There is a new key-share algorithm X25519MLKEM768
in go1.24.2
.But when I’m trying to use KeyLogWriter
which outputs a tls_key.log
,I put the log into wireshark and it can’t decrypt the tls traffic. So, which tool i can use to decrypt the PQ-tls traffic. This is my setting for tls.Config
func createTLSConfig(cert tls.Certificate) *tls.Config {
keyLogFile, err := os.OpenFile("tls_keys.log", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
log.Fatalf("error: %v", err)
}
return &tls.Config{
Certificates: []tls.Certificate{cert},
MinVersion: tls.VersionTLS13,
MaxVersion: tls.VersionTLS13,
CurvePreferences: []tls.CurveID{tls.X25519MLKEM768},
KeyLogWriter: keyLogFile,
}
}