Wireshark SSL/TLS decryption


Wireshark’s dissector for SSL is able to decrypt SSL/TLS, given the private key in PFX/P12 or PEM format. If you want to figure out whether you’re using the right private key, you can derive the public key from it, and compare its modulus with the first certificate in the chain of certificates sent in the SERVER HELLO.

$ openssl rsa -text -in key.pem -pubout
Private-Key: (2048 bit)
modulus:
00:97:c6:a5:01:d6:36:b3:25:fa:83:9c:93:75:dd:
bb:dc:f6:ef:78:b8:b5:cc:20:1c:35:9a:ba:3d:8d:
d3:94:9b:b0:b2:6c:e7:79:83:3c:07:37:1f:8f:e5:
02:f8:f4:ac:9b:7c:1a:b6:74:6f:73:f5:57:34:30:
5b:32:5a:3b:ba:bd:65:dc:cc:98:30:13:01:fb:0b:
3c:f3:e3:6c:da:9b:3d:47:1f:5f:c3:12:a2:4f:21:
dc:cc:39:90:9d:83:05:b3:06:40:d3:62:25:fe:8b:
e9:1e:ca:a2:d8:0f:9d:cd:84:10:62:15:0e:f3:ab:
cb:d6:fc:92:cf:ff:04:75:17:c6:c7:2d:d6:05:c6:
c1:ce:4e:77:c4:fc:fc:c5:ff:37:4f:83:bb:93:f9:
0f:2f:06:70:6a:55:37:e5:6f:0c:92:5e:14:99:0d:
87:2a:e6:d4:30:f9:de:fb:b5:c6:5e:e8:f5:98:5e:
19:4b:8f:53:8a:e5:f1:87:7b:69:99:4d:a0:55:02:
a0:57:5d:bf:ca:0b:84:8c:23:ed:f6:e5:7a:97:4b:
3e:3f:bb:38:29:0e:11:28:53:6d:d4:d8:69:88:5f:
2d:23:28:e6:43:97:e0:51:db:e8:a8:c7:c5:9f:c3:
9d:11:48:d3:51:8c:5f:ba:ab:c0:60:30:26:e2:c9:
54:8b

 
wireshark-tls-modulus.png

Advertisements

Export private key in pfx or p12 file to pem format


The following openssl command can be used to export private key in a pfx or p12 file to pem

openssl pkcs12 -nodes -in file.pfx -out key.pem -nocerts

If you need the public key for the private key in key.pem

openssl rsa -in key.pem -out key.pub -pubout

If you need information on the public key (modulus, exponent…)

openssl rsa -in key.pem -pubout -text

OR

openssl rsa -pubin -in key.pub -text

Randomly shuffle lines in a file


shuf -o output.txt input.txt

Install coreutils on Mac OS X using Homebrew, if not already installed. Call gshuf instead of shuf.

Curitiba


I traveled to Curitiba to apply for a Schengen visa to visit Poland.

City Park (Passeio Publico)

 

Zoo at City Park

 

Curitiba History Center

 

Curitiba Cathedral

Octave CLI with AquaTerm on Mac OS X


I’m in need of AquaTerm to plot graphics using gnuplot with octave-cli. I’ll use the following Octave command to produce a nice little graphical plot

octave:1> sombrero

sombrero.png

To install aquaterm using homebrew

brew cask install aquaterm

Check lib and headers are properly linked

ls /usr/local/lib/libaquaterm*
ls /usr/local/include/aquaterm/*

If that lists nothing, run

ln -s /Library/Frameworks/AquaTerm.framework/Versions/A/AquaTerm /usr/local/lib/libaquaterm.dylib
ln -s /Library/Frameworks/AquaTerm.framework/Versions/A/AquaTerm /usr/local/lib/libaquaterm.1.1.1.dylib
mkdir /usr/local/include/aquaterm
ln -s /Library/Frameworks/AquaTerm.framework/Versions/A/Headers/* /usr/local/include/aquaterm/.

Install gnuplot with aquaterm

brew install gnuplot --with-aquaterm

Run gnuplot and check whether terminal is set to aqua

$ gnuplot 

	G N U P L O T
	Version 5.0 patchlevel 6    last modified 2017-03-18

	Copyright (C) 1986-1993, 1998, 2004, 2007-2017
	Thomas Williams, Colin Kelley and many others

	gnuplot home:     http://www.gnuplot.info
	faq, bugs, etc:   type "help FAQ"
	immediate help:   type "help"  (plot window: hit 'h')

Terminal type set to 'aqua'
gnuplot> test

The test command should produce a nice little plot such as

gnuplot-test.png

Prior versions of octave-cli e.g. 3.8.0 use gnuplot, so you don’t have to do anything else. Newer versions of Octave e.g. 4.2.1 use a different graphics toolkit  that leverages OpenGL. You can switch to gnuplot as follows

octave:1> graphics_toolkit ("gnuplot")

Use JavaFX in a Swing or console app


This short post explores how to integrate JavaFX into a legacy console or Swing application.

Assuming you’ve created an application such as the WebView Sample, create a separate thread to launch JavaFX’s Application class

Thread appThread = new Thread(() -> {
  launch();
});
appThread.start();

To allow us to control when JavaFX will exit, disable implicit exit. Implicit exit happens when the last window (Stage) is closed by calling hide() or close(). Add this snippet of code to the start() method to JavaFX’s Application class

Platform.setImplicitExit(false);

To run code on JavaFX Application thread

Platform.runLater(new Runnable() {
  @Override public void run() {
    // code runs on JavaFX thread
  }
});

To exit gracefully when legacy application exits

Platform.exit();