forked from osmocom/wireshark
b5a8677250
Although this patch successfully recognizes group keys and decrypts packets properly using the group key, there is a limitation. If an AP is using key rotation, clicking on individual packets in a trace may not properly decrypt a packet encrypted with a group key. This is because the current structure used in Wireshark only supports one active unicast and one active group key. If a new key has been seen, but you are looking at a packet encrypted with an older key, it will not decrypt. The summary lines, however, do show the packets properly decrypted. I've written up a much longer and more detailed explanation in a comment in the code, along with a proposed idea for a solution, plus a clunky work-around in the GUI when using the current code. I also suspect there might still be a problem with decrypting TKIP groups keys that are sent using WPA2 authentication. In the most common operation, if you are using WPA2, you'll also be using AES keys. It's not a common AP configuration to use WPA2 with TKIP. In fact, most APs don't seem to support it. Since it is an uncommon setup, I haven't put aside the time to test this patch against such an AP. I do have access to an AP that supports this, so when I have the time I'll test it and if needed, will submit another patch to handle that odd-ball condition. From me: Remove the decrypt element of s_rijndael_ctx (which was unused, as indicated in the comments). Preserve the GPL licensing text in several files (which the patch shouldn't have removed). Remove changes that added whitespace. Convert C++-style comments to C-style. Update to include recent SVN changes (e.g. renaming variables named "index"). Remove extraneous printf's. Define DEBUG_DUMP in airpdcap_debug.h. Comment out some instances of DEBUG_DUMP. Change malloc/free to g_malloc/g_free. Use g_memdup instead of allocating and copying. Use gint16 instead of INT16 in airpdcap_rijndael.c. Add Brian to AUTHORS. svn path=/trunk/; revision=25879
96 lines
3.4 KiB
C
96 lines
3.4 KiB
C
/**
|
|
* airpdcap_rijndael.h
|
|
*
|
|
* $Id$
|
|
*
|
|
* @version 3.0 (December 2000)
|
|
*
|
|
* Optimised ANSI C code for the Rijndael cipher (now AES)
|
|
*
|
|
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
|
|
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
|
|
* @author Paulo Barreto <paulo.barreto@terra.com.br>
|
|
*
|
|
* This code is hereby placed in the public domain.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
|
|
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
|
|
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
|
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
|
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
|
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef _AIRPDCAP_RIJNDAEL
|
|
#define _AIRPDCAP_RIJNDAEL
|
|
|
|
/******************************************************************************/
|
|
/* File includes */
|
|
/* */
|
|
#include "airpdcap_interop.h"
|
|
/* */
|
|
/* */
|
|
/******************************************************************************/
|
|
|
|
/******************************************************************************/
|
|
/* Definitions */
|
|
/* */
|
|
/* Note: copied AirPDcap/rijndael/rijndael.h */
|
|
#define RIJNDAEL_MAXKC (256/32)
|
|
#define RIJNDAEL_MAXKB (256/8)
|
|
#define RIJNDAEL_MAXNR 14
|
|
/* */
|
|
/******************************************************************************/
|
|
|
|
/******************************************************************************/
|
|
/* Type definitions */
|
|
/* */
|
|
/* Note: copied AirPDcap/rijndael/rijndael.h */
|
|
typedef struct s_rijndael_ctx {
|
|
INT Nr; /* key-length-dependent number of rounds */
|
|
UINT32 ek[4 * (RIJNDAEL_MAXNR + 1)]; /* encrypt key schedule */
|
|
UINT32 dk[4 * (RIJNDAEL_MAXNR + 1)]; /* decrypt key schedule */
|
|
} rijndael_ctx;
|
|
/* */
|
|
/******************************************************************************/
|
|
|
|
/******************************************************************************/
|
|
/* External function prototypes declarations */
|
|
/* */
|
|
void rijndael_encrypt(
|
|
const rijndael_ctx *ctx,
|
|
const UCHAR *src,
|
|
UCHAR *dst)
|
|
;
|
|
|
|
|
|
void rijndael_set_key(
|
|
rijndael_ctx *ctx,
|
|
const UCHAR *key,
|
|
INT bits)
|
|
;
|
|
|
|
UCHAR AES_unwrap(UCHAR *kek, UINT16 key_len, UCHAR *cipher_text, UINT16 cipher_len, UCHAR *output);
|
|
|
|
/* */
|
|
/******************************************************************************/
|
|
|
|
/******************************************************************************/
|
|
/* Block XOR macro definition */
|
|
/* */
|
|
#define XOR_BLOCK(b, a, len) \
|
|
{ \
|
|
INT __i__; \
|
|
for (__i__ = 0; __i__ < (INT)(len); __i__++) \
|
|
(b)[__i__] ^= (a)[__i__]; \
|
|
}
|
|
/* */
|
|
/******************************************************************************/
|
|
|
|
#endif
|