Add WPA group key decryption from Brian Stormont, via bug 1420:

Although this patch successfully recognizes group keys and decrypts packets
properly using the group key, there is a limitation.  If an AP is using key
rotation, clicking on individual packets in a trace may not properly decrypt a
packet encrypted with a group key.  This is because the current structure used
in Wireshark only supports one active unicast and one active group key.  If a
new key has been seen, but you are looking at a packet encrypted with an older
key, it will not decrypt.  The summary lines, however, do show the packets
properly decrypted.

I've written up a much longer and more detailed explanation in a comment in the
code, along with a proposed idea for a solution, plus a clunky work-around in
the GUI when using the current code.

I also suspect there might still be a problem with decrypting TKIP groups keys
that are sent using WPA2 authentication.  In the most common operation, if you
are using WPA2, you'll also be using AES keys. It's not a common AP
configuration to use WPA2 with TKIP. In fact, most APs don't seem to support
it.  Since it is an uncommon setup, I haven't put aside the time to test this
patch against such an AP.   I do have access to an AP that supports this, so
when I have the time I'll test it and if needed, will submit another patch to
handle that odd-ball condition.

From me:

Remove the decrypt element of s_rijndael_ctx (which was unused, as indicated
in the comments).
Preserve the GPL licensing text in several files (which the patch shouldn't
have removed).
Remove changes that added whitespace.
Convert C++-style comments to C-style.
Update to include recent SVN changes (e.g. renaming variables named "index").
Remove extraneous printf's.
Define DEBUG_DUMP in airpdcap_debug.h.
Comment out some instances of DEBUG_DUMP.
Change malloc/free to g_malloc/g_free.
Use g_memdup instead of allocating and copying.
Use gint16 instead of INT16 in airpdcap_rijndael.c.
Add Brian to AUTHORS.


svn path=/trunk/; revision=25879

1 files changed, 8 insertions, 2 deletions

diff --git a/epan/crypt/airpdcap_tkip.c b/epan/crypt/airpdcap_tkip.c
index e64b303445..819a0c6dce 100644
--- a/epan/crypt/airpdcap_tkip.c
+++ b/epan/crypt/airpdcap_tkip.c
@@ -216,17 +216,23 @@ INT AirPDcapTkipDecrypt(
 	UCHAR TA[AIRPDCAP_MAC_LEN],
 	UCHAR TK[AIRPDCAP_TK_LEN])
 {
+	UINT64 TSC64;
 	UINT32 TSC;
 	UINT16 TSC16;
 	UINT8 *IV;
 	UINT16 TTAK[AIRPDCAP_TTAK_LEN];
 	UINT8 wep_seed[AIRPDCAP_WEP_128_KEY_LEN];
 
+	/* DEBUG_DUMP("TA", TA, 6); */
+
 	IV = tkip_mpdu;
 
-	TSC16 = (UINT16)READ_6(IV[2], IV[0], IV[4], IV[5], IV[6], IV[7]);
+	TSC64 = READ_6(IV[2], IV[0], IV[4], IV[5], IV[6], IV[7]);
+	TSC16 = (UINT16)TSC64;
 
-	TSC = (UINT32)TSC16 >> 16;
+	/* The original code made no sense!!  We were shifting a 16-bit number 16 bits to the right. */
+	/* We instead have to have READ_6() be returned to a UINT64 and shift *that* value. */
+	TSC = (UINT32)(TSC64 >> 16);
 
 	AirPDcapTkipMixingPhase1(TTAK, TK, TA, TSC);