Add support for KeyLogWriter

[kegsay]

Summary

TLS configs in Go have a KeyLogWriter which writes secrets for easy decryption later (e.g for use with Wireshark). This is similar to curl's SSLKEYLOGFILE= env var. Please can you add the ability to do this in dtls.Config.

Motivation

It's useful to be able to decrypt DTLS streams when debugging/testing. This feature is available in tls.Config - https://golang.org/pkg/crypto/tls/#Config

    // KeyLogWriter optionally specifies a destination for TLS master secrets
    // in NSS key log format that can be used to allow external programs
    // such as Wireshark to decrypt TLS connections.
    // See https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format.
    // Use of KeyLogWriter compromises security and should only be
    // used for debugging.
    KeyLogWriter io.Writer // Go 1.8

[Sean-Der]

I would love to accept a PR for this! You can intercept/write the values where it initialize the CipherSuite. here and here

I think you can accomplish what you want today with Export. The state doesn't export its members, but you can use reflection/unsafe to access the private members.

From there you have the keying material, CipherSuite and enough info to even assert if you lost any packets in your capture!