diff options
author | Mikael Kanstrup <mikael.kanstrup@sony.com> | 2020-03-22 10:06:56 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2020-03-23 08:45:57 +0000 |
commit | 3e9ce48d24242c891968f65ae5160e967e73cfa5 (patch) | |
tree | 196dd0d5332c13e1a0f6a92e55df13b7c4cc7b5a /test | |
parent | f998e785d5ead49c57ef282765519d4ae75e056e (diff) |
dot11decrypt: Fix decryption of MFP enabled connections
MFP enabled connections with SHA-256 key management (IEEE 802.11w) use
EAPOL key version == 3. This case was missing making decryption of such
connections fail. Allow key version 3 to handle these too.
Change-Id: If9e3fcc5c3bbfb46e82b39dfed5b2a74787a4f16
Reviewed-on: https://code.wireshark.org/review/36534
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/captures/wpa2-psk-mfp.pcapng.gz | bin | 0 -> 3128 bytes | |||
-rw-r--r-- | test/suite_decryption.py | 13 |
2 files changed, 13 insertions, 0 deletions
diff --git a/test/captures/wpa2-psk-mfp.pcapng.gz b/test/captures/wpa2-psk-mfp.pcapng.gz Binary files differnew file mode 100644 index 0000000000..da445aec36 --- /dev/null +++ b/test/captures/wpa2-psk-mfp.pcapng.gz diff --git a/test/suite_decryption.py b/test/suite_decryption.py index be6403f879..5afac4e049 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -65,6 +65,19 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase): )) self.assertEqual(self.countOutput('802.11.*SN=.*FN=.*Flags='), 3) + def test_80211_wpa2_psk_mfp(self, cmd_tshark, capture_file, features): + '''IEEE 802.11 decode WPA2 PSK with MFP enabled (802.11w)''' + # Included in git sources test/captures/wpa2-psk-mfp.pcapng.gz + if not features.have_libgcrypt16: + self.skipTest('Requires GCrypt 1.6 or later.') + self.assertRun((cmd_tshark, + '-o', 'wlan.enable_decryption: TRUE', + '-r', capture_file('wpa2-psk-mfp.pcapng.gz'), + '-Y', 'wlan.analysis.tk == 4e30e8c019bea43ea5262b10853b818d || wlan.analysis.gtk == 70cdbf2e5bc0ca22e53930818a5d80e4', + )) + self.assertTrue(self.grepOutput('Who has 192.168.5.5')) # Verifies GTK is correct + self.assertTrue(self.grepOutput('DHCP Request')) # Verifies TK is correct + self.assertTrue(self.grepOutput('Echo \(ping\) request')) # Verifies TK is correct def test_80211_wpa_tdls(self, cmd_tshark, capture_file, features): '''WPA decode traffic in a TDLS (Tunneled Direct-Link Setup) session (802.11z)''' |