how does wireshark support quic decryption

asked 2019-05-14 09:05:03 +0000

cibinjacobalex
1 ●1 ●2 ●2

Hi All, I'm doing a project on quic, i'm really interested to learn more about quic and its multiple versions, does any one how wireshark is able to decryp the quic packets ? i have gone through multiple RFC versions and still not able to understand properly how we can decrypt. Any help would be much appreciated. Regards Cibin

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2019-05-14 11:32:35 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●950 ●227 https://www.wireshark.org

Use the source Luke, admittedly there is a lot of it, so to help you the dissector for QUIC is here.

edit flag offensive delete link

Comments

Thank you so much Grahamb, i have been looking at the code, how can i get more info on this function ? any idea where this function is defined/works.

  if (!tls13_get_quic_secret(pinfo, from_server, type, hash_len, secret)) {
         *error = "Secrets are not available";
         return FALSE;

cibinjacobalex ( 2019-05-17 10:38:04 +0000 )edit

Around line 3798 in packet-tls.c.

grahamb ( 2019-05-17 10:42:50 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-05-14 09:05:03 +0000

Seen: 1,079 times

Last updated: May 14 '19

how does wireshark support quic decryption edit