Wireshark-users: [Wireshark-users] SSL Decryption: "wrong pre_master_secret length"

From: Nikolaus Rath <Nikolaus@xxxxxxxx>
Date: Mon, 18 May 2015 18:59:29 -0700
[ Originally posted at https://ask.wireshark.org/questions/42443/, but
  the Q&A format is becoming rather awkward for all the back & forth, so
  I'm continuing here ]

Hello,

I'm trying to decrypt an SSL session, but I'm running into some
problems. The stream is IMAP with STARTTLS. I have configured the
private key with a port of "start_tls", and selected the first packet
after the "Begin TLS negotation now message". In the context menu, I
selected "Decode as SSL", and then "Follow SSL Stream".

However, at this point I just get an empty window. When I enabled debug
logging, I found the following messages:

,----
| [...]
| dissect_ssl enter frame #10 (first time)
| association_find: TCP port 51244 found (nil)
| packet_from_server: is from server - FALSE
|   conversation = 0x7f39df1ff058, ssl_session = 0x3d186e0
|   record: offset = 0, reported_length_remaining = 176
| dissect_ssl3_record: content_type 22 Handshake
| decrypt_ssl3_record: app_data len 171, ssl state 0x00
| association_find: TCP port 51244 found (nil)
| packet_from_server: is from server - FALSE
| decrypt_ssl3_record: using client decoder
| decrypt_ssl3_record: no decoder available
| dissect_ssl3_handshake iteration 1 type 1 offset 5 length 167 bytes, remaining 176 
| packet_from_server: is from server - FALSE
| ssl_find_private_key server 23.92.25.96:143
| ssl_find_private_key: testing 3 keys 
| ssl_find_private_key can't find private key for this server! Try it again with universal port 0
| dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01
| [...]
| pcry_private_decrypt: stripping 181 bytes, decr_len 304
| ssl_decrypt_pre_master_secret wrong pre_master_secret length (123, expected 48)
| ssl_generate_pre_master_secret: can't decrypt pre master secret
| trying to use SSL keylog in 
| failed to open SSL keylog
| dissect_ssl3_handshake can't generate pre master secret
|   record: offset = 315, reported_length_remaining = 75
| dissect_ssl3_record: content_type 20 Change Cipher Spec
`----

Do I need to be worried about the "can't find private key"? Or about the
"can't decrypt pre master secret"?  If so, how do I fix it?

I read elsewhere that this might happen if the private key used for
Wireshark doesn't match the private key used by the server, but the keys
are definitely identical. For testing, I also deliberately supplied an
incorrect private key file. And indeed - I am getting the same
errors. However, I really am 100% sure that I'm using the same key (it's
scp'ed directly from the server).


This is with Wireshark 1.12.1 on Debian Jessie, linked against GnuTLS
3.3.8. I can decrypt the Snakeoil example from the Wireshark Wiki just
fine.

I've uploaded the full debug log to and the traffic dump to:

https://www.dropbox.com/s/6kk6oqaj1zmtngl/ssl_debug.txt?dl=0
https://www.dropbox.com/s/jpar0gnviyf1cwi/imap_starttls.pcapng?dl=0


I also tried decrypting a HTTPS stream instead, but that failed because
it uses DH key exchange. I'm still trying to figure out how to tell
Apache to (temporarily) not do that...


Anyone able to help?


Best,
-Nikolaus

-- 
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F

             »Time flies like an arrow, fruit flies like a Banana.«