Skip to content

WiFi: add WPA3/SAE authentication frame helpers #4833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

WiFi: add WPA3/SAE authentication frame helpers #4833

wants to merge 1 commit into from
+180 −0

Conversation

Akindotcome
Copy link

Motivation
WPA3 introduces the Simultaneous Authentication of Equals (SAE) handshake for Wi-Fi. Scapy previously lacked simple builders and predicates for crafting SAE commit/confirm frames. This patch adds lightweight helpers to simplify WPA3/SAE testing and pcap crafting without implementing crypto.

Design

  • New module: scapy/modules/wifi_sae.py
    • sae_commit_frame() / sae_confirm_frame() to build SAE Authentication frames
    • Predicates: is_sae_auth(), sae_is_commit(), sae_is_confirm()
    • get_sae_payload() to extract raw SAE payload
  • Does not touch dissector hot paths, only frame construction utilities.
  • Minimal Radiotap wrapping for injection support.

Tests

  • Added test/test_wifi_sae.py and test/test_wpa3_sae.py
  • Validates frame fields, predicates, and payload extraction.
  • CI: pytest passes locally (4 tests total), and tox -e flake8 is clean.

@gpotter2
Copy link
Member

Hi & thanks a lot for the PR !

I'm not super convinced that this PR brings a lot of value. It creates functions over tasks that are very simple (stacking 1 or 2 802.11 layers) that I feel most people will not use (or know that those functions exist).

It's very cool that you are using this ! But as of right know I don't feel like this should be merged.
Thanks again for contributing !

@Akindotcome
Copy link
Author

@gpotter2
Thanks a lot for taking the time to review...

I understand your concern - the helpers indeed wrap simple 802.11 constructs, but the motivation was mainly ergonomics and discoverability.
In practice, many users who are exploring WPA3/SAE don’t know which Dot11Auth fields to set, or which seqnum values correspond to Commit vs Confirm. By having small, explicit helpers, it becomes easier to:

  • avoid mistakes in frame crafting (algo=8, seqnum=1/2)
  • write more readable tests or teaching examples
  • provide a clear entry point when someone searches “SAE” inside Scapy

That said, I totally get that you want to keep Scapy lean and avoid niche wrappers that few people might use. If you prefer, I can:

  • move these helpers under contrib/ instead of core modules,
  • or keep the tests/docs in my fork so others experimenting with WPA3 can still benefit.

Thanks again for your feedback and for maintaining this project — even if this PR doesn’t get merged, it was a great learning experience working with Scapy!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Akindotcome @gpotter2