• Registered: 2018-11-15
  • Posts: 6

Topic: [SOLVED] Errors during handshake

Hi guys!

I am sorry for disturbing you but we have a problem with wolfSSL:
https://github.com/espressif/esp-wolfss … sdk_v2.x.x

I am trying to connect to the customer's server through a tls connection. I received CA file from him and I can connect to his server using, for example, openssl utility.

openssl s_client -CAfile ca.pem -tls1_2 -host iot-stg.dealor.co.il -port 443 -servername iot-stg.dealor.co.il

It is output of this command:

SSL handshake has read 3414 bytes and written 298 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 8BB90C08D0FD7639681B9DDCA96EDD6C5000FA550CC27B2E6144ABB5657C0BAE
    Session-ID-ctx:
    Master-Key: 2429B05412CB4451FB28A572672C94F3FF69FCBECB3BC8D54A1961CA41AD8D97E418B1CE0A15AA269B5024CADDAF1CB6
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - 2f da 6a 7e 61 31 8f d1-f7 b0 a7 58 53 94 7d e5   /.j~a1.....XS.}.
    0010 - d1 84 91 26 34 f6 fe d4-68 11 5f 26 bf a8 79 0e   ...&4...h._&..y.
    0020 - 1b 66 0f f3 88 9c e3 1f-e1 04 ac b5 4a 65 32 68   .f..........Je2h
    0030 - 33 67 31 e4 71 16 85 88-d6 39 44 ae fc 99 aa 2b   3g1.q....9D....+
    0040 - a9 40 b2 2b fa fa ed ee-65 cd cd a8 f8 bd 24 08   .@.+....e.....$.
    0050 - 36 49 02 96 35 e9 bb 79-5f 39 76 90 bb d1 ef 87   6I..5..y_9v.....
    0060 - bc 08 6f 6c 2b 61 b1 df-4a 24 5d 86 70 22 18 b6   ..ol+a..J$].p"..
    0070 - f4 5b a1 d8 d4 2f 5d 72-93 65 84 24 77 29 49 2e   .[.../]r.e.$w)I.
    0080 - 2f 45 0b 7b 6a b8 ef f3-b1 cc 5d 75 52 56 32 25   /E.{j.....]uRV2%
    0090 - 1e aa 30 f9 43 89 f8 83-b2 7e 85 19 45 0c 19 44   ..0.C....~..E..D
    00a0 - d8 51 8a 28 67 03 3b fb-dc aa dc 30 01 ba 7d d3   .Q.(g.;....0..}.
    00b0 - 6c 96 21 9f 15 61 9f 50-46 39 82 cb 97 09 99 57   l.!..a.PF9.....W
    00c0 - 2b 48 34 fd f2 4c 48 fb-74 1f a8 95 30 b0 43 7c   +H4..LH.t...0.C|

    Start Time: 1542192588
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes

But I can’t connect from your demo example.

What can be wrong?

The project, its log and CA file are attached to this message.

Thank you in advance.

Regard, Alex.

Post's attachments

Solutions.rar 702.54 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] Errors during handshake

Hi oleksandr.tymoshenko,

Thank you for reaching out to wolfSSL with your questions!

In the README for the esspressif example did you follow the steps:

STEP 3: Modify Makefile to define WOLFSSL_USER_SETTINGS
STEP 4: Copy user_setting.h to your project's include folder
since WOLFSSL_USER_SETTINGS is defined, it'll allow you to use the setting by yourself in user_setting.h.

If so can you tell me what settings are in your user_settings.h header?

Have you defined these two settings?

#define HAVE_ECC
#define HAVE_CURVE25519

If not the connection will not work. I ran a scan against the target and the only supported cipher suites are below, they all use curve25519 (HAVE_CURVE25519) and ECDHE (HAVE_ECC) for key exchange:

scan report for iot-stg.dealor.co.il (35.198.100.186)
Host is up (0.19s latency).
rDNS record for 35.198.100.186: 186.100.198.35.bc.googleusercontent.com

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ecdh_x25519) - A
|     compressors: 
|       NULL
|     cipher preference: server
|_  least strength: A

I can also test successfully from our default client app on a host PC so it looks like you just need to configure the library to support the same features as your target and you will be good to go!

