forked from osmocom/wireshark
ieee80211: Fix WPA1 decryption
PTK key derivation algorithm for WPA1 uses SHA1 not MD5. MD5 is used for MIC only. To avoid regression also add a decrypt test for WPA1 with GTK rekeying. Change-Id: Iabcf40c2f74d5dbc1d72cba0718c77020d97f61f Fixes: v3.1.0rc0-342-g9cf77ec5e1 ("ieee80211: Support decrypting WPA3-Personal / SAE captures") Reviewed-on: https://code.wireshark.org/review/32691 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This commit is contained in:
parent
6c3467945c
commit
4b814187ac
|
@ -2269,7 +2269,7 @@ Dot11DecryptDerivePtk(
|
|||
sa->wpa.cipher = 2; /* TKIP */
|
||||
ptk_len_bits = 512;
|
||||
DerivePtk = Dot11DecryptRsnaPrfX;
|
||||
algo = GCRY_MD_MD5;
|
||||
algo = GCRY_MD_SHA1;
|
||||
} else if (key_version == DOT11DECRYPT_WPA_KEY_VER_AES_CCMP) {
|
||||
sa->wpa.cipher = 4; /* CCMP-128 */
|
||||
ptk_len_bits = 384;
|
||||
|
@ -2309,7 +2309,7 @@ Dot11DecryptRsnaPrfX(
|
|||
UCHAR R[100];
|
||||
INT offset=sizeof("Pairwise key expansion");
|
||||
UCHAR output[80]; /* allow for sha1 overflow. */
|
||||
int hash_len = (hash_algo == GCRY_MD_MD5) ? 16 : 20;
|
||||
int hash_len = 20;
|
||||
|
||||
memset(R, 0, 100);
|
||||
|
||||
|
|
Binary file not shown.
|
@ -101,6 +101,17 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase):
|
|||
self.assertTrue(self.grepOutput('Who has 192.168.5.2'))
|
||||
self.assertTrue(self.grepOutput('DHCP ACK'))
|
||||
|
||||
def test_80211_wpa1_gtk_rekey(self, cmd_tshark, capture_file):
|
||||
'''Decode WPA1 with multiple GTK rekeys'''
|
||||
# Included in git sources test/captures/wpa1-gtk-rekey.pcapng.gz
|
||||
self.assertRun((cmd_tshark,
|
||||
'-o', 'wlan.enable_decryption: TRUE',
|
||||
'-r', capture_file('wpa1-gtk-rekey.pcapng.gz'),
|
||||
'-Y', 'wlan.analysis.tk == "d0e57d224c1bb8806089d8c23154074c" || wlan.analysis.gtk == "6eaf63f4ad7997ced353723de3029f4d" || wlan.analysis.gtk == "fb42811bcb59b7845376246454fbdab7"',
|
||||
))
|
||||
self.assertTrue(self.grepOutput('DHCP Discover'))
|
||||
self.assertEqual(self.countOutput('ICMP.*Echo .ping'), 8)
|
||||
|
||||
@fixtures.mark_usefixtures('test_env')
|
||||
@fixtures.uses_fixtures
|
||||
class case_decrypt_dtls(subprocesstest.SubprocessTestCase):
|
||||
|
|
Loading…
Reference in New Issue