Guy Harris wrote:
crypto. If that can be done in a different fashion, as per my
earlier suggestion, that code shouldn't even exist.
I implemented your suggestion over the weekend and tested it today on
multiple platforms. It has less monkeying around with the packet memory
at the expense of more monkeying around within the ASN.1 portion.
Thanks for the help! I've resubmitted the patch and attached it to
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5531
The code that actually does the crypto is in dissect_epsem(), which
should only be called after all the header fields have been
dissected.
I'm still unclear as to when that is or how one can tell. The function
in question was sometimes called with a pointer to the whole unparsed
packet, and sometimes with a pointer to the parsed User-information
section. I still don't know why.
I've also added doxygen-style documentation on most of the functions in
the C12.22 dissector I created. I'd like to continue adding to the
doxygen support as well, since it could be a very valuable tool with the
proper care and feeding.
Ed