This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

SSL decryption fails

0

I'm trying to decrypt SSL traffic, which I've done several times before without problems. Now I'm using wireshark 1.8.3. on linux 64 bit and something gone wrong - decryption doesn't work.

I checked just everything (with great help of Sake Blok's Sharkfest'09 presentation) - private key and certificate match, I have entire session in capture file, I do not use Server Key Exchange etc.

After several hours trying I desperately created own certificate and SSL server (openssl server) - which I would expect to work, but nope, no luck.

Strange thing is that decrypting same traffic using same setup works on Window platform. The difference is here (from SSl debug log). Notice different values in "pcry_private_decrypt: stripping XXX bytes, decr_len 128", despite using exactly same data.

Windows (decryption works):

....
dissect_ssl enter frame #8 (first time)
  conversation = 0520184C, ssl_session = 05201CE8
  record: offset = 0, reported_length_remaining = 228
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 132, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 128 bytes, remaining 137
pre master encrypted[128]:
6a 5e 45 15 8d 5d 98 90 d9 53 3d 88 f0 96 e3 33
d8 75 0a 12 c4 00 0f 03 60 06 21 56 ac c2 bd 06
8d 4c 30 b3 78 eb 0c 73 44 0e 79 a9 52 ed 28 fb
7f da 25 fa 8c bc 0e 58 66 9d b1 37 82 25 a2 f7
bc 3a b1 ad 08 4a 4b 98 7f bc 11 6c df 88 3d 80
ff 1b 45 97 16 6a a9 28 ff d4 45 a7 40 f9 55 f1
67 12 fb c3 a2 00 14 ae a3 dd b8 e3 9d 2c 72 10
ed 34 9a 2f 30 96 a3 a7 53 27 32 99 be 79 b3 6c
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: stripping 79 bytes, decr_len 127
decrypted_unstrip_pre_master[127]:
02 9a 17 68 3c f6 79 18 ba d7 62 7c 8c 51 a4 4a
e7 e6 fb 41 92 6d 0a f1 93 fc 16 f6 41 93 ab c9
18 8f 90 14 c3 80 0e 05 8c 44 db 83 a6 59 5e 7b
66 d1 fc 71 5e 22 2d bf eb 6f 65 6b 67 92 fa 28
02 c4 e7 79 ff 09 58 14 82 bb 66 a5 1a 50 00 03
03 2a 9f 37 ae d0 ac 15 62 bd 8b 34 dd 08 07 ae
6e a1 05 cb b1 fc 91 24 1d eb 7a f5 21 e9 89 53
22 29 d8 27 e0 ff e5 e1 c1 09 75 f4 41 c2 13
pre master secret[48]:
03 03 2a 9f 37 ae d0 ac 15 62 bd 8b 34 dd 08 07
ae 6e a1 05 cb b1 fc 91 24 1d eb 7a f5 21 e9 89
53 22 29 d8 27 e0 ff e5 e1 c1 09 75 f4 41 c2 13
......

Linux (decryption fails):

....
dissect_ssl enter frame #8 (first time)
  conversation = 0x7f8062854880, ssl_session = 0x7f8062854f38
  record: offset = 0, reported_length_remaining = 228
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 132, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 128 bytes, remaining 137
pre master encrypted[128]:
6a 5e 45 15 8d 5d 98 90 d9 53 3d 88 f0 96 e3 33
d8 75 0a 12 c4 00 0f 03 60 06 21 56 ac c2 bd 06
8d 4c 30 b3 78 eb 0c 73 44 0e 79 a9 52 ed 28 fb
7f da 25 fa 8c bc 0e 58 66 9d b1 37 82 25 a2 f7
bc 3a b1 ad 08 4a 4b 98 7f bc 11 6c df 88 3d 80
ff 1b 45 97 16 6a a9 28 ff d4 45 a7 40 f9 55 f1
67 12 fb c3 a2 00 14 ae a3 dd b8 e3 9d 2c 72 10
ed 34 9a 2f 30 96 a3 a7 53 27 32 99 be 79 b3 6c
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: stripping 0 bytes, decr_len 128
decrypted_unstrip_pre_master[128]:
c1 a3 35 5c de 95 b5 c4 d6 b9 76 0f cb 6d 10 52
55 1b 71 1b 9e d4 1c 9e a4 f5 5b 27 48 9d 7b bf
98 b0 5d ce f0 42 15 4c d1 34 48 4e a1 5e 5c 48
d6 32 34 a8 54 d2 e8 7c f1 04 81 42 15 a4 f1 18
ef ae 38 c5 de 3c d7 89 3f 72 b4 13 11 4f 8b 2c
d7 6e 08 5f 1c e2 0d f1 a8 1e 7f 63 08 ba cd 11
ba e0 d3 4e 7f 9f 1f db 5c b0 f6 ef fd b8 1b c2
55 7d 8c 65 27 24 0b 3b fb 18 3b 0f 2f 12 2c 21
ssl_decrypt_pre_master_secret wrong pre_master_secret length (128, expected 48)
dissect_ssl3_handshake can't decrypt pre master secret
  record: offset = 137, reported_length_remaining = 91
......

Any help would ve greatly appreciated.

asked 04 Oct '12, 13:23

Jurij%20Sikorsky's gravatar image

Jurij Sikorsky
1113
accept rate: 0%

edited 04 Oct '12, 13:24


One Answer:

0

Windows:

conversation = 0520184C, ssl_session = 05201CE8

Linux:

conversation = 0x7f8062854880, ssl_session = 0x7f8062854f38

If this is really the same capture file, why is there a different conversation / ssl session? Could be a bug....

Can you post the capture file (cloudshark.org) together with the private key (here)?

Regards
Kurt

answered 08 Oct '12, 11:53

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

Hi Kurt,

thank you for your response. I doublechecked it, and the numbers are same and it's really exactly the same capture file. Please find it here: http://cloudshark.org/captures/4a79aa3714b7

I noticed this dirrefence earlier, but didn't consider it to be a problem, because it's too short to be real ssl session ID, I thought it's some internal representation in the decoder, probably platform dependent.

Private key is too long for the comment, please find it here: http://www.sikorky.cz/ssl/privkey.pem

Please let me know your findings.

Regards,

Jurij

(08 Oct '12, 13:25) Jurij Sikorsky

All files are here: http://www.sikorky.cz/ssl/

  • capture file
  • private key
  • linux log
  • windows log
(08 Oct '12, 14:26) Jurij Sikorsky

it works on my Ubuntu 12.04. (64 Bit - VMware) - Wireshark 1.8.3!

So, what is your system? Did you compile Wireshark 1.8.3 yourself? If you downloaded somewhere, please post the link/source for that download.

(10 Oct '12, 13:29) Kurt Knochner ♦