dot11decrypt: Fix decryption of MFP enabled connections

MFP enabled connections with SHA-256 key management (IEEE 802.11w) use EAPOL key version == 3. This case was missing making decryption of such connections fail. Allow key version 3 to handle these too. Change-Id: If9e3fcc5c3bbfb46e82b39dfed5b2a74787a4f16 Reviewed-on: https://code.wireshark.org/review/36534 Reviewed-by: Peter Wu <peter@lekensteyn.nl> Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
author: Mikael Kanstrup <mikael.kanstrup@sony.com> 2020-03-22 10:06:56 +0100
committer: Anders Broman <a.broman58@gmail.com> 2020-03-23 08:45:57 +0000
commit: 3e9ce48d24242c891968f65ae5160e967e73cfa5 (patch)
tree: 196dd0d5332c13e1a0f6a92e55df13b7c4cc7b5a
parent: f998e785d5ead49c57ef282765519d4ae75e056e (diff)
3 files changed, 23 insertions, 9 deletions
diff --git a/epan/crypt/dot11decrypt.c b/epan/crypt/dot11decrypt.c
index a9cebf5d01..d0c63e2b7b 100644
--- a/epan/crypt/dot11decrypt.c
+++ b/epan/crypt/dot11decrypt.c
@@ -328,8 +328,8 @@ Dot11DecryptCopyKey(PDOT11DECRYPT_SEC_ASSOCIATION sa, PDOT11DECRYPT_KEY_ITEM key
         key->KeyData.Wpa.Cipher = sa->wpa.cipher;
         if (sa->wpa.key_ver==DOT11DECRYPT_WPA_KEY_VER_NOT_CCMP)
             key->KeyType=DOT11DECRYPT_KEY_TYPE_TKIP;
-        else if (sa->wpa.key_ver == DOT11DECRYPT_WPA_KEY_VER_AES_CCMP ||
-                 sa->wpa.key_ver == 0)
+        else if (sa->wpa.key_ver == 0 || sa->wpa.key_ver == 3 ||
+                 sa->wpa.key_ver == DOT11DECRYPT_WPA_KEY_VER_AES_CCMP)
         {
             switch (sa->wpa.cipher) {
                 case 1:
@@ -1587,8 +1587,11 @@ Dot11DecryptRsna4WHandshake(
                 }
                 memcpy(eapol, eapol_raw, tot_len);
 
-                if (eapol_parsed->key_version == 0) {
-                   /* PTK derivation is based on Authentication Key Management Type */
+                /* From IEEE 802.11-2016 12.7.2 EAPOL-Key frames */
+                if (eapol_parsed->key_version == 0 || eapol_parsed->key_version == 3 ||
+                    eapol_parsed->key_version == DOT11DECRYPT_WPA_KEY_VER_AES_CCMP)
+                {
+                    /* PTK derivation is based on Authentication Key Management Type */
                     akm = eapol_parsed->akm;
                     cipher = eapol_parsed->cipher;
                     group_cipher = eapol_parsed->group_cipher;
@@ -1597,11 +1600,9 @@ Dot11DecryptRsna4WHandshake(
                     akm = 2;
                     cipher = 2;
                     group_cipher = 2;
-                } else if (eapol_parsed->key_version  == DOT11DECRYPT_WPA_KEY_VER_AES_CCMP) {
-                     /* CCMP-128 */
-                    akm = eapol_parsed->akm;
-                    cipher = eapol_parsed->cipher;
-                    group_cipher = eapol_parsed->group_cipher;
+                } else {
+                    DEBUG_PRINT_LINE("EAPOL key_version not supported", DEBUG_LEVEL_3);
+                    return DOT11DECRYPT_RET_NO_VALID_HANDSHAKE;
                 }
 
                 /* derive the PTK from the BSSID, STA MAC, PMK, SNonce, ANonce */
diff --git a/test/captures/wpa2-psk-mfp.pcapng.gz b/test/captures/wpa2-psk-mfp.pcapng.gz
new file mode 100644
index 0000000000..da445aec36
--- /dev/null
+++ b/test/captures/wpa2-psk-mfp.pcapng.gz
diff --git a/test/suite_decryption.py b/test/suite_decryption.py
index be6403f879..5afac4e049 100644
--- a/test/suite_decryption.py
+++ b/test/suite_decryption.py
@@ -65,6 +65,19 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase):
                 ))
         self.assertEqual(self.countOutput('802.11.*SN=.*FN=.*Flags='), 3)
 
+    def test_80211_wpa2_psk_mfp(self, cmd_tshark, capture_file, features):
+        '''IEEE 802.11 decode WPA2 PSK with MFP enabled (802.11w)'''
+        # Included in git sources test/captures/wpa2-psk-mfp.pcapng.gz
+        if not features.have_libgcrypt16:
+            self.skipTest('Requires GCrypt 1.6 or later.')
+        self.assertRun((cmd_tshark,
+                '-o', 'wlan.enable_decryption: TRUE',
+                '-r', capture_file('wpa2-psk-mfp.pcapng.gz'),
+                '-Y', 'wlan.analysis.tk == 4e30e8c019bea43ea5262b10853b818d || wlan.analysis.gtk == 70cdbf2e5bc0ca22e53930818a5d80e4',
+                ))
+        self.assertTrue(self.grepOutput('Who has 192.168.5.5'))   # Verifies GTK is correct
+        self.assertTrue(self.grepOutput('DHCP Request'))          # Verifies TK is correct
+        self.assertTrue(self.grepOutput('Echo \(ping\) request')) # Verifies TK is correct
 
     def test_80211_wpa_tdls(self, cmd_tshark, capture_file, features):
         '''WPA decode traffic in a TDLS (Tunneled Direct-Link Setup) session (802.11z)'''
author	Mikael Kanstrup <mikael.kanstrup@sony.com>	2020-03-22 10:06:56 +0100
committer	Anders Broman <a.broman58@gmail.com>	2020-03-23 08:45:57 +0000
commit	3e9ce48d24242c891968f65ae5160e967e73cfa5 (patch)
tree	196dd0d5332c13e1a0f6a92e55df13b7c4cc7b5a
parent	f998e785d5ead49c57ef282765519d4ae75e056e (diff)