diff options
| author | Erik de Jong <erikdejong@gmail.com> | 2017-02-13 19:31:26 +0100 |
|---|---|---|
| committer | Peter Wu <peter@lekensteyn.nl> | 2017-03-02 23:58:05 +0000 |
| commit | f1c75cf6ef7e9f9de1ec7fd798df941b972ec71c (patch) | |
| tree | 7d7c2f66bf7595e010026d6f4d3b3a53175af824 /epan/crypt/airpdcap_rijndael.c | |
| parent | 4bd3c4d44ddcdf8e98fdf08a425e3a68e9b18395 (diff) | |
Rewrite dissectors to use Libgcrypt functions.
As discussed on the mailinglist, rewriting dissectors to use Libgcrypt
functions as Libgcrypt will be mandatory after change 20030.
Removal of following functions:
- crypt_md4
- crypt_rc4*
- aes_cmac_encrypt_*
- md5_*
- sha1_*
- sha256_*
Further candidates:
- aes_*
- rijndael_*
- ...
Added functions:
- ws_hmac_buffer
Added const macros:
- HASH_MD5_LENGTH
- HASH_SHA1_LENGTH
Changes on epan/crypt/* verified with captures from
https://wiki.wireshark.org/HowToDecrypt802.11
Changes on packet-snmp.c and packet-radius.c verified with captures from
https://wiki.wireshark.org/SampleCapture
Changes on packet-tacacs.c verified with capture from
http://ccie-in-3-months.blogspot.nl/2009/04/decoding-login-credentials-regardless.html
Change-Id: Iea6ba2bf207cf0f1bf2117068fb1abcfeaafaa46
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/crypt/airpdcap_rijndael.c')
| -rw-r--r-- | epan/crypt/airpdcap_rijndael.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/epan/crypt/airpdcap_rijndael.c b/epan/crypt/airpdcap_rijndael.c index c7782c3f9e..e5f1f93b4b 100644 --- a/epan/crypt/airpdcap_rijndael.c +++ b/epan/crypt/airpdcap_rijndael.c @@ -23,12 +23,12 @@ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +#include "config.h" #include "airpdcap_rijndael.h" -#include "airpdcap_debug.h" +#include "airpdcap_debug.h" #include <glib.h> -#include <wsutil/aes.h> +#include <wsutil/wsgcrypt.h> /* Based on RFC 3394 and NIST AES Key Wrap Specification pseudo-code. @@ -42,7 +42,7 @@ AES_unwrap(UCHAR *kek, UINT16 key_len, UCHAR *cipher_text, UINT16 cipher_len) UCHAR a[8], b[16]; UCHAR *r; gint16 i, j, n; - rijndael_ctx ctx; + gcry_cipher_hd_t rijndael_handle; if (kek == NULL || cipher_len < 16 || cipher_text == NULL) { return NULL; /* "should not happen" */ @@ -61,6 +61,13 @@ AES_unwrap(UCHAR *kek, UINT16 key_len, UCHAR *cipher_text, UINT16 cipher_len) /* Compute intermediate values */ + if (gcry_cipher_open(&rijndael_handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB, 0)) { + return output; + } + if (gcry_cipher_setkey(rijndael_handle, kek, key_len)) { + gcry_cipher_close(rijndael_handle); + return output; + } for (j=5; j >= 0; --j){ r = output + (n - 1) * 8; /* DEBUG_DUMP("r1", (r-8), 8); */ @@ -72,14 +79,14 @@ AES_unwrap(UCHAR *kek, UINT16 key_len, UCHAR *cipher_text, UINT16 cipher_len) b[7] ^= t; /* DEBUG_DUMP("a plus t", b, 8); */ memcpy(b+8, r, 8); - rijndael_set_key(&ctx, kek, key_len*8 /*bits*/); - rijndael_decrypt(&ctx, b, b); /* NOTE: we are using the same src and dst buffer. It's ok. */ + gcry_cipher_decrypt(rijndael_handle, b, 16, NULL, 0); /* DEBUG_DUMP("aes decrypt", b, 16) */ memcpy(a,b,8); memcpy(r, b+8, 8); r -= 8; } } + gcry_cipher_close(rijndael_handle); /* DEBUG_DUMP("a", a, 8); */ /* DEBUG_DUMP("output", output, cipher_len - 8); */ |