• Registered: 2017-06-26
  • Posts: 5

Topic: wolfssl alert 40 + fatal error even when wolfssl_ctx_usesupportedcurve

I am trying to make a secure connection to howsmyssl.com using wolfssl. I work on an esp32 device using esp-idf and freertos as OS. Now, I managed to get the wolfssl library work with static ciphersuites enabled, but I want to use ECC. This gives me some errors though. Each time I try to make a connection, I get a fatal error. I searched the internet and this forum and found that this is probably due to the ciphersuite that is not supported by the server. I also found that I have to call wolfssl_CTX_UseSupportedCurve. However, even when I make the call, the error remains. Next to the normal freertos settings, I have defined the following settings:

    #define NO_DEV_RANDOM
    #define HAVE_AESGCM
    #define HAVE_AESGCM_DECRYPT
    #undef GCM_SMALL
    #define GCM_SMALL
    #define HAVE_SUPPORTED_CURVES
    #define HAVE_TLS_EXTENSIONS
    #define HAVE_ECC
    #define HAVE_AES
    #define DEBUG_WOLFSSL

From what I found on the internet, I think this should be enough to get it working.
The code I use to make the connection is a very basic example:

    int ret;
    WOLFSSL_CTX *ctx;
    WOLFSSL *ssl;
    int socket;
    struct sockaddr_in sock_addr;
    struct hostent *hp;
    struct ip4_addr *ip4_addr;

    int recv_bytes = 0;
    char recv_buf[OPENSSL_EXAMPLE_RECV_BUF_LEN];

    const char send_data[] = OPENSSL_EXAMPLE_REQUEST;
    const int send_bytes = sizeof(send_data);

    ESP_LOGI(TAG, "OpenSSL demo thread start OK");
    ESP_LOGW(TAG, "Size of long = %d, Size of longlong = %d\n", sizeof(long), sizeof(long long));
    ESP_LOGI(TAG, "get target IP address");
    hp = gethostbyname(OPENSSL_EXAMPLE_TARGET_NAME);
    if (!hp) {
        ESP_LOGI(TAG, "failed");
        goto failed1;
    }
    ESP_LOGI(TAG, "OK");

    ip4_addr = (struct ip4_addr *) hp->h_addr;
    ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));

    ESP_LOGI(TAG, "create SSL context ......");
    ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
    if (!ctx) {
        ESP_LOGI(TAG, "failed");
        goto failed1;
    }
    ESP_LOGI(TAG, "OK");
    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
    if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP160R1) != SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error2\n");
    }
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP160R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP160R2);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP192K1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP192R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP224K1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP224R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256K1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP384R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP521R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_BRAINPOOLP256R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_BRAINPOOLP384R1);
    wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_BRAINPOOLP512R1);
    ESP_LOGI(TAG, "create socket ......");
    socket = socket(AF_INET, SOCK_STREAM, 0);
    if (socket < 0) {
        ESP_LOGI(TAG, "failed");
        goto failed2;
    }
    ESP_LOGI(TAG, "OK");

    ESP_LOGI(TAG, "bind socket ......");
    memset(&sock_addr, 0, sizeof(sock_addr));
    sock_addr.sin_family = AF_INET;
    sock_addr.sin_addr.s_addr = 0;
    sock_addr.sin_port = htons(OPENSSL_EXAMPLE_LOCAL_TCP_PORT);
    ret = bind(socket, (struct sockaddr* )&sock_addr, sizeof(sock_addr));
    if (ret) {
        ESP_LOGI(TAG, "failed");
        goto failed3;
    }
    ESP_LOGI(TAG, "OK");

    ESP_LOGI(TAG, "socket connect to remote %s ......",
            OPENSSL_EXAMPLE_TARGET_NAME);
    memset(&sock_addr, 0, sizeof(sock_addr));
    sock_addr.sin_family = AF_INET;
    sock_addr.sin_addr.s_addr = ip4_addr->addr;
    sock_addr.sin_port = htons(OPENSSL_EXAMPLE_TARGET_TCP_PORT);
    ret = connect(socket, (struct sockaddr* )&sock_addr, sizeof(sock_addr));
    if (ret) {
        ESP_LOGI(TAG, "failed");
        goto failed3;
    }
    ESP_LOGI(TAG, "OK");

