Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 1515] SSL bug with mutual authentication

Wireshark-bugs: [Wireshark-bugs] [Bug 1515] SSL bug with mutual authentication

Date: Wed, 4 Apr 2007 10:24:26 +0000 (GMT)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1515


tomas.kukosa@xxxxxxxxxxx changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED




------- Comment #1 from tomas.kukosa@xxxxxxxxxxx  2007-04-04 10:24 GMT -------
It is bug and I am working on it.
The problem is that Wireshark starts using cipher from ClientKeyExchange
instead of waiting till ChangeCipherSpec. In mutual authentication it tries to
decrypt unencrypted CertificateVerify. Decryption fails but the message is
counted into sequence number which is used for MAC checking. Then all following
decryption fails.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

References:
- [Wireshark-bugs] [Bug 1515] New: SSL bug with mutual authentication
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 1206] MEGACO message cannot be decoded correctly for ServiceChange Command
Next by Date: [Wireshark-bugs] [Bug 1206] MEGACO message cannot be decoded correctly for ServiceChange Command
Previous by thread: [Wireshark-bugs] [Bug 1515] New: SSL bug with mutual authentication
Next by thread: [Wireshark-bugs] [Bug 1515] SSL bug with mutual authentication
Index(es):
- Date
- Thread