Wireshark · Wireshark-dev: [Wireshark-dev] Are AEAD cyphers accepted for IKEv2 decryption table?

Wireshark-dev: [Wireshark-dev] Are AEAD cyphers accepted for IKEv2 decryption table?

From: Codrut Grosu <cgrosu@xxxxxxxxxxx>

Date: Tue, 2 Aug 2016 07:51:47 +0000

Hi,

I'm working at a strongSwan plugin that will generate a IKEv2 decryption table for wireshark.

In IKEv2 decryption table(wireshark) at encryption algorithm field there are only the following algorithms: "3DES[RFC2451]", "AES-CBC-128[RFC3602]", "AES-CBC-192[RFC3602]", "AES-CBC-256[RFC3602]" and "NULL[RFC2410]".

But strongSwan accepts AEAD cyphers like: AES_CCM_ICV8, AES_CCM_ICV12, AES_CCM_ICV16, AES_GCM_ICV8, AES_GCM_ICV12, AES_GCM_ICV16, NULL_AUTH_AES_GMAC, CAMELLIA_CCM_ICV8, CAMELLIA_CCM_ICV12, CAMELLIA_CCM_ICV16 and CHACHA20_POLY1305.

So, wireshark can decrypt packets that are encrypted with AEAD cyphers?

Thanks, Codrut

Follow-Ups:
- Re: [Wireshark-dev] Are AEAD cyphers accepted for IKEv2 decryption table?
  - From: Peter Wu

Prev by Date: Re: [Wireshark-dev] extcap.c does not build on SUSE 11.3. g_spawn_check_exit_status requires glib 2.34
Next by Date: [Wireshark-dev] question about tshark output
Previous by thread: Re: [Wireshark-dev] make dist fails if built without Qt
Next by thread: Re: [Wireshark-dev] Are AEAD cyphers accepted for IKEv2 decryption table?
Index(es):
- Date
- Thread