CN101795463B - Method and system for analyzing WLAN authentication and privacy infrastructure protocol - Google Patents

Method and system for analyzing WLAN authentication and privacy infrastructure protocol Download PDF

Info

Publication number
CN101795463B
CN101795463B CN 201010109598 CN201010109598A CN101795463B CN 101795463 B CN101795463 B CN 101795463B CN 201010109598 CN201010109598 CN 201010109598 CN 201010109598 A CN201010109598 A CN 201010109598A CN 101795463 B CN101795463 B CN 101795463B
Authority
CN
China
Prior art keywords
wapi
wapi protocol
protocol massages
wai
field
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN 201010109598
Other languages
Chinese (zh)
Other versions
CN101795463A (en
Inventor
郑忠斌
赵强
何桂立
马鑫
张翔
贺鹏
李莉莉
温蕾
张秩惟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Research Institute of Telecommunications Transmission Ministry of Industry and Information Technology
Original Assignee
Research Institute of Telecommunications Transmission Ministry of Industry and Information Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Research Institute of Telecommunications Transmission Ministry of Industry and Information Technology filed Critical Research Institute of Telecommunications Transmission Ministry of Industry and Information Technology
Priority to CN 201010109598 priority Critical patent/CN101795463B/en
Publication of CN101795463A publication Critical patent/CN101795463A/en
Application granted granted Critical
Publication of CN101795463B publication Critical patent/CN101795463B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method and a system for analyzing a WAPI protocol. The method comprises the following steps: receiving WAPI protocol message; resolving the WAPI protocol message to acquire packet information of the WAPI protocol message; judging whether the WAPI protocol message is WAPI protocol message of a WAI packet according to the packet information of the WAPI protocol message; acquiring a value of each field in the WAPI protocol message of the WAI packet; and judging whether the WAPI protocol flow in the WAPI protocol message of the WAI packet is complete according to the value of each field in the WAPI protocol message of the WAI packet. The method and the system for analyzing the WAPI protocol can meet the requirement for testing the protocol conformance for WLAN equipment. The system is convenient to use, flexible to upgrade and accurate in testing precision, and provides a good platform for protocol test of a WAPI product.

