Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jsslkeylog/jsslkeylog

Java Agent Library to log SSL session keys to a file for Wireshark
https://github.com/jsslkeylog/jsslkeylog

Last synced: 7 days ago
JSON representation

Java Agent Library to log SSL session keys to a file for Wireshark

Host: GitHub
URL: https://github.com/jsslkeylog/jsslkeylog
Owner: jsslkeylog
License: gpl-2.0
Created: 2020-06-04T18:43:43.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-12-03T13:05:41.000Z (12 months ago)
Last Synced: 2024-08-01T16:44:14.307Z (3 months ago)
Language: Java
Size: 49.8 KB
Stars: 87
Watchers: 2
Forks: 17
Open Issues: 1
Metadata Files:
- Readme: README.txt
- License: license.txt

Awesome Lists containing this project

README

        jSSLKeyLog

==========

Introduction

~~~~~~~~~~~~

jSSLKeyLog is a Java Agent Library that logs SSL session keys of connections 

created by a Java application to a log file understood by Wireshark (see 

https://developer.mozilla.org/en-US/docs/NSS_Key_Log_Format), so that "Follow

SSL stream" can be used to debug SSL connection issues as if the connection

was not encrypted. It works with both Java server and client software.

System requirements

~~~~~~~~~~~~~~~~~~~

This program requires Java 1.7 or higher. Download it from www.java.com.

In case you want to use it with Java 1.5 or 1.6, use version 1.1 of this

program instead. 

The agent library was tested with Java 1.7 to 21; as it accesses internal

API directly, it will likely not work in more recent versions without updating.

Usage

~~~~~

- First download jSSLKeyLog and extract it.

- Locate the command line used to start the Java program (usually hidden in

  some script or batch file) you want to monitor, it will usually look like

  java ... -jar file.jar ...

  or

  java ... some.class.Name ...

  

- Now add an additional parameter directly after the java command name, 

  which is 

  

  -javaagent:jSSLKeyLog.jar=/path/to/your_logfile.log

  

  so that the complete command looks like this:

  

  java -javaagent:jSSLKeyLog.jar=/path/to/your_logfile.log ... -jar file.jar

- You can give an absolute or relative path to jSSLKeyLog.jar and to your

  logfile.

- If you do not want a message printed to the console, add a :quiet option

  after the file name, like this (use ; instead of : on Windows):

  -javaagent:jSSLKeyLog.jar=logfile.log:quiet

  If you prefer the message to appear on stderr instead of stdout, add

  the :stderr option instead.

- If you use a double == between name of the Jar file and the name of

  your log file, extra verbose comments (containing timestamps and

  local/remote host/ip) will be written before the individual entries.

  You can also specify the option :detailed in the same manner as :quiet

  to activate the extra verbose comments.

- The logfile will be written while the program is running. Now just point

  Wireshark to that logfile and happy SSL decoding!

  

- Note that for decoding ECDSA ciphers, at least Wireshark 1.11.3 (as of

  now, a development version, but probably already stable when you are

  reading this) is required.

- If you are using an IDE such as VSCodium, put the parameter in a string

  under the "vmargs" property in the launcher specified under the setting

  "java.test.config", e.g.:

      "java.test.config": [{

          "vmargs": [

              "-javaagent:/path/to/target/jSSLKeyLog-shaded.jar=logfile"

          ]

      }]

  and you can then monitor the traffic generated by JUnit test cases while

  they are being debugged.

License

~~~~~~~

Copyright (c) 2012, 2014, 2017, 2018, 2020, 2022 Michael Schierl

jSSLKeyLog is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 2 of the License, or

(at your option) any later version. See license.txt.

Contact me

~~~~~~~~~~

Please send bug reports and suggestions to .

ChangeLog

~~~~~~~~~

+++ 2020-10-24 Released version 1.3 +++

- Added support for Java 11 - 15

- Added TLS 1.3 support (Java 11 / Java 8u261)

+++ 2017-09-28 Released version 1.2 +++

- Added support for Java 9

+++ 2014-04-23 Released version 1.1 +++

- Added verbose logging mode

- Added support for Java 8

+++ 2012-10-03 Released version 1.0 +++

- First public release