ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-users: [Wireshark-users] [re-post of my Q on ask.wireshark.org] [ws 3.2.0] QUIC handsha

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Magesh Dhasayyan <mag.1984@xxxxxxxxx>
Date: Wed, 25 Dec 2019 13:43:48 +0530
Hi,

I'm trying to get an understanding of the QUIC protocol using wireshark (and other material from various sources).

Steps that I followed:
 1. captured (using tshark) QUIC traffic between a local client server (generated using mozilla/neqo, with SSLKEYLOGFILE env to store traffic secrets).
 2. set the captured traffic secrets path in wireshark preferences (Protocols -> TLS [(Pre)-Master-Secret log filename])
 3. opened the pcap file

Expected:
 1. decrypted payloads for QUIC handshakes
 2. decrypted payloads for subsequent QUIC packets

Observed:
 1. [PASS] decrypted payloads for QUIC handshakes
 2. [FAIL] decrypted payloads for subsequent QUIC packets

Are there any additional steps that I need to follow to decrypt all QUIC packets?

screenshot showing the issue: https://ibb.co/ysgN5yW


Thanks,
Magesh

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube