1 (edited by petrich 2013-08-20 02:07:00)

Topic: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi There

It seems that wolfssl has problems verifying some (but not all) CA Certs if compiled with --enable-fastmath (wich is default)

For example:

unzip -q wolfssl-2.7.0.zip
cd wolfssl-2.7.0
./configure
make
wget http://www.cacert.org/certs/root.crt
./examples/client/client -h www.cacert.org -p 443 -v 1 -A root.crt

Result:

err = -188, ASN no signer error to confirm failure
yassl error: SSL_connect failed

If configured with

./configure --disable-fastmath

it works.

Result:

SSL version is TLSv1
SSL cipher suite is TLS_RSA_WITH_AES_256_CBC_SHA

Tested on Win7 x64 [AMD K10] with mingGW and Centos6 x64 [INTEL Xeon E31240] with gcc

Could you help?

(btw: Absolut great product... Thank you very much for it)

Greetings
Hans-Jürgen Petrich

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Hans-Jürgen,

Thanks for the report.  I'll look into this and get back to you.

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Hans-Jürgen,

The problem you are running into is being caused by the RSA key size.  root.crt uses a 4096-bit RSA key.

One of the less portable aspects of fastmath is the need for fixed buffers to reduce dynamic memory use.  By default, these buffers allow a 2048 bit X 2048 bit multiply into a 4096 bit buffer.  Since most sites are using 2048 bit RSA keys this is fine.  But for those sites that have a 4096 bit RSA key you'll need to increase the fastmath buffer size to 8192.  Since root.crt uses a 4096-bit RSA key, you'll need to increase the fastmath buffer size.  You can do this using the define:

FP_MAX_BITS

and setting it to 8192.  Unfortunately, this will also increase the runtime stack use since the buffers used in the public key operations are bigger.

So, try:

cd wolfssl-2.7.0
make clean
./configure C_EXTRA_FLAGS="-DFP_MAX_BITS=8192"
make
wget http://www.cacert.org/certs/root.crt
./examples/client/client -h www.cacert.org -p 443 -v 1 -A root.crt -g

Let me know if that works for you.

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Chris

I Understand. Thank you very much for your explanation. I was guessing similar.
After defined FP_MAX_BITS >= 8192 it works.

Maybe you could mention it in the API doc's somewhere, ie at wolfSSL_CTX_set_verify() and/or in the INSTALL?


Another question... just for understanding:
If i understand it right, wolfSSLv23_client_method() is meant connecting to a SSL/TLS server with the highest possible SSL/TLS protocol, beginning from TLSv1.2 down to TLSv1.1 -> TLSv1 -> SSLv3

I noticed that if a SSL/TLS Server supports (only) SSLv3 and TLSv1 but not TLSv1.1/TLSv1.2 the connect will failed if using wolfSSLv23_client_method(), but will work only when using wolfTLSv1_client_method() or wolfSSLv3_client_method()

For example cacert.org (Supports SSLv3 and/or TLSv1, but not TLSv1.1/TLSv1.2):

using wolfSSLv23_client_method()

./examples/client/client -h www.cacert.org -p 443 -d
err = -226, record layer version error
yassl error: SSL_connect failed

using wolfSSLv3_client_method():

./examples/client/client -h www.cacert.org -p 443 -d -v 0
SSL version is SSLv3

using wolfTLSv1_client_method():

./examples/client/client -h www.cacert.org -p 443 -d -v 1
SSL version is TLSv1

While on a SSLv3, TLSv1, TLSv1.1, TLSv1.2 capable server, like google.com, wolfSSLv23_client_method() works fine, ie:

./examples/client/client -h google.com -p 443 -d
SSL version is TLSv1.2

So my question is, is there maybe a bug in wolfSSLv23_client_method() or is wolfSSLv23_client_method() meant only for SSLv3/TLSv1 servers, using the highest possible SSL/TLS version?

Thank you for your time.
Greetings
Hans-Jürgen

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Ahh, Chris... forget my last post about the wolfSSLv23_client_method()  roll ... i din't see that /examples/client/client not using wolfSSLv23_client_method() as default, but wolfTLSv1_2_client_method() ... which, of course will fail then on cacert.org

But i (still) have a similar problem with wolfSSLv23_client_method() on a SSLv3/TLSv1 Server... have to check it again.

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Hans-Jürgen,

I just tested against www.cacert.org:443 using our example client and the wolfSSLv23_client_method(), and the connection worked ok for me.

To do the test, I just made a quick change of wolfSSLv3_client_method() to wolfSSLv23_client_method() in client.c (just a quick and dirty change to let me select it using "-v 0" from the command line), then did:

make clean
make
./examples/client/client -h www.cacert.org -p 443 -d -v 0 -g

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Chris,
can confirm that. Was, as said, my fault.

Background was:
I had some trouble with an SSL/TLS Server (hobana.freenode.net) [using TLSv1 or SSLv3 protocol] where it is required using a client cert if connecting with TLSv1, but if connecting with SSLv3 the Server does not requiring a cert from the client.

Strange anyhow, or?

I was connecting to the server using wolfSSLv23_client_method()... but did'nt load a cert.

Because wolfSSLv23_client_method() is, of course, using TLSv1 first, the SSL_connect() failed with -1.
But was working with wolfSSLv3_client_method().

I wrongly was thinking then something with wolfSSLv23_client_method() is wrong... but did'nt realize that this Server, only in TLSv1, is requiring a client cert, which i not gave. That why the SSL_connect() failed with an alert.

Was testing it then with cacert.org... and the connect failed also. But the connect failed because default was TLSv1.2 ... which cacert does not support....

But now it's all clear smile

... thank you again for helping, and for wolfSSL embedded SSL!

Greetings
Hans-Jürgen  smile

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Hans-Jürgen,

Ok, thanks for the clarification.  I'm glad we were able to get things figured out!

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Chris

i hope i'm not wasting your time... but after additional TLS tests with the mentioned SSL/TLS server i'm, currently, not sure anymore where (and why smile ) i stuck.

I was assuming that the SSL/TLS Server hobana.freenode.net (port 7000) accepting TLSv1 connects only if the client providing a cert.

Because with a client cert it works:

./examples/client/client -h hobana.freenode.net -p 7000 -v 1 -d -c certs/client-cert.pem -k certs/client-key.pem

While without a client cert it does'nt work:

./examples/client/client -h hobana.freenode.net -p 7000 -v 1 -d -x
(err = -213, revcd alert fatal error)

I was double check this then with openssl's client, providing no client cert too and, in wonder, openssl can connect successfully without a client cert:

openssl s_client -connect hobana.freenode.net:7000 -tls1

So now i'm, again, not sure why wolfSSL is unable connecting to hobana.freenode.net (port 7000) with TLSv1 without a client cert while openssl can.

Do you have any idea?

Thank you.
Hans-Jürgen :-)

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Hans-Jürgen,

The reason that OpenSSL worked in this case is because when s_client received the client certificate request, it was sending a blank client certificate automatically (without you having to load one).  With wolfSSL 2.7.0 on the other hand, if the application didn't load a client certificate, and the server requested one, wolfSSL wouldn't send a blank client certificate with TLS 1.0 or TLS 1.1 because it wasn't required by the RFC.  Only with TLS 1.2 (as required).

We just fixed this issue as of this commit (https://github.com/cyassl/cyassl/commit … 6e99d21ac6).  If you update to our latest GitHub code, your connection should now work as expected.  wolfSSL will now send a blank client certificate for TLS 1.0, 1.1, and 1.2 if the server requests one and the application has not loaded a client certificate.

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Chris, thank you for your explanation... very interesting.
Building with the latest github source... it works smile

Best greetings... and thank you again for your time
Hans-Jürgen

Share

12 (edited by cuzz 2013-09-22 05:17:19)

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

I have the same problem , and the problem exists after compiling it with "-DFP_MAX_BITS=8192".

wolfSSL was got from github, the version is " Sep 20, 2013,  master branch  commit bdb8b9396c "

I compiled the source code on Windows 7 with VS2010.

client.exe -h vpn-students.poly.edu -p 443 -v 1

Reuslt:

err = -188, ASN no signer error to confirm failure
yassl error: SSL_connect failed

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Cuzz,
it seems that your case is an other issue.
Did you try loading the proper certificate authority file with -A ?

I did. And it works.
The cert issuer on this SSL/TLS Server is GeoTrust. So i downloaded: http://www.geotrust.com/resources/root_ … bal_CA.pem first.

wget -O ../../certs/GeoTrust_Global_CA.pem http://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem
client.exe -h vpn-students.poly.edu -p 443 -v 1 -A certs/GeoTrust_Global_CA.pem

Result:

peer's cert info:
 issuer : /C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA
 subject: /C=US/ST=New York/L=Brooklyn/O=Polytechnic Institute of New York University/OU=Information Systems/CN=vpn-students.poly.edu
 altname = vpn-students.poly.edu
 serial number:01:82:4c
SSL version is TLSv1
SSL cipher suite is TLS_RSA_WITH_AES_256_CBC_SHA

Should work with your client.exe also.
Greetings Hans-Jürgen

Share

14 (edited by cyberrobot 2014-05-15 10:12:40)

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hello I'm working on a wolfSSL project at the moment and I was wondering how to port some certifications on my application.  The only example that works is that mention before on this thread for "vpn-students.poly.edu".

If I use a root certificate at .pem format from cacert.org the ssl authentication fails:

Failed to verify Peer's cert
    No callback override available, fatal

The certificate I use is attached.

