Ankündigung

Einklappen
Keine Ankündigung bisher.

Wireshark SSL Handshake debugging-Handshake protokoll mittels PHP + Curl

Einklappen

Neue Werbung 2019

Einklappen
X
  • Filter
  • Zeit
  • Anzeigen
Alles löschen
neue Beiträge

  • Wireshark SSL Handshake debugging-Handshake protokoll mittels PHP + Curl

    hallo,

    ich muss für ein bezahlsystem das SSL-Handshake protokoll mittels PHP + Curl umsetzen. soweit ich das in wireshark sehe, klappt der handshake auch. nur leider tritt danach ein fehler auf den weder ich noch der anbieter verstehen, mgl. ein curl bug oä. deswegen möchte ich mir gerne mittels wireshark anschauen was denn genau da passiert. der Handshake besitzt alle 4 Phasen, also mit Client und Server Certifikat sowie keyfile. wüsste jemand wie ich das mit wireshark (oder nem anderen programm) debuggen kann? finde nur etwas zu keyfile, nichts zu zertifikaten

    gruß und danke!

    p.s.: ist ein cross-post, weil in einem gut besuchten forum seit gestern niemand geantwortet hat unds ein sehr spezielles thema ist...

    pps: weiß einer was "Encrypted Alert" bei einem SSL-Handshake bedeutet?

    wireshark ssl log:

    ssl_init keys string:
    XX.XX.XX.XX,443,tlsv1,C:\Programme\OpenSSL\bin\f.p em
    ssl_init found host entry XX.XX.XX.XX,443,tlsv1,C:\Programme\OpenSSL\bin\f.p em
    ssl_init addr 'XX.XX.XX.XX' port '443' filename 'C:\Programme\OpenSSL\bin\f.pem' password(only for p12 file) '(null)'
    ssl_init private key file C:\Programme\OpenSSL\bin\f.pem successfully loaded
    association_add TCP port 443 protocol tlsv1 handle 00000000
    association_add could not find handle for protocol 'tlsv1', try to find 'data' dissector
    association_find: TCP port 993 found 03A4CAD8
    ssl_association_remove removing TCP 993 - imap handle 02962C98
    association_add TCP port 993 protocol imap handle 02962C98
    association_find: TCP port 995 found 03A4CB18
    ssl_association_remove removing TCP 995 - pop handle 03744CB8
    association_add TCP port 995 protocol pop handle 03744CB8

    dissect_ssl enter frame #28 (first time)
    ssl_session_init: initializing ptr 04C02258 size 564
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    dissect_ssl server XX.XX.XX.XX:443
    conversation = 04C02080, ssl_session = 04C02258
    client random len: 16 padded to 32

    dissect_ssl enter frame #30 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record found version 0x0301 -> state 0x11
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 42 ssl, state 0x11
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
    dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
    ssl_restore_session can't find stored session
    dissect_ssl3_hnd_srv_hello can't find cipher suite 0x39
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 777 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 397 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 4 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240

    dissect_ssl enter frame #31 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 134 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
    dissect_ssl3_handshake found SSL_HND_CLIENT_KEY_EXCHG state 0x13
    dissect_ssl3_handshake not enough data to generate key (required 0x17)
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    ssl_change_cipher CLIENT
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 48 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198

    dissect_ssl enter frame #32 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    ssl_change_cipher SERVER
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 48 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 240 offset 11 length 4014622 bytes, remaining 59

    dissect_ssl enter frame #33 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 23
    decrypt_ssl3_record: app_data len 976 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    association_find: TCP port 2461 found 00000000
    association_find: TCP port 443 found 03C3C428

    dissect_ssl enter frame #34 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 32 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 218 offset 5 length 10349475 bytes, remaining 37

    dissect_ssl enter frame #35 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 112 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 70 offset 5 length 14914297 bytes, remaining 117

    dissect_ssl enter frame #36 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 64 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 121 offset 5 length 14314602 bytes, remaining 69
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 800 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 45 offset 74 length 12776837 bytes, remaining 874
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 432 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 250 offset 879 length 8236840 bytes, remaining 1311

    dissect_ssl enter frame #37 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 208 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 158 offset 5 length 12025191 bytes, remaining 213

    dissect_ssl enter frame #39 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 912 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 221 offset 5 length 3401459 bytes, remaining 917
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 160 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 158 offset 922 length 16467235 bytes, remaining 1082
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 288 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 67 offset 1087 length 14778176 bytes, remaining 1375
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    ssl_change_cipher CLIENT

    dissect_ssl enter frame #40 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 48 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 17 offset 5 length 1135225 bytes, remaining 53

    dissect_ssl enter frame #41 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    ssl_change_cipher SERVER
    dissect_ssl3_record: content_type 22
    decrypt_ssl3_record: app_data len 48 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    dissect_ssl3_handshake iteration 1 type 0 offset 42 length 12263776 bytes, remaining 90

    dissect_ssl enter frame #43 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 23
    decrypt_ssl3_record: app_data len 320 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    association_find: TCP port 443 found 03C3C428
    dissect_ssl3_record: content_type 23
    decrypt_ssl3_record: app_data len 976 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available
    association_find: TCP port 443 found 03C3C428

    dissect_ssl enter frame #44 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 21
    decrypt_ssl3_record: app_data len 32 ssl, state 0x13
    association_find: TCP port 2461 found 00000000
    packet_from_server: is from server - FALSE
    decrypt_ssl3_record: using client decoder
    decrypt_ssl3_record: no decoder available

    dissect_ssl enter frame #46 (first time)
    conversation = 04C02080, ssl_session = 04C02258
    dissect_ssl3_record: content_type 21
    decrypt_ssl3_record: app_data len 32 ssl, state 0x13
    association_find: TCP port 443 found 03C3C428
    packet_from_server: is from server - TRUE
    decrypt_ssl3_record: using server decoder
    decrypt_ssl3_record: no decoder available

    dissect_ssl enter frame #31 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198

    dissect_ssl enter frame #30 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240

    dissect_ssl enter frame #46 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 21

    dissect_ssl enter frame #28 (already visited)
    conversation = 04C02080, ssl_session = 00000000

    dissect_ssl enter frame #41 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 0 offset 42 length 12263776 bytes, remaining 90

    dissect_ssl enter frame #43 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 23
    association_find: TCP port 443 found 03C3C428
    dissect_ssl3_record: content_type 23
    association_find: TCP port 443 found 03C3C428

    dissect_ssl enter frame #44 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 21

    dissect_ssl enter frame #43 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 23
    association_find: TCP port 443 found 03C3C428
    dissect_ssl3_record: content_type 23
    association_find: TCP port 443 found 03C3C428

    dissect_ssl enter frame #30 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240

    dissect_ssl enter frame #31 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
    dissect_ssl3_record: content_type 20
    dissect_ssl3_change_cipher_spec
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198

    dissect_ssl enter frame #30 (already visited)
    conversation = 04C02080, ssl_session = 00000000
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
    dissect_ssl3_record: content_type 22
    dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
    [B]PHP4?!?[/B]>>>[B]Aktuelle[/B] PHP Version: [B]5.2.11 || 5.3.0
    [URL="http://en.opensuse.org/Factory/News"]Suse 11.2 *vorfreude*[/URL]
    [/B]
Lädt...
X