Wireshark mailing list archives
Re: WLAN decryption using a hex PSK key
From: Sho Amano <samano.and () gmail com>
Date: Wed, 24 Oct 2012 10:12:11 +0900
Hi Pascal, 2012/10/23 Pascal Quantin <pascal.quantin () gmail com>
2012/10/22 Sho Amano <samano.and () gmail com>Hi Pascal, 2012/10/22 Pascal Quantin <pascal.quantin () gmail com>Le 20/10/2012 17:33, Sho Amano a écrit :Okey, I figured out that following quick hack works for me. Now I canseethe decrypted TCP packets. (build running on Ubuntu 12.04 amd64) $ svn diff Index: epan/dissectors/packet-ieee80211.c =================================================================== --- epan/dissectors/packet-ieee80211.c (revision 45658) +++ epan/dissectors/packet-ieee80211.c (working copy) @@ -17369,7 +17369,7 @@ keys->Keys[keys->nKeys] = key; keys->nKeys++; } - else if(dk->type == AIRPDCAP_KEY_TYPE_WPA_PMK) + else if(dk->type == AIRPDCAP_KEY_TYPE_WPA_PSK) { key.KeyType = AIRPDCAP_KEY_TYPE_WPA_PMK; Thanks.Hi Sho, thanks for the report and patch. I committed a slightly different version in r45696 and scheduled it for backport in 1.8.4.Thanks, I tried r45696 on Ubuntu 12.04 (amd64) and it worked well. But I have some questions. packet-ieee80211.c, line 17374: Since we convert PSK (64-byte ASCII) into PMK (32-byte binary) on line 17377, what's the point of setting key.KeyType = AIRPDCAP_KEY_TYPE_WPA_PSK ? packet-ieee80211.c, line 17380: Using debugger, I verified that bytes->len is 32. So it is always smaller than AIRPDCAP_WPA_PSK_LEN, which is 64. packet-ieee80211.c, line 17381: Since we are using the converted PMK, maybe we should copy it into key.KeyData.Wpa.Pmk? (I know that is actually the same place :-)Hi Sho, I did mainly the change because using the PMK union / structure member for a PSK key configured in UAT was hurting my eyes and looked like a bug. From a quick glance it looks like the handling of PSK / PMK seems a bit messy (PMK defines / union are almost not used, and mixed with PMK ones). I will let someone more aware of those subtle differences do a follow-up cleanup if needed.
Thanks for your comment. Yes, I agree that PSK/PMK things look confusing, and I also hope that someone who knows better will review & clean up the related codes. Anyway, I'm looking forward to 1.8.4 release. The fix will help me a lot :) Regards, Sho
Regards, Pascal. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- WLAN decryption using a hex PSK key Sho Amano (Oct 19)
- Re: WLAN decryption using a hex PSK key mmann78 (Oct 19)
- Re: WLAN decryption using a hex PSK key Sho Amano (Oct 20)
- Re: WLAN decryption using a hex PSK key Sho Amano (Oct 20)
- Re: WLAN decryption using a hex PSK key Pascal Quantin (Oct 21)
- Re: WLAN decryption using a hex PSK key Sho Amano (Oct 22)
- Re: WLAN decryption using a hex PSK key Pascal Quantin (Oct 22)
- Re: WLAN decryption using a hex PSK key Sho Amano (Oct 23)
- Re: WLAN decryption using a hex PSK key Sho Amano (Oct 20)
- Re: WLAN decryption using a hex PSK key mmann78 (Oct 19)