Wireshark-commits: [Wireshark-commits] master 2fd4204: QUIC: implement decryption using new traffic
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Mon, 17 Sep 2018 08:14:39 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2fd42045f5afb556a03d8a1090f3278c77798766
Submitter: "Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

2fd4204 by Peter Wu (peter@xxxxxxxxxxxxx):

    QUIC: implement decryption using new traffic secrets (draft -13)
    
    QUIC draft -12 and before used the TLS Exporter to derive the protected
    payload secrets. Starting with draft -13, the handshake and 1-RTT
    protected payloads use keys derived during the TLS 1.3 handshake (but
    with the "quic " label for HKDF-Expand-Label instead of "tls13 ").
    
    That unfortunately means that previous CLIENT_HANDSHAKE_TRAFFIC_SECRET,
    SERVER_TRAFFIC_SECRET_0, etc. are unusable. As a quick workaround,
    extend the key log format with new labels similar to the old one (but
    with "QUIC_" prepended to it).
    
    To match draft -13, rename the original "handshake cipher/secret" to
    "initial cipher/secret" and add a new "handshake cipher".
    
    Potential limitation: if the client/server addresses/ports change since
    the Initial Packet, then a new TLS session is created in the TLS
    dissector. Attempting to retrieve secrets after the change will fail
    since the Client Random is empty and the secret cannot be linked.
    
    Another more common limitation: (Certificate) handshake messages that
    span multiple CRYPTO frames are not correctly recognized.
    
    Change-Id: I2932c3cc851fae51e8becf859db53ccc5f4beeda
    Ping-Bug: 13881
    Reviewed-on: https://code.wireshark.org/review/29677
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    

Actions performed:

    from  9de95b8   packet-rsl: Fix dissection of "CB Command Type" IE
     add  2fd4204   QUIC: implement decryption using new traffic secrets (draft -13)


Summary of changes:
 epan/dissectors/packet-quic.c      | 122 ++++++++++++++++++++++++++++---------
 epan/dissectors/packet-ssl-utils.c |  27 ++++++++
 epan/dissectors/packet-ssl-utils.h |   7 +++
 epan/dissectors/packet-ssl.c       |  78 ++++++++++++++++++++++++
 epan/dissectors/packet-ssl.h       |   3 +
 5 files changed, 208 insertions(+), 29 deletions(-)