Hi folks, WireGuard symmetric encryption keys are ephemeral, changing quite frequently to ensure perfect forward secrecy. However, some folks would like to be able to decrypt WireGuard packets inside of tcpdump or WireGuard. I didn't want to compromise the integrity of the ephemeral nature of the session keys by exposing them directly to userspace, in any direct way at all, so instead I wrote a quick tool that uses /dev/kmem to extract the session keys:
https://git.zx2c4.com/WireGuard/tree/contrib/examples/extract-keys # cd contrib/examples/extract-keys # make # ./extract-keys wg0 0x57b56068 tMT...a1rQ= xvQ...KmY= 0x01662508 LbM...osTs= 4VA...OYI= The first value is the index, which should match against the index in the transport packet. Then, the first key is the key used for sending, and the second key is the key used for receiving. The ciphertext will decrypt with standard ChaCha20Poly1305, and if you take a look at wireguard.io/protocol/ you'll see that the nonce is prepended. In my testing, this method turns out to be quite reliable. I'm wondering: would anybody be interested in writing a wireshark dissector to WireGuard packets? You can use the extract-keys/ code as a jumping off point. Thanks, Jason _______________________________________________ WireGuard mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/wireguard