Description

WLAN authentication and privacy infrastructure protocal analysis method and system
Technical field
The present invention relates to communication technical field, relate in particular to a kind of WAPI protocal analysis method and system.
Background technology
WLAN authentication and privacy infrastructure (Wireless LAN Authentication and Privacy Infrastructure; WAPI), be a kind of security protocol, as agreements such as infrared ray, bluetooth, GPRS, CDMA1X; Be a kind of of wireless transmission protocol; Different is it be WLAN (Wireless Local Area Network, a kind of host-host protocol in WLAN), more close with the 802.11B host-host protocol.At present WAPI mechanism obtains approval by the IEEE Registration Authority examination that ISO/IEC authorizes, and has distributed and be used for this machine-processed EtherType number (IEEE EtherType Field) 0x88b4.
Along with the development of WAPI technology, except typical products such as WAP, wireless network card, support that the portable terminal of WAPI function is also more and more, the demand of the testing protocol consistency of corresponding WAPI product also increases day by day.
The testing protocol consistency of WAPI product need adopt the network protocol analysis method and system, is widely used in cable network, is very practical test and maintenance tool.Mostly prior art is the WLAN protocol analyzer; Commonly realize based on software; The AiroPeek that provides like AirMagnet, WildPackets, Ethereal, Sniffer Wireless etc., but in the WAPI field, transmission medium is an electromagnetic wave; Do not have the WAPI protocal analysis method and system in the wireless transmission in the prior art, can't realize test the WAPI protocol conformance of WLAN devices.
Summary of the invention
The objective of the invention is in order to overcome the defective of prior art, a kind of WAPI protocal analysis method and system is provided, can the WAPI protocal analysis be carried out in the extracting of the aerial packet of the wireless signal that receives, judge the consistency of WAPI agreement.
For realizing above-mentioned purpose, the invention provides a kind of WAPI protocal analysis method, said method comprises:
Receive the WAPI protocol massages;
Information to the MAC layer frame head of said WAPI protocol massages is resolved, and obtains the information of the logic link control LLC layer of said WAPI protocol massages; Information to the logical link control layer of said WAPI protocol massages is resolved, and obtains the ethernet type field of said WAPI protocol massages;
Judge the WAPI protocol massages whether said WAPI protocol massages divides into groups for wireless local area network authentication infrastructure WAI according to the ethernet type field of said WAPI protocol massages;
Obtain the value of each field in the WAPI protocol massages that said WAI divides into groups;
The value of each field judges whether the WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is complete in the WAPI protocol massages that divides into groups according to said WAI.
For realizing above-mentioned purpose, the present invention also provides a kind of WAPI protocol analysis system, and said system comprises:
Receiving element is used to receive the WAPI protocol massages;
Resolution unit is used for the information of the MAC layer frame head of said WAPI protocol massages is resolved, and obtains the information of the logic link control LLC layer of said WAPI protocol massages; Information to the logical link control layer of said WAPI protocol massages is resolved, and obtains the ethernet type field of said WAPI protocol massages;
Judging unit is used for judging the WAPI protocol massages whether said WAPI protocol massages divides into groups for wireless local area network authentication infrastructure WAI according to the ethernet type field of said WAPI protocol massages;
Acquiring unit is used for obtaining the value of each field of WAPI protocol massages that said WAI divides into groups;
Analytic unit, the value of each field of WAPI protocol massages that is used for dividing into groups according to said WAI judge whether the WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is complete.
For realizing above-mentioned purpose, the present invention also provides a kind of WAPI protocol analysis system, and said system comprises:
The signal deriving means is used to obtain the wireless signal that comprises WAPI protocol data bag;
Extraction element is used for extracting the WAPI protocol massages from said WAPI protocol data bag;
Receiving system is used to receive the WAPI protocol massages;
Resolver is used for the information of the MAC layer frame head of said WAPI protocol massages is resolved, and obtains the information of the logic link control LLC layer of said WAPI protocol massages; Information to the logical link control layer of said WAPI protocol massages is resolved, and obtains the ethernet type field of said WAPI protocol massages;
Judgment means is used for judging the WAPI protocol massages whether said WAPI protocol massages divides into groups for wireless local area network authentication infrastructure WAI according to the ethernet type field of said WAPI protocol massages;
The message field (MFLD) deriving means is used for obtaining the value of each field of WAPI protocol massages that said WAI divides into groups;
Analytical equipment, the value of each field of WAPI protocol massages that is used for dividing into groups according to said WAI judge whether the WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is complete.
WAPI protocal analysis method and system of the present invention can satisfy the test request for the protocol conformance of WLAN devices, and this system is easy to use, and upgrading is flexible, and measuring accuracy is accurate, for WAPI product protocol test provides good platform.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art; The accompanying drawing of required use is done to introduce simply in will describing embodiment below; Obviously, the accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work property, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the sketch map of WAPI protocol analysis system of the present invention;
Fig. 2 is the sketch map of WAPI protocol analysis system signal deriving means embodiment one of the present invention;
Fig. 3 is the sketch map of WAPI protocol analysis system signal deriving means embodiment two of the present invention;
Fig. 4 is the sketch map of wireless transceiver in the wireless transceiver of WAPI protocol analysis system of the present invention;
Fig. 5 is the sketch map of the power amplifier of WAPI protocol analysis system of the present invention;
Fig. 6 is the circuit diagram of the ∏ type matching unit of WAPI protocol analysis system of the present invention;
Fig. 7 is one of circuit diagram of the low-pass filter unit in the WAPI protocol analysis system of the present invention;
Fig. 8 be the low-pass filter unit in the WAPI protocol analysis system of the present invention circuit diagram two;
Fig. 9 is the sketch map of the low noise amplifier of WAPI protocol analysis system of the present invention;
Figure 10 is the sketch map of the single-pole double-throw switch (SPDT) of WAPI protocol analysis system of the present invention;
Figure 11 is the flow chart of WAPI protocal analysis method embodiment one of the present invention;
Figure 12 for WAPI protocal analysis method of the present invention based on integral frame figure;
Figure 13 is the flow chart of WAPI protocal analysis method embodiment two of the present invention;
Figure 14 is the structured flowchart of the WAPI protocal analysis of WAPI protocal analysis method of the present invention;
Figure 15 is the structure chart of the protocol data parsing module of WAPI protocal analysis method of the present invention;
Figure 16 is the structure chart of the protocol fields analyzing sub-module of WAPI protocal analysis method of the present invention;
Figure 17 is the structure chart of the report generation module of WAPI protocal analysis method of the present invention;
