diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2019-05-21 18:06:49 +0100 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2019-06-17 00:48:29 +0000 |
| commit | 94b211977acebf6730a07275554430e640a5679c (patch) | |
| tree | f85aa0c5c2936bf235469370555b5340e550ff80 /test/suite_decryption.py | |
| parent | 662ad82d605f1594c67a5d6c33b60730a8ce0062 (diff) | |
Add support for embedding WireGuard keys in a pcapng file
pcapng spec update is here: https://github.com/pcapng/pcapng/pull/62
Bug: 15571
Change-Id: I2f1921b1da70ac0bab8c38dd5138a9dfe7843fea
Reviewed-on: https://code.wireshark.org/review/33300
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'test/suite_decryption.py')
| -rw-r--r-- | test/suite_decryption.py | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 68f189588a..06cca6367e 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -723,6 +723,31 @@ class case_decrypt_wireguard(subprocesstest.SubprocessTestCase): self.assertIn('17\t\t\t\t\t\t443', lines) self.assertIn('18\t\t\t\t\t\t49472', lines) + def test_decrypt_wg_full_initiator_dsb(self, run_wireguard_test): + """ + Similar to test_decrypt_full_initiator, but using decryption keys + embedded in the pcapng file. The embedded secrets do not contain leading + spaces nor spaces around the '=' character. + """ + lines = run_wireguard_test(self, [ + '-Tfields', + '-e', 'frame.number', + '-e', 'wg.ephemeral.known_privkey', + '-e', 'wg.static', + '-e', 'wg.timestamp.nanoseconds', + '-e', 'wg.handshake_ok', + '-e', 'icmp.type', + '-e', 'tcp.dstport', + ], pcap_file='wireguard-ping-tcp-dsb.pcapng') + self.assertIn('1\t1\t%s\t%s\t\t\t' % (self.key_Spub_i, '356537872'), lines) + self.assertIn('2\t0\t\t\t1\t\t', lines) + self.assertIn('3\t\t\t\t\t8\t', lines) + self.assertIn('4\t\t\t\t\t0\t', lines) + self.assertIn('13\t1\t%s\t%s\t\t\t' % (self.key_Spub_i, '490514356'), lines) + self.assertIn('14\t0\t\t\t1\t\t', lines) + self.assertIn('17\t\t\t\t\t\t443', lines) + self.assertIn('18\t\t\t\t\t\t49472', lines) + def test_decrypt_full_responder(self, run_wireguard_test): """Check for full handshake decryption using responder secrets.""" lines = run_wireguard_test(self, [ |