Preparing a secret file using OpenSSL APIs to decrypt TLS 1.3 traffic in Wireshark

Question

I would like to create a secret file from both my TLS client and server programs (these are just test programs at the moment: client.exe and server.exe, in which I am playing around the SSL/TLS), that later can be used to decrypt the traffic in Wireshark.

For TLS 1.2, I created a CLIENT_RANDOM file with the following format (testing just a single connection, so there is just 1 single line in the file):

CLIENT_RANDOM <32 bytes client random in hex format> <48 bytes master secret in hex format>

Code snippet to read the random and the master key:

uint8_t random[SSL3_RANDOM_SIZE];
size_t randomLength = SSL_get_client_random(ssl, random, SSL3_RANDOM_SIZE);
...
uint8_t masterKey[SSL_MAX_MASTER_KEY_LENGTH];
size_t masterKeyLength = SSL_SESSION_get_master_key(SSL_get_session(ssl), masterKey, sizeof(masterKey));

Importing this (client or server) secret file into Wireshark as a Pre-Master-Secret Log File, I was able to decrypt the TLS 1.2 traffic, but as I know, the CLIENT_RANDOM cannot be used for TLS 1.3 (at least it does not work for me), but there I should use i.e. CLIENT_HANDSHAKE_TRAFFIC_SECRET/SERVER_HANDSHAKE_TRAFFIC_SECRET.

What is the format of such secret and how could I get those data using the OpenSSL APIs to be able to decrypt TLS 1.3 traffic in Wireshark?

Answer 1

OpenSSL has this functionality and a callback function can be set to get updates about all the new keys generated during a handshake. In the callback, OpenSSL sends the complete log lines, so those can simply be added to a "master secret" log file.

void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);

The log format is the following:

KEY_NAME <CLIENT_RAND in hex> <KEY/SECRET in hex>

Keys received in the callback:

SERVER_HANDSHAKE_TRAFFIC_SECRET

CLIENT_HANDSHAKE_TRAFFIC_SECRET

EXPORTER_SECRET

SERVER_TRAFFIC_SECRET_0

CLIENT_TRAFFIC_SECRET_0