Figure 18 is the mutual signaling diagram of WAPI protocal analysis method graphical user interface module of the present invention.
Embodiment
To combine the accompanying drawing in the embodiment of the invention below, the technical scheme in the embodiment of the invention is carried out clear, intactly description, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills are not making the every other embodiment that is obtained under the creative work prerequisite, all belong to the scope of the present invention's protection.
WAPI protocol analysis system of the present invention is a kind of WAPI protocol analysis system that is used for the Windows system cheaply.Adopt the WLAN chip of special-purpose USB interface, support 802.11b/g and 802.11n draft; And utilize software that powerful WAPI protocal analysis can be provided.
WAPI protocol analysis system of the present invention can show important information through each packets of information that the reception wireless signal is caught in the WLAN, and for example packets of information is connected tabulation with network, critical statistic, and the agreement distribution graph, or the like.Can check thus, preserve, filter, the packets of information that input and output are caught, the multianalysis various communications protocols is also browsed the protocol-decoding of deciphering bottom.According to the WAPI security mechanism of GB15629.11 series standard regulation, can accomplish content measurements such as wildcard function, certificate install function, certificate discrimination process, certificate selection function, encryption function, encryption function, key updating function and negative illegal certificate function through this WAPI protocol analysis system.
Fig. 1 is the sketch map of WAPI protocol analysis system of the present invention; As shown in the figure, WAPI protocol analysis system of the present invention specifically comprises: signal deriving means 101, extraction element 102, receiving system 103, resolver 104, judgment means 105, message field (MFLD) deriving means 106 and analytical equipment 107.
Signal deriving means 101 is used to obtain the wireless signal that comprises WAPI protocol data bag; Extraction element 102 is used for extracting the WAPI protocol massages from WAPI protocol data bag; Receiving system 103 is used to receive the WAPI protocol massages; Resolver 104 is used for the WAPI protocol massages is resolved, and obtains the grouping information of WAPI protocol massages; Judgment means 105 is used for judging according to the grouping information of WAPI protocol massages whether the WAPI protocol massages is wireless local area network authentication infrastructure (WLAN Authentication Infrastructure, the WAPI protocol massages that WAI) divides into groups; Message field (MFLD) deriving means 106 is used for obtaining the value of each field of WAPI protocol massages that WAI divides into groups; The value of each field of WAPI protocol massages that analytical equipment 107 is used for dividing into groups according to WAI judges whether the WAPI agreement flow process in the WAPI protocol massages of WAI grouping is complete.
Extraction element 102, receiving system 103, resolver 104, judgment means 105, message field (MFLD) deriving means 106 and analytical equipment 107 can utilize computer to realize.
Fig. 2 is the sketch map of WAPI protocol analysis system signal deriving means embodiment one of the present invention; As shown in the figure, signal deriving means embodiment one of the present invention specifically comprises: wireless transceiver 1, power amplifier 2, low noise amplifier 3, RF switch 4 and antenna 5.
The process of outwards sending signal is: wireless transceiver 1 connects extraction element; Wireless transceiver 1 is connected with power amplifier 2, low noise amplifier 3 and RF switch 4 respectively in addition; Power amplifier 2 is connected with RF switch 4 respectively with low noise amplifier 3, and RF switch 4 is connected with antenna 5.Wireless transceiver 1 sends radiofrequency signal to power amplifier 2; Power amplifier 2 carries out radiofrequency signal to send to RF switch 4 after the power amplification; RF switch 4 sends to antenna 5 with the radiofrequency signal after the power amplification, and the radiofrequency signal after antenna 5 will amplify is sent to the external world.
The process that receives signal is: antenna 5 sends to RF switch 4 with the wireless signal that receives; RF switch 4 sends to low noise amplifier 3 with wireless signal; Low noise amplifier 3 carries out wireless signal to send to wireless transceiver 1 after the low noise processing and amplifying, and wireless transceiver 1 will carry out wireless signal after the low noise processing and amplifying and send to outer computer and carry out the WAPI protocal analysis.
So WAPI protocol signal deriving means of the present invention can be with the extracting of the aerial packet of the wireless signal that receives, the computer through the outside carries out in the WAPI protocol analysis device.
Fig. 3 is the sketch map of signal deriving means embodiment two in the WAPI protocol analysis system of the present invention; As shown in the figure, WAPI protocol signal deriving means embodiment two of the present invention specifically comprises: wireless transceiver 1, power amplifier 2, low noise amplifier 3, RF switch 4, antenna 5, power supervisor 6, USB interface 7 and Dongle circuit 8.
Power supervisor 6 is connected with power amplifier 2 with wireless transceiver 1, and power supervisor 6 is to wireless transceiver 1 and power amplifier 2 power supplies.USB interface 7 is connected with wireless transceiver 1, and wireless transceiver 1 is communicated by letter with extraction element through USB interface 7.Dongle circuit 8 is connected with wireless transceiver 1, and software copyright protection is provided.
As shown in Figure 3 again, power amplifier 2 comprises: power microwave unit 20, bandpass filtering unit 21 and low-pass filter unit 22.Bandpass filtering unit 21 is connected with power microwave unit 20 with wireless transceiver 1 respectively; Power microwave unit 20 is connected with low-pass filter unit 22 with wireless transceiver 1 respectively, and low-pass filter unit 22 is connected with RF switch 4.
Use for ease,, carry out packet capturing and protocal analysis so WAPI protocol analysis system of the present invention adopts USB interface 7 as the communication interface of outer computer (PC) with the WAPI protocol analysis system.Wireless transceiver 1 is inner integrated MAC, and BBP (Baseband, BB), radio-frequency module (Radio Frequency, RF) etc.The radiofrequency signal that 2 pairs of wireless transceivers 1 of power amplifier are sent here is carried out power amplification, is radiated in the air through RF switch 4, antenna 5 then.Simultaneously, get into low noise amplifier 3 from aerial wireless signal through antenna 5, RF switch 4 and amplify, give wireless transceiver 1 then and handle.For the whole size of effective control hardware circuit, antenna of the present invention adopts built-in aerial to realize.
The main distinction of WAPI agreement and WLAN agreement is in safety and encryption mechanism part; WAPI protocol analysis system of the present invention is accomplished the prison power of WAPI in the wireless environment and the packet capturing analysis of encryption mechanism, can adopt the chip of WLAN to monitor the wireless signal of eating dishes without rice or wine.
The wireless transceiver of WAPI protocol analysis system of the present invention utilizes the RT3070 of the series of Ralink to realize.RT3070 adopts the encapsulation of 9mm * 9mm QFN 76 pins, to the wireless network demand of follow-on consumption electronic product, wideband network and computer, integrates with CMOS cheaply with height and to manufacture and design.RT3070 can be used for developing low-cost and area dwindles 50% USB Wi-Fi equipment.RT3070 supports 802.11b/g and 802.11n draft, and maximum transmission rate can reach 150Mbps, cooperates single antenna can reach transmission speed and farther transmission range faster.
