eduardsui / tlse Goto Github PK
View Code? Open in Web Editor NEWSingle C file TLS 1.2/1.3 implementation, using tomcrypt as crypto library
License: Other
tlse's People
Contributors
Stargazers
Watchers
Forkers
alcaro emuxevans leonardolang longjohncoder 19317362 skyformat99 yutarohayakawa dreamlich yasirmx francois-berder caddier dio moneytech ybbarng sgnls 4144 laanak08 lichnak emilfihlman dhaozi stangelandcl halx99 abelviageiro starrysec happysky2046 maimang9 napat marciopocebon 5l1v3r1 modasi fengjixuchui boyliang king-etc chenrufeng turbo ausimian pengwang7 psk7 mskd12 leeyzcoder mladinox crackercat appkoders linarcx airr romirand ajunlonglive goldguyu xth classic130 tearitco fengjijiao marcelocanales breakertt adamatom drozdovsky fadinglr xiaoxiaozhu5 velho luciferdarkknight svaaz linpinjin y11en gmh5225 peiga clayne avykhovanets data-gami biot2 ebell495 theworlllllllld fabianruizf cyberflamego wertzui123 mxu9 ismart-omari 2035go southdy dowdt gu-cryptography lambwheit 734883234 watsug public-domaintlse's Issues
SSL_new() returns NULL in client mode
Hi,
The following code works in OpenSSL:
SSL_CTX* ctx;
SSL* myssl;
SSL_library_init();
ctx = SSL_CTX_new(SSLv23_client_method());
myssl = SSL_new(ctx);
fprintf(stderr, "%p\n", myssl);
<.....>
But it fails in TLSE. The 'myssl'-pointer gets the value NULL, because the 'tls_accept()' functions returns NULL for the condition 'context->is_server', which has value 0.
Regards
Unnecessary _tls_ssl_private_send_pending in SSL_read
You may consider removing _tls_ssl_private_send_pending from SSL_read. In multi-thread environment nobody expects SSL_read to send buffered data. When SSL_read and SSl_write are called from separate threads, the encryption flow may break. There is no way to synchronize SSL_read and SSl_write, 'cause these methods must be asynchronous.
certificate_verify() is not called when using a TSL 1.3 client
Using the sample applications tlsclienthello and tlssimple server I set the tlsclienthello to use TLS 1.3 on line 104 and when I ran the application it all worked fine, except validate_certificate() was not called. After debuging the application I found that CHECK_SIZE on line 6766 fails in the function tls_parse_certificate() which results in no certificates being loaded into the context. The value in size_of_all_certificates is 1 greater than buf_len - res so it fails with a need more data error. I changed the way the validation is done with the following code which ends up loading the certificates.
int size = size_of_all_certificates;
#ifdef WITH_TLS_13
if ((context->version == TLS_V13) || (context->version == DTLS_V13)) {
int context_size = buf[res];
res++;
size--;
// must be 0
if (context_size)
res += context_size;
}
#endif
CHECK_SIZE(size, buf_len - res, TLS_NEED_MORE_DATA);
After the call to tls_parse_certificate() completes I had to change the function tls_parse_payload() as follows because certificate_verify() was not called due to context->is_server being 0.
#ifdef WITH_TLS_13
if ((context->version == TLS_V13) || (context->version == DTLS_V13)) {
if (context->connection_status == 2) {
payload_res = tls_parse_certificate(context, buf + 1, payload_size, context->is_server);
if (context->is_server) {
if ((certificate_verify) && (context->client_certificates_count))
certificate_verify_alert = certificate_verify(context, context->client_certificates, context->client_certificates_count);
// empty certificates are permitted for client
if (payload_res <= 0)
payload_res = 1;
}
else {
if ((certificate_verify) && (context->certificates_count))
certificate_verify_alert = certificate_verify(context, context->certificates, context->certificates_count);
}
} else
payload_res = TLS_UNEXPECTED_MESSAGE;
} else
#endif
Error in server side large object receiving
In latest version of tlse, it seems it has error in large size object receiving. I wrote simple tlse server which receives 3 types of object (small: 2000B, tls_message_max_size: 16384B, large: 8192000B) and the first and second cases have no problem, but third case will fails. Below is the last few lines of debug messages generated from tlse.
