diff options
| author | Mikael Kanstrup <mikael.kanstrup@sony.com> | 2019-11-12 13:13:21 +0100 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2019-11-14 08:28:00 +0000 |
| commit | a924de1e3e5065a609d2ea278c703191289e4900 (patch) | |
| tree | 84c8f8aa5751553695199d5fc66259afc50eff0e /test | |
| parent | c6dff594b9b992b0e5809d35e1a754e39c190192 (diff) | |
test/suite_decryption: Add WPA3 SuiteB-192 bit test
Add a test to verify that PTK can be derived for WPA3 SuiteB-192
captures and that encrypted keydata field is decrypted so that
GTK can be dissected.
NOTE: Capture file contains no encrypted data frames as currently
Wireshark does not support decrypting GCMP-256 encrypted data.
Ping-Bug: 16197
Change-Id: I57fbc14a4b4bca58790c4edcee14f1ef73d73fd5
Reviewed-on: https://code.wireshark.org/review/35068
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'test')
| -rw-r--r-- | test/captures/wpa3-suiteb-192.pcapng.gz | bin | 0 -> 5109 bytes | |||
| -rw-r--r-- | test/config/80211_keys.tmpl | 1 | ||||
| -rw-r--r-- | test/suite_decryption.py | 22 |
3 files changed, 23 insertions, 0 deletions
diff --git a/test/captures/wpa3-suiteb-192.pcapng.gz b/test/captures/wpa3-suiteb-192.pcapng.gz Binary files differnew file mode 100644 index 0000000000..663dee9189 --- /dev/null +++ b/test/captures/wpa3-suiteb-192.pcapng.gz diff --git a/test/config/80211_keys.tmpl b/test/config/80211_keys.tmpl index 7cb9811f18..d60ac21e31 100644 --- a/test/config/80211_keys.tmpl +++ b/test/config/80211_keys.tmpl @@ -7,3 +7,4 @@ "wpa-psk","23a9ee58c7810546ae3e7509fda9f97435778d689e53a54891c56d02f18ca162" "wpa-psk","ecbfe709d6151eaba6a4fd9cba94fbb570c1fc4c15506fad3185b4a0a0cfda9a" "wpa-psk","a4b0b2efa7f77d1006eccf1a814b62125c15fac5c137d9cdff8c75c43194268f" +"wpa-psk","fc738f5b63ba93ebf0a45d42c5a0b1b5064649fa98f59bc062c2944de3780fe276088c95daaf672deb6780051aa13563" diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 62735c250e..1d25aa035a 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -101,6 +101,28 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase): self.assertTrue(self.grepOutput('Who has 192.168.5.2')) self.assertTrue(self.grepOutput('DHCP ACK')) + def test_80211_wpa3_suite_b_192(self, cmd_tshark, capture_file): + '''IEEE 802.11 decode WPA3 Suite B 192-bit''' + # Included in git sources test/captures/wpa3-suiteb-192.pcapng.gz + self.assertRun((cmd_tshark, + '-o', 'wlan.enable_decryption: TRUE', + '-r', capture_file('wpa3-suiteb-192.pcapng.gz'), + '-Tfields', + '-e' 'wlan.rsn.ie.gtk.key', + '-e' 'wlan.analysis.kck', + '-e' 'wlan.analysis.kek', + )) + # Verify that correct PTKs (KCK, KEK) are derived and GTK correctly dissected + self.assertEqual(self.countOutput('^29f92526ccda5a5dfa0ffa44c26f576ee2d45bae7c5f63369103b1edcab206ea\t' \ + 'f49ac1a15121f1a597a60a469870450a588ef1f73a1017b1\t' \ + '0289b022b4f54262048d3493834ae591e811870c4520ee1395dd215a6092fbfb$'), 1) + self.assertEqual(self.countOutput('^29f92526ccda5a5dfa0ffa44c26f576ee2d45bae7c5f63369103b1edcab206ea\t' \ + '1027c8d5b155ff574158bc50083e28f02e9636a2ac694901\t' \ + 'd4814a364419fa881a8593083f51497fe9e30556a91cc5d0b11cd2b3226038e1$'), 1) + self.assertEqual(self.countOutput('^29f92526ccda5a5dfa0ffa44c26f576ee2d45bae7c5f63369103b1edcab206ea\t' \ + '35db5e208c9caff2a4e00a54c5346085abaa6f422ef6df81\t' \ + 'a14d0d683c01bc631bf142e82dc4995d87364eeacfab75d74cf470683bd10c51$'), 1) + def test_80211_wpa1_gtk_rekey(self, cmd_tshark, capture_file): '''Decode WPA1 with multiple GTK rekeys''' # Included in git sources test/captures/wpa1-gtk-rekey.pcapng.gz |