diff options
author | Peter Wu <peter@lekensteyn.nl> | 2017-06-02 22:05:10 +0200 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2017-06-02 22:04:21 +0000 |
commit | 57b0527821b69dc8aa0786a3b5a425192795aff2 (patch) | |
tree | 4f01e3f4ac81d19d8ca3afa9a85a96f99c7c73bd /epan/dissectors/packet-ssl-utils.h | |
parent | a86f6603fc8b66a46ce21d18990f2058110acf27 (diff) |
Add ChaCha20-Poly1305 decryption support for TLS 1.2 and 1.3
Implements all seven AEAD_CHACHA20_POLY1305 cipher suites from RFC 7905
(for TLS 1.2) and the final missing one for TLS 1.3 (draft -20).
New test captures (created using OpenSSL_1_1_0-pre6-2528-g042597b0a)
also serve as tests for TLS 1.3 decryption support.
Change-Id: Ice6d639c9c7b7bc23a6ff5fb4832d02694abd8c4
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/21902
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index 269618dee8..17e539d7f9 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -286,7 +286,8 @@ typedef enum { MODE_CBC, /* GenericBlockCipher */ MODE_GCM, /* GenericAEADCipher */ MODE_CCM, /* AEAD_AES_{128,256}_CCM with 16 byte auth tag */ - MODE_CCM_8 /* AEAD_AES_{128,256}_CCM with 8 byte auth tag */ + MODE_CCM_8, /* AEAD_AES_{128,256}_CCM with 8 byte auth tag */ + MODE_POLY1305, /* AEAD_CHACHA20_POLY1305 with 16 byte auth tag (RFC 7905) */ } ssl_cipher_mode_t; /* Explicit and implicit nonce length (RFC 5116 - Section 3.2.1) */ @@ -359,6 +360,7 @@ typedef struct _SslDecoder { #define KEX_IS_DH(n) ((n) >= KEX_DHE_DSS && (n) <= KEX_ECDH_RSA) #define KEX_TLS13 0x23 +/* Order is significant, must match "ciphers" array in packet-ssl-utils.c */ #define ENC_DES 0x30 #define ENC_3DES 0x31 #define ENC_RC4 0x32 @@ -369,7 +371,8 @@ typedef struct _SslDecoder { #define ENC_CAMELLIA128 0x37 #define ENC_CAMELLIA256 0x38 #define ENC_SEED 0x39 -#define ENC_NULL 0x3A +#define ENC_CHACHA20 0x3A +#define ENC_NULL 0x3B #define DIG_MD5 0x40 #define DIG_SHA 0x41 |