Age | Commit message (Collapse) | Author | Files | Lines |
|
Making assumptions about ClientHello is very fragile, but since we are
controlling the client, it should not be a big deal.
|
|
|
|
RC2 is a block, not a stream. I thought I fixed this some time ago...
|
|
This makes it easier to see relations in plaintext (if any).
|
|
|
|
This is removed because it is redundant, see
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9144#c16
|
|
|
|
|
|
./openssl-listen /tmp/test-certs
dumpcap -f '(host ::1 or host 127.0.0.1) and tcp portrange 4430-4433' \
-i lo -w all/dump.pcapng
./openssl-connect < all/ciphers-without-SRP-PSK.txt > all/premaster.txt
# kill dumpcap
Check with:
wireshark -o ssl.keylog_file:$PWD/premaster.txt dump.pcapng \
-o http.ssl.port:4430-4433 -o ssl.debug_file:debug.txt
debug.txt is not added because it is a 5.8 MiB file (1.3 MiB gzipped).
|
|
This allows for something like:
openssl ciphers -V | grep -v \ SRP- | ./openssl-connect /tmp/test-certs
|
|
|
|
|
|
And also support reading suites.txt (generated from IANA's CSV[1]).
Not supported are SRP, KRB5, PSK, ARIA and CCM. Suggested usage:
grep -vE '_(SRP|KRB5|PSK|ARIA)_|_CCM(_|$)' suites.txt |
./generate-wireshark-cs
[1]: http://www.iana.org/assignments/tls-parameters/tls-parameters-4.csv
|
|
|
|
|
|
|