diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2016-09-20 21:26:43 +0200 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2017-01-31 04:43:21 +0000 |
| commit | 5f0edb2ebacb6eedf81066e0738c03cc8e564e96 (patch) | |
| tree | 64acc8fe34116175670110f4730aea52271a3f63 /epan/dissectors/packet-ssl-utils.h | |
| parent | 7e7445cc75b239c86253860e5ef7b5b38c6a5fed (diff) | |
ssl-utils: refactor AEAD decryption handling
The current ssl_decrypt_record is hard to understand due to mixing CBC
concepts (MAC, padding) with AEAD. Extract the AEAD functionality and
use better variable naming.
The "Plaintext" debug print now includes just the plaintext (the auth
tag is stripped). A write_iv.data_len check is added just to be sure and
more prep work is done for auth tag validation and TLS 1.3 support.
Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.
Change-Id: I94dd2fd70e1281d85c954abfe523f7483d9ac68b
Reviewed-on: https://code.wireshark.org/review/19852
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
| -rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index 8760103922..8da1458a03 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -268,8 +268,9 @@ typedef enum { MODE_CCM_8 /* AEAD_AES_{128,256}_CCM with 8 byte auth tag */ } ssl_cipher_mode_t; -/* Explicit nonce length */ -#define SSL_EX_NONCE_LEN_GCM 8 /* RFC 5288 - section 3 */ +/* Explicit and implicit nonce length (RFC 5116 - Section 3.2.1) */ +#define IMPLICIT_NONCE_LEN 4 +#define EXPLICIT_NONCE_LEN 8 #define SSL_DEBUG_USE_STDERR "-" @@ -544,6 +545,7 @@ ssl_change_cipher(SslDecryptSession *ssl_session, gboolean server); @param ssl ssl_session the store all the session data @param decoder the stream decoder to be used @param ct the content type of this ssl record + @param record_version the version as contained in the record @param in a pointer to the ssl record to be decrypted @param inl the record length @param comp_str a pointer to the store the compression data @@ -551,8 +553,8 @@ ssl_change_cipher(SslDecryptSession *ssl_session, gboolean server); @param outl the decrypted data len @return 0 on success */ extern gint -ssl_decrypt_record(SslDecryptSession* ssl,SslDecoder* decoder, gint ct, - const guchar* in, guint inl, StringInfo* comp_str, StringInfo* out_str, guint* outl); +ssl_decrypt_record(SslDecryptSession *ssl, SslDecoder *decoder, guint8 ct, guint16 record_version, + const guchar *in, guint16 inl, StringInfo *comp_str, StringInfo *out_str, guint *outl); /* Common part bitween SSL and DTLS dissectors */ |