Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2015-01-29 | sslkeylog: intercept server functions | Peter Wu | 1 | -6/+33 | |
Also intercept SSL_do_handshake (nginx) and SSL_accept (s_server). | |||||
2015-01-29 | sslkeylog: continue after failed handshake, reject SSLv2 | Peter Wu | 1 | -1/+4 | |
Try to dump as many keys as possible, even if a fatal alert occurred. Wireshark does not support SSLv2, so check that a successful connection does not use SSLv2 before dumping keys (this fixes a crash). | |||||
2015-01-28 | sslkeylog: rename key_logfile to keylog_file | Peter Wu | 1 | -9/+9 | |
This follows the preference name ssl.keylog_file. | |||||
2015-01-28 | sslkeylog.c: utility to intercept OpenSSL keys | Peter Wu | 2 | -0/+94 | |
For a gdb function, see http://security.stackexchange.com/a/80174/2630 To generate the line assuming you have a context with a SSL structure (named "s") run this: python def read_as_hex(name, size): addr = gdb.parse_and_eval(name).address data = gdb.selected_inferior().read_memory(addr, size) return ''.join('%02X' % ord(x) for x in data) def pm(ssl='s'): mk = read_as_hex('%s->session->master_key' % ssl, 48) cr = read_as_hex('%s->s3->client_random' % ssl, 32) print('CLIENT_RANDOM %s %s' % (cr, mk)) end python pm() |