From 12d72be15b90cc76f7709fd944682224257ec236 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Tue, 26 Nov 2019 14:05:45 +0000 Subject: WireGuard: fix MAC1 computation for non-zero reserved case Peer identification failed because the MAC1 value did not check out. Fix the computation in case the reserved bytes are overwritten after the original protocol has run. Change-Id: I4be65806bed96d7236103ebb369c1affcadebd5f Reviewed-on: https://code.wireshark.org/review/35219 Petri-Dish: Peter Wu Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte --- epan/dissectors/packet-wireguard.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/epan/dissectors/packet-wireguard.c b/epan/dissectors/packet-wireguard.c index 527dadc6ae..e6b9a1e0bd 100644 --- a/epan/dissectors/packet-wireguard.c +++ b/epan/dissectors/packet-wireguard.c @@ -1145,8 +1145,12 @@ wg_mac1_key_probe(tvbuff_t *tvb, gboolean is_initiation) return NULL; } - const guint8 *mac1_msgdata = tvb_get_ptr(tvb, 0, mac1_offset); + guint8 *mac1_msgdata = (guint8 *)tvb_memdup(wmem_packet_scope(), tvb, 0, mac1_offset); const guint8 *mac1_output = tvb_get_ptr(tvb, mac1_offset, 16); + + // MAC1 is computed over a message with three reserved bytes set to zero. + mac1_msgdata[1] = mac1_msgdata[2] = mac1_msgdata[3] = 0; + // Find public key that matches the 16-byte MAC1 field. GHashTableIter iter; gpointer value; -- cgit v1.2.3