This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

PCAPNG support for storing information for decoding SSL/TLS

0

I am the developer of a device which now maintains a queue of packet traffic from which you can generate a PCAPNG file on command. The resulting file can be easily downloaded and wonderfully opened by Wireshark. Thank you all for that.

I've also developed all of the crypto for that device (as we don't use 3rd party software so as to be assured of being able to debug, not have to work-around, and respond quickly).

Regarding SSL decoding, I have access to the all of the key material for a connection, has Wireshark grown to support the master secret (whatever is needed) from the capture file?

I can decode when I have the private key. This is generally only with incoming TLS connections. Outgoing traffic (recently SMTP using STARTTLS) ends up encoded with the remote server's key. It would be so nice to include the key material in the capture file. I'd have to figure out how to log it in the queue but that's the fun stuff to do.

asked 14 Oct '16, 07:27

bscloutier's gravatar image

bscloutier
16339
accept rate: 0%

edited 14 Oct '16, 13:28

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196


One Answer:

1

Wireshark has support for decryption using an RSA key file (when RSA key exchanges are in use) or the (pre-)master secrets. See this list for all supported formats.

The pcapng format does not have support for including key material. There was a suggestion in the past, but nothing has really materialized: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9616

The current best practice is to create a second file that contains the key material (also known as "(pre-)master secrets key log file"). This file can then be configured in the SSL/TLS dissector. A common convention given a pcap "foo.pcapng" is to name the keylog file "foo.keys", but you use any name you like (I often use "premaster.txt").

answered 14 Oct '16, 07:37

Lekensteyn's gravatar image

Lekensteyn
2.2k3724
accept rate: 30%

Okay, Understood. As the capture file would contain many separate sessions each with its own key material I wonder how to handle that. Having the pre-master secret material available for each would be preferable to handling RSA private keys without password protection. I also do not have the private key for some sessions involving the device (certificate optional sometimes).

Please consider this my vote for an EPB option to carry pre-master secret key material if available. I would be happy to prototype this and help test/debug if anyone is interested in the Wireshark upgrade. - Thanks.

(14 Oct '16, 08:11) bscloutier

Each session is identified by a unique Client Random value and can be mapped to a (pre-)master secret. So you would list it one by one, see for example the captures + keylog files at the SampleCaptures wiki. This method is preferred over RSA key files since it always works. RSA keyfiles are limited to RSA key exchanges (which is removed in TLS 1.3).

If you would like to enable support for secrets in the pcapng format, you would first have to make it into the specification, see https://github.com/pcapng/pcapng (otherwise the code will not be accepted in Wireshark as that would harm interop).

(14 Oct '16, 08:24) Lekensteyn

In particular, note the "Join the pcapng mailing list to discuss" on the pcapng page to which Peter pointed you; that's the place to discuss additions to pcapng.

(14 Oct '16, 13:31) Guy Harris ♦♦