![]() Then the keys.txt can be used to decrypt the two TLS 1.3 sessions (refer Use Wireshark to decrypt TLS flows). (5) Combine two keys file into one: $ cat keys1.txt keys2.txt > keys.txt (3) Initiate another TLS 1.3 session to reuse the saved “ Session Ticket“: $ echo | openssl s_client -connect :443 -tls1_3 -sess_in sess.pem -keylogfile keys2.txt Once the connection is established, input “ GET /” to trigger TLS 1.3 Server to send “ New Session Ticket” message, and this will be saved in sess.pem file. (2) Open another terminal to initiate the first TLS 1.3 session: $ openssl s_client -connect :443 -tls1_3 -sess_out sess.pem -keylogfile keys1.txt (1) Open one terminal to launch tcpdump to capture TLS packets: $ pfexec /opt/ooce/sbin/tcpdump -w tls.pcap port 443 The Operation System I used is OmniOS, and OpenSSL version is 1.1.1k, but I think the methods here can also be applied to other platforms: Thanks the great help from OpenSSL community, I finally can simulate an TLS 1.3 “Session Resumption”. Bob on Update keyring first if your Arch Linux is old enough. ![]() yong on Why doesn’t Linux device driver need to update file position in read/write functions?.nanxiao on Why doesn’t Linux device driver need to update file position in read/write functions?.LR7 on Update keyring first if your Arch Linux is old enough.Erwin Nindl on Build elfutils-libelf from source code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |