This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Can’t decrypt SSL using wireshark

0

Recently I try to decrypt my dropbox connection which is in TLS format.

I use the squid as a middle man in Ubuntu13.10, I configure the /etc/squid3.conf as follow, the squid proxy is running at port 3128 and I set the chrome to use the squid proxy running at 127.0.0.1:3128:

# Squid normally listens to port 3128

always_direct allow all

http_port 3128 ssl-bump cert=/home/lzq-ubuntu/Desktop/cert/sslcerts/127.0.0.1-cert.pem key=/home/lzq-ubuntu/Desktop/cert/sslcerts/private/127.0.0.1-key.pem

#ssl_bump client-first

ssl_bump server-first

I generate the key using a .sh file:

#!/bin/sh

if [ ! -d sslcerts ] ; then mkdir sslcerts || die "Couldn't create sslcerts directory" fi if [ ! -d sslcerts/certs ] ; then mkdir sslcerts/certs || die "Couldn't create certs directory" fi if [ ! -d sslcerts/private ] ; then mkdir sslcerts/private || die "Couldn't create private directory" fi if [ ! -f sslcerts/serial ] ; then echo '100001' > sslcerts/serial fi touch sslcerts/certindex.txt if [ ! -f sslcerts/openssl.cnf ] ; then cat <<-EOF > sslcerts/openssl.cnf # # OpenSSL configuration file. #

# Establish working directory.

dir         = .

[ ca ]
default_ca      = CA_default

[ CA_default ]
serial          = ./serial
database        = ./certindex.txt
new_certs_dir       = ./certs
certificate     = ./ca_cert.pem
private_key     = ./private/ca_key.pem
default_days        = 365
default_md      = md5
preserve        = no
email_in_dn     = no
nameopt         = default_ca
certopt         = default_ca
policy          = policy_anything

[ policy_match ]
countryName     = match
stateOrProvinceName = match
organizationName    = match
organizationalUnitName  = match
commonName      = supplied
emailAddress        = optional

[ policy_anything ]
countryName     = optional
stateOrProvinceName = optional
localityName        = optional
organizationName    = optional
organizationalUnitName  = optional
commonName      = supplied
emailAddress        = optional

[ req ]
default_bits        = 1024          # Size of keys
default_keyfile     = key.pem       # name of generated keys
default_md      = md5           # message digest algorithm
string_mask     = nombstr       # permitted characters
distinguished_name  = req_distinguished_name
req_extensions      = v3_req

[ req_distinguished_name ]
# Variable name             Prompt string
#-------------------------    ----------------------------------
0.organizationName  = Organization Name (company)
organizationalUnitName  = Organizational Unit Name (department, division)
emailAddress        = Email Address
emailAddress_max    = 40
localityName        = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName     = Country Name (2 letter code)
countryName_min     = 2
countryName_max     = 2
commonName      = Common Name (hostname, IP, or your name)
commonName_max      = 64

# Default values for the above, for consistency and less typing.
# Variable name         Value
#------------------------  ------------------------------
0.organizationName_default  = WebScarab
localityName_default        = WebScarab
stateOrProvinceName_default = WebScarab
countryName_default     = ZA

[ v3_ca ]
basicConstraints        = CA:TRUE
subjectKeyIdentifier        = hash
authorityKeyIdentifier      = keyid:always,issuer:always

[ v3_req ]
basicConstraints        = CA:FALSE
subjectKeyIdentifier        = hash
EOF

fi

if [ ! -f sslcerts/private/ca_key.pem -a ! -f sslcerts/ca_cert.p12 ] ; then printf "\n\n\n\n\n\n\n" |
openssl req -new -x509 -extensions v3_ca -keyout sslcerts/private/ca_key.pem
-out sslcerts/ca_cert.pem -days 3650 -config ./sslcerts/openssl.cnf
-passin pass:password -passout pass:password fi

cd sslcerts

Create the cert for the specified site

if [ ! -f $1-req.pem ] ; then printf "\n\n\n\n\n\n$1\n" |
openssl req -new -nodes
-out $1-req.pem -keyout ./private/$1-key.pem
-days 3650 -config ./openssl.cnf fi

if [ ! -f $1-cert.pem ] ; then printf "y\ny\n" |
openssl ca -out $1-cert.pem -days 3650
-key password -config ./openssl.cnf -infiles $1-req.pem fi

if [ ! -f ../$1.p12 ] ; then openssl pkcs12 -export -in $1-cert.pem -inkey ./private/$1-key.pem
-certfile ca_cert.pem -out ../$1.p12 -password pass:password fi

I use the command: sh cert.sh 127.0.0.1 to generate the key.