    ESP_LOGI(TAG, "create SSL ......");

    ssl = wolfSSL_new(ctx);
    if (!ssl) {
        ESP_LOGI(TAG, "failed");
        goto failed3;
    }
    ESP_LOGI(TAG, "OK");
    if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP160R1) != SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP160R2)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP192K1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP192R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP224K1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP224R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP256K1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP256R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP384R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP521R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_BRAINPOOLP256R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_BRAINPOOLP384R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    if(wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_BRAINPOOLP512R1)!= SSL_SUCCESS) {
        ESP_LOGE(TAG, "handle error\n");
    }
    wolfSSL_set_fd(ssl, socket);

    ESP_LOGI(TAG, "SSL connected to %s port %d ......",
            OPENSSL_EXAMPLE_TARGET_NAME, OPENSSL_EXAMPLE_TARGET_TCP_PORT);
    ret = wolfSSL_connect(ssl);
    if (!ret) {
        ESP_LOGI(TAG, "failed ");
        goto failed4;
    }
    ESP_LOGI(TAG, "OK");
    printf("READ THE CIPHER SUITE USED: %s\n", wolfSSL_get_cipher(ssl));
    ESP_LOGI(TAG, "send https request to %s port %d ......",
            OPENSSL_EXAMPLE_TARGET_NAME, OPENSSL_EXAMPLE_TARGET_TCP_PORT);
    ret = wolfSSL_write(ssl, send_data, send_bytes);
    if (ret <= 0) {
        ESP_LOGI(TAG, "failed");
        goto failed5;
    }
    ESP_LOGI(TAG, "OK");
    do {
        ret = wolfSSL_read(ssl, recv_buf, OPENSSL_EXAMPLE_RECV_BUF_LEN - 1);
        if (ret <= 0) {
            break;
        }
        recv_bytes += ret;
        ESP_LOGI(TAG, "%s", recv_buf);
    } while (1);

    ESP_LOGI(TAG, "totaly read %d bytes data from %s ......", recv_bytes,
            OPENSSL_EXAMPLE_TARGET_NAME);

    failed5: wolfSSL_shutdown(ssl);
    failed4: wolfSSL_free(ssl);
    ssl = NULL;
    failed3:
    close(socket);
    socket = -1;
    failed2: wolfSSL_CTX_free(ctx);
    ctx = NULL;
    failed1: vTaskDelete(NULL);
    return;

I know there are some checks missing, but this code still needs improvements. But for now, I just want to make sure the connection simply works. I also don't check the certificate of the server for now, also because I first want to get the handshake to work. I don't think this is a problem (as the certificate will only be checked after CLIENT_HELLO, which is the point where it fails at this moment).

When I flash the code to the esp32 and run it, the following is printed (the letters and numbers printed in the beginning of some lines are a result from the esp-idf source code):

I (6712) openssl_example: OpenSSL demo thread start OK
W (6712) openssl_example: Size of long = 4, Size of longlong = 8

I (6722) openssl_example: get target IP address
I (6752) openssl_example: OK
I (6752) openssl_example: 104.196.190.195
I (6752) openssl_example: create SSL context ......
wolfSSL Entering WOLFSSL_CTX_new_ex
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
I (6772) openssl_example: OK
wolfSSL Entering wolfSSL_CTX_set_verify
I (6782) openssl_example: create socket ......
I (6792) openssl_example: OK
I (6792) openssl_example: bind socket ......
I (6792) openssl_example: OK
I (6802) openssl_example: socket connect to remote 
I (6922) openssl_example: OK
I (6932) openssl_example: create SSL ......
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
I (6932) openssl_example: OK
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
I (6952) openssl_example: SSL connected to server port 443 ......
wolfSSL Entering SSL_connect()
growing output buffer

Shrinking output buffer

connect state: CLIENT_HELLO_SENT
received record layer msg
got ALERT!
Got alert
wolfSSL error occurred, error = 40
wolfSSL error occurred, error = -313
I (7092) openssl_example: OK
wolfSSL Entering wolfSSL_get_cipher
wolfSSL Entering SSL_get_current_cipher
wolfSSL Entering SSL_CIPHER_get_name
wolfSSL Entering wolfSSL_get_cipher_name_from_suite
READ THE CIPHER SUITE USED: NONE
I (7112) openssl_example: send https request to server port 443 ......
wolfSSL Entering SSL_write()
handshake not complete, trying to finish
wolfSSL Entering wolfSSL_negotiate
wolfSSL Entering SSL_connect()
ProcessReply retry in error state, not allowed
wolfSSL error occurred, error = -313
wolfSSL Leaving wolfSSL_negotiate, return -1
wolfSSL Leaving SSL_write(), return -1
I (7152) openssl_example: failed
wolfSSL Entering SSL_shutdown()
wolfSSL Leaving SSL_shutdown(), return -1
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0

