Hi Phoebe,
I have added the key to wireshark so it should be able to do decryption
and MIC checks.
Edit -> Preferences -> Protocols -> IEEE 802.15.4 -> Decryption key.
I assume this works...
What devices were you running on? Just wondering if it is an endian issue.
I will have a dig into the kernel and see if I can work out what is
going wrong, I think a lot has changed since 3.15.
Simon
On 18/06/15 12:13, Phoebe Buckheister wrote:
Hi Simon,
the last kernel I used this with was 3.15-rc8, so actually quite a while
ago. Unfortunately, I don't have the means to test things with a
current kernel right now, because I don't remember things failing that
hard when I last worked on that code. I usually used seclevel 5, which
worked fine with our devices.
@wireshark: by default, without further configuration, wireshark can't
check the MIC, because it doesn't have the necessary keys. There was a
way to give wireshark those keys, but I don't remember off hand how that
worked.
On Thu, 18 Jun 2015 11:12:19 +0100
Simon Vincent <simon.vincent@xxxxxxxxxx> wrote:
Hi Phoebe,
I am having some problems with the 802.15.4 security.
What kernel version/gitref did you last test the 802.15.4 security on?
What level of security are you using? (1-7)
I can then have a look what has changed since and try and debug the
problems I am seeing.
I find if I set the security level to 1,2,3 I get a kernel panic
whenever a packet is sent.
If I set the security level to 4 the packets sent are corrupt.
If I set the security level to 5-7 wireshark decodes the packets as
MIC check failed.
Regards
Simon
On 28/05/15 10:00, Phoebe Buckheister wrote:
Hi Simon,
sorry for taking so long to reply. Unfortunately, there's currently
no actual documentation for the crypto layer (and I probably won't
come around to write any sometime soon), but I have built an
application that works with llsec [1].
The process to set up a crypto config for a network is rougly
outlined in [2] and [3]. There are more options to the crypto layer
than are used there, but the process is pretty much the same: you
add a number of devices you want to securely communicate with, add
the keys those devices will use to communicate, and then set the
general parameters for llsec (like default llsec, enabling the
crypto layer and such).
Hope that helps a little,
Phoebe
[1]
https://github.com/mysmartgrid/hexabus/blob/pb-crypto/hostsoftware/hxbnm
[2]
https://github.com/mysmartgrid/hexabus/blob/pb-crypto/hostsoftware/hxbnm/src/hxbnm.cpp#L160
[3]
https://github.com/mysmartgrid/hexabus/blob/pb-crypto/hostsoftware/hxbnm/src/hxbnm.cpp#L90
On Thu, 21 May 2015 14:23:10 +0100
Simon Vincent <simon.vincent@xxxxxxxxxx> wrote:
What is the status of the crypto-layer? I can see a lot of crypto
functionality in the mac layer but I can't work out how to setup
the keys and enable encryption/authentication. Will this be part
of the wpan-tools?
- Simon
--
To unsubscribe from this list: send the line "unsubscribe
linux-wpan" in the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe
linux-wpan" in the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-wpan" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
