Hi, we are testing WolfSSL (v4.8.1) JNI/JSSE to develop a Java based TLS 1.3 PSK only server for a project. In this project we plan   to use TLS13-AES128-CCM-SHA256 cipher.

The issue we are having is the server doesn't work with TLS13-AES128-CCM-SHA256 but works fine with other cipher such as TLS13-AES128-GCM-SHA256.

When we check the cipher suite name in MyPskServerCallback() using ssl.cipherGetName(), we get NONE when TLS13-AES128-CCM-SHA256 is used; but getting proper cipher name when, for example TLS13-AES128-GCM-SHA256 is used.

Also, C version of the server (wolfssl/examples/server/server) works fine for all ciphers including TLS13-AES128-CCM-SHA256.

We have configured WolfSSL using the following commands:

$./configure --enable-jni --enable-tlsx --enable-psk --enable-aesccm --enable-debug --enable-errorstrings

We have made the following changes to the examples/Server.java to make it accept TLS13-AES128-CCM-SHA256:

diff --git a/examples/Server.java b/examples/Server.java
index 0604253..d2e471e 100644
--- a/examples/Server.java
+++ b/examples/Server.java
@@ -25,6 +25,7 @@ import java.nio.*;
import java.nio.charset.Charset;
import java.nio.charset.CharsetEncoder;
import java.nio.charset.CharacterCodingException;
+import java.util.Arrays;

import com.wolfssl.WolfSSL;
import com.wolfssl.WolfSSLSession;
@@ -61,7 +62,7 @@ public class Server {
         /* config info */
         boolean useIOCallbacks = false;      /* test I/O callbacks */
         String cipherList = null;            /* default cipher suite list */
-        int sslVersion = 3;                  /* default to TLS 1.2 */
+        int sslVersion = 4;                  /* default to TLS 1.3 */
         int verifyPeer = 1;                  /* verify peer by default */
         int doDTLS = 0;                      /* don't use DTLS by default */
         int useOcsp = 0;                     /* don't use OCSP by default */
@@ -106,7 +107,7 @@ public class Server {
                     if (args.length < i+2)
                         printUsage();
                     sslVersion = Integer.parseInt(args[++i]);
-                    if (sslVersion < 0 || sslVersion > 3) {
+                    if (sslVersion < 0 || sslVersion > 4) {
                         printUsage();
                     }

@@ -238,6 +239,9 @@ public class Server {
                 case 3:
                     method = WolfSSL.TLSv1_2_ServerMethod();
                     break;
+                case 4:
+                    method = WolfSSL.TLSv1_3_Method();
+                    break;
                 case -1:
                     method = WolfSSL.DTLSv1_ServerMethod();
                     break;
@@ -297,9 +301,10 @@ public class Server {

             /* set cipher list */
             if (cipherList == null) {
-                if (usePsk == 1)
-                    ret = sslCtx.setCipherList("DHE-PSK-AES128-GCM-SHA256");
-                    needDH = 1;
+                if (usePsk == 1) {
+                    ret = sslCtx.setCipherList("TLS13-AES128-CCM-SHA256");
+                }
+                needDH = 0; //only if DHE-xxx is selected
             } else {
                 ret = sslCtx.setCipherList(cipherList);
             }
@@ -308,7 +313,7 @@ public class Server {
                 System.out.println("failed to set cipher list, ret = " + ret);
                 System.exit(1);
             }
-
+               
             /* set OCSP options, override URL */
             if (useOcsp == 1) {

@@ -631,8 +636,8 @@ public class Server {
         System.out.println("Java example server usage:");
         System.out.println("-?\t\tHelp, print this usage");
         System.out.println("-p <num>\tPort to connect to, default 11111");
-        System.out.println("-v <num>\tSSL version [0-3], SSLv3(0) - " +
-                "TLS1.2(3)), default 3");
+        System.out.println("-v <num>\tSSL version [0-4], SSLv3(0) - " +
+                "TLS1.3(4)), default 4");
         System.out.println("-l <str>\tCipher list");
         System.out.println("-c <file>\tCertificate file,\t\tdefault " +
                 "../certs/client-cert.pem");

---------------
We have also modified the callback function to accept our test PSK which is 0x40.... 0x4f

We use openssl client for testing:

$openssl s_client -connect 127.0.0.1:11111 -psk 404142434445464748494a4b4c4d4e4f -tls1_3 -ciphersuites TLS_AES_128_CCM_SHA256

And we start the server as:

$ ./examples/server.sh -s -v 4 -l TLS13-AES128-CCM-SHA256    under wolfssl-jni

Below is the response we get:

CONNECTED(00000003)
140316441019712:error:1421C0F8:SSL routines:set_client_ciphersuite:unknown cipher returned:../ssl/statem/statem_clnt.c:1333:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 93 bytes and written 280 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Like I have mentioned, this call works if we choose TLS13-AES128-GCM-SHA256 as the cipher on both client and server.

Any help will be highly appreciated.

Thanks in advance