On 14/04/2019 15:05, Nikos Mavrogiannopoulos wrote: > There is no master secret under TLS1.3, the secrets are derived quite > differently. What we probably missed is to mark this function as > TLS1.2 or earlier only.
That makes sense; thanks. Is there some way of getting at sufficient information for a TLS1.3 connection for wireshark to use it as decoding keys? (From OpenSSL I'm extracting SERVER_HANDSHAKE_TRAFFIC_SECRET EXPORTER_SECRET SERVER_TRAFFIC_SECRET_0 CLIENT_HANDSHAKE_TRAFFIC_SECRET CLIENT_TRAFFIC_SECRET_0 which seem to be enough). -- Cheers, Jeremy _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
