This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Unable to decrypt SSL traffic, what am I doing wrong ?

0

Wireshark v2.0.1 GnuTLS 3.2.15 PEM Format passphraseless private key added to SSL protocol. Has been successfully loaded.

SSL RSA keys list preferences: IP Address=10.139.233.26 Port=10080 Protocol=http

Have ensured, Client Hello/Server Hello captured.

Have filtered on tcp stream and exported, SSL debug log following:

Wireshark SSL debug log

Wireshark version: 2.0.1 (v2.0.1-0-g59ea380 from master-2.0)
GnuTLS version:    3.2.15
Libgcrypt version: 1.6.2


ssl_association_remove removing TCP 10080 - http handle 00000000088B4800
KeyID[20]:
| ae 4d dc ef 87 7a 05 e1 30 4a 1b 59 1b d8 20 10 |.M…z..0J.Y.. .|
| 45 ba 69 7a                                     |E.iz            |
ssl_load_key: swapping p and q parameters and recomputing u
ssl_init private key file D:/temp/nopassphrase.key successfully loaded.
ssl_init port '10080' filename 'D:/temp/nopassphrase.key' password(only for p12 file) ''
association_add TCP port 10080 protocol http handle 00000000088B4800


dissect_ssl enter frame #4 (first time)
association_find: TCP port 47180 found 0000000000000000
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 182
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 177
decrypt_ssl3_record: app_data len 177, ssl state 0x00
association_find: TCP port 47180 found 0000000000000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 173 bytes, remaining 182
ssl_dissect_hnd_hello_common found CLIENT RANDOM -> state 0x01


dissect_ssl enter frame #6 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 1448
dissect_ssl3_record found version 0x0303(TLS 1.2) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 81
decrypt_ssl3_record: app_data len 81, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 86
ssl_dissect_hnd_hello_common found SERVER RANDOM -> state 0x13
ssl_dissect_hnd_srv_hello found CIPHER 0x003D TLS_RSA_WITH_AES_256_CBC_SHA256 -> state 0x17
record: offset = 86, reported_length_remaining = 1362
need_desegmentation: offset = 86, reported_length_remaining = 1362


dissect_ssl enter frame #7 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 2682
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 2677
decrypt_ssl3_record: app_data len 2677, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 2673 bytes, remaining 2682
lookup(KeyID)[20]:
| ae 4d dc ef 87 7a 05 e1 30 4a 1b 59 1b d8 20 10 |.M…z..0J.Y.. .|
| 45 ba 69 7a                                     |E.iz            |
ssl_find_private_key_by_pubkey: lookup result: 000000000942BA40


dissect_ssl enter frame #7 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 42
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 37
decrypt_ssl3_record: app_data len 37, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 13 offset 5 length 29 bytes, remaining 42
dissect_ssl3_handshake iteration 0 type 14 offset 38 length 0 bytes, remaining 42


dissect_ssl enter frame #10 (first time)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 1792
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 1787
decrypt_ssl3_record: app_data len 1787, ssl state 0x217
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 1521 bytes, remaining 1792
lookup(KeyID)[20]:
| 18 23 aa a8 6d 41 5c 54 28 97 25 25 6c 96 44 f0 |.#..mA\T(.%%l.D.|
| 99 43 cc 22                                     |.C."            |
ssl_find_private_key_by_pubkey: lookup result: 0000000000000000
dissect_ssl3_handshake iteration 0 type 16 offset 1530 length 258 bytes, remaining 1792
ssl_load_keyfile dtls/ssl.keylog_file is not configured!
ssl_generate_pre_master_secret: found SSL_HND_CLIENT_KEY_EXCHG, state 217
ssl_restore_master_key can't find pre-master secret by Unencrypted pre-master secret
ssl_restore_master_key can't find pre-master secret by Encrypted pre-master secret
dissect_ssl3_handshake can't generate pre master secret


dissect_ssl enter frame #12 (first time)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 269
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 264
decrypt_ssl3_record: app_data len 264, ssl state 0x217
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 15 offset 5 length 260 bytes, remaining 269


dissect_ssl enter frame #14 (first time)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 6
dissect_ssl3_record: content_type 20 Change Cipher Spec
ssl_load_keyfile dtls/ssl.keylog_file is not configured!
ssl_finalize_decryption state = 0x217
ssl_restore_master_key can't find master secret by Session ID
ssl_restore_master_key can't restore master secret using an empty Session Ticket
ssl_restore_master_key can't find master secret by Client Random
Cannot find master secret
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT


dissect_ssl enter frame #16 (first time)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 85
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 80
decrypt_ssl3_record: app_data len 80, ssl state 0x217
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 250 offset 5 length 11866047 bytes, remaining 85


dissect_ssl enter frame #18 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 91
dissect_ssl3_record: content_type 20 Change Cipher Spec
ssl_dissect_change_cipher_spec Not using Session resumption
ssl_load_keyfile dtls/ssl.keylog_file is not configured!
ssl_finalize_decryption state = 0x217
ssl_restore_master_key can't find master secret by Session ID
ssl_restore_master_key can't restore master secret using an empty Session Ticket
ssl_restore_master_key can't find master secret by Client Random
Cannot find master secret
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
record: offset = 6, reported_length_remaining = 85
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 11 80
decrypt_ssl3_record: app_data len 80, ssl state 0x217
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 4 offset 11 length 1731724 bytes, remaining 91


