Friday Mar 02, 2012

Using tshark to debug SSL connections

Jyri had explained in his blog how to use ssldump to debug SSL connections. We can also use tshark. On my Linux server, tshark is installed in /usr/sbin/tshark.

Support team guys need these steps for finding out what is happening. First try to reproduce the problem in a test environment with self-signed certificate and follow the steps given in this blog.

I started Oracle iPlanet Web Server 7.0 instance on IP lets say 11.111.111.111 and port 15000.

Exporting Private Key from NSS DB

In NSS Database, I have a Server Certificate named "Server-Cert" as shown below.

$ cd <WS_install-root>/https-<instance>/config

$ ../../bin/certutil -L -d .

Certificate Nickname                         Trust Attributes
                                             SSL,S/MIME,JAR/XPI
Server-Cert                                     u,u,u

First use pk12util to extract server certificate and its key into a file "server.keycert".

$ ../../bin/pk12util -o server.keycert -n "Server-Cert" -d .

Enter Password or Pin for "NSS Certificate DB": nssdbpassword


Enter password for PKCS12 file: pkcs12password
Re-enter password: pkcs12password


pk12util: PKCS12 EXPORT SUCCESSFUL


then I use openssl to get just the RSA private key

$ openssl pkcs12 -nodes -in server.keycert -out key.pem -nocerts -nodes
Enter Import Password: pkcs12password
MAC verified OK 

$ rm server.keycert

If you look at the file, its contents are like :

$ cat key.pem
Bag Attributes
    friendlyName: Server-Cert
    localKeyID: ...
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----

Edit the file key.pem manually and remove the first 4 lines.

Now the file starts with line "-----BEGIN RSA PRIVATE KEY-----" and end with "-----END RSA PRIVATE KEY-----"

Note that we should be very careful with this key as its not so safe to leave it unprotected.

You can protect it by another password if you like.

I would prefer if wireshark can take NSS DB or Oracle Wallets as input directly.

Running tshark

Now as root run tshark

$ /usr/sbin/tshark -o "ssl.desegment_ssl_records: TRUE" \

-o "ssl.desegment_ssl_application_data: TRUE" \

-o "ssl.keys_list:11.111.111.111,15000,http,key.pem" \

-o "ssl.debug_file:ssldebug.log" \

-f "tcp port 15000" \

-R "ssl" \

-V -x 2>&1 | tee tshark.log

when I had not given IP address in ssl.key_list, it wasn't associating key to some of my connections.

Note that 
I used capture filter "tcp port 15000" and display filter "ssl". 
I used -V to show more verbose output and 
I also used -x to get both hex and ASCII dumps. 

You can try your own options.

Now send a request through a browser to https://11.111.111.1111:15000/index.html, close the browser and after a while, press control c on the window where tshark is running and kill it.

Delete the private key file key.pem.

ssldebug.log should have a message that says key was loaded successfully

$ grep -i "private key" ssldebug.log

Private key imported: KeyID ...
ssl_init private key file key.pem successfully loaded

Note that ssldebug.log MUST NOT contain any error messages about key not being used etc.

Now look at tshark.log, look for "Secure Socket Layer" sections one such section is shown below :

Secure Socket Layer
  SSL Record Layer: Handshake Protocol: Client Hello
      Content Type: Handshake (22)
      Version: TLS 1.0 (0x0301)
      Length: 168
      Handshake Protocol: Client Hello
          Handshake Type: Client Hello (1)
          Length: 164
          Version: TLS 1.0 (0x0301)
          Random
              gmt_unix_time: Mar  2, 2012 00:01:26.000000000
              random_bytes: .......

          Session ID Length: 0
          Cipher Suites Length: 72
          Cipher Suites (36 suites)
            Cipher Suite: Unknown (0x00ff)
            Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
            Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
            Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088)
...


In the end you can see SSL data being decrypted :

Decrypted SSL data (1 bytes):

0000  48                                                H

 Decrypted SSL data (225 bytes):

0000  54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a   TTP/1.1 200 OK..
...
0040  46 72 69 2c 20 30 32 20 4d 61 72 20 32 30 31 32   Fri, 02 Mar 2012
0050  20 30 39 3a 31 32 3a 32 38 20 47 4d 54 0d 0a 4c    09:12:28 GMT..L
0060  61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 57 65   ast-modified: We
0070  64 2c 20 32 39 20 46 65 62 20 32 30 31 32 20 31   d, 29 Feb 2012 1
0080  31 3a 33 38 3a 31 39 20 47 4d 54 0d 0a 43 6f 6e   1:38:19 GMT..Con
0090  74 65 6e 74 2d 6c 65 6e 67 74 68 3a 20 31 39 0d   tent-length: 19.
00a0  0a 45 74 61 67 3a 20 22 31 33 2d 34 66 34 65 30   .Etag: "13-4f4e0
00b0  65 32 62 22 0d 0a 41 63 63 65 70 74 2d 72 61 6e   e2b"..Accept-ran
00c0  67 65 73 3a 20 62 79 74 65 73 0d 0a 0d 0a 54 68   ges: bytes....Th
00d0  69 73 20 69 73 20 69 6e 64 65 78 2e 68 74 6d 6c   is is index.html
00e0  0a                                                .

This log shows different stages of SSL

$grep "Handshake Protocol" tshark.log

    Handshake Protocol: Client Hello
    Handshake Protocol: Server Hello
    Handshake Protocol: Certificate
    Handshake Protocol: Server Hello Done
    Handshake Protocol: Client Key Exchange
    Handshake Protocol: Finished
    Handshake Protocol: Finished

Exporting Private Key from Wallet

If your product uses Oracle wallet instead of NSS DB, to extract the key and certificate from the Wallet you can use openssl command as shown below

$openssl pkcs12 -in ewallet.p12 -passin pass:walletpassword -out ewallet.txt -nodes

MAC verified OK

If you look at this file it has  "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----".

$cat ewallet.txt


Bag Attributes
    localKeyID: ...
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----

...
-----END RSA PRIVATE KEY-----


Bag Attributes
    localKeyID: ...
subject=/C=US/CN=*.oracle.com
issuer=/C=US/CN=root
-----BEGIN CERTIFICATE-----

...

-----END CERTIFICATE-----

...

Edit this file and copy only the lines starting with " -----BEGIN RSA PRIVATE KEY-----" and ending with " -----END RSA PRIVATE KEY-----" into a new file key.pem. Rest of the steps remain the same.

I wanted to check if we are getting "close notify" in a connection, I saw in the presentation

http://www.powershow.com/view/29ec1-OWNkM/SSL_Troubleshooting_with_Wireshark_and_Tshark_flash_ppt_presentation

useful commands to get a particular field in tshark:

$tshark -G fields | fgrep "ssl." and hence used
$tshark -R "ssl.alert_message"

References

  1. http://wiki.wireshark.org/SSL
  2. https://forums.oracle.com/forums/thread.jspa?threadID=830575
  3. http://www.powershow.com/view/29ec1-OWNkM/SSL_Troubleshooting_with_Wireshark_and_Tshark_flash_ppt_presentation
About

Meena Vyas

Search

Archives
« March 2012 »
SunMonTueWedThuFriSat
    
1
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
       
Today