42544c8c44
Add support for TK user input keys. With this Wireshark can decrypt packet captures where 4WHS frames are missing and packet captures with non-supported AKMS, for example 802.11r / Fast BSS Transitioning. Decryption using user TK works as a backup if the normal decryption flow does not succeed. Having TK decryption keys added will affect general IEEE 802.11 dissector performance as each encrypted packet will be tested with every TK. Worst case scenario is plenty of TKs where none of them matches encrypted frames. On successful user TK decryption an SA is formed based on parameters used to decrypt the frame. This SA is similar to what is formed when Wireshark detects and derive keys from 4WHS messages. With the SA entry in place the decryption performance (success case) should be on par with "normal" decryption flow. Bug: 16579 Change-Id: I72c2c1e2c6693131d3ba07f8ddb8ff772c1b54a9 Reviewed-on: https://code.wireshark.org/review/37217 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com> |
||
|---|---|---|
| .. | ||
| 80211_keys.tmpl | ||
| 80211_keys.user_tk_tmpl | ||
| c1222_decryption_table.tmpl | ||
| dtlsdecrypttablefile.tmpl | ||
| esp_sa.tmpl | ||
| ikev1_decryption_table.tmpl | ||
| ikev2_decryption_table.tmpl | ||
| ssl_keys.tmpl | ||