----- Original Message -----
Sent: Thursday, March 05, 2009 9:28
AM
Subject: [Wireshark-users]
ssl_generate_keyring_material not enough data togenerate key (0x17 required
0x37 or 0x57)
Hello,
I'm trying to find out about a nasty bug in MS IE6
(and probably other IE versions).
The URL https://server.arctis.at is not
accepted in IE6. I get a "Die Seite kann nicht angezeigt
werden" Error " (This page cannot be displayed).
In Firefox this page is working
well.
Not finding any applicable hints
in Google, I tried to analyze the problem with wireshark.
I have deposited the private
RSA-Key in Wireshark, and tried to decrypt the
http-communication.
However the decryption
fails.
I tried both the stable and the
development (1.1.2) release.
The development release writes
into the logfile a line with
ssl_generate_keyring_material not enough
data to generate key (0x17 required 0x37 or 0x57)
which seems for me the key problem for
decryption.
I have this problem both for
firefox and IE communication. Therefore it seems not to be the cause of the IE
problem, but rather a problem with my configuration or with
wireshark.
So my question is:
What could I do, to get a
correct decryption?
I attach the sslDebug.log
Thank you for your
help
Michael
====== sslDebug.log
ssl_init keys
string:
78.47.195.234,443,HTTP,C:\temp\arctis.key
ssl_init found host entry
78.47.195.234,443,HTTP,C:\temp\arctis.key
ssl_init addr '78.47.195.234' port '443'
filename 'C:\temp\arctis.key' password(only for p12 file)
'(null)'
Private
key imported: KeyID F6:C0:64:CA:B9:ED:47:EE:...
ssl_init private key file
C:\temp\arctis.key successfully loaded
association_add TCP port 443 protocol HTTP
handle 00000000
association_add could not find handle for protocol 'HTTP', try to find
'data' dissector
dissect_ssl enter frame #56 (first
time)
ssl_session_init: initializing ptr 04B53288 size 564
association_find: TCP port 4043
found 00000000
packet_from_server: is from server - FALSE
dissect_ssl server
78.47.195.234:443
conversation = 04B52FD0, ssl_session = 04B53288
record: offset = 0,
reported_length_remaining = 78
client random len: 16 padded to 32
dissect_ssl enter frame #58 (first
time)
conversation = 04B52FD0, ssl_session = 04B53288
record: offset = 0,
reported_length_remaining = 1420
dissect_ssl3_record found version 0x0301 -> state
0x11
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 74 ssl,
state 0x11
association_find: TCP port 443 found 03D443B8
packet_from_server: is from server -
TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder
available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 70 bytes,
remaining 79
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state
0x13
dissect_ssl3_hnd_srv_hello found CIPHER 0x0004 -> state
0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not
enough data to generate key (0x17 required 0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't
generate keyring material
record: offset = 79, reported_length_remaining =
1341
need_desegmentation: offset = 79, reported_length_remaining =
1341
dissect_ssl enter frame #74 (first
time)
conversation = 04B52FD0, ssl_session = 04B53288
record: offset = 0,
reported_length_remaining = 16389
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 16384
ssl, state 0x17
association_find: TCP port 443 found 03D443B8
packet_from_server: is from server -
TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder
available
dissect_ssl3_handshake iteration 1 type 11 offset 5 length 55326 bytes,
remaining 16389
___________________________________________________________________________
Sent
via: Wireshark-users mailing list
<wireshark-users@xxxxxxxxxxxxx>
Archives:
http://www.wireshark.org/lists/wireshark-users
Unsubscribe:
https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe