ieee80211: GCMP decryption support

Add support for decrypting GCMP/GCMP-256 encrypted IEEE 802.11 traffic Bug: 16197 Change-Id: I907d772665141c8be10a9f4a187bd76594c8d2e4 Reviewed-on: https://code.wireshark.org/review/36346 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu <peter@lekensteyn.nl>
author: Mikael Kanstrup <mikael.kanstrup@sony.com> 2020-03-08 12:40:20 +0100
committer: Peter Wu <peter@lekensteyn.nl> 2020-03-14 17:53:36 +0000
commit: cf4c0552e7424966fff573194bc5412d060da701 (patch)
tree: 9caf642e3db26cebfa78a146257b967521d8b92b /test
parent: f3a9d9abedc8d7ae9aae3d0facfbe56555b52cf2 (diff)
3 files changed, 28 insertions, 0 deletions
diff --git a/test/captures/wpa-gcmp-256.pcapng.gz b/test/captures/wpa-gcmp-256.pcapng.gz
new file mode 100644
index 0000000000..83ece8e1f3
--- /dev/null
+++ b/test/captures/wpa-gcmp-256.pcapng.gz
diff --git a/test/captures/wpa-gcmp.pcapng.gz b/test/captures/wpa-gcmp.pcapng.gz
new file mode 100644
index 0000000000..e3b799b7fe
--- /dev/null
+++ b/test/captures/wpa-gcmp.pcapng.gz
diff --git a/test/suite_decryption.py b/test/suite_decryption.py
index 3c746a1eae..e8b659da9b 100644
--- a/test/suite_decryption.py
+++ b/test/suite_decryption.py
@@ -171,6 +171,34 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase):
         self.assertTrue(self.grepOutput('DHCP Request'))        # Verifies TK is correct
         self.assertTrue(self.grepOutput('Echo \(ping\) request')) # Verifies TK is correct
 
+    def test_80211_wpa_gcmp(self, cmd_tshark, capture_file, features):
+        '''IEEE 802.11 decode GCMP'''
+        # Included in git sources test/captures/wpa-gcmp.pcapng.gz
+        if not features.have_libgcrypt16:
+            self.skipTest('Requires GCrypt 1.6 or later.')
+        self.assertRun((cmd_tshark,
+                '-o', 'wlan.enable_decryption: TRUE',
+                '-r', capture_file('wpa-gcmp.pcapng.gz'),
+                '-Y', 'wlan.analysis.tk == 755a9c1c9e605d5ff62849e4a17a935c || wlan.analysis.gtk == 7ff30f7a8dd67950eaaf2f20a869a62d',
+                ))
+        self.assertTrue(self.grepOutput('Who has 192.168.5.5')) # Verifies GTK is correct
+        self.assertTrue(self.grepOutput('DHCP Request'))        # Verifies TK is correct
+        self.assertTrue(self.grepOutput('Echo \(ping\) request')) # Verifies TK is correct
+
+    def test_80211_wpa_gcmp_256(self, cmd_tshark, capture_file, features):
+        '''IEEE 802.11 decode GCMP-256'''
+        # Included in git sources test/captures/wpa-gcmp-256.pcapng.gz
+        if not features.have_libgcrypt16:
+            self.skipTest('Requires GCrypt 1.6 or later.')
+        self.assertRun((cmd_tshark,
+                '-o', 'wlan.enable_decryption: TRUE',
+                '-r', capture_file('wpa-gcmp-256.pcapng.gz'),
+                '-Y', 'wlan.analysis.tk == b3dc2ff2d88d0d34c1ddc421cea17f304af3c46acbbe7b6d808b6ebf1b98ec38 || wlan.analysis.gtk == a745ee2313f86515a155c4cb044bc148ae234b9c72707f772b69c2fede3e4016',
+                ))
+        self.assertTrue(self.grepOutput('Who has 192.168.5.5')) # Verifies GTK is correct
+        self.assertTrue(self.grepOutput('DHCP Request'))        # Verifies TK is correct
+        self.assertTrue(self.grepOutput('Echo \(ping\) request')) # Verifies TK is correct
+
 @fixtures.mark_usefixtures('test_env')
 @fixtures.uses_fixtures
 class case_decrypt_dtls(subprocesstest.SubprocessTestCase):
author	Mikael Kanstrup <mikael.kanstrup@sony.com>	2020-03-08 12:40:20 +0100
committer	Peter Wu <peter@lekensteyn.nl>	2020-03-14 17:53:36 +0000
commit	cf4c0552e7424966fff573194bc5412d060da701 (patch)
tree	9caf642e3db26cebfa78a146257b967521d8b92b /test
parent	f3a9d9abedc8d7ae9aae3d0facfbe56555b52cf2 (diff)