$kalebhimes/wolfssl$ ./examples/client/client -h iot-stg.dealor.co.il -p 443 -d -g

peer's cert info:
 issuer : /O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
 subject: /O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
 altname = ingress.local
 serial number:4d:75:69:c3:b8:24:f6:80:ae:4a:7b:b6:0c:71:6f:a8 
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
SSL curve name is SECP256R1
Client Random : 43EF32C80F0BABE85150A4F7422B6BBD2A81901380A117A6CBF5A4194F959A3F
SSL connect ok, sending GET...
HTTP/1.1 404 Not Found
Server: nginx/1.15.5
Date: Thu, 15 Nov 2018 23:17:28 G
MT
Content-Type: text/plain; charset=utf-8
Content-Length: 21
Connection: cl

Kaleb J. Himes's Website

Share

  • Registered: 2018-11-15
  • Posts: 6

Re: [SOLVED] Errors during handshake

Hi Kaleb!

Thank you for rapid an answer! ))

Those defines added but it did not help.

It is a list of defines for my wolfSSL:

#define WOLFSSL_LWIP
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#define NO_INLINE
#define NO_WOLFSSL_MEMORY
#define HAVE_PK_CALLBACKS
#define WOLFSSL_KEY_GEN
#define WOLFSSL_RIPEMD
#define USE_WOLFSSL_IO
#define WOLFSSL_STATIC_RSA
#define NO_DH
#define NO_MD4
#define NO_DES3
#define NO_DSA
#define NO_RC4
#define NO_RABBIT
#define HAVE_ECC
#define WC_NO_HARDEN
#define FREERTOS
#define WOLFSSL_TYPES
#define NO_FILESYSTEM
#define WOLFSSL_ALT_CERT_CHAINS
#define WOLFSSL_ALLOW_TLSV10
#define WOLFSSL_SMALL_STACK
#define SMALL_SESSION_CACHE

// It was edded by me
#define HAVE_CURVE25519
#define DEBUG_WOLFSSL

Share

  • Registered: 2018-11-15
  • Posts: 6

Re: [SOLVED] Errors during handshake

I connected to www.howsmyssl.com and this server said that this is my cipher suite:

"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
"TLS_RSA_WITH_AES_256_CBC_SHA256"
"TLS_RSA_WITH_AES_128_CBC_SHA256"
"TLS_RSA_WITH_AES_256_CBC_SHA"
"TLS_RSA_WITH_AES_128_CBC_SHA"

Also I got cipher suite for server

https://www.ssllabs.com/ssltest/analyze … alor.co.il

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

I can see that the server and client has common cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

But a connection is not establishing

Share

  • Registered: 2018-11-15
  • Posts: 6

Re: [SOLVED] Errors during handshake

We added on the server missing cipher suites but that did not help.

When I try to connect using of openssl I can connect only if I use  -servername option. For example:

openssl s_client -CAfile ca.pem -tls1_2 -host iot-stg.dealor.co.il -port 443 -servername iot-stg.dealor.co.il

What does mean this? How can I use this when working with library?

Regards, Alex.

Share

6 Reply by oleksandr.tymoshenko (edited by oleksandr.tymoshenko 2018-11-23 04:08:44)

  • Registered: 2018-11-15
  • Posts: 6

Re: [SOLVED] Errors during handshake

It is solved.

The main reason why the device failed to connect to the server is missing the wolfSSL_CTX_UseSNI call. So when I added it, my device connected to the server.

    if (sniHostName)
        if (wolfSSL_CTX_UseSNI(ctx, 0, sniHostName,
                    (word16) XSTRLEN(sniHostName)) != WOLFSSL_SUCCESS) {
            wolfSSL_CTX_free(ctx);
            printf("UseSNI failed\n");
    }

Where sniHostName is static char* sniHostName. It is the name of my server

I wish you all good luck! ))))

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] Errors during handshake

Hi oleksandr.tymoshenko,

Sorry for the delayed response! Glad to hear this was resolved by using the Server Name Indication Extension (SNI)!


Warm Regards,

- K

Kaleb J. Himes's Website

Share