We need the secrets saved in SSLKEYLOGFILE secrets-2.txt: Hence the private key of the server can not help us decrypt this TLS stream. X25519 is Diffie-Helman based on elliptic curve Curve25519: we have perfect forward secrecy here that uses ephemeral Diffie-Hellman key exchange. In this test, curl uses TLS 1.3 with perfect forward secrecy: In a second test, I set SSLKEYLOGFILE=secrets-2.txt and issue this curl command:Ĭurl.exe –verbose –insecure –dump-header 01.headers –output 01.data –trace 01.trace –trace-time not relying on the server’s private key). SSLKEYLOGFILE can also be used to capture the secrets necessary to decrypt TLS streams encrypted with perfect forward secrecy (e.g. This CLIENT_RANDOM entry in itself is enough for Wireshark to decrypt this TLS stream (if we only keep the CLIENT_RANDOM entry in secrets-1.txt, Wireshark can still decrypt). Wireshark can use this master secret to calculate the session keys. This RSA entry in itself is enough for Wireshark to decrypt this TLS stream (if we only keep the RSA entry in secrets-1.txt, Wireshark can still decrypt). Wireshark can use this pre-master secret, together with cleartext data found inside the TLS stream (client and server random), to calculate the master secret and session keys. There are 2 secrets in file secrets-1.txt, and each one, by itself, contains enough information for Wireshark to do the decryption. Wireshark is able to decrypt this TLS stream because of the secrets in file secrets-1.txt. When this is done, the TLS data is decrypted, as can be witnessed by the appearance of (green) HTTP protocol packets: I already removed the RSA private key that was set in part 1 (so that it will not influence my part 2 tests):Īnd then I set the “(Pre)-Master-Secret log filename” to secrets-1.txt, the file that was written by curl because environment variable SSLKEYLOGFILE is set to secrets-1.txt. Just like in part 1, we go to preferences for the TLS protocol: This file can be used in Wireshark to decrypt the TLS stream. To force a cipher suite that is based on RSA for the exchange of the pre-master secret, I use options –tls-max 1.2 and –ciphers AES256-SHA. In a first test, I set SSLKEYLOGFILE=secrets-1.txt and issue exactly the same curl command as in part 1:Ĭurl.exe –verbose –insecure –tls-max 1.2 –ciphers AES256-SHA –dump-header 01.headers –output 01.data –trace 01.trace –trace-time This data can be used to decrypt the TLS stream. When this environment variable is set, a compatible TLS client will write data in the text file pointed to by SSLKEYLOGFILE. We do this by setting environment variable SSLKEYLOGFILE and subsequently launching our client (Chrome, Firefox, curl, …, but not Internet Explorer). In this blog post, we will use the client to get the necessary information to decrypt TLS streams. In blog post “ Decrypting TLS Streams With Wireshark: Part 1“, I explain how to decrypt TLS streams with a specific type of encryption (pre-master secret exchanged via RSA) using the web server’s private key.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |