This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello,

I'm developing a custom packet dissector. Lets say we have a 64 byte packet to dissect and bytes 16 to 32 are encrypted, what is the right way to display this data ?

Today I have something working like that but I want to have a clean code

proto_tree_add_item( //the encrypted data displayed as is 
offset += 16
dec_buffer = decryptData() //decrypted data are in a buffer 
payload_tvb = tvb_new_child_real_data(tvb, dec_buffer, 16, 16);
add_new_data_source(pinfo, payload_tvb, "Decrypted Data");

What protocol dissector may I use as example ?

asked 02 Sep '16, 04:41

atsju2's gravatar image

atsju2
11347
accept rate: 0%

edited 02 Sep '16, 04:42

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×637
×63
×33
×1

question asked: 02 Sep '16, 04:41

question was seen: 784 times

last updated: 02 Sep '16, 04:42

p​o​w​e​r​e​d by O​S​Q​A