Re: Strange SSL decode issue (SUPL, ULP)

["Ralf G. R. Bergs" <Ralf+WireShark () bergs biz>]

Hi guys.

On 2015-04-14 22:28 , Ralf G. R. Bergs wrote:
> I have a strange issue decoding SUPL traffic (i. e. ULP protocol
> traffic encrypted with TLS).
>
> As I operate the SUPL server I have the server private key.
>
> I took two snoops on two different frontends (we proxy the traffic on
> the frontend to the backend nodes using HAProxy; the SSL connection is
> not terminated on HAProxy, but it is transparently forwarded to the
> backend and terminated/decrypted there), and the sessions were handled
> by two different backend nodes.
>
> The problem is that I can decrypt one snoop (i. e. there are lines
> with protocol "ULP" in the dump,) while the other snoop fails to
> decrypt (i. e. . I checked to make sure that there is no problem on
> the backend node WRT to X.509 setup (Java keystore).
>
> WireShark is set up in a way that in the protocol prefs for SSL I have
> in the RSA key list the private key file specified for IP address
> "any" and port "7275," and the protocol is "ulp."
>
> I enabled the SSL debug logging, and I noticed the following: For the
> trace that can't be decrypted I see the following:
> > ssl_generate_pre_master_secret: found SSL_HND_CLIENT_KEY_EXCHG, state 17
> > ssl_decrypt_pre_master_secret: session uses DH (17) key exchange,
> > which is impossible to decrypt
> while for the snoop that /can/ be decrypted I see the following:
> > ssl_generate_pre_master_secret: found SSL_HND_CLIENT_KEY_EXCHG, state 17
> > pre master encrypted[256]:
> and then a key in hex follows.
>
> I have no clue how to further investigate this issue, my only guess
> that this is a bug in WireShark.
>
> Any advice?
>
> If it helps I could send the SSL debug logs, but I would remove all
> hex dump from them as I know too little about this, and I can't
> inadvertently disclose the server private key.
I have to come back to the issue, because I've now experienced this
again, and now that I thought about it again I come to the conclusion
that it probably is some issue in Wireshark.

I can see from the snoop that the SSL/TLS dialog takes place. I see
client hello, server hello, certificate, server key exchange, server
hello, client key exchange, change cipher spec, encrypted handshake
message, change cipher spec, encrypted handshake message, multiple
application data packets back and forth, encrypted alerts twice.

So it seems client and server /can/ talk.

Conclusion: Wireshark seems to somehow be able to use the RSA key to
decrypt the SSL/TLS traffic.

Can you please help me to investigate this further? Do you want the
ssl-debug.log log? What do I have to remove in order to "sanitize" it
(i. e. remove secret key material from it)?

Thanks much in advance for your support.

KR,

Ralf

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe