Re: Remove our bundled crypto library (in favor of Libgcrypt)?

[Erik de Jong <erikdejong () gmail com>]

On Mon, Feb 13, 2017 at 9:46 PM, Peter Wu <peter () lekensteyn nl> wrote:

> On Mon, Feb 13, 2017 at 07:31:50PM +0100, Erik de Jong wrote:
> > On Sun, Feb 12, 2017 at 3:38 PM, Peter Wu <peter () lekensteyn nl> wrote:
> >
> > > On Sun, Feb 12, 2017 at 02:40:03PM +0100, Pascal Quantin wrote:
> > > > Le 12 févr. 2017 11:12, "Erik de Jong" <erikdejong () gmail com> a
> écrit :
> > > > On Sat, Feb 11, 2017 at 10:38 PM, Peter Wu <peter () lekensteyn nl>
> wrote:
> > > > > (forgot to attach the file lists...)
> > > >
> > > > I'll get to work on the aes_cmac_encrypt_* and crypt_* symbols. Will
> you
> > > > make a separate change for this on which we'll both work or is it
> > > > additional work on 20030?
> > >
> > > You can create a separate change, 20030 is focussed on making Libgcrypt
> > > mandatory but will not rewrite other parts (in order to make review
> > > easier).
> >
> > Alright! I've removed the md4 and rc4 symbols. Don't feel confident
> enough
> > to remove the crypt_des_ecb calls because I'm not sure what is happening
> > exactly, so I'm worried it'll break.
>
> Ehh, that indeed needs a closer look. I'll take a look once you finished
> the patch (to avoid possible conflicts within the file).
>
> > Looks like wsutil/aes.h is also used by epan/dissectors/packet-dof.c and
> > epan/crypt/airpdcap_ccmp.c for rijndael_encrypt(), so we ought to put
> those
> > on the list as well.
>
> Oh right! I grepped for the cipher names based on the filename and
> missed Rijndael.
>
> General remark, when rewriting files, can you try to find a pcap and
> confirm that the before/after result is the same? You can then add this
> to the commit message.

I did not find any captures that are appropriate for the rc4 related calls,
looks like the captures up on the web are about other (AES) encryption.
Removed the Rijndael references in the epan/crypt/* but looks like the
information for the sample capture for the DOF protocol (
https://wiki.wireshark.org/SampleCaptures#DOF_.28Distributed_Object_
Framework.29_Protocols) either has the wrong decryption info or the
decryption is already broken as it doesn't decrypt in Fedora's stock
Wireshark (2.2), so that'll be difficult to verify.


> --
> Kind regards,
> Peter Wu
> https://lekensteyn.nl
> ____________________________________________________________
> _______________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org?subject=unsubscr
> ibe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe