Wireshark-bugs: [Wireshark-bugs] [Bug 6769] New: DTLS traces cannot be decrypted

Date: Wed, 25 Jan 2012 13:26:29 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6769

           Summary: DTLS traces cannot be decrypted
           Product: Wireshark
           Version: 1.6.5
          Platform: x86-64
        OS/Version: Windows 7
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: M8R-lkxbgm@xxxxxxxxxxxxxx


Created attachment 7728
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7728
DTLS debug file output by Wireshark

Build Information:
Version 1.6.5 (SVN Rev 40429 from /trunk-1.6)

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.1, with GLib 2.26.1, with WinPcap (version
unknown), with libz 1.2.5, without POSIX capabilities, without libpcre, with
SMI
0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.10.3,
with
Gcrypt 1.4.6, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built
Jan
10 2012), with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.10.3, Gcrypt 1.5.0, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
DTLS traces cannot be decrypted despite having private key and compatible
encryption (RSA, non-Diffie Hellman).

Steps to Reproduce: 

1. Obtain sample capture and private key from http://wiki.wireshark.org/DTLS
(SampleCaptures/snakeoil.tgz).
2. From snakeoil.tgz, extract capture.pcap and snakeoil-rsa.key to a local
directory (c:\temp_x\).
3. Go to Edit->Preferences->Protocol->DTLS. Under DTLS debug file enter a local
file (c:\temp_x\) Click "Rsa keys list" "Edit..." button.
4. Click New.  Enter the following:
     IP address         : 127.0.0.1
     Port               : 4433
     Protocol           : http
     Key File           : c:\temp_x\snakeoil2.key
     Password (p12 file): (leave blank)

   Click OK x 3 to close all dialogs.
5. Go to File->Open.  Choose c:\temp_x\capture.pcap.  The sample DTLS capture
will appear.
   Note: If DTLS does not show up under protocol, right click in the trace and
select "Decode as".  In the "decode as" dialog "Transport" tab select DTLS and
hit OK.
6. Double click one of the Application Data messages.

Actual Results:

The last item in the window is "DTLSv1.0 Record Layer: Application Data
Protocol:http", with "Encrypted Application Data" showing only encrypted data.

Expected Results:

The last data item should be the decrypted data, decoded as HTTP.

Build date and platform:

Not sure, but pretty recent builds.  Last build I tried this on is Version
1.6.5, as shown above.

Additional Builds and Platforms:

Fails the same way on Linux platform, Version 1.4.6 running on Ubuntu 11.4
"Natty Narwhal".

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.