Elliptic curve cryptography support

asked 2018-03-02 13:57:05 +0000

abiliojr
1 ●1 ●1 ●2

I'm trying to use wireshark to debug a problem between NGINX and C#. The problem only manifests itself using EC cryptography, so I can't use RSA keys list mechanism. I tried the (pre)-master-secret log on a connection between my browser and NGINX and managed to decode the connection that way, but I haven't found C# to generate such log.

I've looked around and it seems to be impossible to directly use the private key. If that's the case, I'm curious on why.

edit retag flag offensive close merge delete

add a comment

3 Answers

Sort by » oldest newest most voted

answered 2020-06-25 20:19:49 +0000

abiliojr
1 ●1 ●1 ●2

updated 2020-06-25 20:20:16 +0000

Back in the day I found a solution that worked for me. Hooking the OpenSSL library calls to extract the preshared keys. I used this code: https://git.lekensteyn.nl/peter/wires...

If I remember correctly, I altered it so it would send the data out of my device (I was doing embedded linux) over TCP instead of a file. I'm not sure if I still have a copy of the source code.

I believe it can work both in the client and the server side. Let me know if you need more detail.

Hope it helps

edit flag offensive delete link

add a comment

answered 2020-06-25 17:56:46 +0000

Bob Jones
1481 ●2 ●171 ●22 Boston, MA

From the old site:

https://osqa-ask.wireshark.org/questions/37223/wireshark-decryption

edit flag offensive delete link

add a comment

answered 2020-06-25 17:41:58 +0000

netDeveloper9
1

I have the same issue debugging traffic between two embedded systems encrypted with ECC.

ECC is MUCH faster and more appropriate for use in embedded systems. Is there a technical reason why WireShark doesn't support it, or just a matter of not having gotten around to implementing it yet?