Hello Peter, First of all, thank you again for creating the patch. I did test it and was able to successfully decode some messages. My implementation uses WolfSSL v4.3.0.
I hope the patch will be merged in, please let me know if there's any more info you need from my end. Regards, Ahmed On Sat, May 2, 2020 at 3:21 PM Peter Wu <pe...@lekensteyn.nl> wrote: > Hi Ahmed, > > I have posted a patch at https://code.wireshark.org/review/37034 which > should allow you to see the plaintext. However there is a big open > question about the draft specification. Can you share some more details > on your implementation, in particular which TLS library do you use? > > Without more answers, this patch will not be merged. > > Kind regards, > Peter > > On Sat, May 02, 2020 at 10:55:07AM -0700, Ahmed Elsherbiny wrote: > > Wow this is great news, thank you Peter! > > > > Regards, > > Ahmed > > > > On Sat, May 2, 2020 at 10:21 AM Peter Wu <pe...@lekensteyn.nl> wrote: > > > > > Hi Ahmed, > > > > > > On Fri, May 01, 2020 at 02:10:01PM -0700, Ahmed Elsherbiny wrote: > > > > Hello, > > > > > > > > I've written a dissector for a custom protocol. The dissector works > well, > > > > and now I'm trying to run the protocol over TLS 1.3. > > > > > > > > The cipher suite being used is TLS_SHA256_SHA256 (Code: 0xC0B4). > This is > > > a > > > > new cipher suite, it is used for integrity and has a null cipher (The > > > > payload is actually plaintext). It is still in draft form, here is > the > > > > document that describes it: > > > > > https://www.ietf.org/id/draft-camwinget-tls-ts13-macciphersuites-05.txt > > > > > > > > Looking at the ServerHello packet, Wireshark shows the CipherSuite as > > > > Unknown (0xC0B4). Consequently, it does not provide a "Decrypted > > > > application data" tab and does not pass the data to my dissector. > > > > > > The new cipher name was added in the development build via commit > > > v3.3.0rc0-513-g3e2a837cc0 (https://code.wireshark.org/review/36052). > It > > > is not present in the stable build yet. > > > > > > > This is what the TLS debug log shows: > > > [..] > > > > I tried adding the cipher-suite to packet-tls-utils.c and recompiling > > > > Wireshark. This is the line that I added, since the document says > that > > > > Diffie-Helman is the only key exchange that can be used. I'm not > > > completely > > > > sure that I'm using the correct macros - I don't fully understand > TLS. > > > > > > > > {0xC0B4, KEX_DH_ANON, ENC_NULL, DIG_SHA256, MODE_GCM } > > > > > > This is not correct, TLS 1.3 has a different key exchange (KEX_TLS13) > > > and more changes are needed to ensure that existing TLS 1.3 ciphers do > > > not break while adding support for this new cipher. > > > > > > I've created a test samples for the two ciphers and posted these at > > > https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16543 > > > > > > I hope to have a patch available tomorrow. > > > -- > > > Kind regards, > > > Peter Wu > > > https://lekensteyn.nl > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
