个人中心
文章发布
退出
作者热门文章
- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
26
4
我在 Windows Server 2008 R2 上运行 Wireshark 1.8.6 并尝试解密传入的 HTTPS 通信以调试我遇到的问题。
我的 RSA key 列表设置正确(我认为),但 Wireshark 出于某种原因不会解密 SSL 流量。我过去在调试与其他客户端系统的交换时已经使它起作用所以我想知道它是否与这里使用的 TLS 有关(即我读过如果使用 Diffie-Hellman 则无法解密但我可以'告诉是否那是正在使用的)。
我的 RSA key 列表条目如下:
IP Address: 192.168.1.27 (the IP address of the server)
Port: 7447
Protocol: http
Key File: set to my .pem (which I created using openssl from a .pfx containing both the public and private key).
Password: blank because it doesn't seem to need it for a .pem (Wireshark actually throws an error if I enter one).
在我的 Wireshark 跟踪中,我可以看到 Client Hello 和 Server Hello,但应用程序数据未被解密(右键单击 -> Follow SSL Stream 显示任何内容)。
我的 SSL 日志粘贴在下面——这里是否有我遗漏的东西可以告诉我解密失败的原因?我看到一些这样的条目让我很担心,但我不确定如何解释它们:
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 267
ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA (16)
dissect_ssl3_handshake can't decrypt pre master secret
record: offset = 267, reported_length_remaining = 59
SSL 日志:
ssl_association_remove removing TCP 7447 - http handle 00000000041057D0
Private key imported: KeyID 02:bb:83:4f:80:cf:39:59:39:cd:74:ab:b4:4b:c7:20:...
ssl_load_key: swapping p and q parameters and recomputing u
ssl_init IPv4 addr '192.168.1.27' (192.168.1.27) port '7447' filename 'C:\Users\username\Desktop\Certs\server_cert.pem.pem' password(only for p12 file) ''
ssl_init private key file C:\Users\username\Desktop\Certs\server_cert.pem.pem successfully loaded.
association_add TCP port 7447 protocol http handle 00000000041057D0
dissect_ssl enter frame #2968 (first time)
ssl_session_init: initializing ptr 0000000006005E40 size 680
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 123
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 118, ssl state 0x00
association_find: TCP port 59050 found 0000000000000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 114 bytes, remaining 123
packet_from_server: is from server - FALSE
ssl_find_private_key server 192.168.1.27:7447
dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01
dissect_ssl enter frame #2971 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 326
dissect_ssl3_record found version 0x0301(TLS 1.0) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 262, ssl state 0x11
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 267
ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA (16)
dissect_ssl3_handshake can't decrypt pre master secret
record: offset = 267, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
record: offset = 273, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x11
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 166 offset 278 length 4253081 bytes, remaining 326
dissect_ssl enter frame #2972 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
record: offset = 6, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 8 offset 11 length 5212462 bytes, remaining 59
dissect_ssl enter frame #2973 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 277
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 272, ssl state 0x11
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #2990 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 53
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 48, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #2991 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 1380
need_desegmentation: offset = 0, reported_length_remaining = 1380
dissect_ssl enter frame #2999 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 8565
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 8560, ssl state 0x11
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #3805 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 389
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 384, ssl state 0x11
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #3807 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 53
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 48, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #3808 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 1380
need_desegmentation: offset = 0, reported_length_remaining = 1380
dissect_ssl enter frame #3815 (first time)
conversation = 00000000060056C0, ssl_session = 0000000006005E40
