diff options
author | Mikael Kanstrup <mikael.kanstrup@sony.com> | 2019-04-02 15:50:08 +0200 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2019-04-03 15:25:54 +0000 |
commit | 4b814187acf36b74479f6bd61d3ca98ff5d5734c (patch) | |
tree | 01d08396b9c2e3f21ad76c51dc8d26ca9552f028 /test | |
parent | 6c3467945cd9bf1242a2dcd4a8fbff32b885391e (diff) |
ieee80211: Fix WPA1 decryption
PTK key derivation algorithm for WPA1 uses SHA1 not MD5.
MD5 is used for MIC only.
To avoid regression also add a decrypt test for WPA1 with
GTK rekeying.
Change-Id: Iabcf40c2f74d5dbc1d72cba0718c77020d97f61f
Fixes: v3.1.0rc0-342-g9cf77ec5e1 ("ieee80211: Support decrypting WPA3-Personal / SAE captures")
Reviewed-on: https://code.wireshark.org/review/32691
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/captures/wpa1-gtk-rekey.pcapng.gz | bin | 0 -> 7114 bytes | |||
-rw-r--r-- | test/suite_decryption.py | 11 |
2 files changed, 11 insertions, 0 deletions
diff --git a/test/captures/wpa1-gtk-rekey.pcapng.gz b/test/captures/wpa1-gtk-rekey.pcapng.gz Binary files differnew file mode 100644 index 0000000000..88e4c067a8 --- /dev/null +++ b/test/captures/wpa1-gtk-rekey.pcapng.gz diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 754c9bffc6..68f189588a 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -101,6 +101,17 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase): self.assertTrue(self.grepOutput('Who has 192.168.5.2')) self.assertTrue(self.grepOutput('DHCP ACK')) + def test_80211_wpa1_gtk_rekey(self, cmd_tshark, capture_file): + '''Decode WPA1 with multiple GTK rekeys''' + # Included in git sources test/captures/wpa1-gtk-rekey.pcapng.gz + self.assertRun((cmd_tshark, + '-o', 'wlan.enable_decryption: TRUE', + '-r', capture_file('wpa1-gtk-rekey.pcapng.gz'), + '-Y', 'wlan.analysis.tk == "d0e57d224c1bb8806089d8c23154074c" || wlan.analysis.gtk == "6eaf63f4ad7997ced353723de3029f4d" || wlan.analysis.gtk == "fb42811bcb59b7845376246454fbdab7"', + )) + self.assertTrue(self.grepOutput('DHCP Discover')) + self.assertEqual(self.countOutput('ICMP.*Echo .ping'), 8) + @fixtures.mark_usefixtures('test_env') @fixtures.uses_fixtures class case_decrypt_dtls(subprocesstest.SubprocessTestCase): |