But after loading the key in wireshark, I can not decrypt the flow, I got this log file:

ssl_association_remove removing TCP 3128 - http handle 0x7f6238467400
Private key imported: KeyID 22:0e:f2:57:3b:ef:cc:1a:ca:35:ea:c3:4b:62:49:60:…
ssl_init IPv4 addr '127.0.0.1' (127.0.0.1) port '3128' filename '/home/lzq-ubuntu/Desktop/cert/sslcerts/private/127.0.0.1-key.pem' password(only for p12 file) ''
ssl_init private key file /home/lzq-ubuntu/Desktop/cert/sslcerts/private/127.0.0.1-key.pem successfully loaded.
association_add TCP port 3128 protocol http handle 0x7f6238467400

dissect_ssl enter frame #6 (first time) ssl_session_init: initializing ptr 0x7f621ff49038 size 680 conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 211

dissect_ssl enter frame #8 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 39

dissect_ssl enter frame #12 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 246 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 241, ssl state 0x00 association_find: TCP port 53519 found (nil) packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 1 offset 5 length 237 bytes, remaining 246 packet_from_server: is from server - FALSE ssl_find_private_key server 127.0.0.1:3128 dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01

dissect_ssl enter frame #6 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 211

dissect_ssl enter frame #8 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 39

dissect_ssl enter frame #12 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 246 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 237 bytes, remaining 246

dissect_ssl enter frame #19 (first time) ssl_session_init: initializing ptr 0x7f621ff4a568 size 680 conversation = 0x7f621ff49eb0, ssl_session = 0x7f621ff4a568 record: offset = 0, reported_length_remaining = 89

dissect_ssl enter frame #21 (first time) conversation = 0x7f621ff49eb0, ssl_session = 0x7f621ff4a568 record: offset = 0, reported_length_remaining = 39

dissect_ssl enter frame #25 (first time) conversation = 0x7f621ff49eb0, ssl_session = 0x7f621ff4a568 record: offset = 0, reported_length_remaining = 74 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 69, ssl state 0x00 association_find: TCP port 53521 found (nil) packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 1 offset 5 length 65 bytes, remaining 74 packet_from_server: is from server - FALSE ssl_find_private_key server 127.0.0.1:3128 dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01

dissect_ssl enter frame #19 (already visited) conversation = 0x7f621ff49eb0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 89

dissect_ssl enter frame #21 (already visited) conversation = 0x7f621ff49eb0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 39

dissect_ssl enter frame #25 (already visited) conversation = 0x7f621ff49eb0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 74 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 65 bytes, remaining 74

dissect_ssl enter frame #30 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 1163 dissect_ssl3_record found version 0x0303(TLS 1.2) -> state 0x11 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 53, ssl state 0x11 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 2 offset 5 length 49 bytes, remaining 58 dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13 dissect_ssl3_hnd_srv_hello can't find cipher suite 0x9C record: offset = 58, reported_length_remaining = 1105 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 1091, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 11 offset 63 length 1087 bytes, remaining 1154 record: offset = 1154, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 4, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 14 offset 1159 length 0 bytes, remaining 1163

dissect_ssl enter frame #32 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 190 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 134, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139 ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA (16) dissect_ssl3_handshake can't decrypt pre master secret record: offset = 139, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec packet_from_server: is from server - FALSE ssl_change_cipher CLIENT record: offset = 145, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 40, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 0 offset 150 length 0 bytes, remaining 190 dissect_ssl3_handshake iteration 0 type 0 offset 154 length 0 bytes, remaining 190 dissect_ssl3_handshake iteration 0 type 148 offset 158 length 9736230 bytes, remaining 190

dissect_ssl enter frame #34 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 242 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 186, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 4 offset 5 length 182 bytes, remaining 191 record: offset = 191, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec packet_from_server: is from server - TRUE ssl_change_cipher SERVER record: offset = 197, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 40, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 214 offset 202 length 6700648 bytes, remaining 242

dissect_ssl enter frame #35 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 1147 dissect_ssl3_record: content_type 23 Application Data decrypt_ssl3_record: app_data len 1142, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available association_find: TCP port 53519 found (nil) association_find: TCP port 3128 found 0x7f62392b2a30

dissect_ssl enter frame #30 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 1163 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 2 offset 5 length 49 bytes, remaining 58 record: offset = 58, reported_length_remaining = 1105 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 11 offset 63 length 1087 bytes, remaining 1154 record: offset = 1154, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 14 offset 1159 length 0 bytes, remaining 1163

dissect_ssl enter frame #32 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 190 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139 record: offset = 139, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec record: offset = 145, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 0 offset 150 length 0 bytes, remaining 190 dissect_ssl3_handshake iteration 0 type 0 offset 154 length 0 bytes, remaining 190 dissect_ssl3_handshake iteration 0 type 148 offset 158 length 9736230 bytes, remaining 190

dissect_ssl enter frame #34 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 242 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 4 offset 5 length 182 bytes, remaining 191 record: offset = 191, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec record: offset = 197, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 214 offset 202 length 6700648 bytes, remaining 242

dissect_ssl enter frame #35 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 1147 dissect_ssl3_record: content_type 23 Application Data association_find: TCP port 53519 found (nil) association_find: TCP port 3128 found 0x7f62392b2a30

dissect_ssl enter frame #39 (first time) conversation = 0x7f621ff49eb0, ssl_session = 0x7f621ff4a568 record: offset = 0, reported_length_remaining = 1163 dissect_ssl3_record found version 0x0301(TLS 1.0) -> state 0x11 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 53, ssl state 0x11 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 2 offset 5 length 49 bytes, remaining 58 dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13 ssl_restore_session can't find stored session dissect_ssl3_hnd_srv_hello found CIPHER 0x0035 -> state 0x17 dissect_ssl3_hnd_srv_hello trying to generate keys ssl_generate_keyring_material not enough data to generate key (0x17 required 0x37 or 0x57) dissect_ssl3_hnd_srv_hello can't generate keyring material record: offset = 58, reported_length_remaining = 1105 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 1091, ssl state 0x17 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 11 offset 63 length 1087 bytes, remaining 1154 record: offset = 1154, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 4, ssl state 0x17 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 14 offset 1159 length 0 bytes, remaining 1163

dissect_ssl enter frame #41 (first time) conversation = 0x7f621ff49eb0, ssl_session = 0x7f621ff4a568 record: offset = 0, reported_length_remaining = 7 dissect_ssl3_record: content_type 21 Alert decrypt_ssl3_record: app_data len 2, ssl state 0x17 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available

dissect_ssl enter frame #45 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 564 dissect_ssl3_record: content_type 23 Application Data decrypt_ssl3_record: app_data len 559, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available association_find: TCP port 3128 found 0x7f62392b2a30

dissect_ssl enter frame #46 (first time) conversation = 0x7f621ff48980, ssl_session = 0x7f621ff49038 record: offset = 0, reported_length_remaining = 176 dissect_ssl3_record: content_type 23 Application Data decrypt_ssl3_record: app_data len 171, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available association_find: TCP port 3128 found 0x7f62392b2a30

dissect_ssl enter frame #39 (already visited) conversation = 0x7f621ff49eb0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 1163 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 2 offset 5 length 49 bytes, remaining 58 record: offset = 58, reported_length_remaining = 1105 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 11 offset 63 length 1087 bytes, remaining 1154 record: offset = 1154, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 14 offset 1159 length 0 bytes, remaining 1163

dissect_ssl enter frame #41 (already visited) conversation = 0x7f621ff49eb0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 7 dissect_ssl3_record: content_type 21 Alert

dissect_ssl enter frame #45 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 564 dissect_ssl3_record: content_type 23 Application Data association_find: TCP port 3128 found 0x7f62392b2a30

dissect_ssl enter frame #46 (already visited) conversation = 0x7f621ff48980, ssl_session = (nil) record: offset = 0, reported_length_remaining = 176 dissect_ssl3_record: content_type 23 Application Data association_find: TCP port 3128 found 0x7f62392b2a30

It seems that the key is loaded successfully, but the app data in each packet are still encryped.

Help!!!!

This question is marked “community wiki”.

asked 03 Dec ‘13, 04:44

lzq8272587's gravatar image

lzq8272587
26457
accept rate: 0%

edited 03 Dec ‘13, 07:13

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237


One Answer:

1

dissect_ssl3_hnd_srv_hello can't find cipher suite 0x9C

Looks like your Wireshark version (which one is it) does not support cipher 0x9C (TLS_RSA_WITH_AES_128_GCM_SHA256). You could try to force either your browser or squid to another cipher and then check again.

Regards
Kurt

answered 03 Dec '13, 07:24

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

Thank you very much!!

My wireshark version is 1.8.3 and after I change my cipher suit in squid.conf I can decrypt the SSL data.

Thank you very much!!!

BTW, sometimes I can not visit some website through HTTPS because I used the self-generated certificate and key, and the browser say that:

"Invalid Server Certificate"

So is there any idea how can I generate the certificate and key authorized by Dropbox?

Thanks very much for your help again!!!

(04 Dec '13, 03:57) lzq8272587

after I change my cipher suit in squid.conf I can decrypt the SSL data.

good. I believe the latest development build of Wireshark (1.11.x) does support (0x9c - I think I have seen that somewhere). Maybe you want to try it later as well.

So is there any idea how can I generate the certificate and key authorized by Dropbox?

"authorized by Dropbox"? There is no way to do that, unless you are the owner of Dropbox or a very, very skilled hacker ;-)

I believe this could be a problem with the Squid configuration. I've never used squid for SSL interception, so I don't know what to look for. Maybe it's better to ask that specific question in a Squid forum !?!

Hint: If a supplied answer resolves your question can you please "accept" it by clicking the checkmark icon next to it. This highlights good answers for the benefit of subsequent users with the same or similar questions. For extra points you can up vote the answer (thumb up).

(04 Dec '13, 04:50) Kurt Knochner ♦