SSL Dissector having public key,private key, DH Params: possibile?

asked 2019-02-11 20:10:13 +0000

Luca Gervasi gravatar image

Hello, I used to decypher https traffic on my own server using private keys in the protocol dissector. Since I updated my cyphersuite to make use of DH params, It seems it is no longer an option.I found several other asking same question and it seems that there are only two possible solutions at the moment: A) Use a tool ad-hoc to capture traffic and master session key (but i'm working offline, so i can't). B) Having firefox/chrome output such key. Still unable to do it.

What my log say is: ssl_decrypt_pre_master_secret: session uses Diffie-Hellman key exchange (cipher suite 0xC030 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) and cannot be decrypted using a RSA private key file.

What i'm trying to dechyper is one of our server streams. I captured it since the Packet 0 (Client Hello) and have it all the stream available. I posses everything: Public Key, Private Key, DH params used but I'm unable to find a solution to dissect my protocol.

Maybe someone could help me :)

Thanks Luca

edit retag flag offensive close merge delete