Wireshark-dev: [Wireshark-dev] IKEv2/ESP decryption preference inconsistency
From: Michael Lum <[email protected]>
Date: Thu, 11 Apr 2019 16:35:01 -0700
we just started trying to decrypt IKE/ESP packages and have it working successfully but
found that the preference settings appear to be inconsistent.
The IKE decryption table parameters in ISAKMP for SPI and keys require that you NOT put
0x in front of hex values.  (It is nice that the help indicates that requirement.)
In the ESP SAs table the SPI and keys REQUIRE 0x in front of hex values.
(Unfortunately there is no help for that table.)
Is there a design reason for this or just two different implementors?
(Yes, I'm implying it should be consistent if there is no design reason.)
Thanks for all your hard work.
Michael Lum ([email protected]) | STAR SOLUTIONS | Principal Software Engineer
4600 Jacombs Road, Richmond BC, Canada V6V 3B1 | +1.604.303.2315