Ask Your Question
0

how does wireshark support quic decryption

asked 2019-05-14 09:05:03 +0000

cibinjacobalex gravatar image

Hi All, I'm doing a project on quic, i'm really interested to learn more about quic and its multiple versions, does any one how wireshark is able to decryp the quic packets ? i have gone through multiple RFC versions and still not able to understand properly how we can decrypt. Any help would be much appreciated. Regards Cibin

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2019-05-14 11:32:35 +0000

grahamb gravatar image

Use the source Luke, admittedly there is a lot of it, so to help you the dissector for QUIC is here.

edit flag offensive delete link more

Comments

Thank you so much Grahamb, i have been looking at the code, how can i get more info on this function ? any idea where this function is defined/works.

  if (!tls13_get_quic_secret(pinfo, from_server, type, hash_len, secret)) {
         *error = "Secrets are not available";
         return FALSE;
cibinjacobalex gravatar imagecibinjacobalex ( 2019-05-17 10:38:04 +0000 )edit

Around line 3798 in packet-tls.c.

grahamb gravatar imagegrahamb ( 2019-05-17 10:42:50 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-05-14 09:05:03 +0000

Seen: 1,183 times

Last updated: May 14 '19