Wireshark-users: [Wireshark-users] SSL Decoding fails on Linux, works on Windows 7 64-bit

From: Bas Nedermeijer <baswire@xxxxxxxx>
Date: Mon, 20 Aug 2012 21:05:12 +0200
Hello,

Wireshark on Windows 7-64bit seems to behave different than Wireshark on Linux.

I am using the latest version (1.8.2) from the website (using Windows 7-bit). 
For Linux I am using the latest version available under Gentoo (1.8.1), and I 
have tried the latest version from source.

The Windows version is able to decode a SSL session, I supplied the pfx file 
from the IIS server.

The Linux version was given a PEM file which contains the same private key 
without a password (converted using OpenSSL).


This is the output from "wireshark --version" under Linux. (The windows specs 
should be known)
"""
wireshark 1.8.2 (SVN Rev Unknown from unknown)

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.11, with Cairo 1.12.2, with Pango 1.30.0, 
with
GLib 2.32.4, with libpcap, with libz 1.2.7, with POSIX capabilities (Linux),
without SMI, without c-ares, without ADNS, with Lua 5.1, with Python 2.7.3, 
with
GnuTLS 2.12.18, with Gcrypt 1.4.6, with MIT Kerberos, without GeoIP, without
PortAudio, with AirPcap.

Running on Linux 3.3.0-gentoo, with locale en_US.UTF-8, with libpcap version
1.1.1, with libz 1.2.7, GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.

Built using gcc 4.5.3.
"""




I have tried a different GnuTLS (2.12.20) and Gcrypt (1.5.0), both do not work 
for me.




The ssl.debug file (partial) of the Linux version (which fails). Some filenames 
have been altered. But the KeyID shows it is the same private key.

=========================================================
ssl_association_remove removing TCP 443 - http handle 0x101e9d0
Private key imported: KeyID 
5e:24:be:03:ba:a7:3b:b2:4b:25:44:d7:40:4a:87:d4:...
ssl_init IPv4 addr '172.18.0.39' (172.18.0.39) port '443' filename 'XXXXXXXXXX' 
password(only for p12 file) ''
ssl_init private key file XXXXXXXXX successfully loaded.
association_add TCP port 443 protocol http handle 0x101e9d0

dissect_ssl enter frame #51 (first time)
ssl_session_init: initializing ptr 0x7ff14dd425b0 size 680
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 174
packet_from_server: is from server - FALSE
ssl_find_private_key server 172.18.0.39:443
client random len: 16 padded to 32
dissect_ssl2_hnd_client_hello found CLIENT RANDOM -> state 0x01

dissect_ssl enter frame #52 (first time)
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 1066
dissect_ssl3_record found version 0x0301(TLS 1.0) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 1061, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 
1066 
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
dissect_ssl3_hnd_srv_hello found CIPHER 0x002F -> state 0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not enough data to generate key (0x17 required 
0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
dissect_ssl3_handshake iteration 0 type 11 offset 86 length 972 bytes, 
remaining 1066 
dissect_ssl3_handshake iteration 0 type 14 offset 1062 length 0 bytes, 
remaining 1066 

