Wireshark · Wireshark-dev: [Wireshark-dev] SRTP dissection

Wireshark-dev: [Wireshark-dev] SRTP dissection

From: Neil Piercy <Neil.Piercy@xxxxxxxxxxxx>

Date: Wed, 21 Jun 2006 18:19:58 +0100

I've started looking at adding SRTP dissection to wireshark - anyoneelse already doing this ?

The way I'm heading at present is to add it on the side of RTP/RTCPdissection (in the same files) as it really modifies the payload only,and has no signalling of its presence in the header (only out of bandsignalling such as MGCP, and it needs the same hooks into otherprotocols such as MGCP to do this as RTP does).


I'm planning on doing phases:-

a) ensure RTP doesnt try to pass on the encrypted payload to the payloaddissectors, and RTCP doesnt try to dissect it (pretty easy & almost done)


b) add auth support (slightly harder, but not much)

c) add decryption support if the key exchange is captured by e.g. SDP orvia a user preference (like SSL support for this)


d) add signalling support to any protocols which support SRTP key exchange

Anyone got any strong opinions on whether this is a good or bad designway to go ?


Neil

Follow-Ups:
- Re: [Wireshark-dev] SRTP dissection
  - From: Jaap Keuter

References:
- [Wireshark-dev] Disectors & conversations
  - From: Cook, Timothy

Prev by Date: Re: [Wireshark-dev] Disectors & conversations
Next by Date: Re: [Wireshark-dev] SRTP dissection
Previous by thread: Re: [Wireshark-dev] Disectors & conversations
Next by thread: Re: [Wireshark-dev] SRTP dissection
Index(es):
- Date
- Thread