|
Forums -> Security Library Forum
|
by Mark Vatsaas [mark at vatsaas dot org] posted on 2003/10/20 |
|
To troubleshoot communications issues, I have a program that will do a packet capture on my server. (A full network sniff and protocol analyzer along the lines of what you get from winpcap and windump.)
I want to parse out the ssl protocol and decrypt the message like ssldump does. (but in C#) It looks like your package should have what I need.
This is obviously more involed than the typical use of this package. I could just dive in and try to understand the entire project, but I'm hoping you can save me some time.
Can you help me identify the classes I should use to decypher the SSL handshaking protocol within my captured packets, and decrypt the message stream?
Thanks much! |
by Pieter Philippaerts [Pieter at mentalis dot org] posted on 2003/10/20 |
|
I strongly suggest you read the TLS RFC [http://www.faqs.org/rfcs/rfc2246.html]. This will help you understand the internal structure of the Security Library. Without having read this RFC, I'm afraid you won't get that far.
You'll be able to reuse lots of code, but don't think it'll be easy. The Security Library always assumes it's an active party in the SSL/TLS protocol; it wasn't designed to be an SSL sniffer.
Decoding and decryption is done in the RecordLayer class. Decrypted data is immediately passed back to the SocketController, handshake data is forwarded to the HandshakeLayer class. |
|
|