INTEGRITY CHECK FAILED (msg length 8192)
TAG RECEIVED (16): 6F F0 E0 DA 18 32 39 26 56 7C 71 29 9C 4D 9C 1C
TAG COMPUTED (16): 7A 0B 42 4F 1E 14 51 BF 6B 1B 99 07 1B 20 60 0A
Consumed -11 bytes
ERROR IN CONSUME: -11
It seems the MAC calculation fails.
I attached the reproduction code. The usage is below. Note that it requires git, python2.7 and openssl.
$ tar xvf tlse_error.tar.gz
$ cd tlse_error
$ ./setup.sh
# Please hit enter for several times to generate self signed certificate
$ (DEBUG=1 for debugging mode) make
$ ./tlse_test_<size>
# This starts tlse simple tlse server
# In another window
$ cat test_<size>.txt | openssl s_client -connect localhost:12345
# When the experiment succeeded, the client will generate DONE message and the server continue running, when it failed, the server will stop by assertion.
Could you help me with solving this problem?
My environment: Ubuntu16.04-LTS (Linux kernel version: 4.17.3 without any custom config)
Intermittent handshake errors with Java
We are using your library to add security to a custom client/server implementation (Adelia Studio, Windows / Java / iSeries clients and servers).
With some versions of java we got an intemittent handshake error during client ley exchange (DHE). The problem is that the Java client sometimes indicate an invalid key length (255 instead of 256).
I think this is related to these java bugs :
- https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8014618
- https://bugs.java.com/bugdatabase/view_bug.do?bug_id=7146728
I avoided the problem by ignoring the indicated key length and performing allocation in the _private_tls_dh_shared_secret function (see attached path).
patch.txt
tlssimpleserver.c: SSL received an unexpected Server Key Exchange handshake message..
When testing the supplied example "tlssimpleserver.c", the browser throws the error:
Error code: ssl_error_rx_unexpected_server_key_exch
I'm using cert.pem and key.pem created with openssl
Thank you..
Support for TCP FAST OPEN
Previous exchange of this issue (in the context of #38)
===================
For TCP fast open+ TLS you should do something like this:
tls_sni_set(context, "hostname");
tls_client_connect(context)
connect(sockfd, ...)
// do your TCP-related stuff here
tls_get_write_buffer(context, ...);
TCP FAST Open is not like any of the other options in TCP. Here, we have to send the first message of the TLS exchange ('Client Hello') message along with the SYN of the TCP connection, i.e. even before the "connect(sockfd)" call. Hence it needs specific changes at the TLS level.
From https://lwn.net/Articles/508865/, we need something along these lines :
sfd = socket(AF_INET, SOCK_STREAM, 0);
sendto(sfd, data, data_len, MSG_FASTOPEN,
(struct sockaddr *) &server_addr, addr_len);
// Replaces connect() + send()/write()
It would be nice if you can help with addressing this issue.
Protocol error (Bad Record MAC) when using AES256-SHA cipher
I'm having an issue when trying to connect a TLSe client to an openssl server (version 1.0.1e). The issue happens when the selected cipher is TLS_RSA_WITH_AES_256_CBC_SHA (0x0035).
The problem is easily reproducible by spawning an openssl server with:
openssl s_server -tls1 -debug -cert cert.pem -cipher AES256-SHA
And then connecting to this server with tlsclienthello sample.
SSL library drops the following message:
140183811917640:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac:s3_pkt.c:486:
If using openssl s_client for connecting to the server, everything works normally.
I'm attaching tlse-bad-rec-mac.zip, a (zipped) pcap with the protocol exchange (client is 10.198.0.8).
Failure to notice incorrect handshake on SSL_connect
Currently SSL_connect() will return success even if there was a critical error. The correction is:
@@ -10372,14 +10372,14 @@
if (tls_consume_stream(context, client_message, read_size, ssl_data->certificate_verify) >= 0) {
res = _tls_ssl_private_send_pending(ssl_data->fd, context);
if (res < 0)
return res;
}
+ if (context->critical_error)
+ return TLS_GENERIC_ERROR;
if (tls_established(context))
return 1;
- if (context->critical_error)
- return TLS_GENERIC_ERROR;
}
return read_size;
}
Support for Scatter-gather input (iovec)
Previous comment:
Please enable the tls_write and tls_read calls to take in iovec structures. This would help avoiding 1-copy (at least) into a flat buffer while sending large amounts, something that we need for our use-case. In addition, if you can avoid further copies of the data within the TLS layer for processing (for example, during encryption), that would be great.
