IETF QUIC TLS decryption error with extraneous packets during the handshake
Summary
I encountered a large number of QUIC connections that Wireshark fails to decrypt despite having the keying material. The issue seems to be due to extraneous packets during the handshake, that when removed (packet no. 2 in the sample) result in decryption.
What is the current bug behavior?
Wireshark fails to decrypt the QUIC packets, despite having access to the TLS1.3 key dumps.
What is the expected correct behavior?
Wireshark ignores extraneous packets during the handshake and decrypts the QUIC connection.
Sample capture file
Sample capture: trace-before.pcap
Sample capture after removing packet number 2 with the command
editcap -F pcap trace-before.pcap trace-after.pcap 2Relevant logs and/or screenshots
Build information
3.4.5 (Git commit 7db1feb42ce9)
Compiled (64-bit) with Qt 5.9.5, with libpcap, with POSIX capabilities (Linux),
without libnl, with GLib 2.56.4, with zlib 1.2.11, without SMI, with c-ares
1.14.0, with Lua 5.2.4, without GnuTLS, with Gcrypt 1.8.1, without Kerberos,
without MaxMind DB resolver, without nghttp2, without brotli, without LZ4,
without Zstandard, without Snappy, with libxml2 2.9.4, with QtMultimedia,
without automatic updates, with SpeexDSP (using bundled resampler), without
Minizip.
Running on Linux 5.4.0-72-generic, with Intel(R) Core(TM) i7-6820HQ CPU @
2.70GHz (with SSE4.2), with 15905 MB of physical memory, with locale
LC_CTYPE=en_GB.UTF-8, LC_NUMERIC=de_CH.UTF-8, LC_TIME=de_CH.UTF-8,
LC_COLLATE=en_GB.UTF-8, LC_MONETARY=de_CH.UTF-8, LC_MESSAGES=en_GB.UTF-8,
LC_PAPER=de_CH.UTF-8, LC_NAME=de_CH.UTF-8, LC_ADDRESS=de_CH.UTF-8,
LC_TELEPHONE=de_CH.UTF-8, LC_MEASUREMENT=de_CH.UTF-8,
LC_IDENTIFICATION=de_CH.UTF-8, with light display mode, without HiDPI, with
libpcap version 1.8.1, with Gcrypt 1.8.1, with zlib 1.2.11, binary plugins
supported (15 loaded).
Built using gcc 7.5.0.