record: offset = 0, reported_length_remaining = 8469
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 8464, ssl state 0x11
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #2968 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 123
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 114 bytes, remaining 123
dissect_ssl enter frame #2971 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 326
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 267
record: offset = 267, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
record: offset = 273, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 166 offset 278 length 4253081 bytes, remaining 326
dissect_ssl enter frame #2973 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 277
dissect_ssl3_record: content_type 23 Application Data
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #2999 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 8565
dissect_ssl3_record: content_type 23 Application Data
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #3805 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 389
dissect_ssl3_record: content_type 23 Application Data
association_find: TCP port 59050 found 0000000000000000
association_find: TCP port 7447 found 0000000004FCF520
dissect_ssl enter frame #2968 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 123
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 114 bytes, remaining 123
dissect_ssl enter frame #2968 (already visited)
conversation = 00000000060056C0, ssl_session = 0000000000000000
record: offset = 0, reported_length_remaining = 123
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 114 bytes, remaining 123
最佳答案
ssl_decrypt_pre_master_secret key exchange 0 different from KEX_RSA (16)
看起来您正在使用 DHE 密码套件(至少不是带有 RSA key 交换的密码套件),它将提供Perfect Forward Secrecy 并防止这些数据包被解密,即使你有私钥。
您可能感兴趣:
如果这是为了调试,请尝试关闭 DHE 密码套件。
您应该能够通过查看 Wireshark 中的 Server Hello 数据包来了解您正在使用的密码套件。
较新的版本也可以直接使用预主 key (阅读 Wireshark wiki SSL page 的“使用 (Pre)-Master-Secret”部分)。在某些情况下,这也是您可以从客户端获得的东西。无论哪种方式,要使其发挥作用,您都需要从两方中的一方获得预主 key 。以下是 Wireshark wiki 该部分的几个链接:
关于ssl - 解密 Wireshark 中的 HTTPS 流量不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/15814999/
26
4
0
我有一个 C# 应用程序调用 Java 网络服务来验证用户密码。我想让 C# 应用程序加密密码,然后让 Java Web 服务解密密码。我已经完成了 Java 端的代码(解密代码),但我无法找出 C#
我正在使用以下代码在使用 openssl 的 Windows 中使用 C 加密和解密二进制数据。如您所见,在这两个函数中,我都知道纯文本的大小。有什么方法可以在不知道纯文本大小的情况下解密消息? #i
已关闭。此问题需要 debugging details 。目前不接受答案。 编辑问题以包含 desired behavior, a specific problem or error, and the
我有一个非常恼人的问题,Java中使用RSA算法对字符串进行不可靠的加密和解密。它似乎只能在大约 35% 的时间内工作,而且我不明白为什么它有时能工作,有时却不能。这是我写的一些测试代码,试图验证加密
我已经设法编写了用于文件加密/解密的函数。但它非常慢,尤其是随着文件大小的增加。例如几MB长的音频/视频文件 我几乎浏览了所有帖子来改进它,并尝试更改算法。如果有任何更改可以帮助我提高性能,请帮助我。
我正在尝试让我的转置密码发挥作用。 每当我将加密方法得到的密文输入解密方法时,我应该得到原始的明文......但事实并非如此...... 我做错了什么? 感谢您的帮助! public String E
我正在使用密码来加密和解密消息: public String encrypt(String string) throws InvalidKeyException, IllegalBlockSizeEx
我有一个在 MySQL 中存储数据的 spring-mvc 堆栈。其中一些数据需要保护,所以我想我应该加密它。由于我以后可能需要使用这些数据(信用卡、SSN 等),所以我需要对其进行解密。我认为这排除
作为一名SEOER,都想了解百度算法,通过算法原理来找到捷径的优化方案,那么今天我把研究多年的百度算法原理解密给大家,可能不是最好的,但是我可以给大家保证,这些都是非常实际的。希望给SEOER带来一
我试图找到一种技术来加密和解密程序中的文件,而无需将密码硬编码到程序中,也无需向用户询问密码。 如果我也可以从我正在编写的另一个程序中解密文件,那就太好了。 到目前为止,我还没有多少运气找到一种看起来
有没有一种方法可以使用作为字符串参数传递给程序的私钥而不是使用存储在机器上的证书来解密 PowerShell 中的 RSA?欢迎任何帮助,我的代码如下。 Function Decrypt-Asymme
通过问题Is it possible to use the Grails Jasypt plugin outside the GORM layer for simple String encrypti
我需要解密/加密我的域类中的几列,并且正在寻找有关如何做的信息。我已经找到了jasypt加密插件,但不幸的是它似乎与Grails 2.4不兼容。 我可能可以将一些东西拼凑在一起,但是想要确保Im遵循最
我需要有关声音文件加密/解密的帮助。我想在存储这个声音文件时加密一个声音文件,并在播放这个文件时解密它。我阅读了有关 java 中的加密/解密以及 java 中可用于此的大量示例代码。但这些程序不适用
我很感兴趣是否可以使用 Excel Visual Basic 和某些加密服务提供程序进行字符串加密/解密。 我找到了一个演练 Encrypting and Decrypting Strings in
我们正在使用加密/解密和UIIMAGE。如果我们在不保存到iphone画廊的情况下进行加密和解密以及UIIMAge,则可以正常工作,但是,如果我们进行加密,保存到画廊,将(加密的图像)加载到应用程序中
我正在做一个像这样的简单程序: package rsaexample; import java.io.*; import java.math.BigInteger; import java.secur
我发现这段代码返回给定字符串的校验和。 public static String getChecksum(String md5) { int counter = 0; while (c
我在 Java SE 和 Android 项目上使用相同的代码。在 Java 和 Android 中运行的应用程序连接到相同的 MQTT 代理并交换消息。消息使用 AES 进行加密/解密。我对 Jav
我想在 openssl/libcrypto 中使用 RSA 加密/解密一个长文件(我知道 AES 更好,但这只是为了比较)。我将输入文件分成大小为 numBlocks = inputFileLengt
我是一名优秀的程序员,十分优秀!