Response:
I'm not sure if there is a real benefit, because tls_write takes a buffer that will be packed into a TLS record. The buffer is not copied nor stored, I'm not sure about the benefits here. Same goes for tls_get_write_buffer which provides access to internal buffer (no copy). I think that maybe it would be trivial to store a list of iovec structures instead of TLSe write buffer, but this will not be backwards compatible. But I also think you would be better using TLSe + kTLS + splice/sendfile instead.
=====
Additional comments:
- kTLS is limited in support to cipher suites, does not work with all the ones we would like to explore.
- Even if TLS records are fixed size, those can be built to work with scatter-gather arrays (or iovec structures) to avoid copy of user data (if that comes in iovec structurs too) to flat buffers in order to create those records. Along the lines of this work: https://www.usenix.org/legacy/events/osdi99/full_papers/pai/pai.pdf
Is there a building certificate verify handshake interface on the client side?
I use a client certificate, but the handshake process does not have a certificate verify process. I can't find building certificate verify interface?
ROBOT attack - ssllabs will downgrade to "F" since Feb2018
I am writing my own embedded HTTP server and I successfully integrated tlse into my project. However when I directed ssllabs.com test at my host, it rated server as "A" but warned me that since February 2018, it will downgrade the implementation to "F" because of ROBOT attack. The website says that I must disable TLS RSA encryption in order to be not vulnerable to it.
I #if 0'd all the TLS_RSA_WITH_* places and reinstalled, and ssllabs said I am no longer vulnerable. Is this enough for me to be safe?
By the way I am using (test) Let's Encrypt certificate for my domain, and SSL compatibility layer with tlse.
TLSv1.2 not working with cipher DHE-RSA-AES128CBC-SHA properly
Hi... I modified tlse.c using:
if (context->is_server) {
// fallback ... this should never happen
//if (!context->cipher)
context->cipher = TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
to force client/server examples to use DHE-RSA-AES128CBC-SHA cipher suite and noticed, that server adds after SERVER_KEY_EXCHANGE fragment 2 bytes: 0x0401
The client is not able to handle it and closes with:
Consumed -2 bytes
ERROR IN CONSUME: -2
Is this expected behaviour?
nginx servers need signature algorithm extension
Without it they throw an ALERT MESSAGE 0x02 0x50 which is of course totally unhelpful. Increasing extension_len by 22 and then adding this extension to the hello seems to fix it. Note this pretty much allows any kind of cert; maybe we should pare it back to what TLSe actually supports.
/* CK: accept any signature algorithm */
tls_packet_uint16(packet, 0x000d);
tls_packet_uint16(packet, 0x0012);
tls_packet_uint16(packet, 0x0010);
tls_packet_uint16(packet, 0x0401);
tls_packet_uint16(packet, 0x0403);
tls_packet_uint16(packet, 0x0501);
tls_packet_uint16(packet, 0x0503);
tls_packet_uint16(packet, 0x0601);
tls_packet_uint16(packet, 0x0603);
tls_packet_uint16(packet, 0x0201);
tls_packet_uint16(packet, 0x0203);
github.com TLS 1.3 transmission fails in the middle with NEED DATA
Although TLS 1.3 works well on many sites (thank you!), github.com itself does not and the stream aborts at around the same place each time with
Consumed 1375 bytes
NEED DATA: 1392/44
Message type: 17, length: 1387
encrypted (1387): /* elided */
aad (5): 17 03 03 05 6B
aad iv (12): CC D5 A1 35 46 37 A8 B6 AE 1B CB 09
PT SIZE: 1371
decrypted (1371): /* elided */
tag (16): 43 DA 1D C6 CD 60 D2 BE ED DF 92 14 D6 EA B8 38
APPLICATION DATA MESSAGE (TLS VERSION: 304):
="expected-hostname" content="github.com"> /* elided */ <link rel="icon" c
Consumed 1375 bytes
NEED DATA: 1392/88
A final pulse of data occurs, but recv() then returns EOF in the middle of the transmission.
Error importing RSA key (code: 7)
Hi... sorry that I trouble with old cipher suits again.. I'm trying to make communicating client hello example with simple server example using RSA-AES128CBC-SHA cipher, but without success.