dissect_ssl enter frame #54 (first time)
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 326
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 262, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 
267 
pre master encrypted[256]:
73 d8 ef df 23 6c 5d 6d d6 40 63 1c 8d df 7e 68 
e2 6d 2e a3 0b a8 57 f7 63 27 92 2f a4 57 98 b8 
07 ea 74 d0 2b 08 67 4b 69 91 16 da 01 ec 1c 4c 
40 7b 87 36 7c 33 59 7f c9 01 8a 96 35 55 e8 8a 
ad 88 f9 e4 14 75 c7 f1 61 8d 65 22 4a 92 a1 a6 
0e 54 4d 37 45 eb 7f 01 7c 7f 8b 05 0f 11 50 83 
ce b6 04 8a 3d 5f d5 31 f8 4e 48 05 47 cf 9f 4f 
f0 f4 e6 91 f4 f8 56 53 10 64 d5 ac 71 75 d2 af 
76 fa c9 23 fb de 97 39 ee 2a 2b e9 1f d6 8d a7 
ad 37 56 41 d4 d3 fe ad 75 db ad 8b a1 a4 95 c5 
63 7c 8b 9f 06 eb 07 1b c5 9b 5c 37 98 29 e9 67 
22 a1 c7 63 89 f0 f2 0b 2d b0 1a 6a 10 de b3 4d 
f9 df 48 fe 11 26 69 cf d2 34 b8 83 57 34 b8 f3 
8a be 7f 2c e8 3e aa 68 4e ad 14 fb 61 37 a0 53 
2e 3e 15 04 d7 74 3b cc 6a 23 36 2f fd c8 f4 39 
3a c4 c0 bc 31 04 c3 ff ed 12 6d bf 37 95 e0 dd 
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: stripping 169 bytes, decr_len 256
decrypted_unstrip_pre_master[256]:
d2 32 58 4a a0 d8 ff 60 48 21 11 2f 0b a5 25 62 
c3 e6 3f bf 7f 20 a4 e4 47 d8 26 a1 ea 20 87 ae 
5a a7 65 f4 35 88 78 8b 1f 54 0e 9e 64 d9 2e ae 
a2 c7 08 54 a6 31 f9 7e cf 55 96 cf b7 07 af 7d 
a6 68 3f 2d ab 25 33 47 0d b9 5c 69 88 28 33 cc 
4d 2b f5 6e f3 ba 3e ee 58 75 6b c6 9d f3 8c 50 
ac 63 0e 31 9b 73 37 46 ef 60 25 ab 90 06 63 7e 
6f 80 b1 96 94 02 8a f3 72 78 33 bd 96 87 fa 06 
7e d7 4a 62 78 14 b4 5e 29 08 e2 37 35 50 cc 12 
36 77 8e 7f 6f 33 04 4c 5e 78 fe f0 68 ca ee 4f 
a9 89 36 71 45 fd 45 43 00 4c bf 33 d5 7d 2b d8 
89 a5 82 15 9f 0a 5c 91 53 96 d7 be 2c 8b bd ba 
cc c3 e8 76 b4 7a 5a b8 22 a1 19 c7 56 1f 42 91 
d7 4f ba 29 4f 27 4b 3c ec 08 3b 6f 81 a0 20 67 
48 fb 0c 10 6b 48 a4 1f 67 f7 10 01 71 16 4d 72 
b3 3a bb 63 ac 9b 19 5d 1d f4 cc 16 8f 48 b7 88 
ssl_decrypt_pre_master_secret wrong pre_master_secret length (87, expected 48)
dissect_ssl3_handshake can't decrypt pre master secret
  record: offset = 267, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
  record: offset = 273, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 19 offset 278 length 3437893 bytes, 
remaining 326 

dissect_ssl enter frame #55 (first time)
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
  record: offset = 6, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 210 offset 11 length 9947534 bytes, 
remaining 59 

dissect_ssl enter frame #70 (first time)
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 1045
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 1040, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 49181 found (nil)
association_find: TCP port 443 found 0x1ce8f60

dissect_ssl enter frame #73 (first time)
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 1448
  need_desegmentation: offset = 0, reported_length_remaining = 1448

dissect_ssl enter frame #74 (first time)
  conversation = 0x7ff14dd41ef8, ssl_session = 0x7ff14dd425b0
  record: offset = 0, reported_length_remaining = 2661
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 2656, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 0x1ce8f60

dissect_ssl enter frame #79 (first time)
ssl_session_init: initializing ptr 0x7ff14dd45038 size 680
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 174
packet_from_server: is from server - FALSE
ssl_find_private_key server 172.18.0.39:443
client random len: 16 padded to 32
dissect_ssl2_hnd_client_hello found CLIENT RANDOM -> state 0x01

dissect_ssl enter frame #80 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 1066
dissect_ssl3_record found version 0x0301(TLS 1.0) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 1061, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 
1066 
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
dissect_ssl3_hnd_srv_hello found CIPHER 0x002F -> state 0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not enough data to generate key (0x17 required 
0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
dissect_ssl3_handshake iteration 0 type 11 offset 86 length 972 bytes, 
remaining 1066 
dissect_ssl3_handshake iteration 0 type 14 offset 1062 length 0 bytes, 
remaining 1066 

