scapy.contrib.macsec

Classes and functions for MACsec.

class scapy.contrib.macsec.MACsec

Bases: scapy.packet.Packet

representation of one MACsec frame

aliastypes
fields_desc
Display RFC-like schema
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|V|E|S|S|E|C| AN|RES|  SHORTLEN |               PN              |
+-+-+-+-+-+-+-+-+-+-+-+-+       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                               |              SCI              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              TYPE             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                           Fig. MACsec                            
MACsec fields

Ver

BitField (1 bit)

0

ES

BitField (1 bit)

0

SC

BitField (1 bit)

0

SCB

BitField (1 bit)

0

E

BitField (1 bit)

0

C

BitField (1 bit)

0

an

BitField (2 bits)

0

reserved

BitField (2 bits)

0

shortlen

BitField (6 bits)

0

pn

IntField

1

sci

PacketField (Cond)

None

type

XShortEnumField (Cond)

None

mysummary()
payload_guess

Possible sublayers: IP, IPv6

class scapy.contrib.macsec.MACsecSA(sci, an, pn, key, icvlen, encrypt, send_sci, xpn_en=False, ssci=None, salt=None)

Bases: object

Representation of a MACsec Secure Association

Provides encapsulation, decapsulation, encryption, and decryption of MACsec frames

c_bit()

returns the value of the C bit for packets sent through this SA

decap(orig_pkt)

decapsulate a MACsec frame

decrypt(orig_pkt, assoclen=None)

decrypt a MACsec frame for this Secure Association

e_bit()

returns the value of the E bit for packets sent through this SA

encap(pkt)

encapsulate a frame using this Secure Association

encrypt(orig_pkt, assoclen=None)

encrypt a MACsec frame for this Secure Association

make_iv(pkt)

generate an IV for the packet

static shortlen(pkt)

determine shortlen for a raw packet (not encapsulated yet)

static split_pkt(pkt, assoclen, icvlen=0)

split the packet into associated data, plaintext or ciphertext, and optional ICV