Wireshark mailing list archives
Re: Remove our bundled crypto library (in favor of Libgcrypt)?
From: Erik de Jong <erikdejong () gmail com>
Date: Sun, 12 Feb 2017 11:11:52 +0100
On Sat, Feb 11, 2017 at 10:38 PM, Peter Wu <peter () lekensteyn nl> wrote:
(forgot to attach the file lists...)
I'll get to work on the aes_cmac_encrypt_* and crypt_* symbols. Will you make a separate change for this on which we'll both work or is it additional work on 20030?
On Sat, Feb 11, 2017 at 10:35:10PM +0100, Peter Wu wrote:On Sat, Feb 11, 2017 at 09:31:17PM +0100, Erik de Jong wrote:On Sat, Feb 11, 2017 at 8:55 PM, Peter Wu <peter () lekensteyn nl> wrote:[..]My original goal was to replace wsutil by an existing crypto library (case 2). Since we Libgcrypt is already used in a lot of places, it seemed natural to replace wsutil by Libgcrypt. When trying to do so, I noticed that having an optional Libgcryptmakesit much harder and hence changeset 20030 was created first to make it mandatory. Once that is in place, we can change the wsutil cryptousersto Libgcrypt. I plan to start working on that in the next days, letmeknow if you want to join this effort :-)I'd like to help out, please tell me how I can assist in a way thatwon'tbe counterproductive.Thanks! The following files need to be modified / removed: debian/libwsutil0.symbols wsutil/CMakeLists.txt wsutil/Makefile.am wsutil/aes.c wsutil/aes.h wsutil/des.c wsutil/des.h wsutil/md4.c wsutil/md4.h wsutil/md5.c wsutil/md5.h wsutil/rc4.c wsutil/rc4.h wsutil/sha1.c wsutil/sha1.h wsutil/sha2.c wsutil/sha2.h The symbols to be removed are: - aes_cmac_encrypt_finish@Base 2.1.0 - aes_cmac_encrypt_starts@Base 2.1.0 - aes_cmac_encrypt_update@Base 2.1.0 - crypt_des_ecb@Base 1.12.0~rc1 - crypt_md4@Base 1.12.0~rc1 - crypt_rc4@Base 1.12.0~rc1 - crypt_rc4_init@Base 1.12.0~rc1 - md5_append@Base 1.12.0~rc1 - md5_finish@Base 1.12.0~rc1 - md5_hmac@Base 1.12.0~rc1 - md5_hmac_append@Base 1.12.0~rc1 - md5_hmac_finish@Base 1.12.0~rc1 - md5_hmac_init@Base 1.12.0~rc1 - md5_init@Base 1.12.0~rc1 - sha1_finish@Base 1.12.0~rc1 - sha1_hmac@Base 1.12.0~rc1 - sha1_hmac_finish@Base 1.12.0~rc1 - sha1_hmac_starts@Base 1.12.0~rc1 - sha1_hmac_update@Base 1.12.0~rc1 - sha1_starts@Base 1.12.0~rc1 - sha1_update@Base 1.12.0~rc1 - sha256_finish@Base 2.1.0 - sha256_hmac@Base 2.1.0 - sha256_hmac_finish@Base 2.1.0 - sha256_hmac_starts@Base 2.1.0 - sha256_hmac_update@Base 2.1.0 - sha256_starts@Base 2.1.0 - sha256_update@Base 2.1.0 Attached are the files that need to be modified (one list for any occurrence per file, one list with files grouped per function). The first three functions were "recently" added (see git logs) and is only used in airpdcap code. Looking at crypt_des_ecb, the users are packet-ntlmssp.c and packet-dcerpc-netlogin.c. These also use md5 a lot and crypt_rc4. Do you have any preference for a file/crypto function to tackle? Note that the current minimum Libgcrypt version is 1.4.2. For CMAC you need Libgcrypt 1.6.0 or newer. All other functions have been available for longer time. References that might be helpful: https://wiki.wireshark.org/Development/Support_library_version_tracking#Libgcrypthttps://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob;f=NEWS https://gnupg.org/documentation/manuals/gcrypt/
So we'll have to update the minimum required version to 1.6.0 as well then.
If it helps, an example of using Libgcrypt (see .c and _test.lua files): https://github.com/Lekensteyn/luagcrypt -- Kind regards, Peter Wu https://lekensteyn.nl____________________________________________________________ _______________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject= unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Remove our bundled crypto library (in favor of Libgcrypt)?, (continued)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Guy Harris (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Bálint Réczey (Feb 09)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Bálint Réczey (Feb 09)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? João Valverde (Feb 09)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? João Valverde (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Erik de Jong (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Erik de Jong (Feb 12)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Pascal Quantin (Feb 12)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 12)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Erik de Jong (Feb 13)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 13)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Erik de Jong (Feb 15)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? João Valverde (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Peter Wu (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Bálint Réczey (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Guy Harris (Feb 11)
- Re: Remove our bundled crypto library (in favor of Libgcrypt)? Ed Beroset (Feb 11)