Wireshark-dev: Re: [Wireshark-dev] WAPI decode and decryption
From: Sreenivasulu Yellamaraju <Sreenivasulu.Yellamaraju@xxxxxxx>
Date: Wed, 14 Sep 2011 12:28:15 +0000
Hello members, Any thoughts on the following feature additions? Regards, Sreenivasulu Y Senior Lead Engineer, CSR India Pvt Ltd, Direct Dial: +91 80 25183091 -----Original Message----- From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Sreenivasulu Yellamaraju Sent: Tuesday, August 30, 2011 5:22 PM To: wireshark-dev@xxxxxxxxxxxxx; wireshark-users@xxxxxxxxxxxxx Subject: [Wireshark-dev] WAPI decode and decryption Hi, We are using Wireshark to decode WAPI ( Chinese WLAN security standard) frames. The following are my observations/queries. I am using Wireshark Version 1.6.1 (SVN Rev 38096 from /trunk-1.6) which is a stable released version. I am using this version only to do an offline analysis of .pcap files and did not capture any WAPI data traffic myself. 1) Wireshark is not decoding the WAPI Information Element(Tag number 68) in beacons,probe req/rsp,association req/rsp packets. Is this support not implemented? 2) Wireshark is decoding WAI protocol packets like Unicast key negotiation request/response/confirm Multicast key/STAKey announcement Multicast key/STAKey announcement response 3) Next, is there any provision to decode the WLAN data packets that are exchanged between a WAPI STA and WAPI AP both of which are using Preshared key method ? The assumption is that I have captured association,WAI authentication and unicast/multicast key exchanges in the same .pcap file. Basically, I am expecting a decryption similar to WPA(2)-PSK decryption that is supported by Wireshark. Please share your comments. Regards, Sreenivasulu Y Senior Lead Engineer, CSR India Pvt Ltd, Direct Dial: +91 80 25183091 Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom More information can be found at www.csr.com. Follow CSR on Twitter at http://twitter.com/CSR_PLC and read our blog at www.csr.com/blog ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe To report this email as spam click https://www.mailcontrol.com/sr/X984!xQJMSLTndxI!oX7UsdpzMR7Bo2Klc1gwJam8Vp+86WwKr86!HzQ3AUwLtqt2LV39c2uD3H63Umxp4EWgA== .
- Prev by Date: [Wireshark-dev] Extracting expert info using tshark
- Next by Date: [Wireshark-dev] Ready to remove all non-ui-manager code?
- Previous by thread: Re: [Wireshark-dev] Extracting expert info using tshark
- Next by thread: [Wireshark-dev] Ready to remove all non-ui-manager code?
- Index(es):