事件:'keylog'
【Event: 'keylog'】
line<Buffer> ASCII 文本行,采用 NSSSSLKEYLOGFILE格式。tlsSocket<tls.TLSSocket> 它被生成的tls.TLSSocket实例。
keylog 事件在通过与此服务器的连接生成或接收密钥材料时触发(通常在握手完成之前,但不一定)。这些密钥材料可以存储用于调试,因为它允许解密捕获的 TLS 流量。对于每个套接字,它可能会被触发多次。
【The keylog event is emitted when key material is generated or received by
a connection to this server (typically before handshake has completed, but not
necessarily). This keying material can be stored for debugging, as it allows
captured TLS traffic to be decrypted. It may be emitted multiple times for
each socket.】
一个典型的使用案例是将接收到的行追加到一个通用的文本文件中,该文件随后被软件(例如 Wireshark)用来解密流量:
【A typical use case is to append received lines to a common text file, which is later used by software (such as Wireshark) to decrypt the traffic:】
const logFile = fs.createWriteStream('/tmp/ssl-keys.log', { flags: 'a' });
// ...
server.on('keylog', (line, tlsSocket) => {
if (tlsSocket.remoteAddress !== '...')
return; // Only log keys for a particular IP
logFile.write(line);
});