From 57b0527821b69dc8aa0786a3b5a425192795aff2 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Fri, 2 Jun 2017 22:05:10 +0200 Subject: Add ChaCha20-Poly1305 decryption support for TLS 1.2 and 1.3 Implements all seven AEAD_CHACHA20_POLY1305 cipher suites from RFC 7905 (for TLS 1.2) and the final missing one for TLS 1.3 (draft -20). New test captures (created using OpenSSL_1_1_0-pre6-2528-g042597b0a) also serve as tests for TLS 1.3 decryption support. Change-Id: Ice6d639c9c7b7bc23a6ff5fb4832d02694abd8c4 Ping-Bug: 12779 Reviewed-on: https://code.wireshark.org/review/21902 Reviewed-by: Alexis La Goutte Petri-Dish: Peter Wu Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu --- test/keys/tls12-chacha20poly1305.keys | 9 +++++++++ test/keys/tls13-20-chacha20poly1305.keys | 9 +++++++++ 2 files changed, 18 insertions(+) create mode 100644 test/keys/tls12-chacha20poly1305.keys create mode 100644 test/keys/tls13-20-chacha20poly1305.keys (limited to 'test/keys') diff --git a/test/keys/tls12-chacha20poly1305.keys b/test/keys/tls12-chacha20poly1305.keys new file mode 100644 index 0000000000..cbdbcad7de --- /dev/null +++ b/test/keys/tls12-chacha20poly1305.keys @@ -0,0 +1,9 @@ +# SSL/TLS secrets log file, generated by OpenSSL +CLIENT_RANDOM ab85fc5f6db67c9cf825cd8a1f34cf6c5e89ec09656a4944ec5536a36aed5728 aee53fb112659bc2b3801db7d230c25100dfb79ffb00f086256885dfc1f8fc545e526fc92fe884348a84964bb7b4bbc0 +CLIENT_RANDOM 59ee68728af906f3fb825bf306f7f40ae1fb68fc13d769a00843d3f2ba5dac45 7b126413d8876316b67a35fc3d530bca6574070a5a4b829868b3f94c36b0b1f673ab0a18f213ee7a5fb47ba50676acb3 +CLIENT_RANDOM 1c73db9d11c0c4fb8acf3f62ec0a50a1559eeaded9a9a54e829f9f291d592069 f38dbcf8c3eb3c30514fbcfe2208efab88b3593468b8695e8c1f55662ffe5ab4151ed4ead5fb207c8707ea073e8aaaba +RSA 3e2ffbd86d10f694 0303f4d5b30f42e5df09d7d3fe363b4ff104b469bcade9e4506bf6cc621441d577cc5fbe448979fdd9be53556881058a +CLIENT_RANDOM 121cdd2ae0f9f089b48897272e37c89cf41f4eb8262ac1272cc02a73fd23fa0b 2a169a4a71b6b988d525546ca3f56d185f16490eecc19659963f796bf8c6b4cf10f8739aeb0f2162451c1e46718c137d +CLIENT_RANDOM db9350951d7ace9c91422b44b526a549fa3ca97b9e0d5c421c08ee3223b3d74a bd0c489a9d428510d937ae09038a0cc84bc3ed72dfe136712d94fcc001d46f54b33992dd3f2f897625cad07f7f9caeb2 +CLIENT_RANDOM 55a097b1bf4bf3c0f7161a81f15be86a78f2ca05f9784b07e0af761c1f9f1d65 bdf97a381c55c50421757a63227717b6a5c840ef8fc61975e0c495cff55f4dde41080b63c896f94639351697810bfcd9 +CLIENT_RANDOM f6fb54f9367adab3128073734d14e7230e6fe3c5c494caa15e130b5a955dbcb6 8409faa69c4c6ebf56cbad7b9ace4f41815de444410c2c595f409b54a80014e0acf944b8ee6f62eb0ef873714514a19f diff --git a/test/keys/tls13-20-chacha20poly1305.keys b/test/keys/tls13-20-chacha20poly1305.keys new file mode 100644 index 0000000000..e858b9a56b --- /dev/null +++ b/test/keys/tls13-20-chacha20poly1305.keys @@ -0,0 +1,9 @@ +# SSL/TLS secrets log file, generated by OpenSSL +SERVER_HANDSHAKE_TRAFFIC_SECRET 3d89529eeebe176375ef29bd146a49e02c375771628244948f6e9408457fdbc1 4e1fbe0594634161e1af3f8b6e940561ba3fc2174b6cefb5b0da3e040cfb23e4 +SERVER_TRAFFIC_SECRET_0 3d89529eeebe176375ef29bd146a49e02c375771628244948f6e9408457fdbc1 1e519f7e8d3e8d45d7cf13038f50a50e1a2f6f0a9f918b9ae856f3269068ef8f +CLIENT_HANDSHAKE_TRAFFIC_SECRET 3d89529eeebe176375ef29bd146a49e02c375771628244948f6e9408457fdbc1 69c6f71caf5031fc55671bf88c70a77acac0d81de20d3cf5e6b4dd7fac4ffe4d +CLIENT_TRAFFIC_SECRET_0 3d89529eeebe176375ef29bd146a49e02c375771628244948f6e9408457fdbc1 292497c163345eaa5b16b0b7907faa31dbb7ce76ac9a1c35ca99ba9dafeae72c +SERVER_HANDSHAKE_TRAFFIC_SECRET 4cfd639e633b0ccdedab543dd333639d2bacd023b2f12a94724eb1c20f5b8e11 976e0b13800a6c2335ed9bb124f38fb2f654c6585dfc14db72eb09cd30148a1c +SERVER_TRAFFIC_SECRET_0 4cfd639e633b0ccdedab543dd333639d2bacd023b2f12a94724eb1c20f5b8e11 f7e0e34d554b2431353dadb226d9fbf248dd15e76944234bfb13b1102af43aaf +CLIENT_HANDSHAKE_TRAFFIC_SECRET 4cfd639e633b0ccdedab543dd333639d2bacd023b2f12a94724eb1c20f5b8e11 d46820a69b572a15d2ef8778d32f1e00300725ab42bc9f3e8f6ede598a1ab532 +CLIENT_TRAFFIC_SECRET_0 4cfd639e633b0ccdedab543dd333639d2bacd023b2f12a94724eb1c20f5b8e11 69bf451e01db2af6924af9b78759a9f3e84affab23300238dbf94c54709cdda1 -- cgit v1.2.3