[WireGuard] Session Key Extraction & Request for Dissector
Jason A. Donenfeld
Jason at zx2c4.com
Thu Aug 25 00:51:19 CEST 2016
On Thu, Aug 25, 2016 at 12:40 AM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> The first value is the index, which should...
Small improvement:
# ./extract-keys wg0
0xe25d9516 IHHXzJVLOm2fw6J4dGsVDNUH4l6plYw70b0IozmH8KQ=
0xd29e7538 D7ZiiRXaVA+UXNT3FBoAiKCu+3eSrp/fHCz0KisxaVk=
0x90c99abb EI33BYVaI0rziFUxvLBsVM8z6glhW7tLWR7+MTAe43s=
0x9540a866 yAjjnONW6TGrZm/tdrg7KIAZ2ipxn/YqWSba4lh377U=
The first field is the index. The second field is the key. If you see
a packet with the index, decrypt it with the key. Plain and simple.
This actually amounts to printing out:
REMOTE_KEY_ID SENDING_KEY
LOCAL_KEY_ID RECEIVING_KEY
But from the point of view of a dissector it doesn't really matter.
See a packet, match the index, decrypt the payload.
More information about the WireGuard
mailing list