I recommend using the master key, which is easier to get at. To the best of my knowledge the pre-master key only exists ephemerally on the stack in OpenSSL. The master key is available in ssl_session_st
(defined in ssl.h
in the 1.0.2 branch but moved to ssl_locl.h
in a later version). The SSL
member variable session
is a pointer to its ssl_session_st
(aka SSL_SESSION
).
Wireshark can use the master key as well as the pre-master key to decrypt connections. Here are the formats that Wireshark supports as of this writing:
RSA xxxx yyyy
Where xxxx
are the first 8 bytes of the encrypted pre-master secret (hex-encoded)
Where yyyy
is the cleartext pre-master secret (hex-encoded)
(this is the original format introduced with bug 4349)
RSA Session-ID:xxxx Master-Key:yyyy
Where xxxx
is the SSL session ID (hex-encoded)
Where yyyy
is the cleartext master secret (hex-encoded)
(added to support openssl s_client Master-Key output)
This is somewhat is a misnomer because there's nothing RSA specific
about this.
PMS_CLIENT_RANDOM xxxx yyyy
Where xxxx
is the client_random from the ClientHello (hex-encoded)
Where yyyy
is the cleartext pre-master secret (hex-encoded)
(This format allows SSL connections to be decrypted, if a user can
capture the PMS but could not recover the MS for a specific session
with a SSL Server.)
CLIENT_RANDOM xxxx yyyy
Where xxxx
is the client_random from the ClientHello (hex-encoded)
Where yyyy
is the cleartext master secret (hex-encoded)
(This format allows non-RSA SSL connections to be decrypted, i.e.
ECDHE-RSA.)
Note that neither the pre-master key nor the master key is the symmetric key (your question title implies that you may think it is). The symmetric key is derived from the master key and client/server random data.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…