This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Decrypt with RSA key not working

I am using nginx on top of flask server. When i am running my site through browser as https it runs ok but if i use same key to decrypt the data using wireshark its not decrypting it. Any suggestion

ssl

asked 21 Nov '14, 22:48

singh
11●1●1●2
accept rate: 0%

I suspect something is wrong. Unfortunately with the info you've given that's all we can say. Have you looked at the Wiki page on SSL?

If you post the contents of the SSL debug log (the path is set in the SSL dissector preferences) by editing your question then someone may be able to help.

(22 Nov '14, 02:46) grahamb ♦

Decrypt with RSA key not working

This is Log file Wireshark SSL debug log

ssl_association_remove removing TCP 443 - http handle 0x119d800 Private key imported: KeyID 71:67:3d:02:ae:65:dc:95:c7:ea:4e:0f:12:b7:48:73:... ssl_load_key: swapping p and q parameters and recomputing u ssl_init IPv4 addr '127.0.0.1' (127.0.0.1) port '443' filename '/var/www/demoapp/wirekey.pem' password(only for p12 file) '' ssl_init private key file /var/www/demoapp/wirekey.pem successfully loaded. association_add TCP port 443 protocol http handle 0x119d800 dissect_ssl enter frame #8 (first time) ssl_session_init: initializing ptr 0x7f3b56ba18f0 size 688 conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 194 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 189, ssl state 0x00 association_find: TCP port 49049 found (nil) packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 1 offset 5 length 185 bytes, remaining 194 packet_from_server: is from server - FALSE ssl_find_private_key server 127.0.0.1:443 dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01 dissect_ssl enter frame #10 (first time) conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 1059 dissect_ssl3_record found version 0x0303(TLS 1.2) -> state 0x11 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 74, ssl state 0x11 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 2 offset 5 length 70 bytes, remaining 79 dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13 dissect_ssl3_hnd_srv_hello can't find cipher suite 0xC02F record: offset = 79, reported_length_remaining = 980 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 756, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 11 offset 84 length 752 bytes, remaining 840 record: offset = 840, reported_length_remaining = 219 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 205, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 12 offset 845 length 201 bytes, remaining 1050 record: offset = 1050, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 4, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 14 offset 1055 length 0 bytes, remaining 1059 dissect_ssl enter frame #12 (first time) conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 162 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 70, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 16 offset 5 length 66 bytes, remaining 75 ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA (16) dissect_ssl3_handshake can't decrypt pre master secret record: offset = 75, reported_length_remaining = 87 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec packet_from_server: is from server - FALSE ssl_change_cipher CLIENT record: offset = 81, reported_length_remaining = 81 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 76, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 0 offset 86 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 0 offset 90 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 178 offset 94 length 11722625 bytes, remaining 162 dissect_ssl enter frame #13 (first time) conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 316 dissect_ssl3_record: content_type 23 Application Data decrypt_ssl3_record: app_data len 311, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available association_find: TCP port 49049 found (nil) association_find: TCP port 443 found 0x583abd0 dissect_ssl enter frame #17 (first time) ssl_session_init: initializing ptr 0x7f3b56ba2990 size 688 conversation = 0x7f3b56ba2380, ssl_session = 0x7f3b56ba2990 record: offset = 0, reported_length_remaining = 162 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 157, ssl state 0x00 association_find: TCP port 49050 found (nil) packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 1 offset 5 length 153 bytes, remaining 162 packet_from_server: is from server - FALSE ssl_find_private_key server 127.0.0.1:443 dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01 dissect_ssl enter frame #19 (first time) conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 258 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 202, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 4 offset 5 length 198 bytes, remaining 207 record: offset = 207, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec packet_from_server: is from server - TRUE ssl_change_cipher SERVER record: offset = 213, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 40, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 206 offset 218 length 1097350 bytes, remaining 258 dissect_ssl enter frame #20 (first time) conversation = 0x7f3b56ba2380, ssl_session = 0x7f3b56ba2990 record: offset = 0, reported_length_remaining = 1059 dissect_ssl3_record found version 0x0303(TLS 1.2) -> state 0x11 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 74, ssl state 0x11 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 2 offset 5 length 70 bytes, remaining 79 dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13 ssl_restore_session can't find stored session trying to use SSL keylog in failed to open SSL keylog cannot find master secret in keylog file either dissect_ssl3_hnd_srv_hello can't find cipher suite 0xC02F record: offset = 79, reported_length_remaining = 980 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 756, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 11 offset 84 length 752 bytes, remaining 840 record: offset = 840, reported_length_remaining = 219 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 205, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 12 offset 845 length 201 bytes, remaining 1050 record: offset = 1050, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 4, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 14 offset 1055 length 0 bytes, remaining 1059 dissect_ssl enter frame #22 (first time) conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 283 dissect_ssl3_record: content_type 23 Application Data decrypt_ssl3_record: app_data len 278, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available association_find: TCP port 443 found 0x583abd0 dissect_ssl enter frame #24 (first time) conversation = 0x7f3b56ba2380, ssl_session = 0x7f3b56ba2990 record: offset = 0, reported_length_remaining = 162 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 70, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 16 offset 5 length 66 bytes, remaining 75 ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA (16) dissect_ssl3_handshake can't decrypt pre master secret record: offset = 75, reported_length_remaining = 87 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec packet_from_server: is from server - FALSE ssl_change_cipher CLIENT record: offset = 81, reported_length_remaining = 81 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 76, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 0 offset 86 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 0 offset 90 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 95 offset 94 length 1036009 bytes, remaining 162 dissect_ssl enter frame #25 (first time) conversation = 0x7f3b56ba2380, ssl_session = 0x7f3b56ba2990 record: offset = 0, reported_length_remaining = 258 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 202, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 4 offset 5 length 198 bytes, remaining 207 record: offset = 207, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec packet_from_server: is from server - TRUE ssl_change_cipher SERVER record: offset = 213, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 40, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 179 offset 218 length 16005502 bytes, remaining 258 dissect_ssl enter frame #41 (first time) conversation = 0x7f3b56ba2380, ssl_session = 0x7f3b56ba2990 record: offset = 0, reported_length_remaining = 31 dissect_ssl3_record: content_type 21 Alert decrypt_ssl3_record: app_data len 26, ssl state 0x13 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl enter frame #8 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 194 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 185 bytes, remaining 194 dissect_ssl enter frame #8 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 194 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 185 bytes, remaining 194 dissect_ssl enter frame #10 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 1059 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 2 offset 5 length 70 bytes, remaining 79 record: offset = 79, reported_length_remaining = 980 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 11 offset 84 length 752 bytes, remaining 840 record: offset = 840, reported_length_remaining = 219 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 12 offset 845 length 201 bytes, remaining 1050 record: offset = 1050, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 14 offset 1055 length 0 bytes, remaining 1059 dissect_ssl enter frame #12 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 162 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 16 offset 5 length 66 bytes, remaining 75 record: offset = 75, reported_length_remaining = 87 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec record: offset = 81, reported_length_remaining = 81 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 0 offset 86 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 0 offset 90 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 178 offset 94 length 11722625 bytes, remaining 162 dissect_ssl enter frame #13 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 316 dissect_ssl3_record: content_type 23 Application Data association_find: TCP port 49049 found (nil) association_find: TCP port 443 found 0x583abd0 dissect_ssl enter frame #17 (already visited) conversation = 0x7f3b56ba2380, ssl_session = (nil) record: offset = 0, reported_length_remaining = 162 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 153 bytes, remaining 162 dissect_ssl enter frame #19 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 258 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 4 offset 5 length 198 bytes, remaining 207 record: offset = 207, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec record: offset = 213, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 206 offset 218 length 1097350 bytes, remaining 258 dissect_ssl enter frame #20 (already visited) conversation = 0x7f3b56ba2380, ssl_session = (nil) record: offset = 0, reported_length_remaining = 1059 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 2 offset 5 length 70 bytes, remaining 79 record: offset = 79, reported_length_remaining = 980 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 11 offset 84 length 752 bytes, remaining 840 record: offset = 840, reported_length_remaining = 219 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 12 offset 845 length 201 bytes, remaining 1050 record: offset = 1050, reported_length_remaining = 9 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 14 offset 1055 length 0 bytes, remaining 1059 dissect_ssl enter frame #22 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 283 dissect_ssl3_record: content_type 23 Application Data association_find: TCP port 443 found 0x583abd0 dissect_ssl enter frame #24 (already visited) conversation = 0x7f3b56ba2380, ssl_session = (nil) record: offset = 0, reported_length_remaining = 162 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 16 offset 5 length 66 bytes, remaining 75 record: offset = 75, reported_length_remaining = 87 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec record: offset = 81, reported_length_remaining = 81 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 0 offset 86 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 0 offset 90 length 0 bytes, remaining 162 dissect_ssl3_handshake iteration 0 type 95 offset 94 length 1036009 bytes, remaining 162 dissect_ssl enter frame #25 (already visited) conversation = 0x7f3b56ba2380, ssl_session = (nil) record: offset = 0, reported_length_remaining = 258 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 4 offset 5 length 198 bytes, remaining 207 record: offset = 207, reported_length_remaining = 51 dissect_ssl3_record: content_type 20 Change Cipher Spec dissect_ssl3_change_cipher_spec record: offset = 213, reported_length_remaining = 45 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 179 offset 218 length 16005502 bytes, remaining 258 dissect_ssl enter frame #41 (already visited) conversation = 0x7f3b56ba2380, ssl_session = (nil) record: offset = 0, reported_length_remaining = 31 dissect_ssl3_record: content_type 21 Alert dissect_ssl enter frame #8 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 194 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 185 bytes, remaining 194 dissect_ssl enter frame #8 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 194 dissect_ssl3_record: content_type 22 Handshake dissect_ssl3_handshake iteration 1 type 1 offset 5 length 185 bytes, remaining 194 dissect_ssl enter frame #69 (first time) conversation = 0x7f3b56ba12e0, ssl_session = 0x7f3b56ba18f0 record: offset = 0, reported_length_remaining = 31 dissect_ssl3_record: content_type 21 Alert decrypt_ssl3_record: app_data len 26, ssl state 0x13 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available

dissect_ssl enter frame #69 (already visited) conversation = 0x7f3b56ba12e0, ssl_session = (nil) record: offset = 0, reported_length_remaining = 31 dissect_ssl3_record: content_type 21 Alert

(25 Nov ‘14, 01:15) singh