Hi Ivan, the functionality similar to your request is contained in the Wireshark. See http://wiki.wireshark.org/SSL
It can decrypt SSL/TLS conversation using server's private RSA key. The code is not based on OpenSSL but on GnuTLS+libgcrypt. Best regards, Tomas > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Ivan Ristic > Sent: Thursday, July 30, 2009 10:42 AM > To: openssl-users@openssl.org > Subject: Does OpenSSL support passive decryption? > > I am investigating whether it is possible to use OpenSSL to passively > decrypt an SSL conversation (with access to a server's private RSA > key, of course). > > Does OpenSSL provide any support for this mode of operation? > > If there isn't explicit support, I am guessing some of the > functionality could be reused (e.g. protocol parsing). I'd appreciate > some guidance from someone in the know. > > Thanks. > > -- > Ivan Ristic > Test your SSL server @ SSL Labs > https://www.ssllabs.com/ssldb/ > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
