Wireshark-dev: Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
From: Alexis La Goutte <[email protected]>
Date: Fri, 23 Sep 2016 15:44:23 +0200
Hi Anil,

It is better to open a bug on bugtracker with ssl log and if it is possible pre-master secret and pcap.


On Fri, Sep 23, 2016 at 3:20 PM, Anil <[email protected]> wrote:

wireshark is not able to decrypt Renegotiation Handshake if the cipher used is of type ECDHE/DHE
(ephemeral diffe hellman)

we have used the (Pre)-Master-Secret log filename option

this is the format of the above log filename

CLIENT_RANDOM 0c6b1d700b7a8636a3a90d4a29f2503422ee4ed74bac577eeba2c398492a70a0 8b690ee58c10a23d892d9a591ac98ce95c6e3b8df4fa95505a87368caf73e91ed1bc5e3d27fd8cfbfcaad2689447e425
CLIENT_RANDOM 203ce15b76e06e32fcb34e7856c07da95e08ee53f1d3b4fe25136254dbaf1ef4 eadd8b89504e2c2b6ad91479f1c30addc701ded96a6e8abef3a6e8d872f435fae096a81d556bee65a812860364e2bc60

first CLIENT_RANDOM is of Initial Handshake
second CLIENT_RANDOM is of Reneg Handshake


Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]wireshark.org?subject=unsubscribe