However, when I run the same code with the extra setting BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256, I get:

I (2772) openssl_example: OpenSSL demo thread start OK
W (2772) openssl_example: Size of long = 4, Size of longlong = 8

I (2782) openssl_example: get target IP address
I (2832) openssl_example: OK
I (2832) openssl_example: 104.196.190.195
I (2832) openssl_example: create SSL context ......
wolfSSL Entering WOLFSSL_CTX_new_ex
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
I (2852) openssl_example: OK
wolfSSL Entering wolfSSL_CTX_set_verify
I (2852) openssl_example: create socket ......
I (2862) openssl_example: OK
I (2862) openssl_example: bind socket ......
I (2872) openssl_example: OK
I (2872) openssl_example: socket connect to remote 
I (12182) wifi: pm start, type:0

I (19442) openssl_example: OK
I (19442) openssl_example: create SSL ......
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
I (19442) openssl_example: OK
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
I (19462) openssl_example: SSL connected to server port 443 ......
wolfSSL Entering SSL_connect()
growing output buffer

Shrinking output buffer

connect state: CLIENT_HELLO_SENT
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering DoCertificate
Loading peer\'s cert chain
    Put another cert into chain
    Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Date BEFORE check failed
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeCrlDist
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Chain cert not verified by option, not adding as CA
Verifying Peer\'s cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Date BEFORE check failed
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Verified Peer\'s cert
wolfSSL Leaving DoCertificate, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
No KeyExchange required
processing server hello done
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
connect state: HELLO_AGAIN
connect state: HELLO_AGAIN_REPLY
connect state: FIRST_REPLY_DONE
connect state: FIRST_REPLY_FIRST
wolfSSL Entering SendClientKeyExchange
wolfSSL Entering RsaEnc
wolfSSL Leaving RsaEnc, return 0
growing output buffer

Shrinking output buffer

wolfSSL Leaving SendClientKeyExchange, return 0
sent: client key exchange
connect state: FIRST_REPLY_SECOND
connect state: FIRST_REPLY_THIRD
growing output buffer

Shrinking output buffer

sent: change cipher spec
connect state: FIRST_REPLY_FOURTH
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

sent: finished
connect state: FINISHED_DONE
received record layer msg
got CHANGE CIPHER SPEC
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing finished
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
connect state: SECOND_REPLY_DONE
Shrinking input buffer

wolfSSL Leaving SSL_connect(), return 1
I (20292) openssl_example: OK
wolfSSL Entering wolfSSL_get_cipher
wolfSSL Entering SSL_get_current_cipher
wolfSSL Entering SSL_CIPHER_get_name
wolfSSL Entering wolfSSL_get_cipher_name_from_suite
READ THE CIPHER SUITE USED:  TLS_RSA_WITH_AES_128_GCM_SHA256
I (20312) openssl_example: send https request to server port 443 ......
wolfSSL Entering SSL_write()
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

wolfSSL Leaving SSL_write(), return 103
I (20342) openssl_example: OK
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
growing input buffer

received record layer msg
got app DATA
wolfSSL Leaving ReceiveData(), return 1023
wolfSSL Leaving wolfSSL_read_internal(), return 1023
I (20492) openssl_example: HTTP/1.1 200 OK
Content-Length: 963
Access-Control-Allow-Origin: *
Connection: close
Content-Type: application/json
Date: Fri, 30 Jun 2017 10:34:28 GMT
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload

{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_RC4_128_SHA","TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_RC4_128_SHA","TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"],"ephemeral_keys_supported":true,"session_ticket_supported":false,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":["use
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
Shrinking input buffer

wolfSSL Leaving ReceiveData(), return 156
wolfSSL Leaving wolfSSL_read_internal(), return 156
I (20602) openssl_example: s RC4 which has insecure biases in its output"],"TLS_ECDHE_RSA_WITH_RC4_128_SHA":["uses RC4 which has insecure biases in its output"]},"tls_version":"TLS 1.
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload

