https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4349
Summary: Add support for TLS key logs
Product: Wireshark
Version: SVN
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: agl@xxxxxxxxxxxx
Created an attachment (id=4085)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4085)
patch
Build Information:
N/A
--
This patch adds support for getting the pre-master secret of a TLS connection
from a log file. Currently Wireshark can decrypt and TLS connection only if it
has the server's private key.
I commonly have a use case where I control the TLS client, but not the server.
In order to decrypt in this case, I've added support to NSS (used by Chrome and
Firefox) to log the keys to a file on disk:
https://bugzilla.mozilla.org/show_bug.cgi?id=536474
Given this file, Wireshark can then decrypt the resulting TLS connections.
The format is such that Wireshark opens and linearly scans the file each time
it sees a ClientKeyExchange. If the key log grows too large, this is pretty
inefficient. However, it's simple and the number of interesting TLS connections
when debugging is usually very small.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.