diff options
author | Gerald Combs <gerald@wireshark.org> | 2009-09-10 16:50:25 +0000 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2009-09-10 16:50:25 +0000 |
commit | 22dcdd3f9ace3cac3523841545872d4b8a20f8b7 (patch) | |
tree | fc13d75dac1b09509fa7d90bcf8d53c2a24c3955 /epan/crypt | |
parent | 037f83cb884dd848b35b03f18d94070b78994a9f (diff) |
WPA decryption fix from Greg Schwendimann via bug 3890:
I'm reasonably sure that I introduced this bug and I apologize for the problems
with my previous patch. The problem is that I did not use all of the seen
keys, I used all except the first key, which in a case of one key is none.
The attached patch fixes the error.
svn path=/trunk/; revision=29843
Diffstat (limited to 'epan/crypt')
-rw-r--r-- | epan/crypt/airpdcap.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/epan/crypt/airpdcap.c b/epan/crypt/airpdcap.c index 8aae8148fd..b3056cda13 100644 --- a/epan/crypt/airpdcap.c +++ b/epan/crypt/airpdcap.c @@ -1009,7 +1009,7 @@ AirPDcapRsnaMng( try_data=ep_alloc(*decrypt_len); /* start of loop added by GCS */ - for(/* sa */; sa != NULL && ret_value == 1 ;sa=sa->next) { + for(/* sa */; sa != NULL ;sa=sa->next) { /* copy the encrypted data into a temp buffer */ memcpy(try_data, decrypt_data, *decrypt_len); @@ -1017,7 +1017,6 @@ AirPDcapRsnaMng( if (sa->wpa.key_ver==1) { /* CCMP -> HMAC-MD5 is the EAPOL-Key MIC, RC4 is the EAPOL-Key encryption algorithm */ AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapRsnaMng", "TKIP", AIRPDCAP_DEBUG_LEVEL_3); - DEBUG_DUMP("ptk", sa->wpa.ptk, 64); DEBUG_DUMP("ptk portion used", AIRPDCAP_GET_TK(sa->wpa.ptk), 16); @@ -1030,6 +1029,7 @@ AirPDcapRsnaMng( AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapRsnaMng", "TKIP DECRYPTED!!!", AIRPDCAP_DEBUG_LEVEL_3); /* remove MIC (8bytes) and ICV (4bytes) from the end of packet */ *decrypt_len-=12; + break; } else { /* AES-CCMP -> HMAC-SHA1-128 is the EAPOL-Key MIC, AES wep_key wrap is the EAPOL-Key encryption algorithm */ AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapRsnaMng", "CCMP", AIRPDCAP_DEBUG_LEVEL_3); @@ -1041,11 +1041,12 @@ AirPDcapRsnaMng( AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapRsnaMng", "CCMP DECRYPTED!!!", AIRPDCAP_DEBUG_LEVEL_3); /* remove MIC (8bytes) from the end of packet */ *decrypt_len-=8; + break; } } /* end of loop */ - /* non of the keys workd */ + /* none of the keys worked */ if(sa == NULL) return ret_value; |