Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352

author: Martin Kaiser <lists@kaiser.cx> 2014-05-24 00:02:24 +0100
committer: Matt Caswell <matt@openssl.org> 2014-05-24 00:02:24 +0100
commit: 189ae368d91d2c9de5ed1fa21e993f5c83fc4445 (patch)
tree: 63daed6505f8df3c1baef63a7c92e0d96fa3a9f2 /ssl/ssl_txt.c
parent: dd36fce023a64d90058b8fefbd95dadaca98f9ca (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index 20b95a2829..0ffdcb0ea2 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -248,3 +248,33 @@ err:
 	return(0);
 	}
 
+/* print session id and master key in NSS keylog format
+   (RSA Session-ID:<session id> Master-Key:<master key>) */
+int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
+	{
+	unsigned int i;
+
+	if (x == NULL) goto err;
+	if (x->session_id_length==0 || x->master_key_length==0) goto err;
+
+	/* the RSA prefix is required by the format's definition although there's
+	   nothing RSA-specifc in the output, therefore, we don't have to check
+	   if the cipher suite is based on RSA */
+	if (BIO_puts(bp,"RSA ") <= 0) goto err;
+
+	if (BIO_puts(bp,"Session-ID:") <= 0) goto err;
+	for (i=0; i<x->session_id_length; i++)
+		{
+		if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
+		}
+	if (BIO_puts(bp," Master-Key:") <= 0) goto err;
+	for (i=0; i<(unsigned int)x->master_key_length; i++)
+		{
+		if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
+		}
+	if (BIO_puts(bp,"\n") <= 0) goto err;
+
+	return(1);
+err:
+	return(0);
+	}
author	Martin Kaiser <lists@kaiser.cx>	2014-05-24 00:02:24 +0100
committer	Matt Caswell <matt@openssl.org>	2014-05-24 00:02:24 +0100
commit	189ae368d91d2c9de5ed1fa21e993f5c83fc4445 (patch)
tree	63daed6505f8df3c1baef63a7c92e0d96fa3a9f2 /ssl/ssl_txt.c
parent	dd36fce023a64d90058b8fefbd95dadaca98f9ca (diff)