URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=17b98fe759be92019af9b870b0f1bc00f0337972
Submitter: Anders Broman (a.broman58@xxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
17b98fe by Peter Wu (peter@xxxxxxxxxxxxx):
ssl-utils: add AEAD authentication check
Unauthenticated data should not be displayed as valid. Validate the
authentication tag, similar like how MAC checks are done for block
ciphers. This requires Libgcrypt 1.6 or newer.
Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.
Change-Id: Iee15f4ccc5bbe01a50677167fa9c50c1ffe382d3
Reviewed-on: https://code.wireshark.org/review/19853
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
Actions performed:
from 5f0edb2 ssl-utils: refactor AEAD decryption handling
adds 17b98fe ssl-utils: add AEAD authentication check
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 92 +++++++++++++++++++++++++++++++++++-
1 file changed, 91 insertions(+), 1 deletion(-)