Re: LoRaWAN: Correct decryption of downlink traffic

[Pascal Quantin <pascal () wireshark org>]

Hi Achuthan,

Le lun. 30 sept. 2019 à 19:53, Achuthan Paramanathan <ACP () kamstrup com> a
écrit :

> Dear wireshark,
>
>
>
> I recently noticed that decryption of downlink traffic in wireshark  -
> Version 3.0.3 is not done properly.  Even though it is marked as correct
> decoded in wireshark view. The uplink traffic is decrypted correctly.
>
>
>
> I then had a look in the code (*master branch*)
> “../dissectors/packet-lorawan.c” line 795
>
> Here, the function decrypt_lorawan_frame_payload() which takes in an
> argument dir, in this case it is statically set to 0 indicating uplink
> traffic. This will work as long as the traffic is uplink, however in
> downlink this will result in an wrong decryption.
>
>
>
> My suggestion is to use the flag “uplink” which is set to FALSE in line
> 753 when mac_mtype is of type downlink, as dir argument in function call
> decrypt_lorawan_frame_payload()

Could you please fill a bug on https://bugs.wireshark.org with a pcap
containing a bit of UL and DL traffic? It would allow to verify your fix
proposal.

Thanks for the help,
Pascal.

>
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe