Add support for TLSv1.3 CLIENT_HANDSHAKE_TRAFFIC_SECRET #116
Labels
enhancement
New feature or request
Comments
|
This seems to be caused by the fact that the format of the This should be a simple change in PyRDP, but I’m unsure how it can be done. reference: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format |
|
Also, wireshark's tls dissector failure message: |
This was referenced Mar 18, 2020
Merged
|
We merged a downgrade workaround in #193. Since this ticket contains a helpful pcap file, I'll turn it into a feature request and keep it. |
obilodeau
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Update: We worked around this issue by refusing TLS 1.3 connections and favoring 1.2 or others instead. This was merged in #193. This ticket initially reported the bug that was worked-around but is now used to track the efforts to support TLS 1.3 itself.
The CLIENT_RANDOM isn't enough to decrypt TLSv1.3 traffic. The following zip contains a pcap with TLSv1.3, the CLIENT_RANDOM, and a TLS debug file.
debug.zip
The text was updated successfully, but these errors were encountered: