Wireshark-users: [Wireshark-users] ssl_generate_keyring_material not enough data to generate key
Title: ssl_generate_keyring_material not enough data to generate key (0x17 required 0x37 or 0x57)
Hello,
I'm trying to find out about a nasty bug in MS IE6 (and probably other IE versions).
The URL https://server.arctis.at is not accepted in IE6. I get a "Die Seite kann nicht angezeigt werden" Error " (This page cannot be displayed).
In Firefox this page is working well.
Not finding any applicable hints in Google, I tried to analyze the problem with wireshark.
I have deposited the private RSA-Key in Wireshark, and tried to decrypt the http-communication.
However the decryption fails.
I tried both the stable and the development (1.1.2) release.
The development release writes into the logfile a line with
ssl_generate_keyring_material not enough data to generate key (0x17 required 0x37 or 0x57)
which seems for me the key problem for decryption.
I have this problem both for firefox and IE communication. Therefore it seems not to be the cause of the IE problem, but rather a problem with my configuration or with wireshark.
So my question is:
What could I do, to get a correct decryption?
I attach the sslDebug.log
Thank you for your help
Michael
====== sslDebug.log
ssl_init keys string:
78.47.195.234,443,HTTP,C:\temp\arctis.key
ssl_init found host entry 78.47.195.234,443,HTTP,C:\temp\arctis.key
ssl_init addr '78.47.195.234' port '443' filename 'C:\temp\arctis.key' password(only for p12 file) '(null)'
Private key imported: KeyID F6:C0:64:CA:B9:ED:47:EE:...
ssl_init private key file C:\temp\arctis.key successfully loaded
association_add TCP port 443 protocol HTTP handle 00000000
association_add could not find handle for protocol 'HTTP', try to find 'data' dissector
dissect_ssl enter frame #56 (first time)
ssl_session_init: initializing ptr 04B53288 size 564
association_find: TCP port 4043 found 00000000
packet_from_server: is from server - FALSE
dissect_ssl server 78.47.195.234:443
conversation = 04B52FD0, ssl_session = 04B53288
record: offset = 0, reported_length_remaining = 78
client random len: 16 padded to 32
dissect_ssl enter frame #58 (first time)
conversation = 04B52FD0, ssl_session = 04B53288
record: offset = 0, reported_length_remaining = 1420
dissect_ssl3_record found version 0x0301 -> state 0x11
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 74 ssl, state 0x11
association_find: TCP port 443 found 03D443B8
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 70 bytes, remaining 79
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
dissect_ssl3_hnd_srv_hello found CIPHER 0x0004 -> state 0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not enough data to generate key (0x17 required 0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
record: offset = 79, reported_length_remaining = 1341
need_desegmentation: offset = 79, reported_length_remaining = 1341
dissect_ssl enter frame #74 (first time)
conversation = 04B52FD0, ssl_session = 04B53288
record: offset = 0, reported_length_remaining = 16389
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 16384 ssl, state 0x17
association_find: TCP port 443 found 03D443B8
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 55326 bytes, remaining 16389