scapy.contrib.macsec

Classes and functions for MACsec.

class scapy.contrib.macsec.MACsec(*args, **kargs)

Bases: scapy.packet.Packet

representation of one MACsec frame

aliastypes
fields_desc
Display RFC-like schema
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|V|E|S|S|E|C| AN|RES|  SHORTLEN |               PN              |
+-+-+-+-+-+-+-+-+-+-+-+-+       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                               |              SCI              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              TYPE             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                           Fig. MACsec                            
MACsec fields

Ver

BitField (1 bit)

'0'

ES

BitField (1 bit)

'0'

SC

BitField (1 bit)

'0'

SCB

BitField (1 bit)

'0'

E

BitField (1 bit)

'0'

C

BitField (1 bit)

'0'

an

BitField (2 bits)

'0'

reserved

BitField (2 bits)

'0'

shortlen

BitField (6 bits)

'0'

pn

IntField

'1'

sci

PacketField (Cond)

'None'

type

XShortEnumField (Cond)

'None'

mysummary()
payload_guess

Possible sublayers: IP, IPv6

class scapy.contrib.macsec.MACsecSA(sci, an, pn, key, icvlen, encrypt, send_sci, xpn_en=False, ssci=None, salt=None)

Bases: object

Representation of a MACsec Secure Association

Provides encapsulation, decapsulation, encryption, and decryption of MACsec frames

c_bit()

returns the value of the C bit for packets sent through this SA

decap(orig_pkt)

decapsulate a MACsec frame

decrypt(orig_pkt, assoclen=None)

decrypt a MACsec frame for this Secure Association

e_bit()

returns the value of the E bit for packets sent through this SA

encap(pkt)

encapsulate a frame using this Secure Association

encrypt(orig_pkt, assoclen=None)

encrypt a MACsec frame for this Secure Association

make_iv(pkt)

generate an IV for the packet

static shortlen(pkt)

determine shortlen for a raw packet (not encapsulated yet)

static split_pkt(pkt, assoclen, icvlen=0)

split the packet into associated data, plaintext or ciphertext, and optional ICV