https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7689
--- Comment #3 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2012-09-05 19:52:28 PDT ---
(In reply to comment #0)
> Created attachment 9050 [details]
> the attachment includes the 2 files.
>
> Build Information:
> Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
> -v", or "tshark -v".
Which version of Wireshark are you running?
> I got a ike_key.txt and a ikev2_log.pcap.
What are the encryption and integrity algorithms? I guessed at AES-CBC-128 and
HMAC_SHA1_96, respectively. After entering the 2 sets of information
(Initiator's SPI, Responder's SPI, SK_ei, SK_er, Encryption algorithm, SK_ai,
SK_ar, and Integrity algorithm) in the expected format into the IKEv2
Decryption Table for the 192.168.20.1/192.168.10.30 and
192.168.20.1/192/168.10.20 pairs, 56 packets starting at frame 431 match the
isakmp.enc.decrypted filter and seem to contain decrypted data. Were you
looking at 192.168.10.10 perhaps?
> I do as the document says input the SPI and SK ,but it still can't decode the
> messages ,can anybody tell me how to use it ,thanks!
I assume by, "the document", you mean the following wiki page?
http://www.wireshark.org/docs/wsug_html_chunked/ChIKEv2DecryptionSection.html
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
