Wireshark mailing list archives
EAPOL and Key MIC values longer than 16 bytes
From: Richard Sharpe <realrichardsharpe () gmail com>
Date: Tue, 2 Jan 2018 21:02:49 -0800
Hi folks, The DPP spec requires the EAPOL Key MIC length to be the same as the Nonce length. I have a capture with such frames and the 4-way handshake seems to have worked, so the code dealing with it seems happy. The problem is how do I determine that a MIC longer than 16 is being used? The only clue I have is that the Key Descriptor Version is a value (0) listed as Reserved in 802.1X-2010. However, 802.11-2016 Section 12.7.2 (Figure 12-33 and description) indicates that avalue of 0 is normal and the MIC Length varies. Unfortunately, 12.7.3 and Table 12-8 suggests that the max value is 24 bytes, not the 32 bytes I am seeing. Perhaps the only thing I can do is to introduce a preference for EAPOL that allows the user to specify a different Key MIC size. Thoughts. -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- EAPOL and Key MIC values longer than 16 bytes Richard Sharpe (Jan 02)
- Re: EAPOL and Key MIC values longer than 16 bytes Guy Harris (Jan 02)
- Re: EAPOL and Key MIC values longer than 16 bytes Richard Sharpe (Jan 03)
- Re: EAPOL and Key MIC values longer than 16 bytes Guy Harris (Jan 02)