Fig. 4 is the sketch map of wireless transceiver in the wireless transceiver of WAPI protocol analysis system of the present invention; Wireless transceiver utilizes RT3070 to realize; As shown in the figure, comprise radio frequency (RF) reflector 11, radio frequency receiver 12, BBP 13; MAC controller MAC14, A-D converter (ADC and DAC) 15, USB controller 16.
Radiofrequency launcher 11 is connected with A-D converter 15 with radio frequency receiver 12, and A-D converter 15 is connected with BBP 13, and BBP 13 is connected with MAC14, and MAC14 is connected with USB controller 16.As shown in Figure 4 again, also comprise a system controller 17, be connected with MAC14.
In WAPI protocol analysis system of the present invention, power amplifier 2 is very important.Gain, noise and non-linear be most important three parameters of power amplifier, wherein gain is determining final power output, noise and non-linear then closely bound up with the wire size quality.Fig. 5 is the sketch map of the power amplifier of WAPI protocol analysis system of the present invention; As shown in the figure, power amplifier comprises: power microwave unit 20, bandpass filtering unit 21, low-pass filter unit 22, ∏ type matching unit 23, gain control unit 24, power supply circuits 25, power detecting unit 26 and temperature detecting unit 27.
Power microwave unit 20 is connected with ∏ type matching unit 23, low-pass filter unit 22, gain control unit 24, power supply circuits 25, power detecting unit 26 and temperature detecting unit 27 respectively, and ∏ type matching unit 23 is connected with bandpass filtering unit 21.
The subcarrier of the 2.4GHz frequency range of band pass filter has 13; Frequency is from 2.412GHz to 2.437GHz, and the frequency interval of adjacent two interchannels is 500MHz, and the signal of front end output has comprised such from 2.412GHz to a 2.437GHz frequency band; Therefore; In order to make useful signal successfully get into the power amplifier chip, useless hash is placed a band pass filter by filtering on the input circuit of power amplifier chip.
The parameter that dedicated band pass is in the present invention considered mainly contains the decay in input impedance, output impedance, passband, the passband, the decay beyond the passband.
The coupling of ∏ type matching unit is extremely important in radio frequency design, and many times design or debugging radio-frequency circuit all are in the problem that solves coupling.∏ type matching unit utilizes ∏ type matching network to realize, generally is placed directly in the input of power amplifier chip, and the pin of chip can not match 50 ohm usually, can not know the input characteristics of pin yet, makes that thus ∏ type matching network is extremely important.
∏ type matching network, shape the spitting image of alphabetical ∏, we have a look actual ∏ type matching network.As shown in Figure 6, be the circuit diagram of the ∏ type matching unit of WAPI protocol analysis system of the present invention.
The power microwave unit is the core of power amplifier, and the performance of the device of power microwave unit is determining the performance of power amplifier to a great extent.The selection of power amplifier chip is the process of a complicacy; In the selection course of reality, generally will consider several following parameters: operating frequency, small signal gain, maximum linear power output, 1dB compression point power output, error vector magnitude (EVM), adjacent channel power make contributions than (ACPR), noise factor, in whether the rate measuring ability, build gain control function, supply power voltage and consumed current etc. in whether.
The temperature detecting function of temperature detecting unit can the detection power microwave device the temperature of power amplifier chip, prevent that chip temperature is overheated and burn.It is exactly the power output according to ambient temperature adjustment power amplifier that another one more importantly acts on.Under a lot of situation; The change of ambient temperature; Can cause bigger influence to the power output of power amplifier chip; If wireless transceiver is learnt the power output of current temperature and suitable adjustment self through temperature detecting unit or is changed the gain of power amplifier, just can make the power amplifier of power amplifier when ambient temperature changes, still can keep stable power to export, this stability for the raising product is good.
The present invention adopts temperature detecting unit to make the CPU temperature of monitor power device constantly.Adopt the temperature-sensitive thermistor to cooperate simple peripheral components can realize that the conversion with temperature is reflected as the variation of voltage, like this, CPU just can learn whether operate as normal of power microwave unit through the conversion of monitoring voltage.Temperature detecting unit be placed on the power microwave unit near.
The power detection of power detecting unit can make wireless transceiver keep watch on the power output of the power amplifier of power amplifier constantly; Like this; When the power output of power amplifier changes; Wireless transceiver just can be adjusted the power output of self or change the gain of power amplifier, makes the power output of power amplifier be stabilized in a fixing value.The output of the circuit of power detecting unit be dc voltage value, this magnitude of voltage is given after the wireless transceiver, wireless transceiver self inside carries out the A/D conversion, just can learn the power output of the power amplifier of power amplifier.
The effect of the gain controlling of gain control unit can change the gain of power amplifier exactly, thereby can change power output.The method that changes the final power output of power amplifier has two kinds, and a kind of is the power output that wireless transceiver changes self, and a kind of in addition is exactly the gain that changes power amplifier.Control signal from wireless transceiver acts on the power amplifier chip through two resistance, thereby final power output is also being controlled in the gain of power controlling amplifying circuit.
During subject matter that low-pass filter unit will solve because the high order harmonic component that power amplifier causes, like second harmonic, the triple-frequency harmonics even the harmonic wave of high reps more, and the problem that low-pass filter unit also will solve is exactly a matching problem.As shown in Figure 7, be one of circuit diagram of the low-pass filter unit in the WAPI protocol analysis system of the present invention.As shown in Figure 8, be two of the circuit diagram of the low-pass filter unit in the WAPI protocol analysis system of the present invention.
Again referring to shown in Figure 3, low noise amplifier in WAPI protocol analysis system of the present invention between RF switch and wireless transceiver, to antenna induction to signal amplify, wireless transceiver is effectively handled.We can say that the performance of low noise amplifier directly affects the sensitivity of whole analytical system.Low noise amplifier has extremely low noise factor.The physical meaning of noise factor is: signal is through after the amplifier, because amplifier generated noise degenerates signal to noise ratio; The multiple that signal to noise ratio descends is exactly a noise factor.Except noise factor, power gain, gain flatness, working band, dynamic range also are to need to pay close attention to.
Power gain mainly just refers to the gain ability of low noise amplifier; Gain flatness is described the fluctuation of the amplifier power gain that frequency change causes in working band; Working band just is meant the frequency range of the operate as normal of amplifier, and dynamic range is meant that amplifier allows the minimum and the maximum power scope of input.
