Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-02-01 Thread Maxim Rise
On Wednesday, February 1, 2017 at 10:48:52 PM UTC+2, Kyle Hamilton wrote: > https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 is a thing. If > this is related to a communication from Firefox, SSLKEYLOGFILE doesn't work. > > Memory dumps can be created by malware. Packet captures can be create

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-02-01 Thread Kyle Hamilton
https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 is a thing. If this is related to a communication from Firefox, SSLKEYLOGFILE doesn't work. Memory dumps can be created by malware. Packet captures can be created by anyone who has access to what should have been (but which have been in practi

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-02-01 Thread Maxim Rise
I know about SSLKEYLOGFILE environment path, but I can't use it. I extracted master secret from a memory dump and I need to unwrap it in order to use it to decrypt the wireshark ssl communication. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinf

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-01-31 Thread Eric Rescorla
This is not the direction want to take, in part because with TLS 1.3 you will not be able to use the session cache to decrypt the connection. What you want is SSLKEYLOGFILE. http://stackoverflow.com/questions/9243842/how-to-reach-used-cipher-key-of-current-ssl-connection-under-firefox -Ekr On S

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-01-29 Thread Maxim Rise
On Wednesday, January 25, 2017 at 8:12:59 AM UTC+2, Maxim Rise wrote: > I need to know only for current version or older version. Let's say the NSS version is 3.28. I know the values of the fields from sslSessionIDStr. How can I unwrap the master secret in order to use the unwrapped master secre

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-01-24 Thread Maxim Rise
I need to know only for current version or older version. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-01-24 Thread Martin Thomson
The details of how NSS constructs these values is internal to a given NSS version and might change in different versions. For instance, the indices and what they mean are highly likely to change in an upcoming version. On Wed, Jan 25, 2017 at 4:11 AM, Maxim Rise wrote: > Hello. > > I am trying t

Can wrapped master secret be unwrapped only using fields from sslSessionID structure?

2017-01-24 Thread Maxim Rise
Hello. I am trying to write a python script for unwrapping wrapped_master_secret for a given wrapped_master_secret in the command line. Can wrapped_master_secret be unwrapped only using fields from sslSessionIDStr structure (masterModuleID, masterSlotID, masterWrapIndex, masterWrapMech, masterWrap