Export TLS Session keys

asked 2021-11-02 14:27:32 +0000

PCrossley
1 ●1 ●1 ●2

updated 2021-11-02 14:37:42 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●951 ●227 https://www.wireshark.org

Wireshark has an option file->export TLS session keys

From testing I can see that this either requires the (pre)master key file to be set up OR the pcapng itself must have embedded secrets

So I tried this and don't know why it failed:

set up the TLS (Pre)Master secret file
Browse (and successfully decrypt)  data
 file->export TLS session keys
editcap --inject-secrets tls,<file created by export>  <mypcap>    <newpcap>

When I opened the new file nothing would decrypt If I opened the new file, removed the key file from TLS preferences and then exported keys from the file menu I got the same contents as before (the ones now embedded in the file).

I can therefore see no real use for the file->export TLS session keys What have I missed? Could it be made to work the way I suggest ? Even better could we add an "import TLS session keys" to wireshark so that I don't have to use editcap?

edit retag flag offensive close merge delete

add a comment

Export TLS Session keys

Be the first one to answer this question!

Question Tools

Stats

Related questions

Export TLS Session keys edit

Be the first one to answer this question!

Question Tools

Stats

Related questions

Export TLS Session keys