Hi Patrick,
Am 13.06.2017 um 01:31 schrieb Patrick Hemmer: > > > On 2017/6/12 15:14, Lukas Tribus wrote: >> Hello, >> >> >> Am 12.06.2017 um 19:35 schrieb Patrick Hemmer: >>> Would we be able to get a new sample which provides the SSL session >>> master-key? >>> This is so that when performing packet captures with ephemeral ciphers >>> (DHE), we can decrypt the traffic in the capture. >> There is no master key. What you need is the key for the symmetric >> crypto, and you cannot extract it from haproxy currently. >> >> More importantly, OpenSSL implements this functionality only the master >> branch (see [1] and [2]), none of the release branches actually have >> this functionality. >> So we need OpenSSL to release a new branch with this functionality >> (1.1.1), we have to implement it in haproxy and then still it will only >> work for <=TLSv1.2. >> >> TLSv1.3 will need additional secrets and a different key logging API [3]. >> >> >> I suggest you use SSLKEYLOGFILE features in the browsers at this point, >> as the functionality is far from being ready for any OpenSSL based >> application. >> >> >> Regards, >> Lukas >> >> [1] >> https://github.com/openssl/openssl/commit/2faa1b48fd6864f6bb8f992fd638378202fdd416 >> [2] >> https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_keylog_callback.html >> [3] https://github.com/openssl/openssl/pull/2287 >> > > Maybe there's some misunderstanding, because we seem to be talking > about different things, as there definitely is a master key. > > I patched my haproxy to add a ssl_fc_session_key fetch, and with the > value I was able to decrypt my test sessions encrypted with > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. We are talking about the same thing, I just find the term "master key" confusing, but I understand that is what everyone uses in this context. > > Since the implementation was fairly easy, I've included a patch for > it. But I've never submitted anything before, so there's a good chance > of something being wrong. > > The only thing is that the function to do the extraction was added in > 1.1.0 > (https://github.com/openssl/openssl/commit/858618e7e037559b75b0bfca4d30440f9515b888) Very nice, so the openssl features I mentioned are only necessary if we need callback functions (which is not the case), so we can already do this in 1.1.0. Patch needs review, CC +Emeric +Emmanuel. Regards, Lukas