Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_CCM

Wireshark-bugs: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_C

Date: Tue, 03 Dec 2013 17:39:43 +0000

Comment # 8 on bug 9499 from Peter Wu

Created attachment 12216 [details]
AES256_CCM_8 and AES256_CBC_SHA capture (dump.pcapng.gz)

(In reply to comment #7)
> (In reply to comment #6)
> [..]
> > https://git.lekensteyn.nl/peter/wireshark-notes/tree/generate-wireshark-cs
> 
> Nice script I will have a look at it. I did the changes manually, is there
> some documentation I am missing which references this script?

It is mentioned at http://wiki.wireshark.org/SSL (Testing SSL / adding new
cipher suites). Example usage (using suites.txt in the same repo):

    grep -vE 'SRP|ARIA|PSK|KRB' suites.txt | ./generate-wireshark-cs

I noticed that CCM does not have a HMAC included, is that correct?

Attached is a capture generated with CyaSSL (patched to output the pre-master
secret). (See
https://git.lekensteyn.nl/peter/wireshark-notes/commit/?id=befe0f77dd2246e437e61cefb861bf9a6d4ff82b
for the patch and instruction to generate your own capture).

The AES-CCM-8 cipher suite does not get decrypted properly (the nonce is likely
invalid) while the AES256_CBC_SHA one is fine (to rule out mistakes in the
cyassl patch). Premaster is following in the next attachment.

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 9499] New: DTLS: add decrypt support for TLS_PSK_WITH_AES_128_CCM_8
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 4574] iSCSI expert info system
Next by Date: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_CCM_8
Previous by thread: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_CCM_8
Next by thread: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_CCM_8
Index(es):
- Date
- Thread