DTLS 1.2 decryption when renegotiation is used
We have a client and server talking together using DTLS 1.2 and with renegotiation enabled. We have the pcap (communication with several handshake (renegotiation). We have also the DTLS master secret in NSS format of the first handshake and the following ones (renegotiation)
example: CLIENT_RANDOM 666ee0b1eb90afc8b37180fb1dcc8bd94aea982e3413bd58b057319d8023a784 ceff052c8977d14b100e1de4e175c64e1310178b69fee2ad6d0f31f92396e8dbfc8270ff2de8585a878c614bf5f4e4f4 CLIENT_RANDOM 8c02706624a52ef9635ed0b9e54f4fe94d3c89666a82311bc782f6ea5bfa5198 94b0f2a0e2985caf4efab44d6dcd9e0a5700697f07190eb9d92c84b228ff8b86f8028a80e293baed31922aaacce3974e ...
The TLS master secret file has been correctly configured in preferences -> Protocol -> TLS -> (Pre) Master secret log filename.
Wireshark succeeds to decrypt the data following the first handshake. Wireshark also succeeds to decrypt the client hello of the first renegotiation handshake. But Wireshark doesn't succeds to decrypt the data following the client hello. (The "second" "client random" in the decrypted client hello correctly match with the one in the TLS master secret file configured in wireshark).
Do you know why wireshark failed to decrypt data following a renegotiation ? is it a wireshark limitation ?
(We do the same test with TLS 1.2 and it works, wireshark succeeds to decrypt all data even after renegotiation).