Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

[Maxim Rise]

On Wednesday, February 1, 2017 at 10:48:52 PM UTC+2, Kyle Hamilton wrote:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 is a thing.  If
> this is related to a communication from Firefox, SSLKEYLOGFILE doesn't work.
> 
> Memory dumps can be created by malware.  Packet captures can be created
> by anyone who has access to what should have been (but which have been
> in practice incredibly poorly-controlled) law-enforcement-limited taps
> in intermediate routers.
> 
> Before giving any kind of assistance, I'd really want to know the
> provenance of the machine in question, the employment and role (and
> legal authority) of the investigator, suspicions as to the nature of the
> information they expect to find therein, and reasons why violating the
> sanctity of the communication might possibly be desirable.
> 
> Of course, I expect that other people don't have the same kinds of
> ethical qualms that I do.
> 
> -Kyle H
> 


On Wednesday, February 1, 2017 at 10:48:52 PM UTC+2, Kyle Hamilton wrote:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 is a thing.  If
> this is related to a communication from Firefox, SSLKEYLOGFILE doesn't work.
> 
> Memory dumps can be created by malware.  Packet captures can be created
> by anyone who has access to what should have been (but which have been
> in practice incredibly poorly-controlled) law-enforcement-limited taps
> in intermediate routers.
> 
> Before giving any kind of assistance, I'd really want to know the
> provenance of the machine in question, the employment and role (and
> legal authority) of the investigator, suspicions as to the nature of the
> information they expect to find therein, and reasons why violating the
> sanctity of the communication might possibly be desirable.
> 
> Of course, I expect that other people don't have the same kinds of
> ethical qualms that I do.
> 
> -Kyle H

It's my own firefox process memory dump from a virtual machine. It's for 
educational purposes.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

[Maxim Rise]

I know about SSLKEYLOGFILE environment path, but I can't use it. I extracted 
master secret from a memory dump and I need to unwrap it in order to use it to 
decrypt the wireshark ssl communication.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

[Maxim Rise]

On Wednesday, January 25, 2017 at 8:12:59 AM UTC+2, Maxim Rise wrote:
> I need to know only for current version or older version.

Let's say the NSS version is 3.28. I know the values of the fields from 
sslSessionIDStr.

How can I unwrap the master secret in order to use the unwrapped master secret 
to decrypt a ssl communication using wireshark?

Any advice and suggestions will be greatly appreciated.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

[Maxim Rise]

I need to know only for current version or older version.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

[Maxim Rise]

Hello.

I am trying to write a python script for unwrapping wrapped_master_secret
for a given wrapped_master_secret in the command line. Can
wrapped_master_secret be unwrapped only using fields from sslSessionIDStr
structure (masterModuleID, masterSlotID, masterWrapIndex, masterWrapMech,
masterWrapSeries)? Can you point me in the right direction?

PS: I am new in the NSS and PCKS11.

Thank you! :)
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto