Wireshark-commits: [Wireshark-commits] master 1439eb6: IEEE 802.11: 802.1X (WPA-EAP) rekeying suppo

From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 8 May 2015 04:27:54 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1439eb677820fff055df86e43341fde1d94a64d1
Submitter: Anders Broman (a.broman58@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

1439eb6 by deagol (alexander.wetzel@xxxxxx):

    IEEE 802.11: 802.1X (WPA-EAP) rekeying support
    
    This patch extends the existing decryption support for WPA to also
    handle rekeys by checking each decrypted packet for a 4-way-handshake.
    
    Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
    (WPA-EAP).
    
    For decrypting WPA-EAP secured packets the user must provide all used PMK's
    of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
    via the existing interface.
    (The capture must have all 4-way-handshakes included also, starting with
    the first unencrypted one.)
    
    Every decrypted unicast packet will habe the used PMK and TK shown in the
    CCMP/TKIP section below the key index in the GUI. Group packets will display the
    GTK instead.
    
    Additionally this fixes a small issue with group rekey handling, so every packet
    can be selected in the GUI in random order, removing the need to manually find
    the correct group keying packets prior to that.
    
    It was tested primary with WPA-CCMP, but TKIP is also working.
    
    One section in the code touch bluetooth 802.1X support. It should do
    exactly the same, but will now also examine all decypted packets for rekeys.
    
    Ping-Bug: 11172
    Change-Id: I19d055581fce6268df888da63485a48326046748
    Reviewed-on: https://code.wireshark.org/review/8268
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    Petri-Dish: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  b644698   Use the correct AVP type in a couple of places: IPAddress instead of Address.
    adds  1439eb6   IEEE 802.11: 802.1X (WPA-EAP) rekeying support


Summary of changes:
 caputils/airpcap_loader.h          |    2 +-
 epan/crypt/airpdcap.c              |  215 +++++++++---------------------------
 epan/crypt/airpdcap_system.h       |   14 +--
 epan/crypt/airpdcap_user.h         |    9 +-
 epan/dissectors/packet-ieee80211.c |   51 ++++++++-
 test/captures/wpa-eap-tls.pcap.gz  |  Bin 0 -> 25629 bytes
 test/config/80211_keys.tmpl        |    5 +-
 test/suite-decryption.sh           |   17 +++
 8 files changed, 131 insertions(+), 182 deletions(-)
 create mode 100644 test/captures/wpa-eap-tls.pcap.gz