diff options
author | Peter Wu <peter@lekensteyn.nl> | 2018-12-09 17:28:48 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2018-12-13 05:28:02 +0000 |
commit | 48033906868075f43e511e4f906684c474454290 (patch) | |
tree | e1fc50ec9dd15cc352b37c192f221f6dcc55ddd1 /epan/dissectors/packet-tls-utils.c | |
parent | 43dfd45faa8af0b239a671b25ab6a398fa32f5c6 (diff) |
Add new "rsa_keys" UAT for storage of RSA private keys
This should eventually replace the "ssl_keys" UAT which additionally
contains a useless address, port and protocol field. This prepares for
HSM support through PKCS #11.
Change-Id: I59409c98aeedf260d19266d18e14ef7d9b40b582
Reviewed-on: https://code.wireshark.org/review/30977
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-tls-utils.c')
-rw-r--r-- | epan/dissectors/packet-tls-utils.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/epan/dissectors/packet-tls-utils.c b/epan/dissectors/packet-tls-utils.c index 6e274ddda4..0083b8d9f7 100644 --- a/epan/dissectors/packet-tls-utils.c +++ b/epan/dissectors/packet-tls-utils.c @@ -3627,7 +3627,8 @@ ssl_decrypt_pre_master_secret(SslDecryptSession *ssl_session, // Try to decrypt using the RSA keys table from (D)TLS preferences. ret = gnutls_privkey_decrypt_data(pk, 0, &epms, &pms); } else { - ret = GNUTLS_E_NO_CERTIFICATE_FOUND; + // Try to decrypt using a hardware token. + ret = secrets_rsa_decrypt(ssl_session->cert_key_id, epms.data, epms.size, &pms.data, &pms.size); } if (ret < 0) { ssl_debug_printf("%s: decryption failed: %d (%s)\n", G_STRFUNC, ret, gnutls_strerror(ret)); |