alexmgr
commented
9 years ago Hi Chaitanya,
Glad the tool helps!
(b) is trivial. Keys are stored inside the TLSSessionCtx. This is accessible via the tls_ctx property of the TLSSocket, or you can just build a TLSSessionCtx yourself.
From there, you can access the crypto material using:
tls_socket_ctx = tls_socket.tls_ctx
client_mac = tls_socket_ctx.session.key.client.mac
# Repeat for other crypto materialYou can also convert to hex using the standard binascii module
>>> a = '-a\xc4\xdc\xb8\xb0\r\x0ck\xabK\x93\xe4\x9b\xb4\x0b\x86\xeb\x1f'
>>> import binascii
>>> binascii.hexlify(a)
'2d61c4dcb8b00d0c6bab4b93e49bb40b86eb1f'
>>> binascii.unhexlify(_)
'-a\xc4\xdc\xb8\xb0\r\x0ck\xabK\x93\xe4\x9b\xb4\x0b\x86\xeb\x1f'Regarding (a), to get access to the master key (I'm assuming you're using RSA as key exchange), you can access tls_ctx.crypto.session.premaster_secret after the client hello. That will allow you to seed the PRF and derive the keys you need. The thing is that we currently generate the keys after the ClientKeyExchange, so you'll have to override the generated crypto material with the one you generate after that (always in the TLSSessionCtx)
Hope that helps!
ch4174nya
Hey hi, The tool you folks have written is a great support for my work. I have been able to get a lot of work done because of this, but there's a tad bit more that I need it for. During an SSL handshake, a master key is generated. From that master key 4 keys are generated. Is there someway I could (a)either extract the master key and derive the 4 keys outside of the handshake, or (b)get the 4 keys once the connection has been done. I would prefer if (a) could be done. Although I understand that this may not be done on grounds of security, but there's something I am working on where I need to regenerate these 4 keys.
Also, when we tried to somehow get the keys out, we got something like the following: crypto.session.master_secret='Q\x96\x91\x11I\xce\xc52v\xa8%\x1ai\xf7\xa3\x85>\xa4\xc0\xf8\xa8yx\xee\xc2@\xbfN\x8e\xb5\xa6\xcf|R\xe5\xb8\xc7\x00A!\x1e\xba\xfd\x1ad\xac' crypto.session.randombytes.client="U\xb0m\xdb\xe8J\xf3+\xbd\xe1\xe6\xa7\xad\xe9\x86\xfe\xbf#0's\xdc\xcb)\x88/2Z\xdd\x00k\xb9" crypto.session.randombytes.server='U\xb0m\xd9\xc3S\x83I\x8f%\x95?\xf4\xf5\xddL\xa8l1\x8f\xdd\xd5\xe9\xddy\xc9z\x96n\xfe\xfd\xcc' crypto.session.key.client.mac='\xc4\xcc\xd5\xd8)\xce\xbcO\xee\xea\xb6\xca~\x855w\xd2\x9c\xd9\xcc crypto.session.key.client.encryption='\xad\xfe\x8aH\xceq\x0b\xce\r `\xf7K*_4' crypto.session.key.cllient.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' crypto.session.key.server.mac='-a\xc4\xdc\xb8\xb0\r\x0ck\xab_K\x93\xe4\x9b\xb4\x0b\x86\xeb\x1f' crypto.session.key.server.encryption='\x99\xfb\xd5\x81I\xf5P\x1fE\x07(\xf6\x82\x9c\x91]' crypto.session.key.server.iv='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' crypto.session.key.length.mac=20 crypto.session.key.length.encryption=16 crypto.session.key.length.iv=16
However, the characters therein don't look like hex [there exist characters like +, ~, which will not belong to the hex character set]. Any kind of help in this regard [(a) or (b), as stated above] would be appreciated.