wlantest: Check for zero TK even when the real PTK is not known
This makes it easier to analyze certain encryption issues. Also print out an error at the default INFO debug verbosity with the frame number. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
bb08be757f
commit
8e467e3cf4
1 changed files with 19 additions and 4 deletions
|
@ -339,10 +339,10 @@ static void rx_data_bss_prot(struct wlantest *wt,
|
||||||
struct wlantest_sta *sta, *sta2;
|
struct wlantest_sta *sta, *sta2;
|
||||||
int keyid;
|
int keyid;
|
||||||
u16 fc = le_to_host16(hdr->frame_control);
|
u16 fc = le_to_host16(hdr->frame_control);
|
||||||
u8 *decrypted;
|
u8 *decrypted = NULL;
|
||||||
size_t dlen;
|
size_t dlen;
|
||||||
int tid;
|
int tid;
|
||||||
u8 pn[6], *rsc;
|
u8 pn[6], *rsc = NULL;
|
||||||
struct wlantest_tdls *tdls = NULL, *found;
|
struct wlantest_tdls *tdls = NULL, *found;
|
||||||
const u8 *tk = NULL;
|
const u8 *tk = NULL;
|
||||||
int ptk_iter_done = 0;
|
int ptk_iter_done = 0;
|
||||||
|
@ -424,8 +424,14 @@ static void rx_data_bss_prot(struct wlantest *wt,
|
||||||
(!sta->ptk_set && sta->pairwise_cipher != WPA_CIPHER_WEP40)) &&
|
(!sta->ptk_set && sta->pairwise_cipher != WPA_CIPHER_WEP40)) &&
|
||||||
tk == NULL) {
|
tk == NULL) {
|
||||||
add_note(wt, MSG_MSGDUMP, "No PTK known to decrypt the frame");
|
add_note(wt, MSG_MSGDUMP, "No PTK known to decrypt the frame");
|
||||||
if (dl_list_empty(&wt->ptk))
|
if (dl_list_empty(&wt->ptk)) {
|
||||||
|
if (len >= 4 && sta) {
|
||||||
|
keyid = data[3] >> 6;
|
||||||
|
goto check_zero_tk;
|
||||||
|
}
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
try_ptk_iter = 1;
|
try_ptk_iter = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -578,16 +584,25 @@ skip_replay_det:
|
||||||
add_note(wt, MSG_DEBUG, "Current PTK did not work, but found a match from all known PTKs");
|
add_note(wt, MSG_DEBUG, "Current PTK did not work, but found a match from all known PTKs");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
check_zero_tk:
|
||||||
if (!decrypted) {
|
if (!decrypted) {
|
||||||
struct wpa_ptk zero_ptk;
|
struct wpa_ptk zero_ptk;
|
||||||
|
int old_debug_level = wpa_debug_level;
|
||||||
|
|
||||||
os_memset(&zero_ptk, 0, sizeof(zero_ptk));
|
os_memset(&zero_ptk, 0, sizeof(zero_ptk));
|
||||||
zero_ptk.tk_len = wpa_cipher_key_len(sta->pairwise_cipher);
|
zero_ptk.tk_len = wpa_cipher_key_len(sta->pairwise_cipher);
|
||||||
|
wpa_debug_level = MSG_ERROR;
|
||||||
decrypted = try_ptk(sta->pairwise_cipher, &zero_ptk, hdr,
|
decrypted = try_ptk(sta->pairwise_cipher, &zero_ptk, hdr,
|
||||||
data, len, &dlen);
|
data, len, &dlen);
|
||||||
|
wpa_debug_level = old_debug_level;
|
||||||
if (decrypted) {
|
if (decrypted) {
|
||||||
add_note(wt, MSG_DEBUG,
|
add_note(wt, MSG_DEBUG,
|
||||||
"Frame was encrypted with zero TK");
|
"Frame was encrypted with zero TK");
|
||||||
|
wpa_printf(MSG_INFO, "Zero TK used in frame #%u: A2="
|
||||||
|
MACSTR " seq=%u",
|
||||||
|
wt->frame_num, MAC2STR(hdr->addr2),
|
||||||
|
WLAN_GET_SEQ_SEQ(
|
||||||
|
le_to_host16(hdr->seq_ctrl)));
|
||||||
write_decrypted_note(wt, decrypted, zero_ptk.tk,
|
write_decrypted_note(wt, decrypted, zero_ptk.tk,
|
||||||
zero_ptk.tk_len, keyid);
|
zero_ptk.tk_len, keyid);
|
||||||
}
|
}
|
||||||
|
@ -597,7 +612,7 @@ skip_replay_det:
|
||||||
const u8 *peer_addr = NULL;
|
const u8 *peer_addr = NULL;
|
||||||
if (!(fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)))
|
if (!(fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)))
|
||||||
peer_addr = hdr->addr1;
|
peer_addr = hdr->addr1;
|
||||||
if (!replay)
|
if (!replay && rsc)
|
||||||
os_memcpy(rsc, pn, 6);
|
os_memcpy(rsc, pn, 6);
|
||||||
rx_data_process(wt, bss->bssid, sta->addr, dst, src, decrypted,
|
rx_data_process(wt, bss->bssid, sta->addr, dst, src, decrypted,
|
||||||
dlen, 1, peer_addr);
|
dlen, 1, peer_addr);
|
||||||
|
|
Loading…
Reference in a new issue