Wireshark-dev: Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
From: Peter Wu <[email protected]>
Date: Sat, 24 Sep 2016 10:47:11 +0200
Hi Anil,

On Fri, Sep 23, 2016 at 06:50:26PM +0530, Anil wrote:
> Hi,
> 
> wireshark is not able to decrypt Renegotiation Handshake if the cipher used
> is of type ECDHE/DHE
> (ephemeral diffe hellman)
> 
> we have used the (Pre)-Master-Secret log filename option

Congratulations, you are the first one to report an issue with
decryption of renegotiated sessions (the problem has existed for at
least a year).

It is supposedly fixed since commit v2.3.0rc0-566-g7a674c0 in the master
branch. Are you able to test that? If you are on macOS or Windows,
automated builds are available at
https://www.wireshark.org/download/automated/

By the way, are you not able to replicate the issue with RSA key
exchanges or have you just not tested it? I could reproduce the issue
with a cipher using the RSA key exchange.
-- 
Kind regards,
Peter Wu
https://lekensteyn.nl