tls decrypt issues

[IndanthronBlue]

Hi!

I need to use wireshark to decrypt the quic package, but it does not work after setting the RAS key using key.pem. How can I obtain the key.log file used for TLS decryption?

Any assistance helps Thanks

[wanghaEMQ]

Good afternoon bro.

I am not quite sure if decryption via a rsa key is still available on msquic. The decryption of quic via a rsa key seems only works on tls 1.2. But msquic is using tls 1.3. Sorry. I forget to introduce the msquic. it's a quic implementation (library) we are using.

The deep reason is The reason decrypting SSL with an RSA key isn’t commonly used anymore is that Perfect Forward Encryption (PFE) has made it obsolete. Sessions negotiated with Diffie-Hellman don’t use the RSA key directly; instead they generate a one-time key, stored only in RAM, that is encrypted using the key on disk.

This article provide some methods to decrypt TLS/SSL payload and debug methods to check if rsa still works.

Have a good day! @IndanthronBlue

[IndanthronBlue]

@wanghaEMQ Thank you so much! I run the client after setting up the SSLKEYLOGFILE environment variable, but I did not find that the generated key.log file was found. Is there a problem with my compilation settings? I use Docker environmental deployment.

[wanghaEMQ]

Hi @IndanthronBlue

Sorry. The SSLKEYLOGFILE still not works for this project or the NanoSDK project. The functionality will not be supported unitl NanoSDK support it.

Maybe you could create a issue to NanoMQ / NanoSDK. Or you can implement it in NanoSDK by yourself like this guy did. And if you want. you could submit a PR to NanoMQ/NanoSDK.

[IndanthronBlue]

@wanghaEMQ Thank you for your reply so fast, I’m sorry to hear that the current project does not support SSLKEYLOGFILE. As far as I know, MSQUIC provides the WriteSslKeyLogFile method to write the key to the file. I think there may be a way to call this method in the code.

[JaylinYu]

We are currently too busy to implement such a feature. Hereby we are inviting you to contribute! ^_^