HTTPS payload decryption using root authorized private key
How could one decrypt HTTPS payload using a root authorized private-key in a .NET application?
C$details
MWhen you ask a question, make sure you include as much detail as possible. Such as code, the issue you are facing, what you expect the result to be, what .NET version you are using and what platform/environment (if any) are relevant to your question. Upload code here https://paste.mod.gg/, save, and copy the link into chat for others to see your shared code! (see $code for more information on how to paste your code)
CAbout the only thing I can say in response to a question that vague is ".NET provides classes to encrypt and decrypt data. Use them"
CWhere did this encrypted payload come from? Why wasn't it decrypted automatically using TLS when you downloaded it?
C(For example, you rarely use asymmetric crypto to encrypt something big, like a HTTP payload. You use the asymmetric keys to share some private session-specific symmetric keys, and then use those, as symmetric crypto is a lot quicker. So the question itself doesn't really make sense anyway, as normally HTTPS payloads aren't encrypted with asymmetric keys)
OHTTPS payloads captured using sharppcap. I have the private key from a trusted root certificate, I am just not sure of how to decrypt the array of bytes appropriately. I've tried researching for quite a while, but to no avail.
CYou can't, AFAIK.
CWell, unless you capture the TLS handshake
OI got the handshake.
OOHere's my current situation.
OI'm assuming this (but a lot more complex) is how Fiddler does it, since they also use a trusted root certificate key.
CIIRC fiddler MITM's the traffic?
OIt seems it does.
CI have the private key from a trusted root certificate
So you have the actual private key that the server used for the TLS connection? But you don't have the private key which the browser used?
Odangit
OI generated a self-signed one and added it to the trusted root certificates and do not have the browser one.
CSo the server was running on localhost, or...?
OYes.
CGoogling around, it seems the normal wya to do this is to configure the browser to create a key log file, which contains the various TLS session keys that it used. Wireshark at least can then use those to decrypt the traffic
OI'll have a look at giving that a shot, thanks.
CThis looks like your question: https://security.stackexchange.com/questions/71309/it-is-possible-to-decrypt-https-with-the-private-public-pair-if-it-uses-dhe
Information Security Stack Exchange
Assuming you have a PCAP file with HTTPS traffic and having the key pair (private & public), it is possible to decrypt the traffic if it uses Diffie Hellman Ephemeral? Using openSSL lib for exa...
OGoing out on a whim here, it's more or less the MITM route recommended?
OThe only thing is, I can't do that cause it would slow down the networking so it wouldn't be able to run infinitely while doing other stuff. It's meant to be a user application.
CI don't know if there is a "recommended" way to decrypt all encrypted traffic. That rather defeats the point of the encryption, no? 
OOf course.
CIt's explicitly meant to be hard to decrypt it, so it's likely that there are no "good" options
OThat's unfortunate. I'll have to stick with the chrome extension route of capturing the requests.
OThank you for your time once again, canton.