{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_RC4_128_SHA","TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_RC4_128_SHA","TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"],"ephemeral_keys_supported":true,"session_ticket_supported":false,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":["use
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
growing input buffer

received record layer msg
got app DATA
Shrinking input buffer

wolfSSL Leaving ReceiveData(), return 18
wolfSSL Leaving wolfSSL_read_internal(), return 18
I (20722) openssl_example: 2","rating":"Bad"}secure biases in its output"],"TLS_ECDHE_RSA_WITH_RC4_128_SHA":["uses RC4 which has insecure biases in its output"]},"tls_version":"TLS 1.
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload

{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_RC4_128_SHA","TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_RC4_128_SHA","TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"],"ephemeral_keys_supported":true,"session_ticket_supported":false,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":["use
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
growing input buffer

received record layer msg
got ALERT!
Got alert
    close notify
wolfSSL error occurred, error = 0
wolfSSL error occurred, error = -343
Zero return, no more data coming
wolfSSL Leaving wolfSSL_read_internal(), return 0
I (20842) openssl_example: totaly read 1197 bytes data from server
wolfSSL Entering SSL_shutdown()
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

wolfSSL Leaving SSL_shutdown(), return 1
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0

So it looks like it is working. Because this does work, I think the problem is indeed that the ciphersuite is not given properly to the server (as I already found on the forum), but I don't know why because I think I do all the necessary calls and I think I have the correct settings. As you can also see in the output from the second call, the ciphersuites that are given are indeed also the ECC ciphersuites, but somehow, they are never selected by the server.

Share

  • Jacob
  • Moderator
  • Offline
  • Registered: 2014-08-21
  • Posts: 78

Re: wolfssl alert 40 + fatal error even when wolfssl_ctx_usesupportedcurve

Hi eques,

Thank you for sending the code to review and get a good idea of what is happening. After glancing over it I see that a certificate and private key is not being loaded? Adding a function calls for loading a certificate and private key should resolve the issue.

```
wolfSSL_CTX_use_certificate_buffer or wolfSSL_CTX_use_certificate_file
wolfSSL_CTX_use_PrivateKey_buffer or wolfSSL_CTX_use_PrivateKey_file
```

Regards,
Jacob

Share

  • Registered: 2017-06-26
  • Posts: 5

Re: wolfssl alert 40 + fatal error even when wolfssl_ctx_usesupportedcurve

Thanks a lot for the reply. I will try to use a certificate. I thought that this was not necessary.

Share

4 Reply by eques (edited by eques 2017-07-05 00:14:48)

  • Registered: 2017-06-26
  • Posts: 5

Re: wolfssl alert 40 + fatal error even when wolfssl_ctx_usesupportedcurve

I tried to load the certificate. However, when I read the documentation about the wolfSSL_CTX_use_PrivateKey_buffer function, it stated that this is used to load the server's private key. However, I am not building a server but a client, so I don't think I should use a private key either.
After I loaded the certificate, the error remains (but the debug log now does say that the certificate is successfully loaded).
Also, if I should use a private key, how do I get one? Because I can simply make one, but I don't think that wolfssl will than be able to decrypt because I never specified a public key?

UPDATE: When I do use a private key, it still won't work. I use the client-key.pem as provided in the examples folder from wolfssl. I still get the same error.

ANOTHER UPDATE: I managed to sniff my handshake and from all the ciphersuites that are sent, there are several that are supported by the server (according to ssllabs.com). So I don't think that the server should give me back a fatal error as he could use one of the ciphersuites that are given. When I use static key cipher suites, it succeeds, but as this is deprecated I do not want to use it.

I tried a request to google, and this succeeds. So I don't think there is anything wrong with my code but rather with the server I want to connect to.

Share

  • Jacob
  • Moderator
  • Offline
  • Registered: 2014-08-21
  • Posts: 78

Re: wolfssl alert 40 + fatal error even when wolfssl_ctx_usesupportedcurve

Hello eques,

After investigating it, the difference between the success case and failure is the ec_point_format extension being sent with client hello. wolfSSL currently does not support the ec_point_format and it looks like the server is not allowing ECDHE cipher suite without that extension.

Regards,
Jacob

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: wolfssl alert 40 + fatal error even when wolfssl_ctx_usesupportedcurve

Just as an update to this issue:

wolfSSL (Formerly CyaSSL) Release 3.12.2 (10/23/2017)

Release 3.12.2 of wolfSSL has bug fixes and new features including:

...

Added TLS extension for Supported Point Formats (ec_point_formats)

...

- Kaleb

Kaleb J. Himes's Website

Share