Home > OS >  How to properly log traffic keys in openssl using SSL_CTX_set_keylog_callback?
How to properly log traffic keys in openssl using SSL_CTX_set_keylog_callback?

Time:07-09

I created this callback function to log the secret key

void SSL_CTX_keylog_cb_func_cb(const SSL *ssl, const char *line){
    FILE  * fp;
    fp = fopen("key_log.log", "w");
    if (fp == NULL)
    {
        printf("Failed to create log file\n");
    }
    fprintf(fp, "%s\n", line);
    fclose(fp);
}

in key_log.log I only get this

CLIENT_TRAFFIC_SECRET_0 af391f5fa21ca10ac61262e4<REDACTED>4

trying to use this log file to decrypt the captured traffic in wireshark does not help and all packets are still encrypted, what am I doing wrong

this is how I set the call back function

    SSL_library_init();
    ctx = init_ctx();
    SSL_CTX_set_keylog_callback(ctx, SSL_CTX_keylog_cb_func_cb);

CodePudding user response:

Using "w" mode, the previous contents of the file to open is erased to overwrite.

Use "a" mode to append data to file.

  • Related