AES is supported if you compile ssldump against a version of OpenSSL that supports AES. The cipher suites just show up as 'Unknown value' and their equivalent hex values (0x2f being AES128-SHA and 0x35 being AES256-SHA):
ssldump -aAnNd -i eth1.100
New TCP connection #1: 10.60.1.100(1287) <-> 10.60.1.250(443)
1 1 0.0004 (0.0004) C>SV3.0(45) Handshake
ClientHello
Version 3.0
random[32]=
47 a8 b3 6b aa 5d c9 74 3b a3 13 fe d1 a6 c9 72
87 d2 d3 4f 41 74 b6 2f 3a ef f6 49 fa af aa 82
cipher suites
Unknown value 0x2f
compression methods
NULL
1 2 0.0014 (0.0010) S>CV3.0(758) Handshake
ServerHello
Version 3.0
random[32]=
e6 b3 9c 16 27 93 a8 76 6b a6 a1 0a de d2 b9 a7
19 93 d2 3e 75 6f 19 7c 2c 93 9f 0c a5 6f 17 d6
session_id[0]=
Logged In: YES
user_id=660969
I would consider this a high priority. AES is becoming more widespread,
and it is a little annoying to memorise the hex codes for the AES
ciphers.
Logged In: NO
AES is supported if you compile ssldump against a version of OpenSSL that supports AES. The cipher suites just show up as 'Unknown value' and their equivalent hex values (0x2f being AES128-SHA and 0x35 being AES256-SHA):
ssldump -aAnNd -i eth1.100
New TCP connection #1: 10.60.1.100(1287) <-> 10.60.1.250(443)
1 1 0.0004 (0.0004) C>SV3.0(45) Handshake
ClientHello
Version 3.0
random[32]=
47 a8 b3 6b aa 5d c9 74 3b a3 13 fe d1 a6 c9 72
87 d2 d3 4f 41 74 b6 2f 3a ef f6 49 fa af aa 82
cipher suites
Unknown value 0x2f
compression methods
NULL
1 2 0.0014 (0.0010) S>CV3.0(758) Handshake
ServerHello
Version 3.0
random[32]=
e6 b3 9c 16 27 93 a8 76 6b a6 a1 0a de d2 b9 a7
19 93 d2 3e 75 6f 19 7c 2c 93 9f 0c a5 6f 17 d6
session_id[0]=
cipherSuite Unknown value 0x2f
compressionMethod NULL
Certificate
Subject
C=US
ST=Georgia
L=Atlanta
O=Cisco Systems
OU=1024 Server RSA
CN=wwwin.tier1.com
emailAddress=tier1@cisco.com
Issuer
C=US
ST=Georgia
L=Atlanta
O=Cisco Systems
OU=1024 ROOT CA RSA
CN=tier1.com
emailAddress=tier1@cisco.com
Serial 01
Extensions
Extension: X509v3 Basic Constraints
ServerHelloDone
1 3 0.0020 (0.0006) C>SV3.0(132) Handshake
ClientKeyExchange
1 4 0.0020 (0.0000) C>SV3.0(1) ChangeCipherSpec
1 5 0.0020 (0.0000) C>SV3.0(64) Handshake
1 6 0.0033 (0.0012) S>CV3.0(1) ChangeCipherSpec
1 7 0.0039 (0.0006) S>CV3.0(64) Handshake
1 8 0.0040 (0.0000) C>SV3.0(32) application_data
1 9 0.0040 (0.0000) C>SV3.0(160) application_data
1 10 0.0069 (0.0029) S>CV3.0(1488) application_data
1 11 0.0076 (0.0006) C>SV3.0(32) Alert
1 0.0076 (0.0000) C>S TCP FIN
ssldump -aAnNd -i eth1.100
New TCP connection #1: 10.60.1.100(1288) <-> 10.60.1.250(443)
1 1 0.0004 (0.0004) C>SV3.0(45) Handshake
ClientHello
Version 3.0
random[32]=
47 a8 b3 6d ab e9 49 ab e0 70 12 97 9d 2d 15 13
5b 4b 1d 08 47 61 4d 54 4d 22 46 d3 d2 66 03 f2
cipher suites
Unknown value 0x35
compression methods
NULL
1 2 0.0013 (0.0009) S>CV3.0(758) Handshake
ServerHello
Version 3.0
random[32]=
05 3d 2c a3 33 41 7d 81 c8 be c5 aa ed 97 67 82
9b 94 ea ab fc 8f 65 71 3f ce ad dc 6a 8d 5c e6
session_id[0]=
cipherSuite Unknown value 0x35
compressionMethod NULL
Certificate
Subject
C=US
ST=Georgia
L=Atlanta
O=Cisco Systems
OU=1024 Server RSA
CN=wwwin.tier1.com
emailAddress=tier1@cisco.com
Issuer
C=US
ST=Georgia
L=Atlanta
O=Cisco Systems
OU=1024 ROOT CA RSA
CN=tier1.com
emailAddress=tier1@cisco.com
Serial 01
Extensions
Extension: X509v3 Basic Constraints
ServerHelloDone
1 3 0.0019 (0.0006) C>SV3.0(132) Handshake
ClientKeyExchange
1 4 0.0019 (0.0000) C>SV3.0(1) ChangeCipherSpec
1 5 0.0019 (0.0000) C>SV3.0(64) Handshake
1 6 0.0032 (0.0012) S>CV3.0(1) ChangeCipherSpec
1 7 0.0038 (0.0006) S>CV3.0(64) Handshake
1 8 0.0039 (0.0000) C>SV3.0(32) application_data
1 9 0.0039 (0.0000) C>SV3.0(160) application_data
1 10 0.0068 (0.0029) S>CV3.0(1488) application_data
1 11 0.0074 (0.0005) C>SV3.0(32) Alert
1 0.0074 (0.0000) C>S TCP FIN