SSL decryption doesn't work because of p / q parameter swap
This issue was migrated from bug 7388 in our old bug tracker.
Original bug information:
Reporter: Sylvain Munaut
Status: RESOLVED FIXED
Product: Wireshark
Component: GTK+ UI
OS: All
Platform: All
Version: unspecified
Activity
Build Information: TShark 1.9.0 (SVN Rev 43405 from /trunk)
Copyright 1998-2012 Gerald Combs <gerald@wireshark.org> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.30.3, with libpcap, with libz 1.2.5.1, with POSIX capabilities (Linux), without SMI, without c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 2.12.18, with Gcrypt 1.4.6, without Kerberos, without GeoIP.
Running on Linux 3.2.12-gentoo, without locale, with libpcap version 1.1.1, with libz 1.2.5.1.
Built using gcc 4.5.3.ssl_privkey_to_sexp
If you look at packet-ssl-utils.c you can find in ssl_privkey_to_sexp : --- /* * note: openssl and gnutls use 'p' and 'q' with opposite meaning: * our 'p' must be equal to 'q' as provided from openssl and viceversa */ #if (LIBGNUTLS_VERSION_MAJOR>2)||((LIBGNUTLS_VERSION_MAJOR==2)&&(LIBGNUTLS_VERSION_MINOR>=5)) p_idx = 3; q_idx = 4; #else /* versions 2.4.x and older need 'p' and 'q' swapped */ p_idx = 4; q_idx = 3; #endif ---- and a bit later another bit : --- ssl_get_version(&major, &minor, &patch); /* certain versions of gnutls require swap of rsa params 'p' and 'q' */ if ((major <= 1) && (minor <= 0) && (patch <= 13)) { gcry_mpi_t tmp; ssl_debug_printf("ssl_load_key: swapping p and q parameters\n"); tmp = rsa_params[4]; rsa_params[4] = rsa_params[3]; rsa_params[3] = tmp; } --- Despite all those supposed "fixes", on my laptop, despite using a recent GnuTLS 2.12.18 and Gcrypt 1.4.6, p&q are not in the right order, resulting in bad SSL decryption ... (well, no decryption at all). If I manually force them, then it works fine.added uigtk label