1 (edited by PaulTLambert 2011-10-22 00:02:18)

Topic: TLS 1.2 support

I tested CyaSSL's TLS 1.2 server implementation via Internet Explorer 9 and Opera (TLS 1.2 enabled in both).  It works fine with Opera, but not IE.  Has anyone tested CyaSSL's TLS 1.2 with IE?  Should it work?

Specifically, I tested the CyaSSL server.exe sample under Win 7, making small changes to prevent requests for client certs and wrap the "fa shizzle" message with a valid HTTP/HTML response.

    SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);

I build and run server.exe, then go to https://localhost:11111.  In Opera, this works fine: I see the "fa shizzle" message in the browser window.  In IE, however, I get only a failed connection.  Debug output from CyaSSL (below) seems to indicate the IE terminated the handshake.  Any explanations or suggestions appreciated -- thanks.

CyaSSL Entering CYASSL_CTX_new
CyaSSL Leaving CYASSL_CTX_new, return 0
CyaSSL Entering SSL_CTX_set_verify
CyaSSL Entering SSL_CTX_set_default_passwd_cb
CyaSSL Entering SSL_CTX_load_verify_locations
Getting dynamic buffer
Processing CA PEM file
Adding a CA
    Parsed new CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
CyaSSL Leaving AddCA, return 0
   Processed a CA
CyaSSL Entering SSL_CTX_use_certificate_chain_file
Getting dynamic buffer
Growing Tmp Chain Buffer
Processing Cert Chain
   Consumed another Cert in Chain
Finished Processing Cert Chain
CyaSSL Entering SSL_CTX_use_PrivateKey_file
CyaSSL Entering SSL_new
CyaSSL Leaving SSL_new, return 0
CyaSSL Entering SSL_set_fd
CyaSSL Leaving SSL_set_fd, return 1
CyaSSL Entering CyaSSL_SetTmpDH
CyaSSL Leaving CyaSSL_SetTmpDH, return 0
CyaSSL Entering SSL_accept()
received record layer msg
CyaSSL Entering DoHandShakeMsg()
processing client hello
CyaSSL Leaving DoHandShakeMsg(), return 0
accept state HELLO_VERIFY_SENT
accept state SERVER_HELLO_SENT
growing output buffer

Shrinking output buffer

accept state CERT_SENT
accept state KEY_EXCHANGE_SENT
accept state CERT_REQ_SENT
accept state SERVER_HELLO_DONE
Embed Receive error
    Connection reset
CyaSSL error occured, error = -208
CyaSSL Entering SSL_get_error
CyaSSL Leaving SSL_get_error, return -208
CyaSSL Entering ERR_error_string
error = -208, error state on socket
yassl error: SSL_accept failed


Re: TLS 1.2 support

I've tracked down the problem in another context, so a similar solution probably applies here.  With TLS 1.2 enabled, IE doesn't accept RSA/MD5 certificates, but Opera does, as reported via the signature_algorithms hello extension.  Switching to an RSA/SHA-1 certificate made IE work with our embedded SSL library.  CyaSSL server.exe is apparently using a certificate not signed by one of the IE-approved signature/hash pairs.


Re: TLS 1.2 support

Thanks Paul.  I just checked in a patch yesterday that changes CyaSSL's default certificate generation to SHA-1 with RSA since iOS 5 no longer accepts MD5 with RSA either.  We'll update the CyaSSL test certificates on Monday and have a blog about these changes.

By the way, the echoserver example would probably be easier for you.  It doesn't have client verification and sends an HTTP reply if a GET is received, and runs in a loop. 

Thanks again,