Thank you for your tool. I think it's really the best for security audits on thick clients :)
[1] I have an error when I would like to decrypt a SSL/TLS communication while there is a thick client authentication by certificate.
I have created a SSL filter in my socks proxy. This filter has a "SSL Network Layer".
I have loaded a .p12 file (public/private key of the thick client) in the configuration of this layer.
The "Require Client Certificate" check-box is enabled because the client will tried to authenticate with this certificate to the server.
System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: Une erreur inconnue s’est produite lors du traitement du certificat
--- End of inner exception stack trace ---
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at CANAPE.Net.Layers.SslNetworkLayer.ConnectServer(IDataAdapter adapter, Logger logger, PropertyBag properties)
at CANAPE.Net.Layers.SslNetworkLayer.Negotiate(IDataAdapter& server, IDataAdapter& client, ProxyToken token, Logger logger, MetaDictionary meta, MetaDictionary globalMeta, PropertyBag properties, NetworkLayerBinding defaultBinding)
at CANAPE.Net.ProxyNetworkService.ConnectClient(IDataAdapter baseAdapter, PropertyBag connProperties)
[2] I have tested the authentication by certificate with openssl.
There is no error with openssl:
openssl s_client -port $PORT -host $IP -prexit -cert clientKeystore.pem -key clientKeystore.pem
When I would like to use this clientKeystore.pem file (I'm sure it is good), Canape said that the "Certificate does not have a private key". Consequently, I can't use this .pem file to decrypt the communication.