diff options
| author | Cedric Izoard <cedric.izoard@ceva-dsp.com> | 2016-02-02 13:26:08 +0100 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2016-02-04 04:54:30 +0000 |
| commit | 6991149557ec9f82f2e90e1f95e23621dced5dfb (patch) | |
| tree | 5e1fc1f35a81e0092ddcad96a9fd764416617c76 /test | |
| parent | 2e1c181996ad4029b12fbeec5866d3cdaeb04714 (diff) | |
| download | wireshark-6991149557ec9f82f2e90e1f95e23621dced5dfb.tar.gz | |
[airpdcap] Add support to decrypt TDLS traffic
- When scanning for keys, check for TDLS action frames
(need to have TLDS response or confirm to derive the key)
- When deriving PTK, also check MIC to ensure the key has been correctly
computed.
- As SA is between two STAs (and not STA and AP), store highest MAC
address in sa.bssid, and the other one in sa.sta
=> Add new function (AirPDcapGetSaAddress) that will check for TDLS
case.
- Add test in decryption suite
Bug: 11312
Change-Id: Ieccb6a23a0ffbf3b705dac9b67c856ae2d3eeca9
Reviewed-on: https://code.wireshark.org/review/13664
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'test')
| -rw-r--r-- | test/captures/wpa-test-decode-tdls.pcap.gz | bin | 0 -> 3423 bytes | |||
| -rwxr-xr-x | test/suite-decryption.sh | 23 |
2 files changed, 23 insertions, 0 deletions
diff --git a/test/captures/wpa-test-decode-tdls.pcap.gz b/test/captures/wpa-test-decode-tdls.pcap.gz Binary files differnew file mode 100644 index 0000000000..f166dda30f --- /dev/null +++ b/test/captures/wpa-test-decode-tdls.pcap.gz diff --git a/test/suite-decryption.sh b/test/suite-decryption.sh index 3924f397d2..3261f07b96 100755 --- a/test/suite-decryption.sh +++ b/test/suite-decryption.sh @@ -127,6 +127,28 @@ decryption_step_80211_wpa_psk_mfp() { test_step_ok } +# WPA decode traffic in a TDLS (Tunneled Direct-Link Setup) session (802.11z) +# Included in git sources test/captures/wpa-test-decode-tdls.pcap.gz +decryption_step_80211_wpa_tdls() { + local out frames + out=$($TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS \ + -o "wlan.enable_decryption: TRUE" \ + -r "$CAPTURE_DIR/wpa-test-decode-tdls.pcap.gz" \ + -Y "icmp" \ + 2>&1) + RETURNVALUE=$? + frames=$(echo "$out" | wc -l) + if [ ! $RETURNVALUE -eq $EXIT_OK ]; then + echo "$out" > ./wpa_tdls.txt + test_step_failed "Error during test execution: see $PWD/wpa_tdls.txt" + return + elif [ $frames -ne 2 ]; then + test_step_failed "Not able to decode all TDLS traffic ($frames/2)" + return + fi + test_step_ok +} + # DTLS # https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil.tgz decryption_step_dtls() { @@ -306,6 +328,7 @@ tshark_decryption_suite() { test_step_add "IEEE 802.11 WPA PSK Decryption2 (EAPOL frames missing with a Win 10 client)" decryption_step_80211_wpa_eapol_incomplete_rekeys test_step_add "IEEE 802.11 WPA PSK Decryption of Management frames (802.11w)" decryption_step_80211_wpa_psk_mfp test_step_add "IEEE 802.11 WPA EAP Decryption" decryption_step_80211_wpa_eap + test_step_add "IEEE 802.11 WPA TDLS Decryption" decryption_step_80211_wpa_tdls test_step_add "DTLS Decryption" decryption_step_dtls test_step_add "SSL Decryption (private key)" decryption_step_ssl test_step_add "SSL Decryption (RSA private key with p smaller than q)" decryption_step_ssl_rsa_pq |