dissect_ssl enter frame #82 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 326
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 262, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 
267 
pre master encrypted[256]:
8a 39 f1 56 6f ca d9 d6 9e 46 8f d7 41 45 c0 db 
05 04 f8 09 c1 fd 7f 66 35 de 07 7d 67 94 39 28 
55 cc 5a 98 b9 eb 63 5f fe 16 94 90 ad 87 b0 36 
ec f2 ed ef 17 7b 16 53 16 4e 0a 05 22 da 51 58 
d6 c0 8b e6 b7 1d bd 52 da 71 22 11 63 91 63 80 
5b 65 4a 09 09 21 80 c6 70 c1 85 70 07 18 6e 15 
10 81 af a1 6e 02 dd 69 4d be a6 c7 17 a3 29 9d 
8c 22 cf 2a 43 55 2d 8f 51 7e a3 c8 bc 57 d9 78 
a8 b7 09 24 d2 d8 b3 ca be 4c a0 49 dc d6 78 86 
02 a3 1b e5 e0 b4 6f 44 22 d2 20 2a 09 f1 33 25 
e0 88 b2 e7 e4 cd 7f 89 f5 4c 51 40 0b de a2 ea 
39 b9 47 9d 76 03 21 38 46 96 99 1e b9 3f 4f c2 
f0 9e 7d ba aa 4c e3 12 91 53 71 1f 3d 06 c1 37 
1f a6 e6 c8 f9 c4 4b 78 c8 43 9a 7e b6 42 6c 31 
c0 c9 78 51 b9 86 39 90 e5 1c 97 49 15 69 1c e5 
cc 2f 98 6b f8 e5 98 40 09 86 05 2d ab 1b 9b cc 
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: stripping 0 bytes, decr_len 256
decrypted_unstrip_pre_master[256]:
7c 4b 61 70 01 be 71 50 53 57 01 55 de 82 32 a1 
74 3f 4b 85 e3 61 27 da 4f 5a 8e a1 c1 34 9e fa 
df a3 8b e7 c4 86 60 8b 2f 98 c4 a5 f8 ad 79 c5 
10 93 d4 28 53 90 a5 a7 d6 b5 fc e5 9a 69 5c 17 
eb 92 17 07 1f 51 e7 e0 5d 7c a8 8d 87 cb 6b b8 
3e 28 46 12 96 0f e8 90 99 d0 db 12 6a 83 89 95 
a7 e9 08 77 9d 79 a1 6f 02 8c b6 52 3a 51 c5 25 
56 29 bb 41 a0 8d 9d b6 ce 5d 06 ea 70 24 37 96 
7e 19 93 3a 03 e8 ca 50 f8 98 2e 0f 62 35 1c 2e 
4f 6b af f1 8e cb 84 de 08 4d 2a 64 16 b4 fa fd 
34 c0 95 74 fd 16 86 2e 13 fc eb df d0 f4 25 81 
ff e6 7e 34 f6 17 97 8e 03 97 25 fd 4d be b6 cb 
54 e8 11 0c 4d 29 db 52 7d af 71 d5 ee 7b d2 35 
2b 09 3b eb d5 cb 60 4b ab eb 79 1b 6c c2 4f 91 
2f 7f 24 21 5f d6 bf 0f a2 f9 c5 51 22 3b 8a 7c 
8a b6 77 cb 58 b7 29 6c bd 29 d4 fc e9 6a 4d 4c 
ssl_decrypt_pre_master_secret wrong pre_master_secret length (256, expected 
48)
dissect_ssl3_handshake can't decrypt pre master secret
  record: offset = 267, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
  record: offset = 273, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 79 offset 278 length 674394 bytes, 
remaining 326 

dissect_ssl enter frame #83 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
  record: offset = 6, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 125 offset 11 length 1247838 bytes, 
remaining 59 

dissect_ssl enter frame #84 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 837
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 832, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 49182 found (nil)
association_find: TCP port 443 found 0x1ce8f60

dissect_ssl enter frame #85 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 1448
  need_desegmentation: offset = 0, reported_length_remaining = 1448

dissect_ssl enter frame #86 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 2869
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 2864, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 0x1ce8f60

dissect_ssl enter frame #88 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 901
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 896, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 49182 found (nil)
association_find: TCP port 443 found 0x1ce8f60

dissect_ssl enter frame #89 (first time)
  conversation = 0x7ff14dd44980, ssl_session = 0x7ff14dd45038
  record: offset = 0, reported_length_remaining = 917
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 912, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 0x1ce8f60

dissect_ssl enter frame #93 (first time)
ssl_session_init: initializing ptr 0x7ff14dd46b18 size 680
  conversation = 0x7ff14dd46460, ssl_session = 0x7ff14dd46b18
  record: offset = 0, reported_length_remaining = 174
packet_from_server: is from server - FALSE
ssl_find_private_key server 172.18.0.39:443
client random len: 16 padded to 32
dissect_ssl2_hnd_client_hello found CLIENT RANDOM -> state 0x01

