I am testing sslkeylog python package to exact TLS master secret as below. I was successfully get the master_key, however the outoupt is hard to understand. What is the encoding of the following b'' output?
>>> sslkeylog.get_master_key(ssocket)
b'\xf1p&r\xc9C\xc1\xf4\xf8\x95A_\xbc\x89D\xa3\x1f\xc1sk\x1e:~\x9d\x99N \xe5\xa3\x91\x89\x8c%\xe9\xde\x92\x85\xdcD\x95\xaf\xc7\x08;\xaa=\x1a\x85'
I would expect the key to be something like this:
b952802eadeb7c1ac95910cfe094b24bc194a64fd20cbdbc48bc9801155fa20e
By knowing the encoding, i would like be able to get the decoded version.
What you're seeing isn't an encoding -- it's the lack of one, represented as a bytestring in Python syntax. Thus, you're seeing raw bytes, serialized with Python's native literal syntax (using \xDD to represent unprintable bytes with a pair of hex digits).
>>> key = b'\xf1p&r\xc9C\xc1\xf4\xf8\x95A_\xbc\x89D\xa3\x1f\xc1sk\x1e:~\x9d\x99N \xe5\xa3\x91\x89\x8c%\xe9\xde\x92\x85\xdcD\x95\xaf\xc7\x08;\xaa=\x1a\x85'
>>> print(binascii.b2a_hex(key).decode('ascii'))
f1702672c943c1f4f895415fbc8944a31fc1736b1e3a7e9d994e20e5a391898c25e9de9285dc4495afc7083baa3d1a85
This is as you should expect: SSL keys are deliberately high-entropy data; they're supposed to look random. Human-printable versions are modified to be encoded in ways that make sense to readers, but you can't expect that to be what's actually in use in RAM.