Hi, ronnie sahlberg wrote: > Nice. > Maybe uploading the example to the other examples on the wiki? > > ==> Done > I have made some very minor cosmetic changes to the dissector of yours > that anders checked in. > > Thanks > I also changed it so that the payload inside ah/esp is displayed at > the root of the tree. > (look at the screenshot at the ESP_preferences in the wiki, it is > confusing when the source/dest ip addresses in the summary line are > different from what is shown in the dissect pane (before we open any > of the expansions.)) > > I haven't done that just because it also involves that following fields : Pad, Pad Length, Next Header and Authenticator appears before the data. But you are probably right . > > On 9/7/06, Frédéric Roudaut <[EMAIL PROTECTED]> wrote: > >> Hi, >> >> as requested here is a patch in order to take into account Encryption >> and Authentication keys for ESP in hexa. >> You only have to write your key with 0x first. In this case if the key >> is not in 8-bit unit, it will be considered as starting with a "0" (4 bits). >> Excepted this case, the key should be completely written, even if it >> starts with "0x00". >> >> Nevertheless, if the box contains a key with white spaces before "0x", >> it will be taken into account. Ie if the ESP preference contains >> " 0xffffff", it will not be considered as an hexadecimal key (4 >> white spaces before 0x). I do not think it is a problem but please tell >> me if it is, I will correct this. >> >> Moreover I noticed an editorial issue in the Author files ;-). IPsec >> should be written like this and not IP-sec. >> could you please update this ? >> >> best regards, >> >> ps : in attachment, you will also get some examples for using >> Hexadecimal keys (preference and capture files, IPsec policy for setkey). >> ps2 : sorry for the off-by-one errors ;-( >> >> --- >> Frederic Roudaut >> >> >> >> Filonenko Alexander-AAF013 wrote: >> >>> Frederic, >>> >>> Thank you for the response. While adding this feature, do you plan to >>> add another checkbox in the ESP preferences so the user can switch >>> between ASCII/hex modes for encryption keys? >>> >>> Thank you, >>> Alex Filonenko >>> >>> >>> >>> ------------------------------------------------------------------------ >>> *From:* Frédéric Roudaut [mailto:[EMAIL PROTECTED] >>> *Sent:* Tuesday, August 01, 2006 5:19 AM >>> *To:* Filonenko Alexander-AAF013 >>> *Cc:* Ethereal development; Developer support list for Wireshark >>> *Subject:* Re: IPsec Dissector to decrypt ESP Payload >>> >>> Hi, >>> >>> sorry for my late answer. You're right for the key. To enter binary >>> keys you need to modify the dissector. It should easy to adapt. If >>> needed, I could easily add this but however not before the beginning >>> of september. >>> Sorry for that. >>> >>> best regards, >>> >>> -- >>> Frederic Roudaut >>> >>> >>> Filonenko Alexander-AAF013 a écrit : >>> >>>> Frederic, >>>> >>>> I am using ESP decryption features of your dissector and it is very >>>> >> useful. >> >>>> I have one question though. How can I use arbitrary (non-ASCII) >>>> >> encryption key with preferences available for ESP? Is the key limited to >> ASCII characters only? >> >>>> Thank you, >>>> Alex >>>> >>>> -----Original Message----- >>>> From: Filonenko Alexander-AAF013 >>>> Sent: Friday, February 24, 2006 4:43 PM >>>> To: 'Ethereal development' >>>> Subject: RE: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload >>>> >>>> Frederic, >>>> >>>> I find IPsec functionality you have added to the dissector very useful. >>>> Hope I can provide you with some feedback in a few weeks. >>>> >>>> Thank you, >>>> Alex Filonenko >>>> >>>> >>>> >>>>> -----Original Message----- >>>>> From: [EMAIL PROTECTED] >>>>> [mailto:[EMAIL PROTECTED] On Behalf Of Frederic >>>>> Roudaut >>>>> Sent: Friday, February 24, 2006 10:01 AM >>>>> To: Ethereal development >>>>> Subject: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload >>>>> >>>>> >>>>> Hi, >>>>> >>>>> finally, I have updated my dissector using libgcrypt. >>>>> It does not use openssl anymore. >>>>> If gnutls is installed, all should work. >>>>> Thus, now it should decrypt and dissect (transport/tunnel/several >>>>> encapsulations ...) : >>>>> >>>>> - NULL Encryption Algorithm >>>>> - TripleDES-CBC [RFC2451] : keylen 192 bits. >>>>> - AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256 bits. >>>>> - AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining >>>>> 32 bits will be used as nonce. >>>>> - DES-CBC [RFC2405] : keylen 64 bits >>>>> >>>>> I also have added : >>>>> >>>>> - BLOWFISH-CBC : keylen 128 bits. >>>>> - TWOFISH-CBC : keylen 128/256 bits. >>>>> >>>>> You have to indicate the Authentication algorithm even if all >>>>> Algorithms since it uses 12 bytes in the Auth field should work (have >>>>> a look to the README to understand why I put it >>>>> ;-) ). If you consider I have to throw it away please tell me. >>>>> >>>>> HMAC-SHA1-96 [RFC2404] >>>>> NULL >>>>> AES-XCBC-MAC-96 [RFC3566] >>>>> HMAC-MD5-96 [RFC2403] >>>>> >>>>> In the attachment you will get : >>>>> - this dissector >>>>> - a new README >>>>> - some example capture files with associated preferences files (and >>>>> setkey config files) >>>>> >>>>> >>>>> Best Regards, >>>>> >>>>> >>>>> ---- >>>>> Frederic >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Frédéric ROUDAUT >>>>> IRISA-INRIA, Campus de Beaulieu, 35042 Rennes cedex, France >>>>> Tl: +33 (0) 2 99 84 71 44, Fax: +33 (0) 2 99 84 71 71 >>>>> >>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> Ethereal-dev mailing list >>>> [email protected] >>>> http://www.ethereal.com/mailman/listinfo/ethereal-dev >>>> >>>> >>>> >>>> >> >> >> > _______________________________________________ > Wireshark-dev mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > >
_______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
