![]() The "TLS Session Keys export for GRPC C " PR (pull request) is merged () and the feature is supported as EXPERIMENTAL API since grpc v1.45.0. Formal solution based on the SslMasterKeyHandler feature of netty may be provied in the future. This is just a workaround because the class 'io.' may be different each version. That will make the master keys be written to the file `d:\keyfile.txt'. You can configure the log4j.xml for exporting master keys to a key log file:Įnable this feature by setting the system property This will write master keys to the log named "io.netty.wireshark". String ( "addr", "localhost:60051", "the address to connect to" ) func callUnaryEcho ( client ecpb. ![]() So that you should not forget to change server port from 50051 to 60051 too. package main import ( "context" "crypto/tls" "crypto/x509" "flag" "fmt" "io/ioutil" "log" "os" "time" "/grpc" "/grpc/credentials" "/grpc/examples/data" ecpb "/grpc/examples/features/proto/echo" ) // Note that I changed the port from 50051 to 60051, because I decode the // traffic on 50051 as plain HTTP2, and decode traffic on 60051 as TLS. The grpc-go supports exporting the TLS master key of gRPC with the help of the keyLogWriter feature of the golang.įollowing gRPC client-side code is modified based on. Unfortunately, not all languages that implement gRPC currently support this feature. ![]() ![]() In theory, as long as the session secret keys of TLS are exported into the file in format of Wireshark key log file from client or server side, the gRPC traffic encrypted in TLS can be parsed by Wireshark (described on Wireshark gRPC wiki page. This page introduces some investigations on how to export the TLS master key of gRPC for Wireshark. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |