gfwleak/mesa-platform-quic
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-7556: 支持解析quic RFC9000加密SNI

Browse Source
This commit is contained in:
liuxueli
2021-08-26 13:19:01 +08:00
parent 314b09531f
commit e33f9b48ce
3 changed files with 30 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/parser-quic.cpp
View File

@@ -573,6 +573,10 @@ static gboolean quic_derive_initial_secrets(const quic_cid_t *cid, guint8 client
0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97,
0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99
}; };
static const guint8 handshake_salt_v1[20] = {
0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17,
0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a
};
static const guint8 hanshake_salt_draft_q50[20] = { static const guint8 hanshake_salt_draft_q50[20] = {
0x50, 0x45, 0x74, 0xEF, 0xD0, 0x66, 0xFE, 0x2F, 0x9D, 0x94, 0x50, 0x45, 0x74, 0xEF, 0xD0, 0x66, 0xFE, 0x2F, 0x9D, 0x94,
0x5C, 0xFC, 0xDB, 0xD3, 0xA7, 0xF0, 0xD3, 0xB5, 0x6B, 0x45 0x5C, 0xFC, 0xDB, 0xD3, 0xA7, 0xF0, 0xD3, 0xB5, 0x6B, 0x45
@@ -590,17 +594,34 @@ static gboolean quic_derive_initial_secrets(const quic_cid_t *cid, guint8 client
guint8 secret[HASH_SHA2_256_LENGTH]; guint8 secret[HASH_SHA2_256_LENGTH];
if (version == 0x51303530) if (version == 0x51303530)
{
err = hkdf_extract(GCRY_MD_SHA256, hanshake_salt_draft_q50, sizeof(hanshake_salt_draft_q50), cid->cid, cid->len, secret); err = hkdf_extract(GCRY_MD_SHA256, hanshake_salt_draft_q50, sizeof(hanshake_salt_draft_q50), cid->cid, cid->len, secret);
}
else if (version == 0x54303530) else if (version == 0x54303530)
{
err = hkdf_extract(GCRY_MD_SHA256, hanshake_salt_draft_t50, sizeof(hanshake_salt_draft_t50), cid->cid, cid->len, secret); err = hkdf_extract(GCRY_MD_SHA256, hanshake_salt_draft_t50, sizeof(hanshake_salt_draft_t50), cid->cid, cid->len, secret);
}
else if (version == 0x54303531) else if (version == 0x54303531)
{
err = hkdf_extract(GCRY_MD_SHA256, hanshake_salt_draft_t51, sizeof(hanshake_salt_draft_t51), cid->cid, cid->len, secret); err = hkdf_extract(GCRY_MD_SHA256, hanshake_salt_draft_t51, sizeof(hanshake_salt_draft_t51), cid->cid, cid->len, secret);
}
else if (is_quic_draft_max(version, 22)) else if (is_quic_draft_max(version, 22))
{
err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_draft_22, sizeof(handshake_salt_draft_22), cid->cid, cid->len, secret); err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_draft_22, sizeof(handshake_salt_draft_22), cid->cid, cid->len, secret);
}
else if (is_quic_draft_max(version, 28)) else if (is_quic_draft_max(version, 28))
{
err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_draft_23, sizeof(handshake_salt_draft_23), cid->cid, cid->len, secret); err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_draft_23, sizeof(handshake_salt_draft_23), cid->cid, cid->len, secret);
else }
else if (is_quic_draft_max(version, 32))
{
err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_draft_29, sizeof(handshake_salt_draft_29), cid->cid, cid->len, secret); err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_draft_29, sizeof(handshake_salt_draft_29), cid->cid, cid->len, secret);
}
else
{
err = hkdf_extract(GCRY_MD_SHA256, handshake_salt_v1, sizeof(handshake_salt_v1), cid->cid, cid->len, secret);
}
if (err) { if (err) {
//printf("Failed to extract secrets: %s\n", gcry_strerror(err)); //printf("Failed to extract secrets: %s\n", gcry_strerror(err));
*error = "Failed to extract secrets"; *error = "Failed to extract secrets";

BIN
test/pcap/2-ietf-rfc9000.pcap Normal file
View File

Binary file not shown.

9
test/quic_result.json
View File

@@ -3,4 +3,11 @@
"VERSION": "IETF QUIC 29", "VERSION": "IETF QUIC 29",
"SNI": "www.facebook.com", "SNI": "www.facebook.com",
"name": "QUIC_RESULT_1" "name": "QUIC_RESULT_1"
}] },
{
"Tuple4": "192.168.60.32.59699>64.233.164.84.443",
"VERSION": "IETF QUIC RFC9000",
"SNI": "accounts.google.com",
"name": "QUIC_RESULT_2"
}
]