THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question

Revision history  [back]

Revision 2
Wayne's avatar
1
Wayne
updated 2018-04-29 08:07:13 +0000

Ok, I found the solution. I had to read RFC 5246 to realize that the actual pre-master secret are only the last 48 bytes of the pre-master data. The rest is just padding and some format restrictions.

The correct format therefore is:

RSA "first 8 bytes of encrypted premaster-secret in hex" "the last 48 bytes of the decrypted pre-master data in hex"

Revision 1
Wayne's avatar
1
Wayne
answered 2018-04-28 10:25:04 +0000

Ok, I found the solution. solution and a small bug in Wireshark. I had to read RFC 5246 to realize that the actual pre-master secret are only the last 48 bytes of the pre-master data. The rest is just padding and some format restrictions.restrictions. However, the 48 bytes of the pre-master secret again consist of 2 bytes for the TLS version and 46 random bytes. Wireshark only needs the 46 random bytes!

The correct format therefore is:

RSA "first 8 bytes of encrypted premaster-secret in hex" "the last 48 46 random bytes of the decrypted pre-master data key in hex"