dissect_ssl enter frame #94 (first time)
  conversation = 0x7ff14dd46460, ssl_session = 0x7ff14dd46b18
  record: offset = 0, reported_length_remaining = 1066
dissect_ssl3_record found version 0x0301(TLS 1.0) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 1061, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 
1066 
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
dissect_ssl3_hnd_srv_hello found CIPHER 0x002F -> state 0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not enough data to generate key (0x17 required 
0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
dissect_ssl3_handshake iteration 0 type 11 offset 86 length 972 bytes, 
remaining 1066 
dissect_ssl3_handshake iteration 0 type 14 offset 1062 length 0 bytes, 
remaining 1066 

dissect_ssl enter frame #96 (first time)
  conversation = 0x7ff14dd46460, ssl_session = 0x7ff14dd46b18
  record: offset = 0, reported_length_remaining = 326
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 262, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 
267 
pre master encrypted[256]:
4b 63 67 4a 96 06 01 b5 27 ed 04 13 6f 29 f1 2c 
c3 c1 7f 15 69 43 21 c4 3b f1 3f 61 a7 d7 bd 18 
75 2a 01 54 2f d6 99 65 05 8f 1a 0f 7d 1b af 2b 
65 19 1f 42 16 05 37 48 62 0c 80 6a d6 a4 33 c5 
2e 6f 25 44 af 1b 01 b0 49 c8 64 35 42 e5 49 8d 
52 45 9b 1e ee c0 02 4b 92 38 18 a2 30 c4 04 62 
08 88 45 1a de 96 f6 f2 e0 ac 77 af 3a 64 bb 6a 
d8 df e5 23 e2 49 55 14 2b ce a6 66 bc 12 72 80 
85 4d 49 90 7f 0c 5d c9 a6 88 8f 8d 67 28 b4 ea 
dd 58 ff 4d ab aa 14 e7 90 24 e9 f6 87 7b df 63 
ae 39 9b 75 63 6d 06 b4 39 1d 4a 5b 6d a8 cf 65 
d3 8c de 58 56 75 c4 4c 2e d4 90 31 e7 c2 7e 6c 
8a b4 fb 28 82 fc 4c 53 ca 15 9d ed a0 c0 a0 f8 
04 4b 02 2d e7 47 00 cb 08 c0 62 d6 23 ec e8 de 
9b a9 c8 7e e5 c0 f9 99 7d 36 f7 f5 97 fd 20 5a 
8f 90 5b fc 35 7e e2 15 d8 99 80 73 4c 12 bb 9a 
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: stripping 95 bytes, decr_len 256
decrypted_unstrip_pre_master[256]:
14 65 cb 65 c2 da 61 31 51 5e 3a f8 0d a6 28 bb 
27 f5 6c b1 5f 6e fc 9a f9 fc cc d0 76 51 29 91 
fa 65 99 c0 60 72 b4 63 aa a0 9f ed 8c 55 9c 9f 
df a1 3a b2 0c a0 39 92 ea 9f 37 b9 73 34 32 32 
68 e6 ae cb 15 85 1b c0 e7 76 e6 33 d7 95 31 8f 
9a 4a 60 6a e9 99 e3 35 be fb 37 eb 8c e7 00 07 
2a a9 9a cd e7 25 b0 41 98 ff 77 a1 12 5c 50 5b 
d7 fa 7a fc e8 c9 4b 3b fb e8 d8 bd 61 f7 ef f7 
a3 15 67 86 75 8c 9c f2 46 5c 7c b7 02 3d 8b ec 
38 cd 04 9d ce 3b 55 6d 3c 5b 61 c9 a8 67 cf 01 
c8 67 05 c0 76 d2 7c fd a6 a5 67 52 55 de 30 c1 
42 03 8c 73 22 7b ab 63 7e 5e 57 bd fa 9d 5f 87 
d3 fd e8 cf 31 f5 6b e2 7d fe 8e b2 ce b9 57 ef 
0a ad 28 d3 f9 c7 68 b9 ee 09 d5 28 89 7c 72 2c 
19 5e ce d4 f2 95 3d 91 66 bb 0c d9 a6 2d 19 56 
75 da 52 67 90 57 f3 93 25 2b 54 22 72 8f a1 fb 
ssl_decrypt_pre_master_secret wrong pre_master_secret length (161, expected 
48)
dissect_ssl3_handshake can't decrypt pre master secret
  record: offset = 267, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
  record: offset = 273, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 42 offset 278 length 12838777 bytes, 
remaining 326 
=========================================================


The Windows variant which succeeds.

