Re: WAPI decode and decryption

[Sreenivasulu Yellamaraju <Sreenivasulu.Yellamaraju () csr com>]

Hello members,

Any thoughts on the following feature additions?

Regards,
Sreenivasulu Y
Senior Lead Engineer,
CSR India Pvt Ltd,
Direct Dial: +91 80 25183091

-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Sreenivasulu 
Yellamaraju
Sent: Tuesday, August 30, 2011 5:22 PM
To: wireshark-dev () wireshark org; wireshark-users () wireshark org
Subject: [Wireshark-dev] WAPI decode and decryption

Hi,

We are using Wireshark to decode WAPI ( Chinese WLAN security standard) frames. The following are my 
observations/queries.

I am using Wireshark Version 1.6.1 (SVN Rev 38096 from /trunk-1.6) which is a stable released version.
I am using this version only to do an offline analysis of .pcap files and did not capture any WAPI data traffic myself.

1) Wireshark is not decoding the WAPI Information Element(Tag number 68) in beacons,probe req/rsp,association req/rsp 
packets.
  Is this support not implemented?
2) Wireshark is decoding WAI protocol packets like 
      Unicast key negotiation request/response/confirm 
        Multicast key/STAKey announcement
        Multicast key/STAKey announcement response
3) Next, is there any provision to decode the WLAN data packets that are exchanged between a WAPI STA and WAPI AP both 
of which
    are using Preshared key method ?  The assumption is that I have captured association,WAI authentication and 
unicast/multicast
   key exchanges in the same .pcap file.
Basically, I am expecting a decryption similar to WPA(2)-PSK decryption that is supported by Wireshark.

Please share your comments.


Regards,
Sreenivasulu Y
Senior Lead Engineer,
CSR India Pvt Ltd,
Direct Dial: +91 80 25183091


Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, 
registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom
More information can be found at www.csr.com. Follow CSR on Twitter at http://twitter.com/CSR_PLC and read our blog at 
www.csr.com/blog
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


 To report this email as spam click 
https://www.mailcontrol.com/sr/X984!xQJMSLTndxI!oX7UsdpzMR7Bo2Klc1gwJam8Vp+86WwKr86!HzQ3AUwLtqt2LV39c2uD3H63Umxp4EWgA== 
.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe