Wireshark mailing list archives
Re: 256 pre master encrypted key
From: junk () nofan com
Date: Sat, 13 Mar 2010 06:28:00 -0500
Hello again; below is my debug file on a SSL session captured. Is if possible to know the rsa private key length ??? dissect_ssl enter frame #220 (first time) conversation = 0xb3f7cb20, ssl_session = 0xb3f7cd70 record: offset = 0, reported_length_remaining = 267 dissect_ssl3_record: content_type 22 decrypt_ssl3_record: app_data len 262 ssl, state 0x17 association_find: TCP port 3974 found (nil) packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 267 pre master encrypted[256]: 94 40 4f dd 45 c7 1c b3 a2 ec fe a3 0b b2 25 47 7a 54 1a c2 10 73 c4 a2 ce 75 b1 50 b9 9e 09 c8 1b 28 a5 28 3a 76 f3 5f 68 ae 0a b4 a8 da ac dd e6 ef 86 0c b0 81 67 86 bf 34 29 4e 56 5f 1f b7 d6 7c 88 d6 94 8a 3a a1 05 6e c4 bf 96 10 86 08 4e cc 45 b5 4e 05 59 c2 8d 3e 56 04 75 bc 5a 58 bd c6 50 61 1a 57 fe 28 e8 b6 6d c0 4a ac 29 1b c6 92 63 ed 31 85 bd ce 79 70 33 f9 3f 25 8d 01 41 e6 9d a4 cf 82 60 d7 a1 fd 1c 3a aa 89 39 0c dc 72 30 26 37 ac 28 96 61 15 a0 fe da 81 d9 1d 0c 22 d8 0e f1 a9 70 e2 f6 82 cd 65 7f 30 b5 62 4b 15 a9 30 71 5c 70 8e 44 94 8b 7e b5 23 89 07 41 4d f5 16 97 b7 2f 95 58 3c e1 2f 24 ab 35 a4 2e d0 0d ab ee 76 6c f9 9f 44 e6 9f 44 7c 4b be 35 f7 89 92 31 ef d6 69 bb b6 ad 49 68 54 09 99 27 79 90 bc 07 ee 6e 80 0e 47 18 62 36 0d f0 9b ssl_decrypt_pre_master_secret:RSA_private_decrypt pcry_private_decrypt: stripping 0 bytes, decr_len 128 decrypted_unstrip_pre_master[128]: 65 d9 62 bf d3 48 0c a3 81 c6 98 61 8a b1 bf 76 c9 c9 de 1f 1c c7 1f e0 f2 3f 29 a2 21 cb 44 44 a9 9d af d0 5f 77 84 e3 ad b6 14 ed c3 da 74 d9 0a 3c da 1c 24 2a b1 8c c9 08 8e 05 20 4d cd 06 a5 a3 0a 2c 08 21 e8 6c e3 4f f1 58 20 48 3a 64 d0 ed 13 c9 a5 9f 91 a1 39 5e 6f 03 30 74 e8 d6 c2 97 2a 61 af de e5 84 02 1d e7 9b a8 2a fc ba b4 f2 7c b4 28 b4 16 b3 99 d7 59 f1 87 f2 e6 09 ssl_decrypt_pre_master_secret wrong pre_master_secret length (128, expected 48) dissect_ssl3_handshake can't decrypt pre master secret
On 11 mrt 2010, at 16:24, junk () nofan com wrote:I've watch you presentation and it was very interesting but in my situation I have a signer certificate (which is shown in the server hello packet with a common name of TEST) which is stored in my computer and issued by the server and only personal certificate (common name=HOD) with private keys stored in my computer. I extracted the private keys from the personal certificate and it seemed it didn't match.To be able to decrypt SSL traffic with Wireshark, you need to have the private key of the certificate that is presented in the Certificate message (which is being sent after the ServerHello). In your case this would be the private key of the certificate with the common name of TEST. This private key is stored on the server that you make a connection to.I am managing certificates with IBM ikeyman I think it's a bit confusing to me !!!I have not used IBM ikeyman, so I can't help you there unfortunately... Cheers, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- 256 pre master encrypted key junk (Mar 11)
- Re: 256 pre master encrypted key Sake Blok (Mar 11)
- Re: 256 pre master encrypted key junk (Mar 11)
- Re: 256 pre master encrypted key Sake Blok (Mar 11)
- Re: 256 pre master encrypted key junk (Mar 11)
- Re: 256 pre master encrypted key Sake Blok (Mar 11)
- Re: 256 pre master encrypted key junk (Mar 13)
- Re: 256 pre master encrypted key junk (Mar 11)
- Re: 256 pre master encrypted key Sake Blok (Mar 11)