Wireshark-commits: [Wireshark-commits] master 8f3ebb4: TLS13: implement trial decryption for early
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 15 Mar 2018 06:02:31 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8f3ebb4ea33ce427a76d444340c1a03a5d0a84c8
Submitter: Alexis La Goutte (alexis.lagoutte@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

8f3ebb4 by Peter Wu (peter@xxxxxxxxxxxxx):

    TLS13: implement trial decryption for early data
    
    Rather than relying on the advertised ciphers in the Client Hello (which
    might not match the early data cipher), try all TLS 1.3 ciphers when the
    0rtt secret is available.
    
    Whenever the client advertises the "early_data" extension, we will try
    to decrypt it when keys are available. This is tried before decrypting
    normal handshake/application data because a server might reject early
    data and then no End Of Early Data (EOED) message is available. Care is
    taken to decrypt as much 0RTT data as possible, only when when EOED is
    seen *or* when 0RTT decryption fails, then it will switch to HS secrets.
    
    Requires at least Libgcrypt 1.6 for verifying the auth tags, otherwise
    it cannot recognize whether the "decrypted" result is correct.
    
    Since the negotiated draft version is not known during Client Hello,
    rely on heuristics to guess the actual draft. This is relevant since the
    key expansion changed in draft 20. (Test with comment 56 in bug 12779.)
    
    Change-Id: Ied3f2b4b9f38d1280a6158c3a3aff8296c035fc3
    Ping-Bug: 12779
    Bug: 14308
    Reviewed-on: https://code.wireshark.org/review/26445
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    

Actions performed:

    from  ab40224   (D)TLS: restrict ssl.ignore_ssl_mac_failed preference to ssl
    adds  8f3ebb4   TLS13: implement trial decryption for early data


Summary of changes:
 epan/dissectors/packet-ssl-utils.c |  25 ++++----
 epan/dissectors/packet-ssl-utils.h |   1 +
 epan/dissectors/packet-ssl.c       | 113 +++++++++++++++++++++++++++++++++++--
 3 files changed, 124 insertions(+), 15 deletions(-)