Fig. 9 is the sketch map of the low noise amplifier of WAPI protocol analysis system of the present invention, and as shown in the figure, low noise amplifier comprises: input circuit 31, output loop 32, amplifying circuit 33 and gain controlling 30.Input circuit 31 can be placed matching network with output loop 32, and gain controlling 30 is for the stability that improves analytical system, and effect is clearly.When the signal strength signal intensity that receives was low, the gain that can improve low noise amplifier guaranteed that signal can normally be received; When the intensity that receives signal is higher, can reduce the gain of low noise amplifier, in order to avoid cause signal jam.
RF switch is used to realize transmitting and receiving the switching in loop, and its most important component is exactly a chips.Switch chip structurally, be exactly a single-pole double-throw switch (SPDT) usually, shown in figure 10, be the sketch map of the single-pole double-throw switch (SPDT) of WAPI protocol analysis system of the present invention, which limit switch is thrown to is decided by to be added in the voltage on the control pin.
Switching chip of the present invention can utilize uPG2179 to realize; UPG2179 is the single-pole double throw RF switch that a maximal input can reach 1.5W; Supply power voltage can be from 1.5V to 5.3V, in 2.4GHz~2.5GHz frequency range, and the decay 0.35dB during its conducting; Isolation during shutoff can reach 24dB, can finely satisfy the demands.
In order to protect the copyright of software, WAPI protocol analysis system of the present invention utilizes the Dongle circuit to realize.Adopt extra memory space to come the License of storing software, just the License with software is solidificated on the hardware WAPI protocol analysis system, just can realize the Dongle circuit, has sufficiently high fail safe.Under transmission rate request is not very high situation, can select to possess the low capacity serial EEPROM of SPI interface, the SPI interface structure is simple, only needs to use four lines can accomplish the read-write operation to EEPROM.
Power supervisor need be CPU, and circuit such as power amplifier and Dongle circuit provide the power supply of stability and high efficiency.Through analyzing, system needs 1.2V, two kinds of voltages of 3.3V, and 1.2V CPU core voltage wherein can be produced by the inner LDO of CPU.The WAPI protocol analysis system can obtain 5V from USB interface, and maximum current is the stabilized voltage power supply of 500mA, is system's power supply thereby at this moment need an independent power conversion chip to convert 5V into 3.3V.
WAPI protocol analysis system of the present invention can be used for the inner networking in laboratory and detect, and wireless network data is analyzed in the test when also can be used for WAPI factory family property line and research and development.Powerful, easy to use, only need WAPI protocol analysis system of the present invention is inserted outer computer, for example PC moves corresponding software and can realize the extracting to aerial packet under Windows, carries out protocal analysis etc.
Figure 11 is for the flow chart of WAPI protocal analysis method embodiment one of the present invention, and is as shown in the figure, specifically comprises the steps:
Step 101 receives the WAPI protocol massages;
Step 102 is resolved the information of the mac layer frame head of said WAPI protocol massages;
Step 103 judges whether to divide into groups into WAI according to packet type;
Step 104 is resolved WAI packets headers information, obtains WAI protocol packet type;
Step 105 is resolved all types of WAI protocol packet;
Step 106 generates the report of WAPI protocal analysis.
Figure 12 for WAPI protocal analysis method of the present invention based on integral frame figure; As shown in the figure; The driver of bottom is that the WAPI protocol analysis system provides communication interface with the PC that is connected; Dynamic link library provides a bottom API, and application software can be carried out packet capturing through the API of dynamic link library, and the WAPI protocal analysis is accomplished the consistency analysis of agreement on the basis of packet capturing.Simultaneously, dynamic link library carries out verification to the License in the WAPI protocol analysis system, and the copyright protection of software is provided.
Specifically describe as follows:
Driver mainly comprises four modules: initialization module, I/O module, plug and play administration module and power management module.Also have a .INF file in addition and be used for the installation of driver.
In initialization module, comprise initialization entrance of device driver, also include two routines of Create and Close in the initialization module, this is the unique channel of acquisition of Win32 program and release device handle; Called by the PnP manager when AddDevice routine is added an equipment in system, its groundwork is to create and the initialization apparatus object; The DriverUnload routine is used when system's unloading hardware, is called by the I/O manager, discharges all resources.The I/O module is made up of read-write routine Read, Write and Equipment Control routine IoControl.
Dynamic link library (DLL) is for the application software on upper strata provides api interface, and application software is directly passed through the data of this api interface accesses network bottom.Application software is loaded into DLL after the current process space, and the DLL module can be injected in the middle of the target process.When the transmission that monitors network cover joint word, when accepting, call the API interception function in the DLL module.Handle through the API among the DLL, send network function again.
, application software can load the DLL module when moving; At this moment, the DLL module will go to detect the License information that is solidificated in the WAPI protocol analysis system hardware, checks whether it is legal; If the DLL module can not find License or License is illegal, software can't move so.
Figure 13 is for the flow chart of WAPI protocal analysis method embodiment two of the present invention, and is as shown in the figure, specifically comprises the steps:
Step 201 grasps and prints WAPI protocol data bag;
The application software on foreground mainly accomplish DLL carry, unload and accept the message of the module of DLL, and in its window, print packet; In DLL, send to the EXE end to the address of packet and big or small form with message and handle, EXE end response DLL holds the message of sending then, prints WAPI protocol data bag and specifically comprises the steps:
Step 2011 defines type of message in the header file of said WAPI protocol data bag;
Step 2012 is added message maps in message maps is grand;
Step 2013 according to message maps, is added message processing function in CPP (C Plus Plus C Plus Plus source program) file;
Step 2014 to printing in the window, according to data packet addressed in the message and length, prints the content of packet with said WAPI protocol data bag.
Protocal analysis is exactly that content and the form of the packet that provides to application software carries out protocal analysis, mainly according to the analysis of GB 15629.11 series standards completion protocol conformance, and analytic process and result can be provided.Can intuitively see inconsistent place in protocol interaction flow process and the standard code, location protocol mistake according to analytic process.
Figure 14 is for the structured flowchart of the WAPI protocal analysis of WAPI protocal analysis method of the present invention, and is as shown in the figure.Protocal analysis comprises GUI (graphical user interface), DataReader (protocol data read module), PacketResolve (protocol data parsing module) and Report (generation reporting modules) four parts composition.
Step 202 reads WAPI protocol data bag, and filter false and the preceding WAPI protocol data bag of re-transmission are extracted the WAPI protocol massages;
For the processing of also will recombinating of the message of the burst in the WAPI protocol data bag, could generate the message that complete needs carry out the WAPI protocal analysis;
