|
Hi guys.
On 2015-04-14 22:28 , Ralf G. R. Bergs wrote:
I have a strange issue decoding SUPL traffic (i. e. ULP protocol
traffic encrypted with TLS).
As I operate the SUPL server I have the server private key.
I took two snoops on two different frontends (we proxy the traffic
on the frontend to the backend nodes using HAProxy; the SSL
connection is not terminated on HAProxy, but it is transparently
forwarded to the backend and terminated/decrypted there), and the
sessions were handled by two different backend nodes.
The problem is that I can decrypt one snoop (i. e. there are lines
with protocol "ULP" in the dump,) while the other snoop fails to
decrypt (i. e. . I checked to make sure that there is no problem
on the backend node WRT to X.509 setup (Java keystore).
WireShark is set up in a way that in the protocol prefs for SSL I
have in the RSA key list the private key file specified for IP
address "any" and port "7275," and the protocol is "ulp."
I enabled the SSL debug logging, and I noticed the following: For
the trace that can't be decrypted I see the following:
ssl_generate_pre_master_secret: found
SSL_HND_CLIENT_KEY_EXCHG, state 17
ssl_decrypt_pre_master_secret: session uses DH (17) key
exchange, which is impossible to decrypt
while for the snoop that can be decrypted I see the
following:
ssl_generate_pre_master_secret: found
SSL_HND_CLIENT_KEY_EXCHG, state 17
pre master encrypted[256]:
and then a key in hex follows.
I have no clue how to further investigate this issue, my only
guess that this is a bug in WireShark.
Any advice?
If it helps I could send the SSL debug logs, but I would remove
all hex dump from them as I know too little about this, and I
can't inadvertently disclose the server private key.
I have to come back to the issue, because I've now experienced this
again, and now that I thought about it again I come to the
conclusion that it probably is some issue in Wireshark.
I can see from the snoop that the SSL/TLS dialog takes place. I see
client hello, server hello, certificate, server key exchange, server
hello, client key exchange, change cipher spec, encrypted handshake
message, change cipher spec, encrypted handshake message, multiple
application data packets back and forth, encrypted alerts twice.
So it seems client and server /can/ talk.
Conclusion: Wireshark seems to somehow be able to use the RSA key to
decrypt the SSL/TLS traffic.
Can you please help me to investigate this further? Do you want the
ssl-debug.log log? What do I have to remove in order to "sanitize"
it (i. e. remove secret key material from it)?
Thanks much in advance for your support.
KR,
Ralf
|