The code functions I use are the following:


wolfSSL_Debugging_ON();
wolfSSL_Init();

ssl->method=wolfTLSv1_client_method();
        
ssl->ctx = wolfSSL_CTX_new(ssl->method);

wolfSSL_CTX_set_verify(ssl->ctx, SSL_VERIFY_PEER, 0);

wolfSSL_CTX_load_verify_locations(ssl->ctx,"./cacert.pem",0);
/*or  converted with hexdump*/
wolfSSL_CTX_load_verify_buffer(sock_ssl->ctx,eco_cert,sizeof(eco_cert), SSL_FILETYPE_PEM);
    
ssl->ssl = wolfSSL_new(ssl->ctx);

wolfSSL_set_fd(ssl->ssl, ssl->ID);
        ret=wolfSSL_connect(ssl->ssl);
        if (ret!= SSL_SUCCESS){err = wolfSSL_get_error(sock_ssl->ssl, ret);}


The Error Code i get is -155.... can anyone provide any advise...

Post's attachments

cacert.pem 2.55 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi cyberrobot,

Are you still having problems with finding the correct root certificate to load to verify the server you are connecting to?

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Dear Chrisc,

My problems on finding the proper certificates still exists, after may trials I found some combinations that worked. Although I would be very cheerfull for a better understanding.

The combinations which worked for me are the following:

. google. com      Equifax_Secure_CA.pem
. paypal. com     Verisign_Class_3_Public_Primary_Certification_Authority.pem
. amazon. co.uk Verisign_Class_3_Public_Primary_Certification_Authority.pem

But the following combination make me wondering:

https:// www. microsoft. com GTE_CyberTrust_Global_Root.pem

because it did not verified.

I grabed these certificates from my Linux machine under /etc/ssl/certs path.

Could you please provide me some info about the certificated wolfssl needs in order to verify the server. I read on the wolfssl manuals that it uses the ROOT CA certifictes, these certificates are self signed rigth? If I use a self extracted and self signed certificate would it work?

Could you please provide some info or examples with public servers would be very appreciated!

Where can I find more info about the extraction of certificates and how do you extract/use them?

I use the wolfSSL_CTX_load_verify_locations() and the wolfSSL_CTX_load_verify_buffer() depending the platform I use (PC / embedded device).

Best Regards,
Cyberrobot

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Hi Cyberrobot,

Yes, wolfSSL requires that the root CA certificate be loaded in order to verify the peer's certificate.  If there are intermediate certificates in the chain as well, but the peer doesn't send them, wolfSSL will need to have those intermediate certs loaded as well (in order to verify the integrity of the cert chain).

For example, if you have a cert chain that looks like:

RootCA -> IntCA -> Peer

If you only load RootCA into a wolfSSL server, and the peer only sends "Peer", wolfSSL won't be able to verify the chain unless "IntCA" is loaded as well.

It looks like https://www.microsoft.com is signed by the "Baltimore CyberTrust Root".  It looks like you may have the wrong root CA for the microsoft server.  Maybe they updated it after your cert bundle was created?

I usually use the "openssl s_client" command to view the certificate chain for a given server.  For example, to view the cert chain for microsoft.com, you could do:

openssl s_client -connect microsoft.com:443 -showcerts

Which shows the cert chain and the root CA as the "Baltimore CyberTrust Root".

Best Regards,
Chris

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

Many thanks for your time!

Share

Re: CAcert.org's CA cert verify failed but with--disable-fastmath it works

I have the same problem , and the problem exists after calling "wolfSSL_connect" function.The client program I built in the Linux environment cannot successfully connect to the server after loading the CA certificate of the Linux system. But when I use the OpenSSL interface to do the same, I can connect to the server.
The code functions I use are the following:

if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
        fprintf(stderr, "ERROR: Failed to initialize the library\n");
        goto socket_cleanup;
    }

    /* Create and initialize WOLFSSL_CTX */
    if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
        fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
        ret = -1;
        goto socket_cleanup;
    }

    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);

    /* Load client certificates into WOLFSSL_CTX */
    if ((ret = wolfSSL_CTX_load_verify_locations(ctx,"/etc/ssl/certs/ca-certificates.crt", NULL))
         != SSL_SUCCESS) {
        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
                CERT_FILE);
        goto ctx_cleanup;
    }

    /* Create a WOLFSSL object */
    if ((ssl = wolfSSL_new(ctx)) == NULL) {
        fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
        ret = -1;
        goto ctx_cleanup;
    }

    /* Attach wolfSSL to the socket */
    if ((ret = wolfSSL_set_fd(ssl, sockfd)) != WOLFSSL_SUCCESS) {
        fprintf(stderr, "ERROR: Failed to set the file descriptor\n");
        goto cleanup;
    }

    /* Connect to wolfSSL on the server side */
    if ((ret = wolfSSL_connect(ssl)) != SSL_SUCCESS) {
        fprintf(stderr, "ERROR: failed to connect to wolfSSL\n");
        ret = wolfSSL_get_error((const WOLFSSL *)(ssl), ret);
        fprintf(stderr, "wolfSSL_get_error:%d\n",ret);
        goto cleanup;
    }

The Error Code i get is -188.
The purpose of my test here is to try to replace the OpenSSL library with wolfssl. In the same connection operation, OpenSSL can connect successfully, but wolfssl connection fails.
ca-certificates.crt file is the certificate file that comes with Linux system installation(Certificate directory:/etc/ssl/certs/ca-certificates.crt).

Share