Unable to decrypt dtls with private key

asked 2019-09-29 16:24:07 +0000

Hello everyone, i'm trying to decrypt a dtls trace with the server private key. I I have provided the private key to Wireshark DTLS protocol preference, but it's not working. In attached the decrypt log. Hope some of you could help me. Thanks in advance.


Wireshark SSL debug log 

Wireshark version: 3.0.5 (v3.0.5-0-g752a55954770)
GnuTLS version:    3.6.3
Libgcrypt version: 1.8.3

KeyID[20]:
| 92 40 4a 81 c7 01 8d 55 d6 e4 30 aa 38 7f 6a e4 |.@j....U..0.8.j.|
| 38 49 53 7e                                     |8IS~            |
ssl_init private key file C:/Users/Andrea/Documents/snmp traccia/manager.key successfully loaded.
ssl_init port '10161' filename 'C:/Users/Andrea/Documents/snmp traccia/manager.key' password(only for p12 file) ''
association_add dtls.port port 10161 handle 0000017FC03570D0
packet_from_server: is from server - FALSE
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 13 173
ssl_dissect_hnd_hello_common found CLIENT RANDOM -> state 0x01
packet_from_server: is from server - TRUE
packet_from_server: is from server - TRUE
ssl_try_set_version found version 0xFEFF -> state 0x11
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 13 35
dissect_dtls_handshake erasing previous handshake_messages: 208
packet_from_server: is from server - FALSE
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 13 193
ssl_dissect_hnd_hello_common found CLIENT RANDOM -> state 0x11
packet_from_server: is from server - TRUE
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 13 66
ssl_try_set_version found version 0xFEFF -> state 0x11
ssl_dissect_hnd_hello_common found SERVER RANDOM -> state 0x13
ssl_set_cipher found CIPHER 0x0035 TLS_RSA_WITH_AES_256_CBC_SHA -> state 0x17
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 1293 6
Calculating hash with offset 0 3
Calculating hash with offset 1294 3
Calculating hash with offset 0 1238
Certificate.KeyID[20]:
| d0 6e 44 e7 1e 7c 56 d6 5a bd ca ea 97 e9 b6 b7 |.nD..|V.Z.......|
| 83 c9 80 8f                                     |....            |
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 1480 18
packet_from_server: is from server - TRUE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
Calculating hash with offset 1511 12
packet_from_server: is from server - FALSE
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is from server - FALSE
dissect_dtls_record: content_type 22
decrypt_dtls_record: no session key
packet_from_server: is ...
(more)
edit retag flag offensive close merge delete