Step 203 receives the WAPI protocol massages;
The protocol data read module reads WAPI protocol data bag stream, carries out filter false then, retransmits preceding packet, for the message of burst, recombinate, and returns the message of finishing dealing with at last.
The protocol data parsing module receives the message of protocol data read module output, and resolves.Figure 15 is for the structure chart of the protocol data parsing module of WAPI protocal analysis method of the present invention, referring to shown in Figure 15;
Step 204; Resolve the information of mac layer frame head through MacHeaderResolve, obtain (Logic Link Control, LLC) information of layer of WAPI protocol massages; Information to the LLC layer of WAPI protocol massages is resolved, and obtains the ethernet type field of WAPI protocol massages;
Step 205, according to the ethernet type field, promptly packet type judges whether it is that WAI divides into groups;
There are two kinds because divide into groups, are respectively WAI grouping and W PI and divide into groups, handle if WAI divides into groups just to proceed protocal analysis.
Step 206 if WAI divides into groups, is resolved WAI packets headers information through WAIHeaderResolve, obtains WAI protocol packet type; Packet type comprises: access discriminating activation grouping, access discrimination request grouping, access authentication response packet, unicast key agreement request grouping, unicast key agreement respond packet, unicast key agreement affirmation grouping, multicast key notification grouping, multicast key respond packet
Step 207 is called the program of respective packets type this grouping is resolved;
Because every kind of grouping all comprises a lot of fields; And different packets the form of part field is also arranged is the same, so a sub-module is called in these dissimilar groupings jointly---protocol fields analyzing sub-module (FieldResolve) comes each field is resolved;
Figure 16 is the structure chart of the protocol fields analyzing sub-module of WAPI protocal analysis method of the present invention, and various field was resolved during the protocol fields analyzing sub-module was divided into groups to WAI, comprised WAI Flag field, certificate field, identity field, allocation index field etc.The form of most of field all is independent of each other, so its analysis program also all is independently of one another, has only the minority field to have nest relation, comprised certificate field such as the certificate verification result field, so also there is call relation in its analysis program.
Step 208 is obtained the value of each field in the WAPI protocol massages that WAI divides into groups; The value of each field judges whether the WAPI agreement flow process in the WAPI protocol massages of WAI grouping is complete, judges whether the value of the critical field in the said WAPI protocol massages is correct in the WAPI protocol massages that divides into groups according to WAI; The mark analysis result judges whether test event is qualified, generates the report of WAPI protocal analysis at last.Specifically comprise the concrete analysis result of WAPI agreement, to the analysis of analysis result and the said content of message of being resolved.
Through after above-mentioned steps the WAPI message is resolved, the result who resolve is generated report; Also to analyze simultaneously, judge whether the conformance with standard requirement analysis result.Last report should comprise each content of message after resolving, and comprises test result again, if defectively also need provide defective reason, so that analyze.
Figure 17 is the structure chart of the report generation module of WAPI protocal analysis method of the present invention, as shown in the figure, IReport is an interface class, has defined interface function that report externally provides etc.According to the difference of report file form, derived from two report generation classes that class: TxtReport is a text formatting, DocReport is that the report of Microsoft Word form generates class.
Graphical user interface module (GUI) completion is mutual with the user's, and the user selects tested project, report file name and form are set through this module, and starts whole test process.This module is called three above-mentioned modules and is accomplished whole test on the backstage.Figure 18 is for the mutual signaling diagram of WAPI protocal analysis method graphical user interface module of the present invention, and is as shown in the figure, specifically comprises the steps:
Step 301, GUI read (Read) message tabulation (Packetlist) from protocol data read module (DataTeader);
Step 302, GUI resolves (DoResolve) from protocol data parsing module (PacketResolve) to each message, and obtains the content of each field (Fields) after the parsing;
Step 303, GUI calls report generation module (Report) and generates (Write) test report.
WLAN authentication and privacy infrastructure WAPI protocol analysis system of the present invention specifically comprises: receiving element is used to receive the WAPI protocol massages; Resolution unit is used for the WAPI protocol massages is resolved, and obtains the grouping information of WAPI protocol massages; Judging unit is used for judging according to the grouping information of WAPI protocol massages whether the WAPI protocol massages is the WAPI protocol massages that WAI divides into groups; Acquiring unit is used for obtaining the value of each field of WAPI protocol massages that WAI divides into groups; Analytic unit, the value of each field of WAPI protocol massages that is used for dividing into groups according to WAI judge whether the WAPI agreement flow process in the WAPI protocol massages of WAI grouping is complete.
WAPI protocal analysis method and system of the present invention provides a kind of reliable WAPI protocol testing method, can satisfy the test request of GB GB15629.11 for the protocol conformance of WLAN devices.This system is easy to use; Upgrading is flexible, and measuring accuracy is accurate, also can in test process, follow the tracks of the flow process of agreement simultaneously; Problem to occurring is effectively located; Guarantee the interoperability and the consistency of product between each manufacturer, promote the quality of WAPI product, for WAPI product protocol test provides good platform.The test specification of this WAPI protocol tester comprises: the product of WLAN devices, integrated or embedded WLAN devices and provide WLAN to differentiate or the software product of function of keeping secret independently.
The professional should further recognize; The unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein; Can realize with electronic hardware, computer software or the combination of the two; For the interchangeability of hardware and software clearly is described, the composition and the step of each example described prevailingly according to function in above-mentioned explanation.These functions still are that software mode is carried out with hardware actually, depend on the application-specific and the design constraint of technical scheme.The professional and technical personnel can use distinct methods to realize described function to each certain applications, but this realization should not thought and exceeds scope of the present invention.
The software module that the method for describing in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to carry out, perhaps the combination of the two is implemented.Software module can place the storage medium of any other form known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or the technical field.
Above-described embodiment; The object of the invention, technical scheme and beneficial effect have been carried out further explain, and institute it should be understood that the above is merely embodiment of the present invention; And be not used in qualification protection scope of the present invention; All within spirit of the present invention and principle, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (23)

1. WLAN authentication and privacy infrastructure WAPI protocal analysis method is characterized in that said method comprises:
Receive the WAPI protocol massages;
Information to the MAC layer frame head of said WAPI protocol massages is resolved, and obtains the information of the logic link control LLC layer of said WAPI protocol massages; Information to the logical link control layer of said WAPI protocol massages is resolved, and obtains the ethernet type field of said WAPI protocol massages;
Judge the WAPI protocol massages whether said WAPI protocol massages divides into groups for wireless local area network authentication infrastructure WAI according to the ethernet type field of said WAPI protocol massages;
Then obtain the value of each field in the WAPI protocol massages that said WAI divides into groups in this way;
The value of each field judges whether the WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is complete in the WAPI protocol massages that divides into groups according to said WAI.
2. WAPI protocal analysis method according to claim 1 is characterized in that, said method also comprised before receiving the WAPI protocol massages: read WAPI protocol data bag, filter false and the preceding WAPI protocol data bag of re-transmission extract the WAPI protocol massages.
3. WAPI protocal analysis method according to claim 2 is characterized in that said method also comprises: for the processing of recombinating of the message of the burst in the said WAPI protocol data bag.
4. WAPI protocal analysis method according to claim 2 is characterized in that, said method also comprised before reading WAPI protocol data bag: grasp and print said WAPI protocol data bag.
5. WAPI protocal analysis method according to claim 4 is characterized in that, the said WAPI protocol data of said printing bag specifically comprises:
In the header file of said WAPI protocol data bag, define type of message;
In message maps is grand, add message maps;
In the C++ file,, add message processing function according to message maps;
Said WAPI protocol data bag is printed in the window,, print the content of packet according to data packet addressed in the message and length.
6. WAPI protocal analysis method according to claim 1 is characterized in that, the said value of obtaining each field in the WAPI protocol massages that said WAI divides into groups also comprises: each field in the WAPI protocol massages that said WAI is divided into groups is analyzed.
7. WAPI protocal analysis method according to claim 6 is characterized in that, also comprises before the analyzing of each field in the said WAPI protocol massages that said WAI is divided into groups: resolve the header that WAI divides into groups, obtain WAI protocol packet type.
8. WAPI protocal analysis method according to claim 7; It is characterized in that said WAI protocol packet type specifically comprises: access discriminating activation grouping, access discrimination request grouping, access authentication response packet, unicast key agreement request grouping, unicast key agreement respond packet, unicast key agreement affirmation grouping, multicast key notification grouping and multicast key respond packet.
9. WAPI protocal analysis method according to claim 1 is characterized in that, said each field specifically comprises: WAI Flag field, certificate field, identity field and allocation index field.
10. WAPI protocal analysis method according to claim 1; It is characterized in that the value of each field is judged that WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is whether complete and also comprised in the said WAPI protocol massages that divides into groups according to said WAI: the value of each field judges whether the value of the critical field in the said WAPI protocol massages is correct in the WAPI protocol massages that divides into groups according to said WAI.
11. WAPI protocal analysis method according to claim 10 is characterized in that said method also comprises: the mark analysis result, judge whether test event is qualified.
12. WAPI protocal analysis method according to claim 1 is characterized in that said method also comprises: generate the report of WAPI protocal analysis; Said analysis report specifically comprises the concrete analysis result of WAPI agreement, to the analysis of analysis result and the said content of message of being resolved.
13. a WLAN authentication and privacy infrastructure WAPI protocol analysis system is characterized in that said system comprises:
Receiving element is used to receive the WAPI protocol massages;
Resolution unit is used for the information of the MAC layer frame head of said WAPI protocol massages is resolved, and obtains the information of the logic link control LLC layer of said WAPI protocol massages; Information to the logical link control layer of said WAPI protocol massages is resolved, and obtains the ethernet type field of said WAPI protocol massages;
Judging unit is used for judging the WAPI protocol massages whether said WAPI protocol massages divides into groups for wireless local area network authentication infrastructure WAI according to the ethernet type field of said WAPI protocol massages;
Acquiring unit is used for obtaining the value of each field of WAPI protocol massages that said WAI divides into groups;
Analytic unit, the value of each field of WAPI protocol massages that is used for dividing into groups according to said WAI judge whether the WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is complete.
14. a WLAN authentication and privacy infrastructure WAPI protocol analysis system is characterized in that said system comprises:
The signal deriving means is used to obtain the wireless signal that comprises WAPI protocol data bag;
Extraction element is used for extracting the WAPI protocol massages from said WAPI protocol data bag;
Receiving system is used to receive the WAPI protocol massages;
Resolver is used for the information of the MAC layer frame head of said WAPI protocol massages is resolved, and obtains the information of the logic link control LLC layer of said WAPI protocol massages; Information to the logical link control layer of said WAPI protocol massages is resolved, and obtains the ethernet type field of said WAPI protocol massages;
Judgment means is used for judging the WAPI protocol massages whether said WAPI protocol massages divides into groups for wireless local area network authentication infrastructure WAI according to the ethernet type field of said WAPI protocol massages;
The message field (MFLD) deriving means is used for obtaining the value of each field of WAPI protocol massages that said WAI divides into groups;
Analytical equipment, the value of each field of WAPI protocol massages that is used for dividing into groups according to said WAI judge whether the WAPI agreement flow process in the WAPI protocol massages that said WAI divides into groups is complete.
15. WAPI protocol analysis system according to claim 14 is characterized in that, said signal deriving means comprises:
Antenna, be used to send receive comprise WAPI protocol data bag wireless signal;
RF switch is used for receiving and transmitting said wireless signal;
Low noise amplifier is used for said wireless signal is carried out sending after the low noise processing and amplifying;
Wireless transceiver is used for the wireless signal that carries out after the low noise processing and amplifying is sent to said extraction element.
16. WAPI protocol analysis system according to claim 15 is characterized in that, said signal deriving means also comprises: power amplifier is used for the wireless signal that said wireless transceiver sends is carried out processing and amplifying.
17. WAPI protocol analysis system according to claim 16 is characterized in that, said signal deriving means also comprises:
Power supervisor is used for to said wireless transceiver and the power supply of said power amplifier.
18. WAPI protocol analysis system according to claim 15 is characterized in that, said signal deriving means also comprises: USB interface, said signal deriving means is connected with said extraction element through USB interface.
19. WAPI protocol analysis system according to claim 15 is characterized in that, said signal deriving means also comprises: the Dongle circuit is used to provide software copyright protection.
20. WAPI protocol analysis system according to claim 15 is characterized in that, said wireless transceiver comprises: radiofrequency launcher, radio frequency receiver, BBP, MAC controller, A-D converter and USB controller.
21. WAPI protocol analysis system according to claim 16 is characterized in that, said power amplifier comprises: power microwave unit, bandpass filtering unit and low-pass filter unit.
22. WAPI protocol analysis system according to claim 21 is characterized in that, said power amplifier also comprises: gain control unit, power supply circuits, ∏ type matching unit, power detecting unit and temperature detecting unit.
23. WAPI protocol analysis system according to claim 15 is characterized in that, said antenna is a built-in aerial.
CN 201010109598 2010-02-09 2010-02-09 Method and system for analyzing WLAN authentication and privacy infrastructure protocol Expired - Fee Related CN101795463B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010109598 CN101795463B (en) 2010-02-09 2010-02-09 Method and system for analyzing WLAN authentication and privacy infrastructure protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010109598 CN101795463B (en) 2010-02-09 2010-02-09 Method and system for analyzing WLAN authentication and privacy infrastructure protocol

