Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 6688] New: Add decryption for TLS 1.2

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 19 Dec 2011 01:44:52 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6688

           Summary: Add decryption for TLS 1.2
           Product: Wireshark
           Version: 1.7.x (Experimental)
          Platform: All
        OS/Version: Ubuntu
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: piyomaru3141@xxxxxxxxx


Naoyoshi Ueda <piyomaru3141@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #7598|                            |review_for_checkin?
               Flag|                            |

Created an attachment (id=7598)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7598)
patch to add decryption for TLS 1.2

Build Information:
wireshark 1.7.1 (SVN Rev 40242 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.20.1, with Cairo 1.8.10, with Pango 1.28.0, with
GLib 2.24.1, with libpcap (version unknown), with libz 1.2.3.3, with POSIX
capabilities (Linux), with SMI 0.4.8, with c-ares 1.7.0, with Lua 5.1, with
Python 2.6.5, with GnuTLS 2.8.5, with Gcrypt 1.4.4, with MIT Kerberos, with
GeoIP, with PortAudio V19-devel (built Feb 18 2010 22:31:30), without AirPcap.

Running on Linux 2.6.32-22-generic, with locale C, with libpcap version 1.0.0,
with libz 1.2.3.3, GnuTLS 2.8.5, Gcrypt 1.4.4.

Built using gcc 4.4.3.

--
Hello all,

Currently Wireshark has the ability to decrypt TLS 1.1, but not TLS 1.2.
The attached patch enables decryption of TLS 1.2.

I also added some cipher suites from RFC5246 and RFC5289.

And I found and fixed a bug in the handling of stream cipher.
(The explicit IV field in the application record doesn't exist when stream
ciphers 
are used. But the original code handles it as if one-byte IV exists.)

Attached zip file contains a variety of trace files and keys I used to check 
the new feature and regression.
(The two pem files are RSA private keys, and masterkey.txt contains 
6 master secrets.)

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube