Key logging

[kazu-yamamoto]

This PR implements master key logging.

[ocheron]

Better than commented code, but will it be really useful?
The master secret is already available in Information.

[kazu-yamamoto]

Oh. I did not notice Information. I will seek the approach to display master keys in Information.

[kazu-yamamoto]

For TLS 1.3, we need to add fields for early secret and handshake secret in Information. If we do so, they must be stored in somewhere since applications can get Information anytime. But I think that the implementation should forget early secret and handshake secret as soon as possible for security reasons. Any thoughts?

[ocheron]

That's why I try to understand if this is useful (other than temporarily / for an implementor).

[kazu-yamamoto]

When hs-tls is used in a server, we can get keys from Firefox/Chrome. But if it is used in a client, there is no way to get keys.

If there is no strong objection, I would like to merge this PR as is.

[ocheron]

Ok, however if this is long-term need then it would probably deserve an API similar to what already exists for logging.

Notably:

• switch to a generic IO action instead of forcing to use hPutStrLn stderr with the hexadecimal conversion built in
• use an ADT instead of String for the type of key

And it's still not clear why you log the client random systematically, and not the server random for instance. Also why the master secret is shown as CLIENT_RANDOM.

[kazu-yamamoto]

Notably:

• switch to a generic IO action instead of forcing to use hPutStrLn stderr with the hexadecimal conversion built in
• use an ADT instead of String for the type of key

Thank you for good suggestions.

And it's still not clear why you log the client random systematically, and not the server random for instance. Also why the master secret is shown as CLIENT_RANDOM.

I don't understand this. Do you mean that you don't know the format of key logging? If so, please refer to:

https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format

[ocheron]

Indeed I didn't know the format, thanks for the link.

So that means logging to something other than stderr will be probably useful, much less for configuring the format.

(although using an ADT internally for the key type may still be a good idea)

[kazu-yamamoto]

Rebase and pushed -f.

[kazu-yamamoto]

Is bea812b what you want?

[ocheron]

Yes, clear and clean.
I see you chose String and not ByteString, just like packet logging.
This is quite fine for debug data.

Did you reinstate dumpKey by mistake?

[kazu-yamamoto]

Did you reinstate dumpKey by mistake?

Sorry. This is a mistake on rebasing. Deleted.

[kazu-yamamoto]

Merged. Thank you for your review!