=========================================================
ssl_association_remove removing TCP 443 - http handle 00000000041FF3B0
2773 bytes read
PKCS#12 imported
Bag 0/0: PKCS#8 Encrypted key
Private key imported: KeyID 
5e:24:be:03:ba:a7:3b:b2:4b:25:44:d7:40:4a:87:d4:...
Bag 1/0: Encrypted
Bag 1/0 decrypted: Certificate
Certificate imported: fs.xxx.xxxxxxx <XXXXXXXX>, KeyID 
5e24be03baa73bb24b2544d7404a87d4b68ec5db
ssl_init IPv4 addr '172.18.0.39' (172.18.0.39) port '443' filename XXXXXXXXXXXX 
password(only for p12 file) 'x'
ssl_init private key file XXXXXXXX successfully loaded.
association_add TCP port 443 protocol http handle 00000000041FF3B0

dissect_ssl enter frame #51 (first time)
ssl_session_init: initializing ptr 0000000005A965B0 size 680
  conversation = 0000000005A95EF8, ssl_session = 0000000005A965B0
  record: offset = 0, reported_length_remaining = 174
packet_from_server: is from server - FALSE
ssl_find_private_key server 172.18.0.39:443
client random len: 16 padded to 32
dissect_ssl2_hnd_client_hello found CLIENT RANDOM -> state 0x01

dissect_ssl enter frame #52 (first time)
  conversation = 0000000005A95EF8, ssl_session = 0000000005A965B0
  record: offset = 0, reported_length_remaining = 1066
dissect_ssl3_record found version 0x0301(TLS 1.0) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 1061, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 
1066 
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
dissect_ssl3_hnd_srv_hello found CIPHER 0x002F -> state 0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not enough data to generate key (0x17 required 
0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
dissect_ssl3_handshake iteration 0 type 11 offset 86 length 972 bytes, 
remaining 1066 
dissect_ssl3_handshake iteration 0 type 14 offset 1062 length 0 bytes, 
remaining 1066 

