diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-03-02 15:14:57 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-02 15:14:57 +0100 |
| commit | e23507d3e97ce37bb15be59de5195336595cdb17 (patch) | |
| tree | da162f3361d03eaf648249570c8d695b054372a1 | |
| parent | 6f431057c5e11ce24dc88a43b681e9ba9aa5a0e1 (diff) | |
Internal crypto: increase size of authentication buffer (#1468)
Some QUIC flows are not properly decoded while using internal crypto
code: the authentication buffer is too small.
The new value (like the old one) is arbitrary.
Close #1463
| -rw-r--r-- | src/lib/third_party/include/gcrypt_light.h | 2 | ||||
| -rw-r--r-- | tests/pcap/quic_crypto_aes_auth_size.pcap | bin | 0 -> 2840 bytes | |||
| -rw-r--r-- | tests/result/quic_crypto_aes_auth_size.pcap.out | 15 |
3 files changed, 16 insertions, 1 deletions
diff --git a/src/lib/third_party/include/gcrypt_light.h b/src/lib/third_party/include/gcrypt_light.h index de77c8e38..7f31f24a0 100644 --- a/src/lib/third_party/include/gcrypt_light.h +++ b/src/lib/third_party/include/gcrypt_light.h @@ -24,7 +24,7 @@ #define GCRYCTL_RESET 3 #define GCRY_AES_KEY_SIZE 32 -#define GCRY_AES_AUTH_SIZE 128 +#define GCRY_AES_AUTH_SIZE 256 #define GCRY_AES_TAG_SIZE 32 #define GCRY_AES_IV_SIZE 12 diff --git a/tests/pcap/quic_crypto_aes_auth_size.pcap b/tests/pcap/quic_crypto_aes_auth_size.pcap Binary files differnew file mode 100644 index 000000000..f399daa25 --- /dev/null +++ b/tests/pcap/quic_crypto_aes_auth_size.pcap diff --git a/tests/result/quic_crypto_aes_auth_size.pcap.out b/tests/result/quic_crypto_aes_auth_size.pcap.out new file mode 100644 index 000000000..b41c8961d --- /dev/null +++ b/tests/result/quic_crypto_aes_auth_size.pcap.out @@ -0,0 +1,15 @@ +Guessed flow protos: 0 + +DPI Packets (UDP): 2 (1.00 pkts/flow) +Confidence DPI : 2 (flows) + +Snapchat 2 2784 2 + +JA3 Host Stats: + IP Address # JA3C + 1 134.53.36.43 1 + 2 245.161.134.177 1 + + + 1 UDP 134.53.36.43:34917 -> 142.104.38.30:443 [proto: 188.199/QUIC.Snapchat][Encrypted][Confidence: DPI][cat: SocialNetwork/6][1 pkts/1392 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: app-analytics-v2.snapchat.com][ALPN: h3][TLS Supported Versions: TLSv1.3][TLSv1.3][JA3C: 1b4b6c50fef204e06798d3fc7cb272fe][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0] + 2 UDP 245.161.134.177:27636 -> 77.242.114.14:443 [proto: 188.199/QUIC.Snapchat][Encrypted][Confidence: DPI][cat: SocialNetwork/6][1 pkts/1392 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: gcp.api.snapchat.com][ALPN: h3][TLS Supported Versions: TLSv1.3][TLSv1.3][JA3C: c570fdf41c8bf336ac9442888680bf3a][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0] |