Publications (2)

Publication Number Publication Date
CN101795463A CN101795463A (en) 2010-08-04
CN101795463B true CN101795463B (en) 2012-10-31

Family

ID=42587837

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010109598 Expired - Fee Related CN101795463B (en) 2010-02-09 2010-02-09 Method and system for analyzing WLAN authentication and privacy infrastructure protocol

Country Status (1)

Country Link
CN (1) CN101795463B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102083227A (en) * 2010-11-17 2011-06-01 广州杰赛科技股份有限公司 Wireless access device and method
US9054937B2 (en) 2011-04-29 2015-06-09 Fairchild Semiconductor Corporation Envelope extraction with reduced bandwidth for power modulation
US20130241660A1 (en) * 2011-09-08 2013-09-19 Fairchild Semiconductor Corporation Buck Up Power Converter
CN103888941B (en) * 2012-12-20 2018-03-06 新华三技术有限公司 The method and device that a kind of wireless network keys are consulted
CN103220012A (en) * 2013-05-08 2013-07-24 四川省艾普网络股份有限公司 WIFI (Wireless Fidelity) module
CN104574528B (en) * 2013-11-26 2017-03-08 深圳市金溢科技股份有限公司 A kind of wake-up receiving circuit and board units
CN107940523A (en) * 2017-11-06 2018-04-20 广东美的厨房电器制造有限公司 Range hood
CN108092655A (en) * 2017-11-25 2018-05-29 海宁海微电子科技有限公司 A kind of radio-frequency power single-pole double-throw switch circuit

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1671136A (en) * 2004-03-16 2005-09-21 神州亿品科技(北京)有限公司 A method for expanding WLAN authentication protocol
US7593716B2 (en) * 2003-02-28 2009-09-22 Siemens Aktiengesellschaft Method for transmitting data in a WLAN network
CN101610515A (en) * 2009-07-22 2009-12-23 中兴通讯股份有限公司 A kind of Verification System and method based on WAPI

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7593716B2 (en) * 2003-02-28 2009-09-22 Siemens Aktiengesellschaft Method for transmitting data in a WLAN network
CN1671136A (en) * 2004-03-16 2005-09-21 神州亿品科技(北京)有限公司 A method for expanding WLAN authentication protocol
CN101610515A (en) * 2009-07-22 2009-12-23 中兴通讯股份有限公司 A kind of Verification System and method based on WAPI

Also Published As

Publication number Publication date
CN101795463A (en) 2010-08-04

Similar Documents

Publication Publication Date Title
CN101795463B (en) Method and system for analyzing WLAN authentication and privacy infrastructure protocol
US9986428B2 (en) Security management in M2M area network
US8755739B2 (en) System capability discovery for software defined radio
US9019944B2 (en) Diagnosing and resolving wireless network malfunctions
EP3353658B1 (en) Sensor lifecycle management system
US7652634B2 (en) Antenna with integrated parameter storage
KR20160084463A (en) Methods and systems for enabling communication with a receiver device in a network
US20130137380A1 (en) Method and system for testing a wireless network device
US7830917B2 (en) Radio integrated circuit sending acknowledgement data based on judgement of frame pending
US20180184363A1 (en) Auto-discovery of amenities
Yaseen et al. Marc: A novel framework for detecting mitm attacks in ehealthcare ble systems
CN106657154A (en) Wireless access method and system, WiFi platform and operator number taking platform
CN104469835A (en) WLAN AP user capacity testing system and method
CN206432996U (en) Radio-frequency performance of wireless terminal test system
CN111314921A (en) Test system, method, device and storage medium based on wireless communication
Muller et al. A real-world dataset generator for specific emitter identification
CN113039824B (en) Connection and service discovery for fine ranging applications
CN201608739U (en) Wireless local area network identification and security infrastructure protocol analyzer
CN100496052C (en) Method and system for testing safety access protocol conformity of network terminal
KR101625437B1 (en) Method and System for analyzing wireless device using unlicensed wireless signal detection standard
Ditton et al. A proof of concept denial of service attack against bluetooth iot devices
CN102546038A (en) Method for testing wireless fidelity (WIFI) signals
WO2020214296A1 (en) System and method for control policy retention
JP2020057916A (en) Wireless network system and wireless network monitoring method
US11772273B1 (en) Mobile robot for monitoring network and operation method for same

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20121031

Termination date: 20160209

CF01 Termination of patent right due to non-payment of annual fee