Re: SSL Decoding fails on Linux, works on Windows 7 64-bit

[Sake Blok <sake () euronet nl>]

On 20 aug 2012, at 22:32, Bas Nedermeijer wrote:
> Yes, I have upgraded to GnuTLS 2.12.20, and upgraded libgcrypt to 1.5.0 (and 
> tried some combinations). But the result was the same.
>
> The ssl-debug logging (from windows) is in my orginal mail, below the log-file 
> of the linux machine and it contains the line you requested.

OK, I missed that :-)

Since the decryption result is different between the two, either they use a different key or one of the decryption 
functions is broken. Have you tried to use the pem-formatted key from the Linux box on the Windows box? If it works 
there, your SSL libraries on the Linux box are somehow broken. If it gives the same decrypted PreMaster secret output 
as on the Linux box, then something went wrong in the key conversion.

You can also double check whether the certificate and key match by exporting the certificate and do the following :

$ (openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
   openssl rsa -noout -modulus -in server.key | openssl md5) | uniq
It should give you one line of output.

(you can export the certificate from the tracefie by selecting the servercertificate in the Certificate handshake 
message and then right-click and select "Export selected packet bytes))

Cheers,
Sake
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe