Wireshark-bugs: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_C

Date: Tue, 03 Dec 2013 17:39:43 +0000

Comment # 8 on bug 9499 from
Created attachment 12216 [details]
AES256_CCM_8 and AES256_CBC_SHA capture (dump.pcapng.gz)

(In reply to comment #7)
> (In reply to comment #6)
> [..]
> > https://git.lekensteyn.nl/peter/wireshark-notes/tree/generate-wireshark-cs
> 
> Nice script I will have a look at it. I did the changes manually, is there
> some documentation I am missing which references this script?

It is mentioned at http://wiki.wireshark.org/SSL (Testing SSL / adding new
cipher suites). Example usage (using suites.txt in the same repo):

    grep -vE 'SRP|ARIA|PSK|KRB' suites.txt | ./generate-wireshark-cs

I noticed that CCM does not have a HMAC included, is that correct?

Attached is a capture generated with CyaSSL (patched to output the pre-master
secret). (See
https://git.lekensteyn.nl/peter/wireshark-notes/commit/?id=befe0f77dd2246e437e61cefb861bf9a6d4ff82b
for the patch and instruction to generate your own capture).

The AES-CCM-8 cipher suite does not get decrypted properly (the nonce is likely
invalid) while the AES256_CBC_SHA one is fine (to rule out mistakes in the
cyassl patch). Premaster is following in the next attachment.


You are receiving this mail because:
  • You are watching all bug changes.