dissect_ssl enter frame #54 (first time)
  conversation = 0000000005A95EF8, ssl_session = 0000000005A965B0
  record: offset = 0, reported_length_remaining = 326
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 262, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 258 bytes, remaining 
267 
pre master encrypted[256]:
73 d8 ef df 23 6c 5d 6d d6 40 63 1c 8d df 7e 68 
e2 6d 2e a3 0b a8 57 f7 63 27 92 2f a4 57 98 b8 
07 ea 74 d0 2b 08 67 4b 69 91 16 da 01 ec 1c 4c 
40 7b 87 36 7c 33 59 7f c9 01 8a 96 35 55 e8 8a 
ad 88 f9 e4 14 75 c7 f1 61 8d 65 22 4a 92 a1 a6 
0e 54 4d 37 45 eb 7f 01 7c 7f 8b 05 0f 11 50 83 
ce b6 04 8a 3d 5f d5 31 f8 4e 48 05 47 cf 9f 4f 
f0 f4 e6 91 f4 f8 56 53 10 64 d5 ac 71 75 d2 af 
76 fa c9 23 fb de 97 39 ee 2a 2b e9 1f d6 8d a7 
ad 37 56 41 d4 d3 fe ad 75 db ad 8b a1 a4 95 c5 
63 7c 8b 9f 06 eb 07 1b c5 9b 5c 37 98 29 e9 67 
22 a1 c7 63 89 f0 f2 0b 2d b0 1a 6a 10 de b3 4d 
f9 df 48 fe 11 26 69 cf d2 34 b8 83 57 34 b8 f3 
8a be 7f 2c e8 3e aa 68 4e ad 14 fb 61 37 a0 53 
2e 3e 15 04 d7 74 3b cc 6a 23 36 2f fd c8 f4 39 
3a c4 c0 bc 31 04 c3 ff ed 12 6d bf 37 95 e0 dd 
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: stripping 207 bytes, decr_len 255
decrypted_unstrip_pre_master[255]:
02 fc ee 61 ab d3 a9 bf 3f a1 18 55 ff f5 2b 33 
54 b5 8b 7c bf 9f 45 dd 3b de e8 8d 2b 43 6b 82 
5d d4 e9 89 07 b1 91 11 d9 1a 1f b3 f2 70 9a 5a 
0e 45 fd f2 9b bd 20 2c 72 c8 4b 3d 36 b9 24 82 
7e a9 f8 1e 3b e4 df 58 8f 26 70 18 97 a9 3a 3b 
08 fe 1b 33 ab 1f a7 d5 77 b6 29 b6 81 fd 5b 2a 
e4 65 11 6a 2f 1b 83 f3 34 33 50 9c 30 c6 bd 8d 
39 01 9c a2 9d 80 8d 71 ea 51 07 8d 8c 1e 47 10 
aa e2 c1 d6 96 6c 3a db 68 20 9f d9 fd cc f9 a3 
41 06 e7 a8 5a ce a6 be 32 74 fb e5 d9 9c 2d b9 
0d 7f b7 2a c8 e1 9f ae 5b ff 85 dd 82 57 12 28 
6a 39 09 22 c6 ac b8 78 02 3d 3d 3c f8 d2 b2 6a 
69 0a 40 27 11 c1 7c 82 e9 f6 3f b9 f1 df 00 03 
01 74 d9 d4 60 ab d0 a8 d1 e3 0e 82 1d 15 a1 c4 
27 85 54 dc 6d 3c 3c 88 91 b4 ad 00 74 b8 9f 8c 
d4 ec d4 1b ba 79 97 e0 db d3 e2 0a 6d 14 bb 
pre master secret[48]:
03 01 74 d9 d4 60 ab d0 a8 d1 e3 0e 82 1d 15 a1 
c4 27 85 54 dc 6d 3c 3c 88 91 b4 ad 00 74 b8 9f 
8c d4 ec d4 1b ba 79 97 e0 db d3 e2 0a 6d 14 bb 
ssl_generate_keyring_material:PRF(pre_master_secret)
pre master secret[48]:
03 01 74 d9 d4 60 ab d0 a8 d1 e3 0e 82 1d 15 a1 
c4 27 85 54 dc 6d 3c 3c 88 91 b4 ad 00 74 b8 9f 
8c d4 ec d4 1b ba 79 97 e0 db d3 e2 0a 6d 14 bb 
client random[32]:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
4d 67 9b 50 ee 3c 3a d1 eb 4b 1b b9 b1 10 b6 e3 
server random[32]:
50 32 2e 60 d8 83 57 6e 9b 2f a6 f4 e8 75 06 64 
c1 d6 10 1f 4f f6 07 6d 3e 04 c4 ef c3 97 06 b8 
tls_prf: tls_hash(md5 secret_len 24 seed_len 77 )
tls_hash: hash secret[24]:
03 01 74 d9 d4 60 ab d0 a8 d1 e3 0e 82 1d 15 a1 
c4 27 85 54 dc 6d 3c 3c 
tls_hash: hash seed[77]:
6d 61 73 74 65 72 20 73 65 63 72 65 74 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 4d 67 9b 
50 ee 3c 3a d1 eb 4b 1b b9 b1 10 b6 e3 50 32 2e 
60 d8 83 57 6e 9b 2f a6 f4 e8 75 06 64 c1 d6 10 
1f 4f f6 07 6d 3e 04 c4 ef c3 97 06 b8 
hash out[48]:
f0 89 50 ad f6 cd aa ff d4 d1 87 78 5c 1d 92 d8 
97 b3 7c 82 29 c0 38 8b 1d e5 76 21 b5 c7 77 5c 
27 b1 6d e5 7e bd 40 64 b0 4f b5 12 34 ad 6f 3f 
tls_prf: tls_hash(sha)
tls_hash: hash secret[24]:
88 91 b4 ad 00 74 b8 9f 8c d4 ec d4 1b ba 79 97 
e0 db d3 e2 0a 6d 14 bb 
tls_hash: hash seed[77]:
6d 61 73 74 65 72 20 73 65 63 72 65 74 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 4d 67 9b 
50 ee 3c 3a d1 eb 4b 1b b9 b1 10 b6 e3 50 32 2e 
60 d8 83 57 6e 9b 2f a6 f4 e8 75 06 64 c1 d6 10 
1f 4f f6 07 6d 3e 04 c4 ef c3 97 06 b8 
hash out[48]:
5c 20 2b 8b 6e 91 7b b3 0a ef a4 1f 4e 4b e7 c2 
0e 92 80 f4 41 75 0f 9f c6 95 3b 27 45 c8 52 cd 
29 4d 84 da f3 ff 73 73 87 9d 2e 6d 48 34 3a b6 
PRF out[48]:
ac a9 7b 26 98 5c d1 4c de 3e 23 67 12 56 75 1a 
99 21 fc 76 68 b5 37 14 db 70 4d 06 f0 0f 25 91 
0e fc e9 3f 8d 42 33 17 37 d2 9b 7f 7c 99 55 89 
master secret[48]:
ac a9 7b 26 98 5c d1 4c de 3e 23 67 12 56 75 1a 
99 21 fc 76 68 b5 37 14 db 70 4d 06 f0 0f 25 91 
0e fc e9 3f 8d 42 33 17 37 d2 9b 7f 7c 99 55 89 
ssl_generate_keyring_material sess key generation
tls_prf: tls_hash(md5 secret_len 24 seed_len 77 )
tls_hash: hash secret[24]:
ac a9 7b 26 98 5c d1 4c de 3e 23 67 12 56 75 1a 
99 21 fc 76 68 b5 37 14 
tls_hash: hash seed[77]:
6b 65 79 20 65 78 70 61 6e 73 69 6f 6e 50 32 2e 
60 d8 83 57 6e 9b 2f a6 f4 e8 75 06 64 c1 d6 10 
1f 4f f6 07 6d 3e 04 c4 ef c3 97 06 b8 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 4d 67 9b 
50 ee 3c 3a d1 eb 4b 1b b9 b1 10 b6 e3 
hash out[104]:
65 4e 6e 8b de 4d 73 1b 66 50 10 b1 7d 87 44 11 
94 7d 08 38 52 af 8d 7f f8 06 5d f5 06 fd 95 e8 
28 b9 33 62 87 42 a7 e1 58 4c 11 5a 66 47 00 de 
04 3e 7c af 3a 48 a5 b9 94 54 3e 33 0c 1e 05 93 
65 22 d3 76 26 93 6d ec 51 c5 01 f7 a2 da e7 ca 
34 7d 4e 29 40 14 4a cf 33 13 62 72 a2 db 46 29 
7c 7a bc b0 55 b7 4a 07 
tls_prf: tls_hash(sha)
tls_hash: hash secret[24]:
db 70 4d 06 f0 0f 25 91 0e fc e9 3f 8d 42 33 17 
37 d2 9b 7f 7c 99 55 89 
tls_hash: hash seed[77]:
6b 65 79 20 65 78 70 61 6e 73 69 6f 6e 50 32 2e 
60 d8 83 57 6e 9b 2f a6 f4 e8 75 06 64 c1 d6 10 
1f 4f f6 07 6d 3e 04 c4 ef c3 97 06 b8 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 4d 67 9b 
50 ee 3c 3a d1 eb 4b 1b b9 b1 10 b6 e3 
hash out[104]:
db e4 0a 53 03 3c 40 d1 1c 35 7f 8b 0a 4e 2e 65 
af 87 c2 cb a9 64 4e 17 7d ba a6 d3 74 ff c3 ae 
a8 b6 53 6d c6 e8 0e 9a d8 7a d2 3e 16 2f 4a 4f 
98 1a 0f 96 7b 86 16 64 67 84 92 ce e5 a6 30 44 
75 79 27 24 eb e5 c3 42 5f 75 4a 10 b1 0e ca f5 
9d 1d 7a 07 1a 09 09 07 20 5b e8 2b 80 11 40 ad 
24 7e a9 ee 31 39 be 6c 
PRF out[104]:
be aa 64 d8 dd 71 33 ca 7a 65 6f 3a 77 c9 6a 74 
3b fa ca f3 fb cb c3 68 85 bc fb 26 72 02 56 46 
80 0f 60 0f 41 aa a9 7b 80 36 c3 64 70 68 4a 91 
9c 24 73 39 41 ce b3 dd f3 d0 ac fd e9 b8 35 d7 
10 5b f4 52 cd 76 ae ae 0e b0 4b e7 13 d4 2d 3f 
a9 60 34 2e 5a 1d 43 c8 13 48 8a 59 22 ca 06 84 
58 04 15 5e 64 8e f4 6b 
key expansion[104]:
be aa 64 d8 dd 71 33 ca 7a 65 6f 3a 77 c9 6a 74 
3b fa ca f3 fb cb c3 68 85 bc fb 26 72 02 56 46 
80 0f 60 0f 41 aa a9 7b 80 36 c3 64 70 68 4a 91 
9c 24 73 39 41 ce b3 dd f3 d0 ac fd e9 b8 35 d7 
10 5b f4 52 cd 76 ae ae 0e b0 4b e7 13 d4 2d 3f 
a9 60 34 2e 5a 1d 43 c8 13 48 8a 59 22 ca 06 84 
58 04 15 5e 64 8e f4 6b 
Client MAC key[20]:
be aa 64 d8 dd 71 33 ca 7a 65 6f 3a 77 c9 6a 74 
3b fa ca f3 
Server MAC key[20]:
fb cb c3 68 85 bc fb 26 72 02 56 46 80 0f 60 0f 
41 aa a9 7b 
Client Write key[16]:
80 36 c3 64 70 68 4a 91 9c 24 73 39 41 ce b3 dd 
Server Write key[16]:
f3 d0 ac fd e9 b8 35 d7 10 5b f4 52 cd 76 ae ae 
Client Write IV[16]:
0e b0 4b e7 13 d4 2d 3f a9 60 34 2e 5a 1d 43 c8 
Server Write IV[16]:
13 48 8a 59 22 ca 06 84 58 04 15 5e 64 8e f4 6b 
ssl_generate_keyring_material ssl_create_decoder(client)
ssl_create_decoder CIPHER: AES
decoder initialized (digest len 20)
ssl_generate_keyring_material ssl_create_decoder(server)
ssl_create_decoder CIPHER: AES
decoder initialized (digest len 20)
ssl_generate_keyring_material: client seq 0, server seq 0
ssl_save_session stored session id[32]:
51 27 00 00 97 15 a2 5b a1 23 39 17 ed 7d 93 0d 
43 77 f8 d2 66 aa 79 32 84 cc a0 4c 5d 43 23 6b 
ssl_save_session stored master secret[48]:
ac a9 7b 26 98 5c d1 4c de 3e 23 67 12 56 75 1a 
99 21 fc 76 68 b5 37 14 db 70 4d 06 f0 0f 25 91 
0e fc e9 3f 8d 42 33 17 37 d2 9b 7f 7c 99 55 89 
dissect_ssl3_handshake session keys successfully generated
  record: offset = 267, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
  record: offset = 273, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x3F
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
ssl_decrypt_record ciphertext len 48
Ciphertext[48]:
13 34 75 45 fc 2e e3 37 13 45 b7 68 11 69 c4 b5 
64 08 13 1b bb 5f d2 60 32 4c 20 72 2c 62 24 82 
e5 fb 1d 90 29 0c b9 af b3 d6 41 9e 76 5a 54 58 
ssl_decrypt_record: allocating 80 bytes for decrypt data (old len 32)
Plaintext[48]:
14 00 00 0c 9b b5 f9 6f 5d 80 66 04 55 4f 8e 45 
5b ef 26 5a cd de 8b 18 22 29 39 96 58 1b f1 b3 
b4 61 5f aa 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 
ssl_decrypt_record found padding 11 final len 36
checking mac (len 16, version 301, ct 22 seq 0)
tls_check_mac mac type:SHA1 md 2
Mac[20]:
5b ef 26 5a cd de 8b 18 22 29 39 96 58 1b f1 b3 
b4 61 5f aa 
ssl_decrypt_record: mac ok
dissect_ssl3_handshake iteration 1 type 20 offset 0 length 12 bytes, remaining 
16 

