[gnutls-help] gnutls_session_get_master_secret

[Jeremy Harris]

On 14/04/2019 15:05, Nikos Mavrogiannopoulos wrote:
> There is no master secret under TLS1.3, the secrets are derived quite
> differently. What we probably missed is to mark this function as
> TLS1.2 or earlier only.

That makes sense; thanks.

Is there some way of getting at sufficient information for a TLS1.3
connection for wireshark to use it as decoding keys?
(From OpenSSL I'm extracting
 SERVER_HANDSHAKE_TRAFFIC_SECRET
 EXPORTER_SECRET
 SERVER_TRAFFIC_SECRET_0
 CLIENT_HANDSHAKE_TRAFFIC_SECRET
 CLIENT_TRAFFIC_SECRET_0
which seem to be enough).

-- 
Cheers,
  Jeremy