Wireshark-bugs: [Wireshark-bugs] [Bug 9499] DTLS: add decrypt support for TLS_PSK_WITH_AES_128_C
Date: Thu, 05 Dec 2013 09:48:56 +0000

Comment # 13 on bug 9499 from
(In reply to comment #12)
> (In reply to comment #8)
> [..]
> 
> Yes CCM is an authenticating cipher, it builds its own mac with aes. The
> last 8 or 16 bytes are the MAC, over the encrypted data itself and some
> additional data. It is not checked by wireshark.

Then I would suggest to add a DIG_NA (Not Applicable) macro and use that
instead
of some arbitrary, unrelated digest.

> There was a problem in the patch it used AES128 when it should use AES256,
> this was fixed and I was able to decrypt your trace and some traces I
> generated with cyassl.

Great, confirmed working!

Some minor comments:

- There is a line with white space only in packet-ssl-utils.c (before `if
(ssl_session->cipher_suite.kex == KEX_PSK)`)
- I think you had too much beer here: "ssl_generate_pre_master_serect" (should
be "secret" ;))

Besides that, you can consider the dtls PSK patch reviewed. Although the diff
looks large, most of them come from re-indentation and changing whitespace.
Where necessary, "break" has been replaced by "return" and some redundant code
has been removed from the DTLS code.

For the CCM patch (packet-ssl-utils.h), the "16 Bit Auth" should be "8 byte
auth tag". Personally, I would abbreviate it to: AEAD_AES_{128,256}_CCM too,
but I leave that up to you. With the DIG_NA comment noted above, you can also
consider this reviewed.


You are receiving this mail because:
  • You are watching all bug changes.