Wireshark-dev: Re: [Wireshark-dev] IPsec Dissector to decrypt ESP Payload
From: Frédéric Roudaut <roudaut.frederic@xxxxxxx>
Date: Tue, 01 Aug 2006 12:19:03 +0200
Hi, sorry for my late answer. You're right for the key. To enter binary keys you need to modify the dissector. It should easy to adapt. If needed, I could easily add this but however not before the beginning of september. Sorry for that. best regards, -- Frederic Roudaut Filonenko Alexander-AAF013 a écrit : Frederic, I am using ESP decryption features of your dissector and it is very useful. I have one question though. How can I use arbitrary (non-ASCII) encryption key with preferences available for ESP? Is the key limited to ASCII characters only? Thank you, Alex -----Original Message----- From: Filonenko Alexander-AAF013 Sent: Friday, February 24, 2006 4:43 PM To: 'Ethereal development' Subject: RE: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload Frederic, I find IPsec functionality you have added to the dissector very useful. Hope I can provide you with some feedback in a few weeks. Thank you, Alex Filonenko-----Original Message----- From: ethereal-dev-bounces@xxxxxxxxxxxx [mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of Frederic Roudaut Sent: Friday, February 24, 2006 10:01 AM To: Ethereal development Subject: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload Hi, finally, I have updated my dissector using libgcrypt. It does not use openssl anymore. If gnutls is installed, all should work. Thus, now it should decrypt and dissect (transport/tunnel/several encapsulations ...) : - NULL Encryption Algorithm - TripleDES-CBC [RFC2451] : keylen 192 bits. - AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256 bits. - AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining 32 bits will be used as nonce. - DES-CBC [RFC2405] : keylen 64 bits I also have added : - BLOWFISH-CBC : keylen 128 bits. - TWOFISH-CBC : keylen 128/256 bits. You have to indicate the Authentication algorithm even if all Algorithms since it uses 12 bytes in the Auth field should work (have a look to the README to understand why I put it ;-) ). If you consider I have to throw it away please tell me. HMAC-SHA1-96 [RFC2404] NULL AES-XCBC-MAC-96 [RFC3566] HMAC-MD5-96 [RFC2403] In the attachment you will get : - this dissector - a new README - some example capture files with associated preferences files (and setkey config files) Best Regards, ---- Frederic -- Frédéric ROUDAUT IRISA-INRIA, Campus de Beaulieu, 35042 Rennes cedex, France Tl: +33 (0) 2 99 84 71 44, Fax: +33 (0) 2 99 84 71 71_______________________________________________ Ethereal-dev mailing list Ethereal-dev@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-dev |
- Follow-Ups:
- Re: [Wireshark-dev] IPsec Dissector to decrypt ESP Payload
- From: Filonenko Alexander-AAF013
- Re: [Wireshark-dev] IPsec Dissector to decrypt ESP Payload
- Prev by Date: Re: [Wireshark-dev] asn2wrs blurb
- Next by Date: [Wireshark-dev] HELP! - text file in GUI
- Previous by thread: Re: [Wireshark-dev] asn2wrs blurb
- Next by thread: Re: [Wireshark-dev] IPsec Dissector to decrypt ESP Payload
- Index(es):
- Get Wireshark
- Download
- Code of Conduct