Bug ID: 14417
           Summary: OSCORE dissector (draft-ietf-core-object-security-07)
           Product: Wireshark
           Version: 2.5.x (Experimental)
          Hardware: x86-64
                OS: macOS 10.12
            Status: UNCONFIRMED
          Severity: Enhancement
          Priority: Low
         Component: Dissection engine (libwireshark)
  Target Milestone: ---

Created attachment 16122
A dump of aiocoap implementation of OSCORE-07, including CoAP without OSCORE,
OSCORE correct and incorrect usage.

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
OSCORE (draft-ietf-core-object-security) is a mechanism to encrypt *part* of
CoAP RFC7252 message, leaving CoAP header in the clear. Encryption is signaled
with a special CoAP option called Object-Security. The plaintext of OSCORE
contains cherrypicked CoAP fields: code, *some* CoAP options and payload. This
means that once decryption has taken place, functions specific to CoAP
dissector are needed to dissect it.

OSCORE message can also be carried with HTTP, in order to support HTTP-to-CoAP
proxies, and is signaled by the presence of a special HTTP header. For this
reason, through discussion on the dev list, it was deemed appropriate to create
a separate dissector for OSCORE, instead of complementing the CoAP dissector.

This issue aims to enhance the Wireshark dissector engine with the support for

A dump of an OSCORE-07-compliant implementation (
is attached, executing the test suite specified at: Note that
the test spec covers plain CoAP exchanges without OSCORE, correct OSCORE use
and incorrect OSCORE use. 

This dump can be used to test for CoAP regression, OSCORE dissector compliance,
as well as the OSCORE dissector error handling through incorrect usage packets.

You are receiving this mail because:
You are watching all bug changes.
Sent via:    Wireshark-bugs mailing list <>

Reply via email to