Ask Your Question
0

What happens in background when I set path to Pre-Master-Secret log file?

asked 2019-07-31 22:11:34 +0000

I wish to understand what is happening under the hood in wireshark, how is it implemented on a more basic level. Can it be used with tshark? How hard would it be to combine it with other smaller libraries or implement my own script?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2019-08-01 15:56:41 +0000

grahamb gravatar image

Yes it can be used with tshark. Either set the path to the keylogfile in a profile and use that profile with tshark (-C option) or pass the path as a configuration option with -o tls.keylog_file:path\to\keylog.

The secrets from the file are associated with the TLS handshakes to generate the keys required for decryption.

The code is built for use by dissectors within the Wireshark framework, it might be some effort to extract it for use elsewhere.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-07-31 22:11:34 +0000

Seen: 219 times

Last updated: Aug 01 '19