ieee80211: Fix EAPOL dissector for Wi-SUN
In section 6.5.2.3 ("PTK and GTK Installation Flow"), the Wi-SUN specification says that the second message in 4 way handshake must have these properties: Descriptor Type = 2 Key Information: 1. Key Descriptor Version = 2 2. Key Type = 1 (Pairwise) 3. Install = 0 4. Key Ack = 0 5. Key MIC = 1 6. Secure = 0 7. Error = 0 8. Request = 0 9. Encrypted Key Data = 0 10. SMK Message = 0 11. Reserved = 0 Key Length = 0 Key Replay Counter = see [IEEE802.11] section 11.6.2. Key Nonce = SUP generated SNonce EAPOL-Key IV = 0 Key RSC = 0 Key MIC = MIC(KCK, EAPOL) computed over the body of this EAPOL-Key frame with the Key MIC field first initialized to 0. Key Data Length = 0 Key Data = none Thus, until now, the message 2/4 of 4 way handshake was identified as message 4/4.
This commit is contained in:
parent
0f296eb3f9
commit
a1e2f3b3f5
|
@ -19554,6 +19554,15 @@ static conversation_t *find_wlan_conversation_pinfo(packet_info *pinfo)
|
||||||
return find_conversation_pinfo(pinfo, 0);
|
return find_conversation_pinfo(pinfo, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static gboolean determine_nonce_is_set(tvbuff_t *tvb) {
|
||||||
|
int offset;
|
||||||
|
|
||||||
|
for (offset = 12; offset < 12 + 32; offset++)
|
||||||
|
if (tvb_get_guint8(tvb, offset))
|
||||||
|
return TRUE;
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
static guint16 determine_mic_len(packet_info *pinfo, gboolean assoc_frame,
|
static guint16 determine_mic_len(packet_info *pinfo, gboolean assoc_frame,
|
||||||
gboolean *defaulted) {
|
gboolean *defaulted) {
|
||||||
guint16 eapol_key_mic_len = 16; /* Default MIC length */
|
guint16 eapol_key_mic_len = 16; /* Default MIC length */
|
||||||
|
@ -35715,6 +35724,7 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_
|
||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
guint16 eapol_data_offset = 76; /* 92 - 16 */
|
guint16 eapol_data_offset = 76; /* 92 - 16 */
|
||||||
|
gboolean has_nonce = determine_nonce_is_set(tvb);
|
||||||
gboolean defaulted_mic_len = FALSE;
|
gboolean defaulted_mic_len = FALSE;
|
||||||
guint16 eapol_key_mic_len = determine_mic_len(pinfo, FALSE, &defaulted_mic_len);
|
guint16 eapol_key_mic_len = determine_mic_len(pinfo, FALSE, &defaulted_mic_len);
|
||||||
save_proto_data_value(pinfo, eapol_key_mic_len, MIC_LEN_KEY);
|
save_proto_data_value(pinfo, eapol_key_mic_len, MIC_LEN_KEY);
|
||||||
|
@ -35775,11 +35785,14 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_
|
||||||
use the Secure Bit and/or the Nonce, but there are implementations ignoring the spec.
|
use the Secure Bit and/or the Nonce, but there are implementations ignoring the spec.
|
||||||
The Secure Bit is incorrectly set on rekeys for Windows clients for Message 2 and the Nonce is non-zero
|
The Secure Bit is incorrectly set on rekeys for Windows clients for Message 2 and the Nonce is non-zero
|
||||||
in Message 4 in Bug 11994 (Apple?) */
|
in Message 4 in Bug 11994 (Apple?) */
|
||||||
|
/* In Wi-SUN protocol, message 2 does not contains any data. However, all the implementations
|
||||||
|
* respect 802.11X, so Secure Bit is set only on message 2 and Nonce is set only on message 4
|
||||||
|
* (see section 6.5.2.3 of Wi-SUN specification) */
|
||||||
/* When using AES-SIV without plaintext (i.e. only for integrity), the ciphertext has length 16 */
|
/* When using AES-SIV without plaintext (i.e. only for integrity), the ciphertext has length 16 */
|
||||||
/* With MLO message 4 will have 12 bytes of data */
|
/* With MLO message 4 will have 12 bytes of data */
|
||||||
if (((eapol_key_mic_len == 0) && (eapol_data_len > 16)) ||
|
if (((eapol_key_mic_len == 0) && (eapol_data_len > 16)) ||
|
||||||
((eapol_key_mic_len > 0) && (eapol_data_len != 0) &&
|
((eapol_key_mic_len > 0) && (eapol_data_len == 0) && !(keyinfo & KEY_INFO_SECURE_MASK) && has_nonce) ||
|
||||||
(eapol_data_len != 12))) {
|
((eapol_key_mic_len > 0) && (eapol_data_len != 0) && (eapol_data_len != 12))) {
|
||||||
ti = proto_tree_add_uint(tree, hf_wlan_rsna_eapol_wpa_keydes_msgnr, tvb, offset, 0, 2);
|
ti = proto_tree_add_uint(tree, hf_wlan_rsna_eapol_wpa_keydes_msgnr, tvb, offset, 0, 2);
|
||||||
|
|
||||||
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");
|
col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");
|
||||||
|
|
Loading…
Reference in New Issue