifi_wpa_key_info key_info;
287} __attribute__((packed));
288
289#endif /* LIBWIFI_CORE_SECURITY_H */
__attribute__
struct libwifi_cipher_suite __attribute__((packed))
LIBWIFI_MAX_CIPHER_SUITES
#define LIBWIFI_MAX_CIPHER_SUITES
Definition: security.h:28
libwifi_cipher_suite
libwifi Representation of a WPA or RSN cipher suite ┌────────────────────────┬────────────┐ │ OUI │ S...
Definition: security.h:172
libwifi_cipher_suite::suite_type
uint8_t suite_type
Definition: security.h:174
libwifi_cipher_suite::oui
unsigned char oui[3]
Definition: security.h:173
libwifi_rsn_info
libwifi Representation of a 802.11 RSN Information Element ┌───────────────────────────────────┐ │ Ve...
Definition: security.h:220
libwifi_rsn_info::rsn_capabilities
uint16_t rsn_capabilities
Definition: security.h:227
libwifi_rsn_info::num_pairwise_cipher_suites
int num_pairwise_cipher_suites
Definition: security.h:223
libwifi_rsn_info::num_auth_key_mgmt_suites
int num_auth_key_mgmt_suites
Definition: security.h:225
libwifi_rsn_info::auth_key_mgmt_suites
struct libwifi_cipher_suite auth_key_mgmt_suites[LIBWIFI_MAX_CIPHER_SUITES]
Definition: security.h:226
libwifi_rsn_info::pairwise_cipher_suites
struct libwifi_cipher_suite pairwise_cipher_suites[LIBWIFI_MAX_CIPHER_SUITES]
Definition: security.h:224
libwifi_rsn_info::group_cipher_suite
struct libwifi_cipher_suite group_cipher_suite
Definition: security.h:222
libwifi_rsn_info::rsn_version
uint16_t rsn_version
Definition: security.h:221
libwifi_wpa_auth_data
libwifi Representation of the encapsulating 802.1X data in an EAPOL frame ┌─────────────────┐ │ Versi...
Definition: security.h:281
libwifi_wpa_auth_data::key_info
struct libwifi_wpa_key_info key_info
Definition: security.h:286
libwifi_wpa_auth_data::length
uint16_t length
Definition: security.h:284
libwifi_wpa_auth_data::type
uint8_t type
Definition: security.h:283
libwifi_wpa_auth_data::version
uint8_t version
Definition: security.h:282
libwifi_wpa_auth_data::descriptor
uint8_t descriptor
Definition: security.h:285
libwifi_wpa_info
libwifi Representation of a Microsoft WPA Information Element ┌───────────────────────────────────┐ │...
Definition: security.h:193
libwifi_wpa_info::unicast_cipher_suites
struct libwifi_cipher_suite unicast_cipher_suites[LIBWIFI_MAX_CIPHER_SUITES]
Definition: security.h:197
libwifi_wpa_info::multicast_cipher_suite
struct libwifi_cipher_suite multicast_cipher_suite
Definition: security.h:195
libwifi_wpa_info::num_unicast_cipher_suites
uint16_t num_unicast_cipher_suites
Definition: security.h:196
libwifi_wpa_info::auth_key_mgmt_suites
struct libwifi_cipher_suite auth_key_mgmt_suites[LIBWIFI_MAX_CIPHER_SUITES]
Definition: security.h:199
libwifi_wpa_info::num_auth_key_mgmt_suites
uint16_t num_auth_key_mgmt_suites
Definition: security.h:198
libwifi_wpa_info::wpa_version
uint16_t wpa_version
Definition: security.h:194
libwifi_wpa_key_info
Definition: security.h:254
libwifi_wpa_key_info::mic
unsigned char mic[16]
Definition: security.h:262
libwifi_wpa_key_info::nonce
unsigned char nonce[32]
Definition: security.h:258
libwifi_wpa_key_info::replay_counter
uint64_t replay_counter
Definition: security.h:257
libwifi_wpa_key_info::rsc
unsigned char rsc[8]
Definition: security.h:260
libwifi_wpa_key_info::information
uint16_t information
Definition: security.h:255
libwifi_wpa_key_info::key_data
unsigned char * key_data
Definition: security.h:264
libwifi_wpa_key_info::key_data_length
uint16_t key_data_length
Definition: security.h:263
libwifi_wpa_key_info::key_length
uint16_t key_length
Definition: security.h:256
libwifi_wpa_key_info::iv
unsigned char iv[16]
Definition: security.h:259