wlantest: Check all configured TKs if no matching GTK is known

This allows group-addressed frames to be decrypted by listing all
possible GTKs in the PTK file.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2021-03-09 17:29:48 +02:00 committed by Jouni Malinen
parent 9216929ab6
commit 503901e72d

View file

@ -250,8 +250,13 @@ static void rx_data_bss_prot_group(struct wlantest *wt,
if (bss->gtk_len[keyid] == 0 && if (bss->gtk_len[keyid] == 0 &&
(bss->group_cipher != WPA_CIPHER_WEP40 || (bss->group_cipher != WPA_CIPHER_WEP40 ||
dl_list_empty(&wt->wep))) { dl_list_empty(&wt->wep))) {
add_note(wt, MSG_MSGDUMP, "No GTK known to decrypt the frame " decrypted = try_all_ptk(wt, bss->group_cipher, hdr, keyid,
"(A2=" MACSTR " KeyID=%d)", data, len, &dlen);
if (decrypted)
goto process;
add_note(wt, MSG_MSGDUMP,
"No GTK known to decrypt the frame (A2=" MACSTR
" KeyID=%d)",
MAC2STR(hdr->addr2), keyid); MAC2STR(hdr->addr2), keyid);
return; return;
} }
@ -304,6 +309,7 @@ skip_replay_det:
wpa_snprintf_hex(gtk, sizeof(gtk), bss->gtk[keyid], wpa_snprintf_hex(gtk, sizeof(gtk), bss->gtk[keyid],
bss->gtk_len[keyid]); bss->gtk_len[keyid]);
add_note(wt, MSG_EXCESSIVE, "GTK[%d] %s", keyid, gtk); add_note(wt, MSG_EXCESSIVE, "GTK[%d] %s", keyid, gtk);
process:
rx_data_process(wt, bss->bssid, NULL, dst, src, decrypted, rx_data_process(wt, bss->bssid, NULL, dst, src, decrypted,
dlen, 1, NULL); dlen, 1, NULL);
if (!replay) if (!replay)