From Adam Langley via bug 4349:

From Adam Langley via bug 4349:

This patch adds support for getting the pre-master secret of a TLS
connection from a log file. Currently Wireshark can decrypt and TLS
connection only if it has the server's private key.

I commonly have a use case where I control the TLS client, but not the
server.  In order to decrypt in this case, I've added support to NSS
(used by Chrome and Firefox) to log the keys to a file on disk:

https://bugzilla.mozilla.org/show_bug.cgi?id=536474

Given this file, Wireshark can then decrypt the resulting TLS connections.

The format is such that Wireshark opens and linearly scans the file each
time it sees a ClientKeyExchange. If the key log grows too large, this
is pretty inefficient. However, it's simple and the number of
interesting TLS connections when debugging is usually very small.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36876 f5534014-38df-0310-8fa8-9805f1628bb7