Ask Your Question
1

[TLS 1.3] I am getting an error while decrypting the SSL Handshake Traffic -

asked 2018-04-19 11:31:17 +0000

debapriyay_m gravatar image

updated 2018-04-19 12:01:55 +0000

grahamb gravatar image

The TLS 1.3 capture I was trying to decrypt using the Pre-master secret Log file. But it is giving me an error. I have generated this Log File from my code (not using OpenSSL) and have tried to adhere to the format of one that has got generated using OpenSSL. But in my case the following error comes and I can not decrypt.

Can anyone provide me with pointers like what could be the issue? What is the format in which Wireshark expects this.

 checking keylog line: SERVER_HANDSHAKE_TRAFFIC_SECRET 5f12353b21fe65825874863a0df58d0ba845d831d68ce9ae7d75300d6bd 15244eacb350a999429ff3537525ebcaf9bb7d81c5a2d253a35764ca88fbb
    unrecognized line
  checking keylog line: SERVER_TRAFFIC_SECRET_0 5f12353b21fe65825874863a0df58d0ba845d831d68ce9ae7d75300d6bd dcf3be2a68c96931588f4d4cfed12c1f9ec2d66eaad080275d97cc3fea2340
    unrecognized line
  checking keylog line: CLIENT_HANDSHAKE_TRAFFIC_SECRET 5f12353b21fe65825874863a0df58d0ba845d831d68ce9ae7d75300d6bd c7fc236396c653d73c487356dbf0f7b75fd1a34287d6992d88302ccffe4fe7c1
    unrecognized line
  checking keylog line: CLIENT_TRAFFIC_SECRET_0 5f12353b21fe65825874863a0df58d0ba845d831d68ce9ae7d75300d6bd 4ea73c973b3306b12a388d35eaaccefc678f4d762ca42ceb999ed844dc70a
    unrecognized line
edit retag flag offensive close merge delete

Comments

A quick search found the format specification, does your file adhere to this?

Also use blending edge (2.5.1) Wireshark for this, stable (2.4.6) may not be enough.

Jaap gravatar imageJaap ( 2018-04-19 19:00:12 +0000 )edit

I'm experiencing a similar issue. It appears that Wireshark fails in decrypting TLS data if in the same TLS record layer there is more than one HandShake Protoco message. In pratice it stops decrypting from that point. This case may happen and I attach a capture and the Key log.

I'm using Wireshark 2.4.6 on Ubuntu (but the same issue is present for Wireshark 2.6.0 for Windows). The capture is done with Firefox 59 that visits www.facebook.com and uses TLS 1.3 Draft 23.

The problem happens (in this case) in the Server Hello. The third Record Layers contains several Messages: Extensions (ALPN), Certificates, etc... Wireshark stops decrypting from the first Message (ALPN), and Certificates are not shown. It fails decrypting also all the subsequent data from the server, but still decrypts data from client.

Capture: https://www.dropbox.com/s/ym8lzyn4z65... Key.Log: https://www.dropbox.com/s/y29e4odd0dn...

Martino gravatar imageMartino ( 2018-05-10 08:56:35 +0000 )edit
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-04-20 14:20:33 +0000

Lekensteyn gravatar image

updated 2018-04-20 14:21:03 +0000

Be sure that you are using a recent Wireshark version for TLS 1.3 analysis. Initial support for TLS 1.3 (draft 19 up to draft 21) decryption was added in Wireshark 2.4.0. Since Wireshark 2.4.5, the range of supported draft versions is draft 18 up to draft 23. For a more detailled list of supported draft versions, see https://github.com/tlswg/tls13-spec/w...

To support the latest draft versions however, you will need a development version (2.5.x or 2.9.x) or the next major release, Wireshark 2.6. For macOS and Windows, you can find pre-release builds at https://www.wireshark.org/download/au...

In your specific case, either you have cut off some data or your software is not adhering to the expected key log format. The client random field should be 64 hexadecimal characters (32 bytes) while yours has 59 characters. The size of the derived secret is dependent on the hash function, but 61 hexadecimal character is certainly wrong. For SHA256 the expected size is 64 hexadecimal characters, for SHA384 it is 96 hexadecimal characters.

For some test captures and keys, see https://bugs.wireshark.org/bugzilla/s...

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2018-04-19 11:31:17 +0000

Seen: 3,804 times

Last updated: May 10 '18

Related questions

Decrypting Application Data with Private Key File

How to verify what protocol was used in an encrypted file transfer?

Step by step SSL decrypt with wireshark

SSL/TLS Handshake Immediately Fails

Does Wireshark support TLS 1.3?

unable to decrypt ssl with server private key

decrypt TLS (cipher ECDHE ) using SSLKEYLOGFILE

Unsuccessful decryption of TLS v1.2.

TCP segment data -- is it under the SSL section?

Where can I find the TLS version that is being sent from the client through the ClientHello to the server? [closed]