Version 1.3.3
DSSL is a programming toolkit that decodes and deciphers captured SSL/TLS traffic. The toolkit is implemented as a C library built on top of libpcap/winpcap and OpenSSL API and consists of packet capture, TCP reassembly and SSL decryption modules.
DSSL processes captured network traffic from both directions (from client to server and vice versa) and reconstructs both client's and server's SSL states, including session encryption keys to decipher the encrypted traffic.
DSSL does not "crack" SSL cryptography (it is virtually impossible). Instead, it reconstructs session's keying material using server's private RSA key.
DSSL toolkit is designed primarily for network monitoring, network security, traffic and protocol analyzing software, but also for any software products that process captured network traffic.
Due to growing market demand, more and more client-server systems and other network software start offering network traffic encryption through SSL/TLS - the leading standard in network data security. This trend is widely appreciated by the end users and security experts, but also presents a real challenge to a wide variety of software systems mentioned above.
Existing solutions to that dual-sword nature of SSL usually include dedicated SSL terminators or SSL proxies, which are clumsy, hard to maintain and greatly reduce the attractiveness, or even defeat the purpose, of using SSL. Ignoring the encrypted traffic is perceived as lack of functionality and, therefore, is hardly an option for a modern network monitoring or security product. The ability to speak SSL natively presents a much better choice indeed. So here comes DSSL.
Yes. Look into samples subdirectory.