dissect_ssl enter frame #55 (first time)
  conversation = 0000000005A95EF8, ssl_session = 0000000005A965B0
  record: offset = 0, reported_length_remaining = 59
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
  record: offset = 6, reported_length_remaining = 53
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 48, ssl state 0x3F
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
ssl_decrypt_record ciphertext len 48
Ciphertext[48]:
d2 97 c9 8e f6 bf 2e 20 61 6f d8 88 05 0a c8 89 
26 45 21 c4 d4 43 6b d4 5b 3c 34 45 41 23 4f 31 
61 f5 a5 fc 03 fa cf ea 85 9d dc 25 f6 56 92 01 
Plaintext[48]:
14 00 00 0c 0a 0f 14 4f aa 4f 59 16 6c 2a 75 5f 
b8 8d bb 3f 78 6e 25 cd 1a b0 fb 1f 2c 4c 76 f1 
8c 21 9a 3e 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 
ssl_decrypt_record found padding 11 final len 36
checking mac (len 16, version 301, ct 22 seq 0)
tls_check_mac mac type:SHA1 md 2
Mac[20]:
b8 8d bb 3f 78 6e 25 cd 1a b0 fb 1f 2c 4c 76 f1 
8c 21 9a 3e 
ssl_decrypt_record: mac ok
dissect_ssl3_handshake iteration 1 type 20 offset 0 length 12 bytes, remaining 
16 
=========================================================



I hope this is enough information. I cannot share the actual captured data and 
key. But if needed I think I can reproduce the problem with a self-signed key 
(and dummy session).



Kind regards,

Bas Nedermeijer