how does wireshark support quic decryption

asked 2019-05-14 09:05:03 +0000

cibinjacobalex
1 ●1 ●2 ●2

Hi All, I'm doing a project on quic, i'm really interested to learn more about quic and its multiple versions, does any one how wireshark is able to decryp the quic packets ? i have gone through multiple RFC versions and still not able to understand properly how we can decrypt. Any help would be much appreciated. Regards Cibin

answered 2019-05-14 11:32:35 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23835 ●4 ●973 ●227 https://www.wireshark.org

Use the source Luke, admittedly there is a lot of it, so to help you the dissector for QUIC is here.

edit flag offensive delete link

Comments

Thank you so much Grahamb, i have been looking at the code, how can i get more info on this function ? any idea where this function is defined/works.

  if (!tls13_get_quic_secret(pinfo, from_server, type, hash_len, secret)) {
         *error = "Secrets are not available";
         return FALSE;

cibinjacobalex ( 2019-05-17 10:38:04 +0000 )edit

Around line 3798 in packet-tls.c.

grahamb ( 2019-05-17 10:42:50 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

how does wireshark support quic decryption

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

how does wireshark support quic decryption edit

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

how does wireshark support quic decryption