Having looked a little at the code in ssldump, I think the best approach is
to use primitive crypto functions from a crypto library. At first glance it
looks like gnutls doesn't provide all the primitives functions that openssl
does, although Paola's code seem to be adapted to replace openssl with
gnutls.
Also, gnutls doesn't seem to support sslV2, which isn't a big deal, imho.
The trick seems, from trying 2 tools in this space, is to properly identify
the SSL/TLS records, then apply the correct crypto-primitive, and use the
result(s) in conjunction with other records and the SSL/TLS protocol.
An awful lot of SSL/TLS protocol handling will need to be re-implemeted in
this dissector to do an accurate job, I believe.
But, it will be worth it.
All SSL/TLS security depends on the storage security of the private keys -
having this tool won't alter SSL/TLS security at all.
Lyal
-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of Joerg Mayer
Sent: Monday, 27 June 2005 7:51 AM
To: Ethereal development
Subject: Re: [Ethereal-dev] Re: SSL Dissector - thoughts
On Sun, Jun 26, 2005 at 11:41:15AM +0200, Tomáš Kukosa wrote:
> I vote for GNU TLS too.
>
> I would not reimplement SSL in the Ethereal again and I do not know
> any other library which we could use.
Maybe libtomcrypt? It can be found at: http://libtomcrypt.org/ The
featurelist is at: http://libtomcrypt.org/features.html
Ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev