RadioTap Archive on
 help / color / Atom feed
* [RFC] extended flags
@ 2015-10-21 11:24 Johannes Berg
  0 siblings, 0 replies; only message in thread
From: Johannes Berg @ 2015-10-21 11:24 UTC (permalink / raw)
  To: radiotap-S783fYmB3Ccdnm+yROfE0A

I'd like to define flags to indicate
 * frame was decrypted (FC protected bit is set, but data is decrypted)
 * or not - frame is known to be encrypted
 * in this case - (ext)IV is present
 * in this case - MIC isn't present

Wireshark can be configured for this (apart from the MIC case), but
it's tedious to configure it according to the capture file you happen
to have at hand.

I suggest to define the following field:

= extended flags =

 Bit Number:: 22 (not assigned yet)
 Structure:: u32 flags
 Required Alignment:: 4
 Unit(s):: n/a

This field defines decryption flags for frames. The following flags are

|| '''value''' || '''meaning''' ||
|| `0x00000001` || frame is decrypted (but FC protected bit is set) ||
|| `0x00000002` || frame is encrypted (FC protected bit is also set) ||
|| `0x00000004` || (ext) IV is still present (reserved if 0x1 isn't set) ||
|| `0x00000008` || MIC is not present (should only be used if FCS is also not present, reserved if 0x1 isn't set) ||
|| `0xfffffff0` || (reserved) ||

If there are no objections I'll work on a wireshark patch (though
probably only in about two weeks from now, since I'll be travelling)


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-10-21 11:24 [RFC] extended flags Johannes Berg

RadioTap Archive on

Archives are clonable:
	git clone --mirror radiotap/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 radiotap radiotap/ \
	public-inbox-index radiotap

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone