forked from osmocom/wireshark
TLS: remove support for deprecated QUIC key format
Since draft-ietf-quic-tls-17, QUIC uses TLS 1.3 base secrets for decryption, so no separate key label is necessary. Applications should not generate such non-standard key log entries. quiche has already been updated, picoquic will presumably follow soon if it has not already.
This commit is contained in:
parent
4a9c412218
commit
1936fef77a
|
@ -5819,13 +5819,11 @@ ssl_compile_keyfile_regex(void)
|
|||
")(?<master_secret>" OCTET "{" G_STRINGIFY(SSL_MASTER_SECRET_LENGTH) "})"
|
||||
"|(?"
|
||||
/* TLS 1.3 Client Random to Derived Secrets mapping. */
|
||||
/* Since draft-ietf-quic-tls-17 keys are the same as TLS 1.3.
|
||||
* TODO remove this old format. */
|
||||
":(?:QUIC_)?CLIENT_EARLY_TRAFFIC_SECRET (?<client_early>" OCTET "{32})"
|
||||
"|(?:QUIC_)?CLIENT_HANDSHAKE_TRAFFIC_SECRET (?<client_handshake>" OCTET "{32})"
|
||||
"|(?:QUIC_)?SERVER_HANDSHAKE_TRAFFIC_SECRET (?<server_handshake>" OCTET "{32})"
|
||||
"|(?:QUIC_)?CLIENT_TRAFFIC_SECRET_0 (?<client_appdata>" OCTET "{32})"
|
||||
"|(?:QUIC_)?SERVER_TRAFFIC_SECRET_0 (?<server_appdata>" OCTET "{32})"
|
||||
":CLIENT_EARLY_TRAFFIC_SECRET (?<client_early>" OCTET "{32})"
|
||||
"|CLIENT_HANDSHAKE_TRAFFIC_SECRET (?<client_handshake>" OCTET "{32})"
|
||||
"|SERVER_HANDSHAKE_TRAFFIC_SECRET (?<server_handshake>" OCTET "{32})"
|
||||
"|CLIENT_TRAFFIC_SECRET_0 (?<client_appdata>" OCTET "{32})"
|
||||
"|SERVER_TRAFFIC_SECRET_0 (?<server_appdata>" OCTET "{32})"
|
||||
"|EARLY_EXPORTER_SECRET (?<early_exporter>" OCTET "{32})"
|
||||
"|EXPORTER_SECRET (?<exporter>" OCTET "{32})"
|
||||
") (?<derived_secret>" OCTET "+)";
|
||||
|
|
Loading…
Reference in New Issue