Joshua Thijssen has posted a walk-through of some work he's done to create a TLS decoder in PHP. TLS (Transport Layer Security) is a method for encrypting data being sent back and forth between the client and server, similar to how SSL is used.
As a proof of concept I wanted to see in how far I could decode some TLS data on the client side. Obviously, this is very complex matter, and even though TLS looks deceptively simple, it isn’t. To make matters worse, PHP isn’t quite helping us making things easy neither.
His solution (code posted here) goes through a few steps to finally get to the actual data:
- Capturing TLS data
- Gathering all the necessary fields
- From pre-master-secret to master-secret (decoding TLS_RSA_WITH_RC4_128_SHA)
- Partitioning our master-secret
- Decoding our data
- Verifying message integrity
For each step along the way he shares the relevant code and a brief description of what's happening. If you want to see the end result and try it out for yourself, check out his repository.