https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14308

            Bug ID: 14308
           Summary: Wireshark fails to decrypt reused session and early
                    data using tlsv1.3 draft22
           Product: Wireshark
           Version: 2.4.3
          Hardware: x86-64
                OS: Windows 7
            Status: UNCONFIRMED
          Severity: Major
          Priority: Low
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: moyald...@gmail.com
  Target Milestone: ---

Created attachment 16055
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16055&action=edit
Early data capture file

Build Information:
Version 2.4.3 (v2.4.3-0-g368ba1ee37)

Copyright 1998-2017 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.3, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0,
with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap,
with
SBC, with SpanDSP.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with Intel(R) Core(TM)
i7-6600U CPU @ 2.60GHz (with SSE4.2), with 15795 MB of physical memory, with
locale English_United States.1252, with WinPcap version 4.1.3 (packet.dll
version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008),
with GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap.

Built using Microsoft Visual C++ 14.0 build 24215
--
I'm trying to decrypt tlsv1.3 traffic (reused session and 0-RTT) with no
success.

I'm running traffic using OpenSSL s_client to OpenSSL s_server (draft 22) and
I'm trying to decrypt it (I'm using the keylog flag on both server and client)

The issue is that Wireshark successfully decrypts the packets from the first
session, but fails to decrypt the following in the reused session:
1. 0-RTT application data
2. Client ChangeCipherSpec and finished

Capture file is attached.

