Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 6688] New: Add decryption for TLS 1.2

Wireshark-bugs: [Wireshark-bugs] [Bug 6688] New: Add decryption for TLS 1.2

Date: Mon, 19 Dec 2011 01:44:52 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6688

           Summary: Add decryption for TLS 1.2
           Product: Wireshark
           Version: 1.7.x (Experimental)
          Platform: All
        OS/Version: Ubuntu
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: piyomaru3141@xxxxxxxxx


Naoyoshi Ueda <piyomaru3141@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #7598|                            |review_for_checkin?
               Flag|                            |

Created an attachment (id=7598)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7598)
patch to add decryption for TLS 1.2

Build Information:
wireshark 1.7.1 (SVN Rev 40242 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.20.1, with Cairo 1.8.10, with Pango 1.28.0, with
GLib 2.24.1, with libpcap (version unknown), with libz 1.2.3.3, with POSIX
capabilities (Linux), with SMI 0.4.8, with c-ares 1.7.0, with Lua 5.1, with
Python 2.6.5, with GnuTLS 2.8.5, with Gcrypt 1.4.4, with MIT Kerberos, with
GeoIP, with PortAudio V19-devel (built Feb 18 2010 22:31:30), without AirPcap.

Running on Linux 2.6.32-22-generic, with locale C, with libpcap version 1.0.0,
with libz 1.2.3.3, GnuTLS 2.8.5, Gcrypt 1.4.4.

Built using gcc 4.4.3.

--
Hello all,

Currently Wireshark has the ability to decrypt TLS 1.1, but not TLS 1.2.
The attached patch enables decryption of TLS 1.2.

I also added some cipher suites from RFC5246 and RFC5289.

And I found and fixed a bug in the handling of stream cipher.
(The explicit IV field in the application record doesn't exist when stream
ciphers 
are used. But the original code handles it as if one-byte IV exists.)

Attached zip file contains a variety of trace files and keys I used to check 
the new feature and regression.
(The two pem files are RSA private keys, and masterkey.txt contains 
6 master secrets.)

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 6688] Add decryption for TLS 1.2
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 6688] Add decryption for TLS 1.2
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 6688] Add decryption for TLS 1.2
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 6686] dissector for the bzr smart server protocol
Next by Date: [Wireshark-bugs] [Bug 6688] Add decryption for TLS 1.2
Previous by thread: [Wireshark-bugs] [Bug 5979] 64-bit Wireshark appears to hit 2-Gbyte memory limit on 64-bit Windows
Next by thread: [Wireshark-bugs] [Bug 6688] Add decryption for TLS 1.2
Index(es):
- Date
- Thread