embhorn
commented
3 years ago Hello @pictyeye
Thanks for the note. I've added this to our internal feature request list. We try to work on requested features whenever we get free engineering cycles unless a customer decides to back the effort for a finite implementation timeline. If at any time a feature becomes a progress blocker for a project it can be accelerated. That process can be started by contacting the account business manager.
Thanks, Eric @ wolfSSL Support
pictyeye
dgarske
At configuration time, it is possible to enable
SHOW_SECRETSandWOLFSSL_SSLKEYLOGFILEto compile theSSLKEYLOGFILEfeature inWOLFSSL.However, as far as I can tell, the feature only works up to TLS 1.2.
Since wolfssl supports TLS 1.3 and since the
SSLKEYLOGFILEformat has been updated to handle the new protocol version, would it be possible to add support forSSLKEYLOGFILEin TLS 1.3?If I understand correctly, the current implementation lives in
src/tls.c(in theMakeTlsMasterSecret()function, starting from line 583 in the current release). I believe a similar work would have to be done insrc/tls13.cin the series ofDerive*()functions (or maybe just in the underlyingDeriveKeyMsg()andDeriveKey()functions?).Would there be interest in such a feature?