Ethereal-dev: RE: [Ethereal-dev] kerberos update, new test version for those th at are brave

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Eric Wedel <ewedel@xxxxxxxxxxx>
Date: Fri, 6 Feb 2004 12:35:23 -0800 
The new code looks very nice.
Might want to change a few "tickes" to "tickets".

Also, when it comes time to decrypt, there is a detail.
The kdc req/rep structures are used by both as* and tgs* items.
But the "usage" salt values are specific to as/tgs.  So the message type
will need to be passed into the relevant dissectors, such as
dissect_krb5_encrypted_KDC_REP().

afaik, nettle should work fine, but that still leaves an intermediate
layer to be implemented.  Take a look at the "encrypt" / "decrypt" fields
in MIT's krb5_enctypes_list[] (etypes.c).  Those are (usually) cipher and
hash-independent frameworks for applying the selected algorithms.
Something similar will need to be developed to be able to use the nettle
library for kerberos crypto.

regards, Eric

-----Original Message-----
From: Ronnie Sahlberg [mailto:ronnie_sahlberg@xxxxxxxxxxxxxx]
Sent: Friday, February 06, 2004 1:52 AM
To: ethereal-dev@xxxxxxxxxxxx
Subject: [Ethereal-dev] kerberos update, new test version for those that
are brave


this is an updated version of the combined packet-ber/packet-kerberos file
those brave enough, please test it.

all fields have filterable names.

after next release if all goes well it might be checked in.

I have looked at different crypto libs and found nettle which seems low
level enough and reasonably cross-platform.
maybe we should use nettle when we start looking at decrypting the encrupted
parts of tickets and authenticators.


comments please?   what do you think about nettle?



*********************************************************************
This e-mail and any attachment is confidential. It may only be read, copied and used by the intended recipient(s). If you are not the intended recipient(s), you may not copy, use, distribute, forward, store or disclose this e-mail or any attachment. If you are not the intended recipient(s) or have otherwise received this e-mail in error, you should destroy it and any attachment and notify the sender by reply e-mail or send a message to sysadmin@xxxxxxxxxxx
*********************************************************************