Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Sample capture attached to issue 12779 - Add TLS 1.3 support:
tls13-22-hrr.pcap: picotls client with boringssl 2fce1bed (draft -22 with HelloRetryRequest)

The implementation of HelloRetryRequest seems to vary by draft version.
In the current Wireshark code, packet-tls-utils.c looks for a magic string:

/**
 * Scan a Server Hello handshake message for the negotiated version. For TLS 1.3
 * draft 22 and newer, it also checks whether it is a HelloRetryRequest.
 */
void
tls_scan_server_hello(tvbuff_t *tvb, guint32 offset, guint32 offset_end,
                      guint16 *server_version, gboolean *is_hrr)
{
    /* SHA256("HelloRetryRequest") */
    static const guint8 tls13_hrr_random_magic[] = {
        0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e, 0x65, 0xb8, 0x91,
        0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c
    };

The filter would be:

tls.handshake.random == cf:21:ad:74:e5:9a:61:11:be:1d:8c:02:1e:65:b8:91:c2:a2:11:16:7a:bb:8c:5e:07:9e:09:e2:c8:a8:33:9c

Another approach would be to search the Info column for "Hello Retry Request".
See the filtcols Lua plugin.