diff options
author | Mathis Marion <mathis.marion@silabs.com> | 2023-03-06 12:41:03 +0100 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2023-03-06 15:36:58 +0000 |
commit | 54abe7f3288421237678542d5309aec37a3bb742 (patch) | |
tree | 23713f40b3a91adedcccc96e69789ebd58a25c7e /epan/dissectors/packet-ieee80211.c | |
parent | 0fdf91e1ecba7f24889f8e67fe333ffbade0b5a8 (diff) |
Support Wi-SUN EAPOL Key Data dissection
The Wi-SUN FAN specification describes the format of the EAPOL-Key frame
in section 6.5.2.2 (Authentication and PMK Installation Flow):
Descriptor Type = 2
Key Information:
1. Key Descriptor Version = 2
2. Key Type = 0
3. Install = 0
4. Key Ack = 0
5. Key MIC = 0
6. Secure = 0
7. Error = 0
8. Request = 1
9. Encrypted Key Data = 0
10. SMK Message = 0
11. Reserved = 0
Key Length = 0
Key Replay Counter = see [IEEE802.11] section 11.6.2.
Key Nonce = 0
EAPOL-Key IV = 0
Key RSC = 0
Key MIC = 0
Key Data Length = length of Key Data field in octets.
Key Data = PMKID KDE if the PMK is live, PTKID KDE if the PTK is live, GTKL
KDE, Node Role KDE, and LGTKL KDE.
The current dissector will try do decrypt if the Key Type is 0 while the
Encrypted Key Data is unset, which appears to be for supporting
non-standard WPA implementations. The Key Data is not encrypted in
Wi-SUN, so a workaround is made to dissect the Key Data if the Key
Length is 0.
Diffstat (limited to 'epan/dissectors/packet-ieee80211.c')
-rw-r--r-- | epan/dissectors/packet-ieee80211.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ieee80211.c b/epan/dissectors/packet-ieee80211.c index c119e3d492..b209f33e34 100644 --- a/epan/dissectors/packet-ieee80211.c +++ b/epan/dissectors/packet-ieee80211.c @@ -36168,6 +36168,7 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_ ENC_BIG_ENDIAN, BMT_NO_APPEND); offset += 2; + guint16 key_len = tvb_get_ntohs(tvb, offset); proto_tree_add_item(tree, hf_wlan_rsna_eapol_keydes_key_len, tvb, offset, 2, ENC_BIG_ENDIAN); save_proto_data_value(pinfo, tvb_get_ntohs(tvb, offset), KEY_LEN_KEY); @@ -36206,10 +36207,16 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_ ti = proto_tree_add_item(tree, hf_wlan_rsna_eapol_wpa_keydes_data, tvb, offset, eapol_data_len, ENC_NA); if ((keyinfo & KEY_INFO_ENCRYPTED_KEY_DATA_MASK) || - !(keyinfo & KEY_INFO_KEY_TYPE_MASK)) { + (!(keyinfo & KEY_INFO_KEY_TYPE_MASK) && key_len)) { /* RSN: EAPOL-Key Key Data is encrypted. * WPA: Group Keys use encrypted Key Data. * IEEE 802.11i-2004 8.5.2. + * Having an encrypted data field without the Encrypted Key Data set + * is not standard, but there are WPA implementation which assume + * encryption when Key Type = 0. In Wi-SUN, the EAPOL-Key frame has + * Key Type = 0 and Encrypted Key Data = 0, but the Key Data is not + * encrypted. To differentiate this case from non standard WPA, we + * check the Key Length, which is 0 for Wi-SUN. * Let decryption engine try to decrypt this and if successful it's * stored in EAPOL_KEY proto data. */ |