[erlang-questions] SSL: Getting master_secret and client_random (or premaster_secret)

Roger Lipscombe <>
Thu Jan 5 15:24:07 CET 2017


Further searching shows that Ingela rejected something related in
http://erlang.org/pipermail/erlang-patches/2012-February/002681.html,
but I'm not sure whether that was about exposing the key material or
the way that that patch should have been implemented as ssl:prf (which
it eventually was).

On 5 January 2017 at 14:20, Roger Lipscombe <> wrote:
> We're using ECDHE and DHE ciphers for our SSL connections. This
> provides perfect forward secrecy, which is good, but it makes it
> impossible to decipher packet captures in wireshark, which is
> expected, and also good, almost all of the time.
>
> Sometimes, however, we *do* need to decipher the traffic.
>
> Note that we own both the client (which is embedded) and the server
> (which uses Erlang -- otherwise I wouldn't be asking here -- and
> ranch). We *could* offer a different cipher suite on the server, which
> would disable PFS, but would do it for all connections. I'd prefer
> something a bit more fine-grained.
>
> You can feed a key log to Wireshark, as documented at
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format,
> and it'll correctly decipher the traffic for that connection.
>
> I'd like to find a way to generate a key log file. This requires
> either (client_random, master_secret) or (encrypted_premaster_secret,
> premaster_secret).
>
> Note that I'm looking at the OTP 17.5 source, because that's what we're using.
>
> It would seem that premaster_secret is not stored past the initial
> negotiation, but the client_random and master_secret values are in the
> #security_parameters record in the #connection_state record in the
> #connection_states record, which is in the #state record of the SSL
> connection pid.
>
> But I can't see any (clean) way to retrieve these values, in order to
> generate a key log suitable for Wireshark.
>
> Is there any clean way to do this in OTP 17.5, or is there a supported
> way to do this in OTP 18.x or 19.x?
>
> Regards,
> Roger.


More information about the erlang-questions mailing list