I am trying to decrypt a https connection on my machine with java.
Any help is very much appreciated.
asked 18 Feb '16, 06:59
With just the Random from the Client Hello message you cannot decrypt anything. The SSL keylog format (as originally created by Mozilla for the NSS library) stores both the Client Random and the master secret. Wireshark will then try to map the Client Hello to a master secret which can then be used for decryption.
Since the master-secret is available, the RSA-encrypted pre-master secret does not have to be decrypted. See also slides 6-9 from this presentation on SSL decryption using Wireshark for the relation between various parameters.
answered 18 Feb '16, 09:51