RE: Use OpenSSL to decrypt TLS session from PCAP files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Do you need to integrate the decryption into your own software, or are you just looking for a possibility to monitor and view the traffic?

If it’s the latter, try and take a look at the SSL decryption support that Wireshark provides.

 

https://wiki.wireshark.org/TLS

https://www.comparitech.com/net-admin/decrypt-ssl-with-wireshark/

 

 

hth,

Matthias

 

Disclaimer: I haven’t used it for TLS myself, only for IPsec, and I can’t tell how up-to-date it is, in particular whether it is TLS 1.3 ready.

 

From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of Oren Shpigel
Sent: Tuesday, December 8, 2020 3:15 PM
To: openssl-users@xxxxxxxxxxx
Subject: Use OpenSSL to decrypt TLS session from PCAP files

 

Hi, 

I generated a PCAP file with TLS session, and I have the matching private key used by my HTTPS server.
The TLS session is not using DH for key exchange, so it should be possible to decrypt.
I know OpenSSL can be used to connect to a socket to "actively" handle the TLS session, but is there a way to "passively" decode and decrypt a session?
How can I "feed" the packets (both directions) into the OpenSSL library?

Thanks!

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux