Results 1 to 2 of 2
  1. 08-20-2010, 03:15 PM #1
    Sergio
    Sergio is offline Member
    Join Date
    Aug 2010
    Posts
    2
    Rep Power
    0

    Smile How to decrypt SSL?

    Hi all,

    I'm trying to manually decrypt SSL traffic using openjdk libraries and server's private key.

    I succeed partially as the whole message is decrypted ok, except the first 16 bytes of the decrypted communication always end up as garbage.

    openjdk ServerSocket implementation works fine, as it decodes all the data without problems, so it must be an error in my manual implementation.

    Any insight is much appreciated!

    Manual implementation
    Java Code: 
    			byte[] clrnd = Convert.hexStringToByteArray("e4213b134ea855f50622c0745aa1b65f6ee877215f854b09d1f0470eb5ba5186");
			byte[] srvrnd = Convert.hexStringToByteArray("4c6b49c64589c46f6a61e4b74c3b20378598ee41612ed797203991b7703c5f2e");
			ProtocolVersion pv = ProtocolVersion.valueOf(0x03, 0x01);
			CipherSuite cipher_suite = CipherSuite.valueOf(0x00, 0x2f);
			byte[] encrypted_premaster_secret = Convert.hexStringToByteArray("57d9f683f55ce1e2b3cdc396210b3258b2c5a14dad073e418d1e06f5dbde1201aaa0a3a695017b7566d49d02ba6788fdf83c871ceb8b1e50d2f7f0e2af4bb53e63fdb096e226b92a21645de8f74f97c8be6e1bc2357e69f7820cb2f7c08ce4bbbe33404a6fcc580d7bda0e2674087cffa75366f84abc083ae6ea29daeb16f499cacad7595251ba274614b38c2081bde38dd01a87fe6a62116d16b8de3cb8e5c530acc294e2ca6dba84d95ffc2ed111ade6dc547d09ae124cf76708be5c775c3cfed31aef2a60ef272a3fa97e8a01c293574259c50f139bbbeb159c11f46c6b8e89145c7312ed88ab33475a0abbeb43dc0de2457d101485f21fe20a46d4e50285");
			byte[] client_app_data = Convert.hexStringToByteArray("17030101a0f7fc859a02534ca6b8d4c6b5c24bcf4a65529447eec800d678949a1d9d77fba50fff0c295ee608815152b5cb89ca070e0a05ef4f15727d6d456387c8b3cdb7195736a458b8719f804a135166fe5bee4657da23af105435745abba010bdd84a0cd61185211a22849d039711c10f2b2f4f14bf579896ab8527c7fc58422d8cd83fc13275f8c34568051928ab589d30399ed28072d857243699564f83c3dff08b0800ff4e8180661083a9f3362722cafa6f599600093d077f09c901f7a4737f3b232a28b8d09d07868201135f9520b0dd00165f22e553bd0be193c09f85f0d58565cdd0e53caa5b3ae046475d88cecf00631c06c8d620ea7e3e1cc20e6737cb9ae2d684dd03965f6f241ef8b5165ce3567954418e9c5569aca79559cc7aa7bbba663df0a2af9109f96eb163f962cf78f3cd2b41f8e3b7b459a873639793acf0161229294584169b930375ebaa1a9de80428e68ce74fd51bf7c03c7731538cf9762918303c2d6ee42a0e89027f73cced5d265907376ed33a23cdc84e192afe0678ab5713f770b238233cdb6a703f8f444f1a2883401314522119d68cf56862ab0449");

			//Decode premaster secret
			//see ServerHandshaker.clientKeyExchange and RSAClientKeyExchange constructor
			SecretKey premaster = null;
			SecureRandom sr = new SecureRandom();
        	Cipher ciph = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1);
            ciph.init(Cipher.UNWRAP_MODE, Certificate.getPvk());
            premaster = (SecretKey)ciph.unwrap(encrypted_premaster_secret, "TlsRsaPremasterSecret", Cipher.SECRET_KEY);
			
			//Calculate master secret
	        SecretKey master = null;
		    try {
		        KeyGenerator kg = JsseJce.getKeyGenerator("SunTlsMasterSecret");
		        kg.init(new TlsMasterSecretParameterSpec(premaster, pv.major, pv.minor, clrnd, srvrnd));
		        master = kg.generateKey();
		    } catch (GeneralSecurityException e) {
		        if (!premaster.getAlgorithm().equals("TlsRsaPremasterSecret")) throw new ProviderException(e);
		    }
		    System.out.println("master[length:"+master.getEncoded().length+"]:"+Convert.bytesToString(master.getEncoded()));
		    		    
		    //Calculate connection keys
	        BulkCipher cipher = cipher_suite.cipher;
	        int expandedKeySize = cipher_suite.exportable ? cipher.expandedKeySize : 0;
			
