Wireshark · Ethereal-dev: SV: [Ethereal-dev] IPsec ESP Authentication checking

Ethereal-dev: SV: [Ethereal-dev] IPsec ESP Authentication checking

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Anders Broman" <a.broman@xxxxxxxxx>

Date: Fri, 14 Apr 2006 09:48:05 +0200

Checked in.
Brg
Anders

-----Ursprungligt meddelande-----
Från: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] För Frederic Roudaut
Skickat: den 7 april 2006 15:08
Till: Ethereal development
Ämne: [Ethereal-dev] IPsec ESP Authentication checking



Hi all,

I updated my previous patch of ESP :

* It now check authentication for (similar to the ICMP checksum):

- NULL Authentication
- HMAC-SHA1-96 [RFC2404]
- HMAC-SHA256
- HMAC-MD5-96 [RFC2403] (2)

I put aside AES-XCBC-MAC-96 [RFC3566] because I did not succeed to have 
a working implementation.
I added a field for any authenticator of 12bytes length (without 
authentication process)

* I also correct the printing of this authenticator field which was 
decrypted :-[ .


Thus, with this patch  if libgcrypt is linked withe ethereal you should 
have the availability to :
- decrypt packets
- check authentication
 at the same time or not.
If noone of these options are set (or libgcrypt is not available) you 
also may use the previous heuristic.

I hope it will be helpful,

ps: in attachment, you'll get the patch, the previous README I wrote and 
that I have updated, some capture examples.

Best Regards,

----
Frédéric Roudaut

References:
- [Ethereal-dev] IPsec ESP Authentication checking
  - From: Frederic Roudaut

Prev by Date: [Ethereal-dev] Any "standard" file extension for gzipped pcap files?
Next by Date: Re: [Ethereal-dev] Any "standard" file extension for gzipped pcap files?
Previous by thread: [Ethereal-dev] IPsec ESP Authentication checking
Next by thread: [Ethereal-dev] compile a plugin to a shared library
Index(es):
- Date
- Thread