Procedure for quic payload decoding in wireshark

[suhrm]

Hi

What is the procedure for decoding payload data in e.g. wireshark when having the key available?

Regards.

Rasmus Suhr Mogensen

[djc]

Do you mean to ask how to generate an SSLKEYLOGFILE, or are you asking what to do once you have one?

You'll need to configure the rustls config with a KeyLogFile, then set the SSLKEYLOGFILE environment variable to point to some file path, then set the Protocols / TLS / (Pre)-Master-Secret log filename in the Wireshark preferences to that same file path.

[suhrm]

Do you mean to ask how to generate an SSLKEYLOGFILE, or are you asking what to do once you have one?

You'll need to configure the rustls config with a KeyLogFile, then set the SSLKEYLOGFILE environment variable to point to some file path, then set the Protocols / TLS / (Pre)-Master-Secret log filename in the Wireshark preferences to that same file path.

What I had in mind was to use the key.der if possible to make it easier, but if that is not possible the SSLKEYLOGFILE would also be a solution.

Regards.

[djc]

I don't have any experience using the key.der for this, but I suppose that might be another way to go. If you do have experience, it should work the same way on the Wireshark side.

[suhrm]

Unfortunately I have not been able to find the proper way to use the key directly yet, Wireshark is quite picky abount the formatting of the key, but the SSLKEYLOGFILE method works fine for what I need.

Thanks for the quick reply :)