https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3745
Summary: Support of non-96-bit ICVs for IPsec ESP
Product: Wireshark
Version: SVN
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: dahlberg@xxxxxxx
David Dahlberg <dahlberg@xxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3351| |review_for_checkin?
Flag| |
Created an attachment (id=3351)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3351)
Patch for the ESP dissector
Build Information:
Version 1.3.0-SVN-29100
--
As for now, Wireshark supports only 96-bit (or 0-bit for NULL authentication)
integrity control values (ICVs) for IPsec ESP. While the autentication field is
of variable length, this may lead to situations where the whole packet is not
parsable.
To solve this, I added generic classes (not checked) for 128, 192 and 256 bit
ICVs to the ESP dissector. I also split the HMAC-SHA-256 autentication
algorithm to HMAC-SHA-256-128 (128 bit as defined in RFC 4868) and
HMAC-SHA-256-96 (from the very first draft, nevertheless unpatched Linux and
BSDs do it this way).
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
