TLS:support decrypt ECC_SM4_CBC_SM3 ciphersuite

ECC_SM4_CBC_SM3 is defined in GB/T38636-2020
Information security technology-Transport layer cryptography protocol
which is a Chinese national standard.
prf alg of ciphersuites defined in GB/T 38636-2020 are the same as TLS1.2.

1 files changed, 8 insertions, 1 deletions

diff --git a/epan/dissectors/packet-tls-utils.c b/epan/dissectors/packet-tls-utils.c
index 20afafa28d..97e8e4c987 100644
--- a/epan/dissectors/packet-tls-utils.c
+++ b/epan/dissectors/packet-tls-utils.c
@@ -3646,11 +3646,17 @@ prf(SslDecryptSession *ssl, StringInfo *secret, const gchar *usage,
     case TLSV1DOT1_VERSION:
     case DTLSV1DOT0_VERSION:
     case DTLSV1DOT0_OPENSSL_VERSION:
-    case GMTLSV1_VERSION:
         return tls_prf(secret, usage, rnd1, rnd2, out, out_len);
 
     default: /* TLSv1.2 */
         switch (ssl->cipher_suite->dig) {
+        case DIG_SM3:
+#if GCRYPT_VERSION_NUMBER >= 0x010900
+            return tls12_prf(GCRY_MD_SM3, secret, usage, rnd1, rnd2,
+                             out, out_len);
+#else
+            return FALSE;
+#endif
         case DIG_SHA384:
             return tls12_prf(GCRY_MD_SHA384, secret, usage, rnd1, rnd2,
                              out, out_len);
@@ -5127,6 +5133,7 @@ ssl_decrypt_record(SslDecryptSession *ssl, SslDecoder *decoder, guint8 ct, guint
         case DTLSV1DOT0_VERSION:
         case DTLSV1DOT2_VERSION:
         case DTLSV1DOT0_OPENSSL_VERSION:
+        case GMTLSV1_VERSION:
             blocksize = ssl_get_cipher_blocksize(decoder->cipher_suite);
             if (inl < blocksize) {
                 ssl_debug_printf("ssl_decrypt_record failed: input %d has no space for IV %d\n",