Add TLS support
wader opened this issue · 0 comments
wader commented
Slowing working on it, aiming for these steps:
- Decode of most unencrypted data, records, extensions, handshake messages
- Decrypt most common ciphers (CHACHA20/AES AEAD) using a NSS keylog option
- Needs some reorg inside fq to allow passing CLI options down to nested decoders as TLS will be inside PCAP
-o keylog=@/path/to/keylog - Need to somehow communicate between TCP client/server stream decoders to coordinate cipher used etc. Idea now is to allow TCP decoder to return a value and deferred/post process function that will be used with the other streams returned value.
- Needs some reorg inside fq to allow passing CLI options down to nested decoders as TLS will be inside PCAP
Comment here if you want to help out