dissect_ssl enter frame #19 (first time)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 805
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 800, ssl state 0x217
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 47180 found 0000000000000000
association_find: TCP port 10080 found 000000000A538FD0


dissect_ssl enter frame #20 (first time)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 885
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 880, ssl state 0x217
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available


dissect_ssl enter frame #22 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 389
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 384, ssl state 0x217
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available


dissect_ssl enter frame #23 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 197
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 192, ssl state 0x217
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available


dissect_ssl enter frame #24 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 69
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 64, ssl state 0x217
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available


dissect_ssl enter frame #25 (first time)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 000000000B181980
record: offset = 0, reported_length_remaining = 69
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 64, ssl state 0x217
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available


dissect_ssl enter frame #4 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 182
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 173 bytes, remaining 182


dissect_ssl enter frame #6 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 1448
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 86
record: offset = 86, reported_length_remaining = 1362
need_desegmentation: offset = 86, reported_length_remaining = 1362


dissect_ssl enter frame #7 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 2682
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 2673 bytes, remaining 2682


dissect_ssl enter frame #7 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 42
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 13 offset 5 length 29 bytes, remaining 42
dissect_ssl3_handshake iteration 0 type 14 offset 38 length 0 bytes, remaining 42


dissect_ssl enter frame #10 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 1792
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 1521 bytes, remaining 1792
dissect_ssl3_handshake iteration 0 type 16 offset 1530 length 258 bytes, remaining 1792


dissect_ssl enter frame #12 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 269
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 15 offset 5 length 260 bytes, remaining 269


dissect_ssl enter frame #14 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 6
dissect_ssl3_record: content_type 20 Change Cipher Spec


dissect_ssl enter frame #16 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 85
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 250 offset 5 length 11866047 bytes, remaining 85


dissect_ssl enter frame #18 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 91
dissect_ssl3_record: content_type 20 Change Cipher Spec
record: offset = 6, reported_length_remaining = 85
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 4 offset 11 length 1731724 bytes, remaining 91


dissect_ssl enter frame #19 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 805
dissect_ssl3_record: content_type 23 Application Data


dissect_ssl enter frame #20 (already visited)
packet_from_server: is from server - FALSE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 885
dissect_ssl3_record: content_type 23 Application Data


dissect_ssl enter frame #22 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 389
dissect_ssl3_record: content_type 23 Application Data


dissect_ssl enter frame #23 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 197
dissect_ssl3_record: content_type 23 Application Data


dissect_ssl enter frame #24 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 69
dissect_ssl3_record: content_type 23 Application Data


dissect_ssl enter frame #25 (already visited)
packet_from_server: is from server - TRUE
conversation = 000000000B181160, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 69
dissect_ssl3_record: content_type 23 Application Data

asked 04 Feb ‘16, 22:24

TwoYrOldGorilla's gravatar image

TwoYrOldGorilla
11115
accept rate: 0%

edited 01 Jun ‘16, 21:58

One Answer:

1

You are affected by bug 12042 which is a regression introduced with Wireshark 2.0 and will be fixed in 2.0.2 (which is scheduled for 11 February). The issue occurs when Wireshark 2.0 and 2.0.1 are used to decrypt a SSL capture which contain a Client Certificate (also known as two-way SSL or mutual authentication). As a workaround, you can try to ignore the Client Certificate packet.

Details of analysis:

dissect_ssl enter frame #7 (first time)
packet_from_server: is from server - TRUE
...
dissect_ssl3_record: content_type 22 Handshake
...
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 2673 bytes, remaining 2682 
lookup(KeyID)[20]:
| ae 4d dc ef 87 7a 05 e1 30 4a 1b 59 1b d8 20 10 |.M...z..0J.Y.. .|
| 45 ba 69 7a                                     |E.iz            |
ssl_find_private_key_by_pubkey: lookup result: 000000000942BA40

Type 11 is a Certificate and the private key lookup has succeeded. It should be used unless another certificate is found.

dissect_ssl enter frame #10 (first time)
packet_from_server: is from server - FALSE
...
dissect_ssl3_record: content_type 22 Handshake
...
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 1521 bytes, remaining 1792 
lookup(KeyID)[20]:
| 18 23 aa a8 6d 41 5c 54 28 97 25 25 6c 96 44 f0 |.#..mA\T(.%%l.D.|
| 99 43 cc 22                                     |.C."            |
ssl_find_private_key_by_pubkey: lookup result: 0000000000000000

Oops, another Certificate (handshake message type 11), but this time it is not from the server. The client certificate cannot be used for decryption and the key lookup fails and clears the previously found private key.

answered 09 Feb '16, 09:21

Lekensteyn's gravatar image

Lekensteyn
2.2k3724
accept rate: 30%