diff options
author | jake <jake@f5534014-38df-0310-8fa8-9805f1628bb7> | 2009-04-20 05:40:58 +0000 |
---|---|---|
committer | jake <jake@f5534014-38df-0310-8fa8-9805f1628bb7> | 2009-04-20 05:40:58 +0000 |
commit | b492e1303d6b1f4c79b1a239957ad9475150b7bb (patch) | |
tree | b23b809b521caf3b1e175039be0bc6f6b35377b0 /docbook | |
parent | 5556fed8d35cc1d22bb05c6ba8944c05ba73c0b3 (diff) |
From Naoyoshi Ueda:
Currently wireshark has ability to decrypt ISAKMP IKEv1 packets, but not IKEv2
packets. With attached patch decryption of IKEv2 packets is now passible.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28089 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'docbook')
-rw-r--r-- | docbook/wsug_src/WSUG_chapter_customize.xml | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/docbook/wsug_src/WSUG_chapter_customize.xml b/docbook/wsug_src/WSUG_chapter_customize.xml index 97f55db735..3883b33bea 100644 --- a/docbook/wsug_src/WSUG_chapter_customize.xml +++ b/docbook/wsug_src/WSUG_chapter_customize.xml @@ -1495,6 +1495,86 @@ standard libpcap format. </variablelist> </section> + <section id="ChIKEv2DecryptionSection"><title>IKEv2 decryption table</title> + <para> + Wireshark can decrypt Encrypted Payloads of IKEv2 (Internet Key Exchange version 2) packets if necessary information is provided. + Note that you can decrypt only IKEv2 packets with this feature. If you want to decrypt IKEv1 packets or ESP packets, + use Log Filename setting under ISAKMP protocol preference or settings under ESP protocol preference respectively. + </para> + <para> + This table is handled by an <xref linkend="ChUserTable"/> with the following fields. + </para> + <variablelist> + <varlistentry><term><command>Initiator's SPI</command></term> + <listitem> + <para> + Initiator's SPI of the IKE_SA. This field takes hexadecimal string without "0x" prefix + and the length must be 16 hex chars (represents 8 octets). + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>Responder's SPI</command></term> + <listitem> + <para> + Responder's SPI of the IKE_SA. This field takes hexadecimal string without "0x" prefix + and the length must be 16 hex chars (represents 8 octets). + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>SK_ei</command></term> + <listitem> + <para> + Key used to encrypt/decrypt IKEv2 packets from initiator to responder. + This field takes hexadecimal string without "0x" prefix and its length + must meet the requirement of the encryption algorithm selected. + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>SK_er</command></term> + <listitem> + <para> + Key used to encrypt/decrypt IKEv2 packets from responder to initiator. + This field takes hexadecimal string without "0x" prefix and its length + must meet the requirement of the encryption algorithm selected. + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>Encryption Algorithm</command></term> + <listitem> + <para> + Encryption algorithm of the IKE_SA. + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>SK_ai</command></term> + <listitem> + <para> + Key used to calculate Integrity Checksum Data for IKEv2 packets from responder to initiator. + This field takes hexadecimal string without "0x" prefix and its length + must meet the requirement of the integrity algorithm selected. + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>SK_ar</command></term> + <listitem> + <para> + Key used to calculate Integrity Checksum Data for IKEv2 packets from initiator to responder. + This field takes hexadecimal string without "0x" prefix and its length + must meet the requirement of the integrity algorithm selected. + </para> + </listitem> + </varlistentry> + <varlistentry><term><command>Integrity Algorithm</command></term> + <listitem> + <para> + Integrity algorithm of the IKE_SA. + </para> + </listitem> + </varlistentry> + + </variablelist> + </section> + </chapter> <!-- End of WSUG Chapter Customizing --> |