Wireshark mailing list archives
Re: LoRaWAN: Correct decryption of downlink traffic
From: Pascal Quantin <pascal () wireshark org>
Date: Mon, 30 Sep 2019 19:57:03 +0200
Hi Achuthan, Le lun. 30 sept. 2019 à 19:53, Achuthan Paramanathan <ACP () kamstrup com> a écrit :
Dear wireshark, I recently noticed that decryption of downlink traffic in wireshark - Version 3.0.3 is not done properly. Even though it is marked as correct decoded in wireshark view. The uplink traffic is decrypted correctly. I then had a look in the code (*master branch*) “../dissectors/packet-lorawan.c” line 795 Here, the function decrypt_lorawan_frame_payload() which takes in an argument dir, in this case it is statically set to 0 indicating uplink traffic. This will work as long as the traffic is uplink, however in downlink this will result in an wrong decryption. My suggestion is to use the flag “uplink” which is set to FALSE in line 753 when mac_mtype is of type downlink, as dir argument in function call decrypt_lorawan_frame_payload()
Could you please fill a bug on https://bugs.wireshark.org with a pcap containing a bit of UL and DL traffic? It would allow to verify your fix proposal. Thanks for the help, Pascal.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- LoRaWAN: Correct decryption of downlink traffic Achuthan Paramanathan (Sep 30)
- Re: LoRaWAN: Correct decryption of downlink traffic Pascal Quantin (Sep 30)
- Re: LoRaWAN: Correct decryption of downlink traffic Erik de Jong (Sep 30)
- Re: LoRaWAN: Correct decryption of downlink traffic Pascal Quantin (Sep 30)