First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

how does wireshark support quic decryption

Hi All, I'm doing a project on quic, i'm really interested to learn more about quic and its multiple versions, does any one how wireshark is able to decryp the quic packets ? i have gone through multiple RFC versions and still not able to understand properly how we can decrypt. Any help would be much appreciated. Regards Cibin

cibinjacobalex's avatar
1
cibinjacobalex
asked 2019-05-14 09:05:03 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Use the source Luke, admittedly there is a lot of it, so to help you the dissector for QUIC is here.

grahamb's avatar
23.8k
grahamb
answered 2019-05-14 11:32:35 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Thank you so much Grahamb, i have been looking at the code, how can i get more info on this function ? any idea where this function is defined/works.

  if (!tls13_get_quic_secret(pinfo, from_server, type, hash_len, secret)) {
         *error = "Secrets are not available";
         return FALSE;
cibinjacobalex's avatar cibinjacobalex (2019-05-17 10:38:04 +0000) edit
more
  • delete

Around line 3798 in packet-tls.c.

grahamb's avatar grahamb (2019-05-17 10:42:50 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer