From f5f31a868db4fc79a430ce264a7c13660f23fbe5 Mon Sep 17 00:00:00 2001
From: Peter Wu <peter@lekensteyn.nl>
Date: Wed, 28 Jan 2015 19:49:22 +0100
Subject: sslkeylog.c: utility to intercept OpenSSL keys

For a gdb function, see http://security.stackexchange.com/a/80174/2630
To generate the line assuming you have a context with a SSL structure
(named "s") run this:

    python
    def read_as_hex(name, size):
        addr = gdb.parse_and_eval(name).address
        data = gdb.selected_inferior().read_memory(addr, size)
        return ''.join('%02X' % ord(x) for x in data)

    def pm(ssl='s'):
        mk = read_as_hex('%s->session->master_key' % ssl, 48)
        cr = read_as_hex('%s->s3->client_random' % ssl, 32)
        print('CLIENT_RANDOM %s %s' % (cr, mk))
    end
    python pm()
---
 src/Makefile | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 src/Makefile

(limited to 'src/Makefile')

diff --git a/src/Makefile b/src/Makefile
new file mode 100644
index 0000000..ea8e7b6
--- /dev/null
+++ b/src/Makefile
@@ -0,0 +1,6 @@
+
+libsslkeylog.so: sslkeylog.c
+	$(CC) $(CFLAGS) sslkeylog.c -shared -o $@ -fPIC -ldl
+
+clean:
+	$(RM) libsslkeylog.so
-- 
cgit v1.2.1