Small changes for EAPOL-Key dissector for IEEE 802.11i/RSN:
- add Encrypted Key Data flag for key info
- do not try to parse EAPOL-Key Key Data if it is encrypted
(RSN: Encrypted Key Data flag, WPA: Group Key)
- Key Index and Key ID are reserved in RSN
--
Jouni Malinen PGP id EFC895FA
Index: packet-eapol.c
===================================================================
RCS file: /cvsroot/ethereal/packet-eapol.c,v
retrieving revision 1.16
diff -u -p -r1.16 packet-eapol.c
--- packet-eapol.c 13 Nov 2003 23:38:32 -0000 1.16
+++ packet-eapol.c 27 Mar 2004 07:24:50 -0000
@@ -56,6 +56,7 @@ static int hf_eapol_wpa_keydes_keyinfo_k
static int hf_eapol_wpa_keydes_keyinfo_secure = -1;
static int hf_eapol_wpa_keydes_keyinfo_error = -1;
static int hf_eapol_wpa_keydes_keyinfo_request = -1;
+static int hf_eapol_wpa_keydes_keyinfo_encr_key_data = -1;
static int hf_eapol_wpa_keydes_nonce = -1;
static int hf_eapol_wpa_keydes_rsc = -1;
static int hf_eapol_wpa_keydes_id = -1;
@@ -105,6 +106,7 @@ static const value_string eapol_keydes_t
#define KEY_INFO_SECURE_MASK 0x0200
#define KEY_INFO_ERROR_MASK 0x0400
#define KEY_INFO_REQUEST_MASK 0x0800
+#define KEY_INFO_ENCR_KEY_DATA_MASK 0x1000
static const true_false_string keytype_tfs =
{ "Unicast", "Broadcast" };
@@ -194,6 +196,7 @@ dissect_eapol(tvbuff_t *tvb, packet_info
proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_secure, tvb, offset, 2, keyinfo);
proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_error, tvb, offset, 2, keyinfo);
proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_request, tvb, offset, 2, keyinfo);
+ proto_tree_add_boolean(keyinfo_tree, hf_eapol_wpa_keydes_keyinfo_encr_key_data, tvb, offset, 2, keyinfo);
offset += 2;
proto_tree_add_uint(eapol_tree, hf_eapol_keydes_keylen, tvb, offset,
@@ -224,9 +227,16 @@ dissect_eapol(tvbuff_t *tvb, packet_info
if (eapol_data_len != 0) {
ti = proto_tree_add_item(eapol_tree, hf_eapol_wpa_keydes_data,
tvb, offset, eapol_data_len, FALSE);
- keydes_tree = proto_item_add_subtree(ti, ett_eapol_keydes_data);
- ieee_80211_add_tagged_parameters(tvb, offset, keydes_tree,
- eapol_data_len);
+ if ((keyinfo & KEY_INFO_ENCR_KEY_DATA_MASK) ||
+ !(keyinfo & KEY_INFO_KEY_TYPE_MASK)) {
+ /* RSN: EAPOL-Key Key Data is encrypted.
+ * WPA: Group Keys use encrypted Key Data.
+ * Cannot parse this without knowing the key. */
+ } else {
+ keydes_tree = proto_item_add_subtree(ti, ett_eapol_keydes_data);
+ ieee_80211_add_tagged_parameters(tvb, offset, keydes_tree,
+ eapol_data_len);
+ }
}
}
else {
@@ -327,7 +337,7 @@ proto_register_eapol(void)
"eapol.keydes.key_info.key_index",
FT_UINT16, BASE_DEC, NULL,
KEY_INFO_KEY_INDEX_MASK,
- "Key Index (0-3)", HFILL }},
+ "Key Index (0-3) (RSN: Reserved)", HFILL }},
{ &hf_eapol_wpa_keydes_keyinfo_install, {
"Install flag",
"eapol.keydes.key_info.install",
@@ -364,6 +374,12 @@ proto_register_eapol(void)
FT_BOOLEAN, 16, TFS(&flags_set_truth),
KEY_INFO_REQUEST_MASK,
"Request flag", HFILL }},
+ { &hf_eapol_wpa_keydes_keyinfo_encr_key_data, {
+ "Encrypted Key Data flag",
+ "eapol.keydes.key_info.encr_key_data",
+ FT_BOOLEAN, 16, TFS(&flags_set_truth),
+ KEY_INFO_ENCR_KEY_DATA_MASK,
+ "Encrypted Key Data flag", HFILL }},
{ &hf_eapol_wpa_keydes_nonce, {
"Nonce", "eapol.keydes.nonce", FT_BYTES, BASE_NONE,
NULL, 0x0, "WPA Key Nonce", HFILL }},
@@ -372,7 +388,7 @@ proto_register_eapol(void)
0x0, "WPA Key Receive Sequence Counter", HFILL }},
{ &hf_eapol_wpa_keydes_id, {
"WPA Key ID", "eapol.keydes.id", FT_BYTES, BASE_NONE, NULL,
- 0x0, "WPA Key ID", HFILL }},
+ 0x0, "WPA Key ID(RSN Reserved)", HFILL }},
{ &hf_eapol_wpa_keydes_mic, {
"WPA Key MIC", "eapol.keydes.mic", FT_BYTES, BASE_NONE, NULL,
0x0, "WPA Key Message Integrity Check", HFILL }},
