|
|
//============================================================================//
// MODULE: eapol.c //
// //
// Description: EAPOL/802.1X Parser //
// //
// Note: info for this parsers was gleaned from :
// IEEE 802.1X
// //
// Modification History //
// //
// timmoore 04/04/2000 Created //
//===========================================================================//
#include "eapol.h"
// the type of EAPOL packet
LABELED_BYTE lbEAPOLCode[] = { { EAPOL_PACKET, "Packet" }, { EAPOL_START, "Start" }, { EAPOL_LOGOFF, "Logoff" }, { EAPOL_KEY, "Key" }, };
SET EAPOLCodeSET = {(sizeof(lbEAPOLCode)/sizeof(LABELED_BYTE)), lbEAPOLCode };
// property table
PROPERTYINFO EAPOL_Prop[] = { //EAPOL_SUMMARY
{ 0, 0, "Summary", "Summary of EAPOL packet", PROP_TYPE_SUMMARY, PROP_QUAL_NONE, NULL, 80, EAPOL_FormatSummary },
//EAPOL_VERSION
{ 0, 0, "Version", "EAPOL packet type", PROP_TYPE_BYTE, PROP_QUAL_NONE, NULL, 80, FormatPropertyInstance },
//EAPOL_TYPE
{ 0, 0, "Type", "EAPOL packet type", PROP_TYPE_BYTE, PROP_QUAL_LABELED_SET, &EAPOLCodeSET, 80, FormatPropertyInstance },
//EAPOL_LENGTH
{ 0, 0, "Length", "EAPOL length", PROP_TYPE_BYTESWAPPED_WORD, PROP_QUAL_NONE, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_SIGNTYPE
{ 0, 0, "Signature Type", "EAPOL Signature Type", PROP_TYPE_BYTE, PROP_QUAL_NONE, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_KEYTYPE
{ 0, 0, "Key Type", "EAPOL Key Type", PROP_TYPE_BYTE, PROP_QUAL_NONE, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_KEYLENGTH
{ 0, 0, "Length", "EAPOL Key length", PROP_TYPE_BYTESWAPPED_WORD, PROP_QUAL_NONE, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_REPLAY
{ 0, 0, "Replay", "EAPOL Replay Counter", PROP_TYPE_BYTE, PROP_QUAL_ARRAY, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_KEYIV
{ 0, 0, "Key IV", "EAPOL Key IV", PROP_TYPE_BYTE, PROP_QUAL_ARRAY, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_KEYINDEX
{ 0, 0, "Index", "EAPOL Key Index", PROP_TYPE_BYTE, PROP_QUAL_NONE, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_KEYSIGN
{ 0, 0, "Key Signature", "EAPOL Key Signature", PROP_TYPE_BYTE, PROP_QUAL_ARRAY, NULL, 80, FormatPropertyInstance },
//EAPOL_KEY_KEY
{ 0, 0, "Key", "EAPOL Key", PROP_TYPE_BYTE, PROP_QUAL_ARRAY, NULL, 80, FormatPropertyInstance }, };
WORD NUM_EAPOL_PROPERTIES = sizeof(EAPOL_Prop) / sizeof(PROPERTYINFO);
// Define the entry points that we will pass back at dll entry time...
ENTRYPOINTS EAPOLEntryPoints ={ // EAPOL Entry Points
EAPOL_Register, EAPOL_Deregister, EAPOL_RecognizeFrame, EAPOL_AttachProperties, EAPOL_FormatProperties}; // Globals -------------------------------------------------------------------
HPROTOCOL hEAPOL = NULL;HPROTOCOL hEAP = NULL;
//============================================================================
// Function: EAPOL_Register
//
// Description: Create our property database and handoff sets.
//
// Modification History
//
// timmoore 04/04/2000 Created //
//============================================================================
void BHAPI EAPOL_Register( HPROTOCOL hEAPOL){ WORD i;
// tell the kernel to make reserve some space for our property table
CreatePropertyDatabase( hEAPOL, NUM_EAPOL_PROPERTIES);
// add our properties to the kernel's database
for( i = 0; i < NUM_EAPOL_PROPERTIES; i++) { AddProperty( hEAPOL, &EAPOL_Prop[i]); } hEAP = GetProtocolFromName("EAP");}
//============================================================================
// Function: EAPOL_Deregister
//
// Description: Destroy our property database and handoff set
//
// Modification History
//
// timmoore 04/04/2000 Created //
//============================================================================
VOID WINAPI EAPOL_Deregister( HPROTOCOL hEAPOL){ // tell the kernel that it may now free our database
DestroyPropertyDatabase( hEAPOL);}
//============================================================================
// Function: EAPOL_RecognizeFrame
//
// Description: Determine whether we exist in the frame at the spot
// indicated. We also indicate who (if anyone) follows us
// and how much of the frame we claim.