I used the following as Pre-Master-Secret log file name:
# SSL/TLS secrets log file, generated by OpenSSL
SERVER_HANDSHAKE_TRAFFIC_SECRET
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
c0206f1806ca5197d6607b8bec9b1bffd7ad8e8c310c06b50ac1c3b161929222f1452bf04a6538c67d77cc9c3d087d46
CLIENT_HANDSHAKE_TRAFFIC_SECRET
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
b49c392c9883dd56e603b3d7989e4177f5d0b206fe496b0ed6017ab1de400238709469ee36d3f1a940766aaf08a2d7c8
SERVER_TRAFFIC_SECRET_0
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
99ab177284e2cc71a96c10da1b4ca29ff80ac0f8d0495cc050439194b17da5f8c593319f5f789d7363f612db0a260b9c
CLIENT_TRAFFIC_SECRET_0
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
55a8c196c16b3a9f283293e0e1ad75ac9284b8399ccfe89b74a2380ae64ee93c5e978ef93983b1606ef99b610b844d66
CLIENT_EARLY_TRAFFIC_SECRET
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
dded7497c2fe569d2dcd42a9deb4dc4cbaad46581504eb97491b4dc8acdaa55b1fac9c4962df342b44de1e0fde26d1e7
SERVER_HANDSHAKE_TRAFFIC_SECRET
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
9e47d0bb727e6550043f6c5695cf5229347a3fd18d1c369152aaa23b7157b02cd045af7a6548b2e3109358853b413e0e
SERVER_TRAFFIC_SECRET_0
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
39d5f026b0283dc61c3c1cb4fd3d8d915cf81aee7f9d007a8475f436b708557ef8a5221c3b083cbda02bfd07ba51c366
CLIENT_HANDSHAKE_TRAFFIC_SECRET
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
cfc81da05333940fdfca0ffc986511873742470678ebe8cb2be9f04a7664c5ac1f8878be25acfae319ed818fc6f25e38
CLIENT_TRAFFIC_SECRET_0
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
47aec4731417e54697fb362dde24d6216bc168f2677185d675f377822b31cebfb74dd5db62fa34edad3a400e5eabe13f
SERVER_HANDSHAKE_TRAFFIC_SECRET
6167c205226051775d2528e535b5522842f6759b9752a2e74ffbe94374bec696
38522e24f79fe566fe5557043763d21dec64360d876e28f1fbb7959c5aa6716a5fe936b722362f68dd9f312226d75155
SERVER_TRAFFIC_SECRET_0
6167c205226051775d2528e535b5522842f6759b9752a2e74ffbe94374bec696
d9092e5796c9d695efc6574d7e1c18071009fdf8b018e3c402172dd2e8301ed912e29d2d796af6793ac71b9eb56405b2
CLIENT_HANDSHAKE_TRAFFIC_SECRET
6167c205226051775d2528e535b5522842f6759b9752a2e74ffbe94374bec696
59ea7c68968a7da7e97bed0e840dd92813b96941ce22e723ec50b524c32dd2f25d0622e642cd6b52e4c9ff04c78f283c
CLIENT_TRAFFIC_SECRET_0
6167c205226051775d2528e535b5522842f6759b9752a2e74ffbe94374bec696
b6b51fb61dfc35a202b67ad73fa9b55cef08da33b0bd7db546e853df7dbb51fa537e6b67dcf8841119c25f73148a5de5
CLIENT_EARLY_TRAFFIC_SECRET
759e66e0d8a275d854525d5438cfdb2a64529fe888c77d34952a31ef65b4a6d1
5f561906830409d9d9c90d35c369889ec3e784b7cfea5c04db4d30376bd586a88276f9fb5b7f4b435a9906cf29d0771f
SERVER_HANDSHAKE_TRAFFIC_SECRET
759e66e0d8a275d854525d5438cfdb2a64529fe888c77d34952a31ef65b4a6d1
028fc6bc7e6b3d49c1c203239d4d3c02eab0b93f8d370afe30a371b9136a253383971d35e781bf1db4c04b23c6ee811f
SERVER_TRAFFIC_SECRET_0
759e66e0d8a275d854525d5438cfdb2a64529fe888c77d34952a31ef65b4a6d1
1530f81cd05b2ab68a7b1d3a220a53debd9d6ca57e76f335c2d8c341f31898c4fd92e763d8d125e4ca61eb6ef25e17a3
CLIENT_HANDSHAKE_TRAFFIC_SECRET
759e66e0d8a275d854525d5438cfdb2a64529fe888c77d34952a31ef65b4a6d1
43fc542970d59ea29da80b28c070ba72ff80f4deaf4a0a03ee81352e4fb1fdcf824309436edc5d6e7db570ea20b843a5
CLIENT_TRAFFIC_SECRET_0
759e66e0d8a275d854525d5438cfdb2a64529fe888c77d34952a31ef65b4a6d1
8a90bcf9b2933168e73ec7089c2effd681db524acd71e0418ac7ba5fe89d7feddc1f1a6d2499895e3c5d4b363d2edca3
SERVER_HANDSHAKE_TRAFFIC_SECRET
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
c0206f1806ca5197d6607b8bec9b1bffd7ad8e8c310c06b50ac1c3b161929222f1452bf04a6538c67d77cc9c3d087d46
SERVER_TRAFFIC_SECRET_0
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
99ab177284e2cc71a96c10da1b4ca29ff80ac0f8d0495cc050439194b17da5f8c593319f5f789d7363f612db0a260b9c
CLIENT_HANDSHAKE_TRAFFIC_SECRET
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
b49c392c9883dd56e603b3d7989e4177f5d0b206fe496b0ed6017ab1de400238709469ee36d3f1a940766aaf08a2d7c8
CLIENT_TRAFFIC_SECRET_0
3c357f0c4abfbbc8f8d7953d29b73d0ae8c78232836597ab3b6d9930a6910e60
55a8c196c16b3a9f283293e0e1ad75ac9284b8399ccfe89b74a2380ae64ee93c5e978ef93983b1606ef99b610b844d66
CLIENT_EARLY_TRAFFIC_SECRET
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
dded7497c2fe569d2dcd42a9deb4dc4cbaad46581504eb97491b4dc8acdaa55b1fac9c4962df342b44de1e0fde26d1e7
SERVER_HANDSHAKE_TRAFFIC_SECRET
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
9e47d0bb727e6550043f6c5695cf5229347a3fd18d1c369152aaa23b7157b02cd045af7a6548b2e3109358853b413e0e
SERVER_TRAFFIC_SECRET_0
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
39d5f026b0283dc61c3c1cb4fd3d8d915cf81aee7f9d007a8475f436b708557ef8a5221c3b083cbda02bfd07ba51c366
CLIENT_HANDSHAKE_TRAFFIC_SECRET
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
cfc81da05333940fdfca0ffc986511873742470678ebe8cb2be9f04a7664c5ac1f8878be25acfae319ed818fc6f25e38
CLIENT_TRAFFIC_SECRET_0
a957221a763a6be75ef73c2a3ebad59838918f31d58da22145a13b022eb5c08d
47aec4731417e54697fb362dde24d6216bc168f2677185d675f377822b31cebfb74dd5db62fa34edad3a400e5eabe13f

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to