wlantest: Add more notes about decryption into pcapng

Note the used TK/GTK and KeyID in frame notes when writing decrypted
frames to a PCAPNG file.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/wlantest/rx_data.c b/wlantest/rx_data.c
index d6c7a54c7450b3d251e4391eadc34b67406f20a3..63da868d323baac12b19f55215811a8bed7baaa7 100644 (file)
--- a/wlantest/rx_data.c
+++ b/wlantest/rx_data.c
@@ -119,8 +119,21 @@ static void rx_data_process(struct wlantest *wt, const u8 *bssid,
 }
 
 
+static void write_decrypted_note(struct wlantest *wt, const u8 *decrypted,
+                                const u8 *tk, size_t tk_len, int keyid)
+{
+       char tk_hex[65];
+
+       if (!decrypted)
+               return;
+
+       wpa_snprintf_hex(tk_hex, sizeof(tk_hex), tk, tk_len);
+       add_note(wt, MSG_EXCESSIVE, "TK[%d] %s", keyid, tk_hex);
+}
+
+
 static u8 * try_all_ptk(struct wlantest *wt, int pairwise_cipher,
-                       const struct ieee80211_hdr *hdr,
+                       const struct ieee80211_hdr *hdr, int keyid,
                        const u8 *data, size_t data_len, size_t *decrypted_len)
 {
        struct wlantest_ptk *ptk;
@@ -152,7 +165,10 @@ static u8 * try_all_ptk(struct wlantest *wt, int pairwise_cipher,
                }
                if (decrypted) {
                        wpa_debug_level = prev_level;
-                       add_note(wt, MSG_DEBUG, "Found PTK match from list of all known PTKs");
+                       add_note(wt, MSG_DEBUG,
+                                "Found PTK match from list of all known PTKs");
+                       write_decrypted_note(wt, decrypted, ptk->ptk.tk,
+                                            ptk->ptk.tk_len, keyid);
                        return decrypted;
                }
        }
@@ -229,14 +245,20 @@ static void rx_data_bss_prot_group(struct wlantest *wt,
                ccmp_get_pn(pn, data);
        if (os_memcmp(pn, bss->rsc[keyid], 6) <= 0) {
                u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
-               add_note(wt, MSG_INFO, "CCMP/TKIP replay detected: A1=" MACSTR
-                        " A2=" MACSTR " A3=" MACSTR " seq=%u frag=%u%s",
+               char pn_hex[6 * 2 + 1], rsc_hex[6 * 2 + 1];
+
+               wpa_snprintf_hex(pn_hex, sizeof(pn_hex), pn, 6);
+               wpa_snprintf_hex(rsc_hex, sizeof(rsc_hex), bss->rsc[keyid], 6);
+               add_note(wt, MSG_INFO, "replay detected: A1=" MACSTR
+                        " A2=" MACSTR " A3=" MACSTR
+                        " seq=%u frag=%u%s keyid=%d %s<=%s",
                         MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
                         MAC2STR(hdr->addr3),
                         WLAN_GET_SEQ_SEQ(seq_ctrl),
                         WLAN_GET_SEQ_FRAG(seq_ctrl),
                         (le_to_host16(hdr->frame_control) & WLAN_FC_RETRY) ?
-                        " Retry" : "");
+                        " Retry" : "",
+                        keyid, pn_hex, rsc_hex);
                wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
                wpa_hexdump(MSG_INFO, "RSC", bss->rsc[keyid], 6);
                replay = 1;
@@ -260,6 +282,11 @@ skip_replay_det:
                                         hdr, data, len, &dlen);
 
        if (decrypted) {
+               char gtk[65];
+
+               wpa_snprintf_hex(gtk, sizeof(gtk), bss->gtk[keyid],
+                                bss->gtk_len[keyid]);
+               add_note(wt, MSG_EXCESSIVE, "GTK[%d] %s", keyid, gtk);
                rx_data_process(wt, bss->bssid, NULL, dst, src, decrypted,
                                dlen, 1, NULL);
                if (!replay)
@@ -451,14 +478,20 @@ static void rx_data_bss_prot(struct wlantest *wt,
                ccmp_get_pn(pn, data);
        if (os_memcmp(pn, rsc, 6) <= 0) {
                u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
-               add_note(wt, MSG_INFO, "CCMP/TKIP replay detected: A1=" MACSTR
-                        " A2=" MACSTR " A3=" MACSTR " seq=%u frag=%u%s",
+               char pn_hex[6 * 2 + 1], rsc_hex[6 * 2 + 1];
+
+               wpa_snprintf_hex(pn_hex, sizeof(pn_hex), pn, 6);
+               wpa_snprintf_hex(rsc_hex, sizeof(rsc_hex), rsc, 6);
+               add_note(wt, MSG_INFO, "replay detected: A1=" MACSTR
+                        " A2=" MACSTR " A3=" MACSTR
+                        " seq=%u frag=%u%s keyid=%d tid=%d %s<=%s",
                         MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
                         MAC2STR(hdr->addr3),
                         WLAN_GET_SEQ_SEQ(seq_ctrl),
                         WLAN_GET_SEQ_FRAG(seq_ctrl),
                         (le_to_host16(hdr->frame_control) &  WLAN_FC_RETRY) ?
-                        " Retry" : "");
+                        " Retry" : "",
+                        keyid, tid, pn_hex, rsc_hex);
                wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
                wpa_hexdump(MSG_INFO, "RSC", rsc, 6);
                replay = 1;
@@ -466,16 +499,22 @@ static void rx_data_bss_prot(struct wlantest *wt,
 
 skip_replay_det:
        if (tk) {
-               if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256)
+               if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256) {
                        decrypted = ccmp_256_decrypt(tk, hdr, data, len, &dlen);
-               else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
-                        sta->pairwise_cipher == WPA_CIPHER_GCMP_256)
+                       write_decrypted_note(wt, decrypted, tk, 32, keyid);
+               } else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
+                          sta->pairwise_cipher == WPA_CIPHER_GCMP_256) {
                        decrypted = gcmp_decrypt(tk, sta->ptk.tk_len, hdr, data,
                                                 len, &dlen);
-               else
+                       write_decrypted_note(wt, decrypted, tk, sta->ptk.tk_len,
+                                            keyid);
+               } else {
                        decrypted = ccmp_decrypt(tk, hdr, data, len, &dlen);
+                       write_decrypted_note(wt, decrypted, tk, 16, keyid);
+               }
        } else if (sta->pairwise_cipher == WPA_CIPHER_TKIP) {
                decrypted = tkip_decrypt(sta->ptk.tk, hdr, data, len, &dlen);
+               write_decrypted_note(wt, decrypted, sta->ptk.tk, 32, keyid);
        } else if (sta->pairwise_cipher == WPA_CIPHER_WEP40) {
                decrypted = wep_decrypt(wt, hdr, data, len, &dlen);
        } else if (sta->ptk_set) {
@@ -489,14 +528,16 @@ skip_replay_det:
                else
                        decrypted = ccmp_decrypt(sta->ptk.tk, hdr, data, len,
                                                 &dlen);
+               write_decrypted_note(wt, decrypted, sta->ptk.tk,
+                                    sta->ptk.tk_len, keyid);
        } else {
-               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, data,
-                                       len, &dlen);
+               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, keyid,
+                                       data, len, &dlen);
                ptk_iter_done = 1;
        }
        if (!decrypted && !ptk_iter_done) {
-               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, data,
-                                       len, &dlen);
+               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, keyid,
+                                       data, len, &dlen);
                if (decrypted) {
                        add_note(wt, MSG_DEBUG, "Current PTK did not work, but found a match from all known PTKs");
                }