Help decrypting TLS
Hi, I am sniffing packets over wireless of 802.11i packets, Which uses EAP-TLS, So i have two way data and private key of CA. Client-Hello-- Server-Hello ClientKeyexchange So now i can derive key-block, But openssl utlity for SSL3/TLS methods are built for active sessions only, I mean 1st create a socket fd=create_sock() then pass the socket descriptor to ssl_ctx is there any hack or work arround, Like i have sniffed packet so can store them in file and give file descriptor as socket descriptor ?. SSLDump changes the TLSV1 method and injects the certificate,Client and server random number of capture file and try to generate Key-block decrypt the text, But SSLDump does not support all the TLSV1 ciphers. Can any one help me in this regard Thanks Harsha -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ
Re: Help decrypting TLS
Can You pass tell me the cipher suite it is using ? if the Key Exchange algo is Diffie and Helman .. then there is no way You can decrypt. Regards, krishna. On Mon, Jun 29, 2009 at 3:30 PM, Harsha gowda harsha.k.go...@gmail.comwrote: Hi, I am sniffing packets over wireless of 802.11i packets, Which uses EAP-TLS, So i have two way data and private key of CA. Client-Hello-- Server-Hello ClientKeyexchange So now i can derive key-block, But openssl utlity for SSL3/TLS methods are built for active sessions only, I mean 1st create a socket fd=create_sock() then pass the socket descriptor to ssl_ctx is there any hack or work arround, Like i have sniffed packet so can store them in file and give file descriptor as socket descriptor ?. SSLDump changes the TLSV1 method and injects the certificate,Client and server random number of capture file and try to generate Key-block decrypt the text, But SSLDump does not support all the TLSV1 ciphers. Can any one help me in this regard Thanks Harsha -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ
Re: Help decrypting TLS
its Diffie and Helman Key exchange algorith. There is no way You decrypt this session. for info on DIffie and Hellman see this url http://en.wikipedia.org/wiki/Diffie-Hellman. for public key and private key exchange algos You need private key file to decrypt the sessions. Regards, krish. On Mon, Jun 29, 2009 at 5:54 PM, Harsha gowda harsha.k.go...@gmail.comwrote: Hi, Its Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Regards Harsha On Mon, Jun 29, 2009 at 5:31 PM, krish krishna.kumar.i...@gmail.comwrote: Can You pass tell me the cipher suite it is using ? if the Key Exchange algo is Diffie and Helman .. then there is no way You can decrypt. Regards, krishna. On Mon, Jun 29, 2009 at 3:30 PM, Harsha gowda harsha.k.go...@gmail.comwrote: Hi, I am sniffing packets over wireless of 802.11i packets, Which uses EAP-TLS, So i have two way data and private key of CA. Client-Hello-- Server-Hello ClientKeyexchange So now i can derive key-block, But openssl utlity for SSL3/TLS methods are built for active sessions only, I mean 1st create a socket fd=create_sock() then pass the socket descriptor to ssl_ctx is there any hack or work arround, Like i have sniffed packet so can store them in file and give file descriptor as socket descriptor ?. SSLDump changes the TLSV1 method and injects the certificate,Client and server random number of capture file and try to generate Key-block decrypt the text, But SSLDump does not support all the TLSV1 ciphers. Can any one help me in this regard Thanks Harsha -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ
Re: Help decrypting TLS
Hi, :) Ya i have private key of server, Regards Harsha On Mon, Jun 29, 2009 at 6:02 PM, krish krishna.kumar.i...@gmail.com wrote: its Diffie and Helman Key exchange algorith. There is no way You decrypt this session. for info on DIffie and Hellman see this url http://en.wikipedia.org/wiki/Diffie-Hellman. for public key and private key exchange algos You need private key file to decrypt the sessions. Regards, krish. On Mon, Jun 29, 2009 at 5:54 PM, Harsha gowda harsha.k.go...@gmail.comwrote: Hi, Its Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Regards Harsha On Mon, Jun 29, 2009 at 5:31 PM, krish krishna.kumar.i...@gmail.comwrote: Can You pass tell me the cipher suite it is using ? if the Key Exchange algo is Diffie and Helman .. then there is no way You can decrypt. Regards, krishna. On Mon, Jun 29, 2009 at 3:30 PM, Harsha gowda harsha.k.go...@gmail.comwrote: Hi, I am sniffing packets over wireless of 802.11i packets, Which uses EAP-TLS, So i have two way data and private key of CA. Client-Hello-- Server-Hello ClientKeyexchange So now i can derive key-block, But openssl utlity for SSL3/TLS methods are built for active sessions only, I mean 1st create a socket fd=create_sock() then pass the socket descriptor to ssl_ctx is there any hack or work arround, Like i have sniffed packet so can store them in file and give file descriptor as socket descriptor ?. SSLDump changes the TLSV1 method and injects the certificate,Client and server random number of capture file and try to generate Key-block decrypt the text, But SSLDump does not support all the TLSV1 ciphers. Can any one help me in this regard Thanks Harsha -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ -- ಇಂತಿ ಹರ್ಷ ಕೃ ಗೌಡ