diff options
-rw-r--r-- | epan/crypt/dot11decrypt.c | 6 | ||||
-rw-r--r-- | test/captures/owe.pcapng.gz | bin | 0 -> 5634 bytes | |||
-rw-r--r-- | test/config/80211_keys.tmpl | 1 | ||||
-rw-r--r-- | test/suite_decryption.py | 11 |
4 files changed, 17 insertions, 1 deletions
diff --git a/epan/crypt/dot11decrypt.c b/epan/crypt/dot11decrypt.c index 7bbc4751b3..fe0d2593df 100644 --- a/epan/crypt/dot11decrypt.c +++ b/epan/crypt/dot11decrypt.c @@ -1811,6 +1811,7 @@ Dot11DecryptGetIntegrityAlgoFromAkm(int akm, int *algo, gboolean *hmac) break; #endif case 11: + case 18: *algo = GCRY_MD_SHA256; *hmac = TRUE; break; @@ -1836,7 +1837,7 @@ Dot11DecryptRsnaMicCheck( int akm) { UCHAR mic[DOT11DECRYPT_WPA_MICKEY_LEN]; - UCHAR c_mic[HASH_SHA1_LENGTH] = { 0 }; /* MIC 16 byte, the HMAC-SHA1 use a buffer of 20 bytes */ + UCHAR c_mic[32] = { 0 }; /* MIC 16 byte, though HMAC-SHA256 algo need 32 bytes buffer */ int algo = -1; gboolean hmac = TRUE; @@ -2165,6 +2166,7 @@ static int Dot11DecryptGetPtkLen(int akm, int cipher) case 6: case 8: case 11: + case 18: /* KCK len + KEK len + TK len */ ptk_len = 128 + 128 + Dot11DecryptGetTkLen(cipher); break; @@ -2201,6 +2203,7 @@ Dot11DecryptGetDeriveFuncFromAkm(int akm) case 11: case 12: case 13: + case 18: func = Dot11DecryptRsnaKdfX; break; default: @@ -2229,6 +2232,7 @@ Dot11DecryptGetDeriveAlgoFromAkm(int akm) case 9: case 10: case 11: + case 18: algo = GCRY_MD_SHA256; break; case 12: diff --git a/test/captures/owe.pcapng.gz b/test/captures/owe.pcapng.gz Binary files differnew file mode 100644 index 0000000000..930d6bc503 --- /dev/null +++ b/test/captures/owe.pcapng.gz diff --git a/test/config/80211_keys.tmpl b/test/config/80211_keys.tmpl index a9f3c81632..7cb9811f18 100644 --- a/test/config/80211_keys.tmpl +++ b/test/config/80211_keys.tmpl @@ -6,3 +6,4 @@ "wpa-psk","79258f6ceeecedd3482b92deaabdb675f09bcb4003ef5074f5ddb10a94ebe00a" "wpa-psk","23a9ee58c7810546ae3e7509fda9f97435778d689e53a54891c56d02f18ca162" "wpa-psk","ecbfe709d6151eaba6a4fd9cba94fbb570c1fc4c15506fad3185b4a0a0cfda9a" +"wpa-psk","a4b0b2efa7f77d1006eccf1a814b62125c15fac5c137d9cdff8c75c43194268f" diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 808c5c6aeb..754c9bffc6 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -90,6 +90,17 @@ class case_decrypt_80211(subprocesstest.SubprocessTestCase): self.assertTrue(self.grepOutput('Who has 192.168.5.18')) self.assertTrue(self.grepOutput('DHCP ACK')) + def test_80211_owe(self, cmd_tshark, capture_file): + '''IEEE 802.11 decode OWE''' + # Included in git sources test/captures/owe.pcapng.gz + self.assertRun((cmd_tshark, + '-o', 'wlan.enable_decryption: TRUE', + '-r', capture_file('owe.pcapng.gz'), + '-Y', 'wlan.analysis.tk == 10f3deccc00d5c8f629fba7a0fff34aa || wlan.analysis.gtk == 016b04ae9e6050bcc1f940dda9ffff2b', + )) + self.assertTrue(self.grepOutput('Who has 192.168.5.2')) + self.assertTrue(self.grepOutput('DHCP ACK')) + @fixtures.mark_usefixtures('test_env') @fixtures.uses_fixtures class case_decrypt_dtls(subprocesstest.SubprocessTestCase): |