-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Key logging #317
Key logging #317
Conversation
Better than commented code, but will it be really useful? |
Oh. I did not notice |
For TLS 1.3, we need to add fields for early secret and handshake secret in |
That's why I try to understand if this is useful (other than temporarily / for an implementor). |
When hs-tls is used in a server, we can get keys from Firefox/Chrome. But if it is used in a client, there is no way to get keys. If there is no strong objection, I would like to merge this PR as is. |
Ok, however if this is long-term need then it would probably deserve an API similar to what already exists for logging. Notably:
And it's still not clear why you log the client random systematically, and not the server random for instance. Also why the master secret is shown as CLIENT_RANDOM. |
Thank you for good suggestions.
I don't understand this. Do you mean that you don't know the format of key logging? If so, please refer to: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format |
Indeed I didn't know the format, thanks for the link. So that means logging to something other than stderr will be probably useful, much less for configuring the format. (although using an ADT internally for the key type may still be a good idea) |
a9ee92a
to
bea812b
Compare
Rebase and pushed -f. |
Is bea812b what you want? |
Yes, clear and clean. Did you reinstate dumpKey by mistake? |
Sorry. This is a mistake on rebasing. Deleted. |
Merged. Thank you for your review! |
This PR implements master key logging.