Mailing List Archive: [PATCH] SSL + DTLS

[PATCH] SSL + DTLS

Jun 12, 2006, 7:18 AM

Post #1 of 4 (2311 views)

Hi all,

I wasn't sure the right place to post this patch so I post on the 2
mailing list....

It's a new patch (and certainly the last of me) for SSL and DTLS decryption.
The SSL one isn't new, it correct some bugs .... (like alert decryption)

The DTLS dissector is a new one, I have based my work on OpenSSL
implementation.
This implementation contains lots of errors (DTLS Version, Mac
calculation, doesn't support for packet loss, reordering or
fragmentation). I have done that I could with this but this is far to
be perfect (for the Mac calculation the good version following RFC is
commented out in source code), I couldn't implement dissection of
things not implemented yet.

You could try it with joined file and give me your opinions ;)

The base dissection work correctly and decryption too but the
fragmentation, reordering, all things that make UDP aren't
implemented.

I haven't made clear séparation bitween DTLS and SSL dissector (they
are very similar) because I'm not sure about integration process in
ethereal (wireshark...)

I hope this could help someone ;)

--
++++++++++++++++++++++++++
+ Authesserre Samuel +
+ 12 rue de la défense passive+
+ 14000 CAEN +
+ FRANCE +
+ 06-27-28-13-32 +
+ sauthess@gmail.com +
++++++++++++++++++++++++++

Re: [PATCH] SSL + DTLS [ In reply to ]

sauthess at gmail

Jun 12, 2006, 7:52 AM

Post #2 of 4 (2232 views)

Permalink

Sorry for spam, I have seen that capture file was empty.....

best regards,

Samuel

On 6/12/06, authesserre samuel <sauthess@gmail.com> wrote:
> Hi all,
>
> I wasn't sure the right place to post this patch so I post on the 2
> mailing list....
>
> It's a new patch (and certainly the last of me) for SSL and DTLS decryption.
> The SSL one isn't new, it correct some bugs .... (like alert decryption)
>
> The DTLS dissector is a new one, I have based my work on OpenSSL
> implementation.
> This implementation contains lots of errors (DTLS Version, Mac
> calculation, doesn't support for packet loss, reordering or
> fragmentation). I have done that I could with this but this is far to
> be perfect (for the Mac calculation the good version following RFC is
> commented out in source code), I couldn't implement dissection of
> things not implemented yet.
>
> You could try it with joined file and give me your opinions ;)
>
> The base dissection work correctly and decryption too but the
> fragmentation, reordering, all things that make UDP aren't
> implemented.
>
> I haven't made clear séparation bitween DTLS and SSL dissector (they
> are very similar) because I'm not sure about integration process in
> ethereal (wireshark...)
>
> I hope this could help someone ;)
>
>
> --
> ++++++++++++++++++++++++++
> + Authesserre Samuel +
> + 12 rue de la défense passive+
> + 14000 CAEN +
> + FRANCE +
> + 06-27-28-13-32 +
> + sauthess@gmail.com +
> ++++++++++++++++++++++++++
>
>
>

--
++++++++++++++++++++++++++
+ Authesserre Samuel +
+ 12 rue de la défense passive+
+ 14000 CAEN +
+ FRANCE +
+ 06-27-28-13-32 +
+ sauthess@gmail.com +
++++++++++++++++++++++++++

Re: Re: [PATCH] SSL + DTLS [ In reply to ]

jmayer at loplof

Jun 14, 2006, 10:48 AM

Post #3 of 4 (2251 views)

Permalink

On Mon, Jun 12, 2006 at 04:52:15PM +0200, authesserre samuel wrote:
> >It's a new patch (and certainly the last of me) for SSL and DTLS
> >decryption.
> >The SSL one isn't new, it correct some bugs .... (like alert decryption)

I tried to apply your patch to current wireshark svn, and it failed.
Can you please recreate it against the current svn sources?

Thanks
Joerg
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@ethereal.com
http://www.ethereal.com/mailman/listinfo/ethereal-dev

Re: Re: [PATCH] SSL + DTLS [ In reply to ]

sauthess at gmail

Jun 15, 2006, 1:44 AM

Post #4 of 4 (2242 views)

Permalink

Hi,

enclosed find the new patch made on svn ....

it make the same that I've say last mail but since I've found another
error in OpenSSL implementation : DTLS implementation doesn't add two
bytes long before Pre Master Secret in RSA key exchange (in
ClientKeyExchange message..)

I've corrected Version problem and this problem in openssl and I will
send a patch tomorrow
(I've done the correction in DTLS dissector too)
If my corrections will be integrated I send here new patch.(If I have
enougth time I would like to implement that's missing in DTLS
implementation like replay or packet loss handling)

My problem is integration in wireshark because a lot of things in DTLS
and SSL dissectors are same and I don't know how to make the code
maintainable (Ive put things in packet-ssl-utils but I don't know if
it is a good choice...). The DTLS dissector is a copy of SSL dissector
that I adapted...but I don't know how I can do otherwise

regards,

Samuel

On 6/14/06, Joerg Mayer <jmayer@loplof.de> wrote:
> On Mon, Jun 12, 2006 at 04:52:15PM +0200, authesserre samuel wrote:
> > >It's a new patch (and certainly the last of me) for SSL and DTLS
> > >decryption.
> > >The SSL one isn't new, it correct some bugs .... (like alert decryption)
>
> I tried to apply your patch to current wireshark svn, and it failed.
> Can you please recreate it against the current svn sources?
>
> Thanks
> Joerg
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@ethereal.com
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>

--
++++++++++++++++++++++++++
+ Authesserre Samuel +
+ 12 rue de la défense passive+
+ 14000 CAEN +
+ FRANCE +
+ 06-27-28-13-32 +
+ sauthess@gmail.com +
++++++++++++++++++++++++++

Mailing List Archive

Attached Files:

Attached Files:

Attached Files: