Wireshark-users: Re: [Wireshark-users] Strange SSL decode issue (SUPL, ULP)

From: "Ralf G. R. Bergs" <Ralf+WireShark@xxxxxxxxx>
Date: Mon, 27 Apr 2015 14:46:39 +0200
Hi guys.

On 2015-04-14 22:28 , Ralf G. R. Bergs wrote:
I have a strange issue decoding SUPL traffic (i. e. ULP protocol traffic encrypted with TLS).

As I operate the SUPL server I have the server private key.

I took two snoops on two different frontends (we proxy the traffic on the frontend to the backend nodes using HAProxy; the SSL connection is not terminated on HAProxy, but it is transparently forwarded to the backend and terminated/decrypted there), and the sessions were handled by two different backend nodes.

The problem is that I can decrypt one snoop (i. e. there are lines with protocol "ULP" in the dump,) while the other snoop fails to decrypt (i. e. . I checked to make sure that there is no problem on the backend node WRT to X.509 setup (Java keystore).

WireShark is set up in a way that in the protocol prefs for SSL I have in the RSA key list the private key file specified for IP address "any" and port "7275," and the protocol is "ulp."

I enabled the SSL debug logging, and I noticed the following: For the trace that can't be decrypted I see the following:
ssl_generate_pre_master_secret: found SSL_HND_CLIENT_KEY_EXCHG, state 17
ssl_decrypt_pre_master_secret: session uses DH (17) key exchange, which is impossible to decrypt
while for the snoop that can be decrypted I see the following:
ssl_generate_pre_master_secret: found SSL_HND_CLIENT_KEY_EXCHG, state 17
pre master encrypted[256]:
and then a key in hex follows.

I have no clue how to further investigate this issue, my only guess that this is a bug in WireShark.

Any advice?

If it helps I could send the SSL debug logs, but I would remove all hex dump from them as I know too little about this, and I can't inadvertently disclose the server private key.
I have to come back to the issue, because I've now experienced this again, and now that I thought about it again I come to the conclusion that it probably is some issue in Wireshark.

I can see from the snoop that the SSL/TLS dialog takes place. I see client hello, server hello, certificate, server key exchange, server hello, client key exchange, change cipher spec, encrypted handshake message, change cipher spec, encrypted handshake message, multiple application data packets back and forth, encrypted alerts twice.

So it seems client and server /can/ talk.

Conclusion: Wireshark seems to somehow be able to use the RSA key to decrypt the SSL/TLS traffic.

Can you please help me to investigate this further? Do you want the ssl-debug.log log? What do I have to remove in order to "sanitize" it (i. e. remove secret key material from it)?

Thanks much in advance for your support.

KR,

Ralf