Wireshark · Wireshark-commits: [Wireshark-commits] rev 33135: /trunk-1.2/ /trunk-1.2/epan/dissectors/: packet-ipsec.c /trunk-1.2/do

Wireshark-commits: [Wireshark-commits] rev 33135: /trunk-1.2/ /trunk-1.2/epan/dissectors/: packet-i

Date: Mon, 07 Jun 2010 16:20:07 GMT

http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=33135

User: gerald
Date: 2010/06/07 09:20 AM

Log:
 Apply patch from bug 4838:
 
 Decoding IPsec (ESP) using AES-CTR fails.
 
 When specifying SA keys for AES-CTR, wireshark expects a key length of 160, 224
 or 288 bits, (i.e. 128, 192 or 256 bits, followed by the 32 bit nonce value),
 but gcry_cipher_setkey() in packet_ipsec.c fails, as it expects 128, 192 or 256
 bits.
 
 Omitting the nonce won't work -- even if wireshark liked those key lengths,
 gcrypt wouldn't be able to decrypt without it.
 
 Looking at gcrypt.h, I'm guessing what's missing may be a call to
 gcry_cipher_setctr()? Once gcrypt has the nonce, the key len could be
 decremented by 4, (32 bits), for the call to gcry_cipher_setkey() and things
 should work from there.
 
 
 Update the release notes.

Directory: /trunk-1.2/epan/dissectors/
  Changes    Path              Action
  +31 -5     packet-ipsec.c    Modified

Directory: /trunk-1.2/docbook/
  Changes    Path                 Action
  +3 -3      release-notes.xml    Modified

Prev by Date: [Wireshark-commits] rev 33134: /trunk-1.2/ /trunk-1.2/docbook/: release-notes.xml /trunk-1.2/epan/: sigcomp-udvm.c
Next by Date: [Wireshark-commits] rev 33136: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-bittorrent.c packet-dtpt.c packet-quake.c
Previous by thread: [Wireshark-commits] rev 33134: /trunk-1.2/ /trunk-1.2/docbook/: release-notes.xml /trunk-1.2/epan/: sigcomp-udvm.c
Next by thread: [Wireshark-commits] rev 33136: /trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-bittorrent.c packet-dtpt.c packet-quake.c
Index(es):
- Date
- Thread