On Thu, Dec 25, 2008 at 12:45:54PM -0500, Alex wrote:
> Hi. I am using Wireshark 1.0.5 to capture a TLS session. The cipher
> used in the session is ADH-AES256-SHA, which means that there is no
> private key used on either end. Unfortunately Wireshark seems to only
> accept a private key to decrypt TLS sessions.
Those pesky DH ciphers ;-)
I usually try to either limit the ciphers that are presented by the
test-client or I limit the list of acceptable ciphers on the server for
troubleshooting purposes. Are you able to do so in your setup?
If not ...
> I have the master-key available, which is all I should need. If
> Wireshark does not possess this capability, is there a work around to
> decrypt these packets so I can analyze them?
Currently there is feature in Wireshark to accept master secrets of
individual SSL sessions. If the availability of master-keys would be
more general (as debugging output or something like that), it could
indeed be useful. You might want to file an enhancement request on
http://bugzilla.wireshark.org for it.
Just for my curiosity, what is your setup that allows you to export the
master secret?
Cheers,
Sake
