diff options
author | Alexander Wetzel <alexander.wetzel@web.de> | 2019-10-28 18:19:00 +0100 |
---|---|---|
committer | Jaap Keuter <jaap.keuter@xs4all.nl> | 2019-11-02 11:40:57 +0000 |
commit | e7acb32a5a48d57ffd6dc17f6a9de60630f82c7e (patch) | |
tree | 4aecb398c81f66da4b5615dca4c86f89152472a5 /test | |
parent | 35615574e5691c7bf2e09254271ac32c9cf59d95 (diff) |
ieee80211: Extended Key ID support
Support Extended Key ID for Individually Addressed Frames from
IEEE 802.11 - 2016.
Extended Key ID allows unicast (PTK) keys to also use key ID 1 and has
an additional RSN attribute "KeyID" in EAPOL #3.
Add the additional attribute KeyID to the RSN parser, stop assuming
unicast keys are only using key ID 0 and add a test case to verify
Extended Key ID parsing and decoding.
Change-Id: I43005c74df561be5524fa3738149781f50dafa14
Reviewed-on: https://code.wireshark.org/review/34883
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Diffstat (limited to 'test')
-rw-r--r-- | test/captures/wpa_ptk_extended_key_id.pcap.gz | bin | 0 -> 20462 bytes | |||
-rw-r--r-- | test/suite_decryption.py | 25 |
2 files changed, 25 insertions, 0 deletions
diff --git a/test/captures/wpa_ptk_extended_key_id.pcap.gz b/test/captures/wpa_ptk_extended_key_id.pcap.gz Binary files differnew file mode 100644 index 0000000000..c093018f61 --- /dev/null +++ b/test/captures/wpa_ptk_extended_key_id.pcap.gz diff --git a/test/suite_decryption.py b/test/suite_decryption.py index e87358ee86..62735c250e 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -112,6 +112,31 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase): self.assertTrue(self.grepOutput('DHCP Discover')) self.assertEqual(self.countOutput('ICMP.*Echo .ping'), 8) + def test_80211_wpa_extended_key_id_rekey(self, cmd_tshark, capture_file): + '''WPA decode for Extended Key ID''' + # Included in git sources test/captures/wpa_ptk_extended_key_id.pcap.gz + self.assertRun((cmd_tshark, + '-o', 'wlan.enable_decryption: TRUE', + '-r', capture_file('wpa_ptk_extended_key_id.pcap.gz'), + '-Tfields', + '-e' 'wlan.fc.type_subtype', + '-e' 'wlan.ra', + '-e' 'wlan.analysis.tk', + '-e' 'wlan.analysis.gtk', + '-e' 'wlan.rsn.ie.ptk.keyid', + )) + # Verify frames are decoded with the correct key + self.assertEqual(self.countOutput('^32\t33:33:00:00:00:16\t\t234a9a6ddcca3cb728751cea49d01bb0\t$'), 5) + self.assertEqual(self.countOutput('^32\t33:33:ff:00:00:00\t\t234a9a6ddcca3cb728751cea49d01bb0\t$'), 1) + self.assertEqual(self.countOutput('^32\t33:33:ff:00:03:00\t\t234a9a6ddcca3cb728751cea49d01bb0\t$'), 1) + self.assertEqual(self.countOutput('^32\tff:ff:ff:ff:ff:ff\t\t234a9a6ddcca3cb728751cea49d01bb0\t$'), 4) + self.assertEqual(self.countOutput('^40\t02:00:00:00:03:00\t618b4d1829e2a496d7fd8c034a6d024d\t\t$'), 2) + self.assertEqual(self.countOutput('^40\t02:00:00:00:00:00\t618b4d1829e2a496d7fd8c034a6d024d\t\t$'), 1) + # Verify RSN PTK KeyID parsing + self.assertEqual(self.countOutput('^40\t02:00:00:00:00:00\t\t\t1$'), 1) + self.assertEqual(self.countOutput('^40\t02:00:00:00:00:00\tf31ecff5452f4c286cf66ef50d10dabe\t\t0$'), 1) + self.assertEqual(self.countOutput('^40\t02:00:00:00:00:00\t28dd851decf3f1c2a35df8bcc22fa1d2\t\t1$'), 1) + @fixtures.mark_usefixtures('test_env') @fixtures.uses_fixtures class case_decrypt_dtls(subprocesstest.SubprocessTestCase): |