	        KeyGenerator kg = JsseJce.getKeyGenerator("SunTlsKeyMaterial");
			kg.init(new TlsKeyMaterialParameterSpec(master, pv.major, pv.minor, clrnd, srvrnd, cipher.algorithm, cipher.keySize, expandedKeySize, cipher.ivSize, cipher_suite.macAlg.size));
			TlsKeyMaterialSpec keySpec = (TlsKeyMaterialSpec)kg.generateKey();
			
			SecretKey clntWriteKey = keySpec.getClientCipherKey();
			IvParameterSpec clntWriteIV = keySpec.getClientIv();

			CipherBox svbox = cipher_suite.cipher.newCipher(pv, clntWriteKey, clntWriteIV, false);
			svbox.decrypt(client_app_data, 5, client_app_data.length-5);
    My output
    Java Code: 
    Padded plaintext after DECRYPTION:  len = 416
0000: FC 81 A8 DC 2A B7 8E 8C   37 86 70 C1 1E F4 0B 05  ....*...7.p.....
0010: 41 63 63 65 70 74 3A 20   2A 2F 2A 0D 0A 41 63 63  Accept: */*..Acc
0020: 65 70 74 2D 4C 61 6E 67   75 61 67 65 3A 20 65 6E  ept-Language: en
0030: 2D 75 73 0D 0A 55 41 2D   4F 53 3A 20 57 69 6E 64  -us..UA-OS: Wind
0040: 6F 77 73 20 43 45 20 28   50 6F 63 6B 65 74 20 50  ows CE (Pocket P
...
    openjdk server output
    Java Code: 
    0000: 47 45 54 20 2F 20 48 54   54 50 2F 31 2E 31 0D 0A  GET / HTTP/1.1..
0010: 41 63 63 65 70 74 3A 20   2A 2F 2A 0D 0A 41 63 63  Accept: */*..Acc
0020: 65 70 74 2D 4C 61 6E 67   75 61 67 65 3A 20 65 6E  ept-Language: en
0030: 2D 75 73 0D 0A 55 41 2D   4F 53 3A 20 57 69 6E 64  -us..UA-OS: Wind
0040: 6F 77 73 20 43 45 20 28   50 6F 63 6B 65 74 20 50  ows CE (Pocket P
...

    Implementation example for the openjdk server socket
    Java Code: 
    ServerSocket ss = null;
		try {
			ss = new SSLServerSocketFactoryImpl().createServerSocket(443);
		} catch (Exception e) {
			e.printStackTrace();
		}
		while(true){
			try{
				SSLSocket s = (SSLSocket)ss.accept();
				System.out.println("Incoming connection from "+s.getInetAddress()+":"+s.getPort());
				
				//Read data
				StringBuffer sb = new StringBuffer();
				InputStream in = s.getInputStream();
				int	c;
				do {
					c = in.read();
					sb.append((char)c);
				}while(in.available() > 0);
				System.out.println(sb);
				
				
				//Write data
		        PrintWriter pw = new PrintWriter(s.getOutputStream());
				pw.write("Zagooooor");
				pw.flush();
				pw.close();
				s.close();
				
			}catch(Exception e){
				e.printStackTrace();
				System.exit(0);
			}
		}
    Last edited by Sergio; 08-20-2010 at 03:17 PM. Reason: Put the proper openjdk server output
    Reply With Quote Reply With Quote
  2. 08-21-2010, 05:03 AM #2
    Sergio
    Sergio is offline Member
    Join Date
    Aug 2010
    Posts
    2
    Rep Power
    0

    Thumbs up To answer my own question

    Guess you folks ain't into encryption that much ;)

    While researching the encryption schemes, I've found out that initialization vector (IV) is used to encrypt the first block of data (in this case 16 bytes) while using stream ciphers.

    By reverse engineering the proper IV, I've found out that last 16 bytes in Finished message match the IV-s.

    The problem is that TLS RFC doesn't mention that anywhere.
    Reply With Quote Reply With Quote
« pixel scanning too slow | retrieve OS architecture »

Similar Threads

  1. Encrypt and decrypt SMS
    By ZeCute in forum CLDC and MIDP
    Replies: 8
    Last Post: 06-13-2010, 05:01 AM
  2. How to decrypt? (if you know plaintext, ciphertext,...)
    By aRTx in forum New To Java
    Replies: 2
    Last Post: 04-19-2010, 06:25 PM
  3. Ideas to decrypt this ?
    By ketku in forum Advanced Java
    Replies: 0
    Last Post: 11-16-2009, 10:52 AM
  4. Stuck with my program FTP upload, download + encryp,decrypt
    By jurka in forum New To Java
    Replies: 8
    Last Post: 08-26-2008, 04:50 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules