[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wireshark-users
Subject:    Re: [Wireshark-users] Problem deciphering an openssl stream
From:       kolos_ws () ural2 ! hu
Date:       2010-10-11 11:22:07
Message-ID: alpine.DEB.2.00.1010111318300.28790 () robin ! fene ! hu
[Download RAW message or body]

Hi Philippe,

> Very interesting documentation. Certainly worth adding to the SSL wiki page.
> 
> Is there any way I can validate that my client is using a DH algorithm ?
> 
> I looked at the trace again, the thing that looks like choosing the protocol is the following :
> 
> TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
>     Content Type: Change Cipher Spec (20)
>     Version: TLS 1.0 (0x0301)
>     Length: 1
>     Change Cipher Spec Message
> 
> But it does not mention any protocol names. Nor does it in the debug log.

In the trace, look at the Server Hello.

It should contain something like 'Cipher Suite'.

I've just done a quick test, and for me, it looks like:
"Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)"

If you're using Firefox as your client, you can view what it's configured 
to use by typing 'about:config' in your address bar. Then filter on 
'security', and you'll see all the cipher suites Firefox is including in 
its Client Hello and offers the Server to pick from.

Kolos

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@wireshark.org?subject=unsubscribe

[prev in list] [next in list] [prev in thread] [next in thread]