Re: TLS Observer with openssl

[Matt Caswell]

On 13/06/2022 14:56, Kreissl, Jochen wrote:

Hi everyone,

currently looking into setting up a TLS Observer, which can decrypt a 
TLS message sequence.


Imagine a scenario where a GUI wants to inspect recorded TLS traffic, 
between backend and some peer (and the GUI does/should not have access 
to the backend context).


I have access to the Master Key (or pre-master secret), obtained for 
example via the set_key_log_callback.


So far so good, but I struggle to find a way to set up a SSL context 
from the master secret.


Is there a way to do this?



No. That's not currently possible.

Matt



Cheers & thanks for the help

Jochen

TLS Observer with openssl

[Kreissl, Jochen]

Hi everyone,

currently looking into setting up a TLS Observer, which can decrypt a TLS 
message sequence.
Imagine a scenario where a GUI wants to inspect recorded TLS traffic, between 
backend and some peer (and the GUI does/should not have access to the backend 
context).

I have access to the Master Key (or pre-master secret), obtained for example 
via the set_key_log_callback.

So far so good, but I struggle to find a way to set up a SSL context from the 
master secret.
Is there a way to do this?

Cheers & thanks for the help
Jochen