//
// Modification History
//
// timmoore 04/04/2000 Created //
//============================================================================
ULPBYTE BHAPI EAPOL_RecognizeFrame( HFRAME hFrame, ULPBYTE pMacFrame, ULPBYTE pEAPOLFrame, DWORD MacType, DWORD BytesLeft, HPROTOCOL hPrevProtocol, DWORD nPrevProtOffset, LPDWORD pProtocolStatus, LPHPROTOCOL phNextProtocol, PDWORD_PTR InstData) { ULPEAPHDR pEAPOLHeader = (ULPEAPHDR)pEAPOLFrame; if(pEAPOLHeader->bType == EAPOL_START || pEAPOLHeader->bType == EAPOL_LOGOFF || pEAPOLHeader->bType == EAPOL_KEY) { *pProtocolStatus = PROTOCOL_STATUS_CLAIMED; return NULL; } else { *phNextProtocol = hEAP; *pProtocolStatus = PROTOCOL_STATUS_NEXT_PROTOCOL; return pEAPOLFrame + 4; }}
//============================================================================
// Function: EAPOL_AttachProperties
//
// Description: Indicate where in the frame each of our properties live.
//
// Modification History
//
// timmoore 04/04/2000 Created //
//============================================================================
ULPBYTE BHAPI EAPOL_AttachProperties( HFRAME hFrame, ULPBYTE pMacFrame, ULPBYTE pEAPOLFrame, DWORD MacType, DWORD BytesLeft, HPROTOCOL hPrevProtocol, DWORD nPrevProtOffset, DWORD_PTR InstData)
{ ULPEAPHDR pEAPOLHeader = (ULPEAPHDR)pEAPOLFrame;
// summary line
AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_SUMMARY].hProperty, (WORD)BytesLeft, (ULPBYTE)pEAPOLFrame, 0, 0, 0);
// Version
AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_VERSION].hProperty, sizeof(BYTE), &(pEAPOLHeader->bVersion), 0, 1, 0);
// EAPOL Type
AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_TYPE].hProperty, sizeof(BYTE), &(pEAPOLHeader->bType), 0, 1, 0);
// Length
AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_LENGTH].hProperty, sizeof(WORD), &(pEAPOLHeader->wLength), 0, 1, 0);
if(pEAPOLHeader->bType == EAPOL_KEY) { ULPEAPOLKEY pEAPOLKey = (ULPEAPOLKEY)&(pEAPOLHeader->pEAPPacket[0]); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_SIGNTYPE].hProperty, sizeof(BYTE), &(pEAPOLKey->bSignType), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEYTYPE].hProperty, sizeof(BYTE), &(pEAPOLKey->bKeyType), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEYLENGTH].hProperty, sizeof(WORD), &(pEAPOLKey->wKeyLength), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEYREPLAY].hProperty, 16, &(pEAPOLKey->bKeyReplay), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEYIV].hProperty, 16, &(pEAPOLKey->bKeyIV), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEYINDEX].hProperty, sizeof(BYTE), &(pEAPOLKey->bKeyIndex), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEYSIGN].hProperty, 16, &(pEAPOLKey->bKeySign), 0, 1, 0); AttachPropertyInstance( hFrame, EAPOL_Prop[EAPOL_KEY_KEY].hProperty, XCHG(pEAPOLKey->wKeyLength), &(pEAPOLKey->bKey), 0, 1, 0); } return NULL;}
//============================================================================
// Function: EAPOL_FormatProperties
//
// Description: Format the given properties on the given frame.
//
// Modification History
//
// timmoore 04/04/2000 Created //
//============================================================================
DWORD BHAPI EAPOL_FormatProperties( HFRAME hFrame, ULPBYTE pMacFrame, ULPBYTE pEAPOLFrame, DWORD nPropertyInsts, LPPROPERTYINST p){ // loop through the property instances
while( nPropertyInsts-- > 0) { // and call the formatter for each
( (FORMAT)(p->lpPropertyInfo->InstanceData) )( p); p++; }
return NMERR_SUCCESS;}
//============================================================================
// Function: EAPOL_FormatSummary
//
// Description: The custom formatter for the summary property
//
// Modification History
//
// timmoore 04/04/2000 Created //
//============================================================================
VOID WINAPIV EAPOL_FormatSummary( LPPROPERTYINST pPropertyInst){ ULPBYTE pReturnedString = pPropertyInst->szPropertyText; ULPEAPHDR pEAPOLHeader = (ULPEAPHDR)(pPropertyInst->lpData); char* szTempString;
// fetch the message type
szTempString = LookupByteSetString( &EAPOLCodeSET, pEAPOLHeader->bType ); if( szTempString == NULL ) { wsprintf( pReturnedString, "Packet Type: Unknown"); } else { pReturnedString += wsprintf( pReturnedString, "Packet: %s", szTempString ); }}
|
