Wireshark-dev: Re: [Wireshark-dev] Trying to decode a TLS 1.3 with null cipher

From: Peter Wu <peter@xxxxxxxxxxxxx>
Date: Sat, 2 May 2020 19:20:25 +0200
Hi Ahmed,

On Fri, May 01, 2020 at 02:10:01PM -0700, Ahmed Elsherbiny wrote:
> Hello,
> 
> I've written a dissector for a custom protocol. The dissector works well,
> and now I'm trying to run the protocol over TLS 1.3.
> 
> The cipher suite being used is TLS_SHA256_SHA256 (Code: 0xC0B4). This is a
> new cipher suite, it is used for integrity and has a null cipher (The
> payload is actually plaintext). It is still in draft form, here is the
> document that describes it:
> https://www.ietf.org/id/draft-camwinget-tls-ts13-macciphersuites-05.txt
> 
> Looking at the ServerHello packet, Wireshark shows the CipherSuite as
> Unknown (0xC0B4). Consequently, it does not provide a "Decrypted
> application data" tab and does not pass the data to my dissector.

The new cipher name was added in the development build via commit
v3.3.0rc0-513-g3e2a837cc0 (https://code.wireshark.org/review/36052). It
is not present in the stable build yet.

> This is what the TLS debug log shows:
[..]
> I tried adding the cipher-suite to packet-tls-utils.c and recompiling
> Wireshark. This is the line that I added, since the document says that
> Diffie-Helman is the only key exchange that can be used. I'm not completely
> sure that I'm using the correct macros - I don't fully understand TLS.
> 
> {0xC0B4, KEX_DH_ANON, ENC_NULL, DIG_SHA256, MODE_GCM }

This is not correct, TLS 1.3 has a different key exchange (KEX_TLS13)
and more changes are needed to ensure that existing TLS 1.3 ciphers do
not break while adding support for this new cipher.

I've created a test samples for the two ciphers and posted these at
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16543

I hope to have a patch available tomorrow.
-- 
Kind regards,
Peter Wu
https://lekensteyn.nl