[strongSwan-dev] An option to save IKE_SA and CHILD_SA keys for wireshark

Codrut Grosu cgrosu at ixiacom.com
Wed Jul 6 15:27:43 CEST 2016


Hi all,


This summer I'm working at Ixia (https://www.ixiacom.com/) as an intern.

My summer project is to create a new plug-in for strongSwan that saves all the keys and informations that are needed by Wireshark in order to decrypt ESP packets and ISAKMP packets.

This feature is intended for debugging and development. It will be optional and disabled by default.

For implementing this new feature, when the IKE_SA and CHILD_SA are created I want to save all the necessary informations that are needed by Wireshark.

When you'll run the test suites with this feature, besides the usual results you'll have the encryption keys and a sample with the packets captured using tcpdump.

Suggestions and advice on the architecture or specific implementation requirements are welcome.

We want this feature to be useful for as many strongswan users as possible.


Cheers,
Codrut.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20160706/7b0d0d72/attachment.html>


More information about the Dev mailing list