osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
81,306 Commits 26 Branches 0 Tags 764 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Peter Wu 9feb7fb522 Fix build without GnuTLS 
The RSA Keys API and GUI are only functional when GnuTLS support is
available. Be sure to hide the functions in the header and hide the
preferences panel when GnuTLS support is missing.

Change-Id: I0a52ab142c4d45b8186780ea9b1645542dcc6305
Fixes: v2.9.1rc0-585-gec8f506c4b ("Qt: add initial RSA Keys preference frame")
Reviewed-on: https://code.wireshark.org/review/31837
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
 2019-01-31 13:14:22 +00:00
Peter Wu 8c7ca0e884 secrets: add functions to query and validate pkcs11 tokens/key files 
Provide a way to retrieve key URIs ("pkcs11:" and in the future maybe
"system:") and validate the PIN/password for such keys. Additionally
permit validation of a RSA key file.

This will be used for the RSA Keys GUI dialog.

Change-Id: I4177a11cb9f4758d7564daae509e20a4a42623fa
Reviewed-on: https://code.wireshark.org/review/31794
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
 2019-01-29 23:33:51 +00:00
Peter Wu 4803390686 Add new "rsa_keys" UAT for storage of RSA private keys 
This should eventually replace the "ssl_keys" UAT which additionally
contains a useless address, port and protocol field. This prepares for
HSM support through PKCS #11.

Change-Id: I59409c98aeedf260d19266d18e14ef7d9b40b582
Reviewed-on: https://code.wireshark.org/review/30977
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2018-12-13 05:28:02 +00:00
Peter Wu 97dbdc3ac9 TLS: really delay key lookup until it is necessary 
Even if the certificate has a RSA public key, be sure to lookup the key
only if it is an actual RSA key exchange. Move the hashtable to the
secrets module to enable reuse.

Change-Id: I39010831079d3b65d5d4368ec97d02491c1615a5
Reviewed-on: https://code.wireshark.org/review/30854
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2018-12-01 09:07:57 +00:00
Peter Wu df7af28f39 Add new Secrets API and allow TLS to use pcapng decryption secrets 
Add a new secrets API to the core, one that can outlive the lifetime of
a single capture file. Expose decryption secrets from wiretap through a
callback and let the secrets API route it to a dissector.

Bug: 15252
Change-Id: Ie2f1867bdfd265bad11fc58f1e8d8e7295c0d1e7
Reviewed-on: https://code.wireshark.org/review/30705
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 2018-11-20 05:14:35 +00:00