sslkeylog

Release 0.2.0

A Ruby library that logs SSL session keys in NSS Key Log Format.

Homepage Rubygems Ruby Documentation Download

License
MIT
Install
gem install sslkeylog -v 0.2.0

Documentation

SSLkeylog

A Ruby library that logs SSL session keys from client connections in NSS Key Log Format. This log can be used by tools such as Wireshark to decrypt data when analyzing network traffic.

NOTE: This version of the library is a functional prototype. The implementation may change in the future.

Build Status

Installation

This gem uses a C extension to extract data from Ruby OpenSSL::SSL::SSLSocket objects. This means that the Gem will have to be built using the same OpenSSL headers that were used to compile the Ruby interpreter.

The logic for locating the include directory is not particularly sophisticated, so the proper location may need to be specified during installation:

gem install sslkeylog -- --with-openssl-include=...

Use of the wrong header file can result in segmentation faults and other unpleasantness.

Usage

The simplest way to use this library is to set an output file using the SSLKEYLOG environment variable and then require the sslkeylog/autotrace module:

# In bash: export SSLKEYLOG=$HOME/sslkeylog.log
require 'sslkeylog/autotrace'

If the SSLKEYLOG variable is unset, output will be sent to $stderr.

Tracing can be enabled for specific portions of a Ruby program and output can be routed to any object which behaves like a standard Ruby Logger:

require 'sslkeylog'
require 'stringio'

output = StringIO.new
SSLkeylog::Logging.logger = Logger.new(output)

socket = TCPSocket.new('github.com', '443')
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket)

SSLkeylog::Trace.enable
ssl_socket.connect
SSLkeylog::Trace.disable

ssl_socket.close
puts output.string
# D, [2015-04-16T18:31:53.959279 #82759] DEBUG -- : SSLSocket connect: 192.30.252.129:443
# I, [2015-04-16T18:31:53.959423 #82759]  INFO -- : CLIENT_RANDOM 98DC410A9D6D5851487DA25991E77E60D236832D35AACDF59896927A1C56063D 5EA02F1DBCB9138C50D091949A838C074AD4574490058CBD0BBE6D2D94DA58D4AB190E939CF227EE6AD6E20317C9D922

Data can be extracted directly from OpenSSL::SSL:SSLSocket objects using the to_keylog method of the SSLkeylog::OpenSSL module:

require 'sslkeylog/openssl'

socket = TCPSocket.new('github.com', '443')
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket)
ssl_socket.connect

puts SSLkeylog::OpenSSL.to_keylog(ssl_socket)
ssl_socket.close
# => "CLIENT_RANDOM 7374BF6508668783736B211242A4BC2CF075FC508E49B9797B038D6357370A10 C5BB2BDFEF788E7BB6ED0A37962BEEB140AC7F33DEF0E344F576D18305AF5A6C0121E069F1FF4CE4424530A83D443EFD\n"

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
1
Latest release
First release
Stars
9
Forks
2
Watchers
2
Contributors
1
Repository size
223 KB
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2.0

Maintainers

sharpie

Contributors

Charlie Sharpsteen


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2024-04-05 16:51:57 UTC

Login to resync this project