Here is trace from server:
1 SEQUENCE
1.1 SEQUENCE
1.1.1 CONTEXT-SPECIFIC
1.1.1.1 INTEGER(1): 02
1.1.2.1 INTEGER(9): 00 9C D5 12 02 A1 41 AE 52
1.1.3.1 SEQUENCE
1.1.3.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.1.3.2 NULL
1.1.4.2 SEQUENCE
1.1.4.1 EMBEDDED PDV
1.1.4.1.1 SEQUENCE
1.1.4.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.4.1.1.2 STR: [AU]
1.1.4.2.1.2 EMBEDDED PDV
1.1.4.2.1.2 SEQUENCE
1.1.4.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.4.2.1.2 STR: [Some-State]
1.1.4.3.1.2 EMBEDDED PDV
1.1.4.3.1.2 SEQUENCE
1.1.4.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.4.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.5.3.1.2 SEQUENCE
1.1.5.1.1.2 UTC TIME: [180929100800Z]
1.1.5.2.1.2 UTC TIME: [190929100800Z]
1.1.6.2.1.2 SEQUENCE
1.1.6.1.1.2 EMBEDDED PDV
1.1.6.1.1.2 SEQUENCE
1.1.6.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.6.1.1.2 STR: [AU]
1.1.6.2.1.2 EMBEDDED PDV
1.1.6.2.1.2 SEQUENCE
1.1.6.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.6.2.1.2 STR: [Some-State]
1.1.6.3.1.2 EMBEDDED PDV
1.1.6.3.1.2 SEQUENCE
1.1.6.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.6.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.7.3.1.2 SEQUENCE
1.1.7.1.1.2 SEQUENCE
1.1.7.1.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 01
1.1.7.1.2.2 NULL
1.1.7.2.2.2 BITSTREAM(527): 00 30 82 02 0A 02 82 02 01 00 BC 53 41 FF 61 E2 CB 70 CD B3 8C A8 26 38 44 70 97 87 D1 D4 48 75 92 37 AB 46 B8 24 52 A0 F8 8B FF 5D D5 62 71 4D 06 A1 48 D1 98 6F 2E 2E 97 BF 74 8D 08 1F B1 12 DA A8 39 F6 8B A9 6A 9A 0D 75 4F 73 30 D3 83 27 D7 A8 CB 36 31 7E AE 91 7C 2B FE 6B 0F 5C B3 43 69 B5 04 6F FB F8 F3 59 9A 65 53 88 F9 04 C3 C4 EC FF A1 00 33 A2 09 44 4E E8 14 84 16 C0 88 9D 20 83 69 42 25 36 FC 5A 18 A5 29 F0 64 7C DF 46 16 05 90 73 7F BD F5 B1 9C 25 00 C3 69 74 3D 7E 16 8E 40 7A FC 12 31 B7 41 01 39 B7 DA A0 66 1D E5 70 20 72 15 C8 16 A7 F4 AA 4D C1 CB 58 65 50 00 1B 58 56 59 2D 0C 09 16 1F E1 EC 37 34 EA 3A B7 F7 6B 90 C6 89 53 8A D8 BD E1 F4 FC BC 1C D6 78 BB 2F 0B 0D CB 83 EC 1A DF FE 8A C5 9E EE 2A 85 9A 7E 38 03 BB BA 85 85 C0 D8 60 97 3E 4A 64 B4 2D CB 5D 49 D0 F1 71 75 BA 17 1E F3 56 6F 40 25 80 DC D7 E5 A9 9A C7 BA B5 80 49 1E B5 2B 1F BF 6B B6 81 7D 39 AD BF A7 43 52 29 9D 00 D9 DC 3A 9F 4E 5E 90 45 73 17 6B 3A 76 49 40 60 E5 71 F2 18 2B 4B 3A 99 10 90 2C 1C 0F 4A 64 C5 83 22 E7 EC 3D 95 05 81 1B 08 82 1B 0F 4F 5F 48 FC B1 09 3F C8 F2 11 09 AB 1F FA 25 E3 08 5B 19 7C D9 6C A6 0D B3 66 59 83 8E D2 B1 EA 20 0E 8F 19 7F 79 56 8D 40 A5 7C 2C 20 B2 85 41 3F DF 58 75 5C 7B 3B 98 D4 BF 77 DE 16 D6 26 4D 90 83 D9 B8 2A 51 A6 B6 0E 8D 63 02 76 B1 0A FB 39 58 99 A0 70 DD 54 D9 85 1F AB F1 54 59 8B D4 D9 C5 60 22 BC 0F 83 F5 9C 7C 94 47 03 0B 1D B9 55 3C 07 BE 98 47 CE E7 1D C8 3C 61 60 55 6C D7 AE 32 EB F1 5B 60 A4 6B 3D 58 59 3A 78 50 F3 31 C6 A9 DA E1 70 18 A1 12 A3 98 46 0F 2A 50 03 E0 2C 78 6C 13 1E 56 E0 FC 31 C0 02 D7 83 87 9F 02 03 01 00 01
1.1.7.2.1.2 SEQUENCE
1.1.7.2.1.1 INTEGER(513): 00 BC 53 41 FF 61 E2 CB 70 CD B3 8C A8 26 38 44 70 97 87 D1 D4 48 75 92 37 AB 46 B8 24 52 A0 F8 8B FF 5D D5 62 71 4D 06 A1 48 D1 98 6F 2E 2E 97 BF 74 8D 08 1F B1 12 DA A8 39 F6 8B A9 6A 9A 0D 75 4F 73 30 D3 83 27 D7 A8 CB 36 31 7E AE 91 7C 2B FE 6B 0F 5C B3 43 69 B5 04 6F FB F8 F3 59 9A 65 53 88 F9 04 C3 C4 EC FF A1 00 33 A2 09 44 4E E8 14 84 16 C0 88 9D 20 83 69 42 25 36 FC 5A 18 A5 29 F0 64 7C DF 46 16 05 90 73 7F BD F5 B1 9C 25 00 C3 69 74 3D 7E 16 8E 40 7A FC 12 31 B7 41 01 39 B7 DA A0 66 1D E5 70 20 72 15 C8 16 A7 F4 AA 4D C1 CB 58 65 50 00 1B 58 56 59 2D 0C 09 16 1F E1 EC 37 34 EA 3A B7 F7 6B 90 C6 89 53 8A D8 BD E1 F4 FC BC 1C D6 78 BB 2F 0B 0D CB 83 EC 1A DF FE 8A C5 9E EE 2A 85 9A 7E 38 03 BB BA 85 85 C0 D8 60 97 3E 4A 64 B4 2D CB 5D 49 D0 F1 71 75 BA 17 1E F3 56 6F 40 25 80 DC D7 E5 A9 9A C7 BA B5 80 49 1E B5 2B 1F BF 6B B6 81 7D 39 AD BF A7 43 52 29 9D 00 D9 DC 3A 9F 4E 5E 90 45 73 17 6B 3A 76 49 40 60 E5 71 F2 18 2B 4B 3A 99 10 90 2C 1C 0F 4A 64 C5 83 22 E7 EC 3D 95 05 81 1B 08 82 1B 0F 4F 5F 48 FC B1 09 3F C8 F2 11 09 AB 1F FA 25 E3 08 5B 19 7C D9 6C A6 0D B3 66 59 83 8E D2 B1 EA 20 0E 8F 19 7F 79 56 8D 40 A5 7C 2C 20 B2 85 41 3F DF 58 75 5C 7B 3B 98 D4 BF 77 DE 16 D6 26 4D 90 83 D9 B8 2A 51 A6 B6 0E 8D 63 02 76 B1 0A FB 39 58 99 A0 70 DD 54 D9 85 1F AB F1 54 59 8B D4 D9 C5 60 22 BC 0F 83 F5 9C 7C 94 47 03 0B 1D B9 55 3C 07 BE 98 47 CE E7 1D C8 3C 61 60 55 6C D7 AE 32 EB F1 5B 60 A4 6B 3D 58 59 3A 78 50 F3 31 C6 A9 DA E1 70 18 A1 12 A3 98 46 0F 2A 50 03 E0 2C 78 6C 13 1E 56 E0 FC 31 C0 02 D7 83 87 9F
1.1.7.2.1.2 INTEGER(3): 01 00 01
1.1.8.2.1.2 CONSTRUCTED BITSTREAM
1.1.8.1.1.2 SEQUENCE
1.1.8.1.1.2 SEQUENCE
1.1.8.1.1.1 OBJECT IDENTIFIER(3): 55 1D 0E
1.1.8.1.1.2 1.1.8.1.1.2.1 CANNOT READ CERTIFICATE
1.1.8.1.2.2.1.1 SEQUENCE
1.1.8.1.2.1.1.1 OBJECT IDENTIFIER(3): 55 1D 23
1.1.8.1.2.2.1.1 1.1.8.1.2.2.1.1 SEQUENCE
1.1.8.1.2.2.1.1 END OF CONTENT
1.1.8.1.3.2.1.1 SEQUENCE
1.1.8.1.3.1.1.1 OBJECT IDENTIFIER(3): 55 1D 13
1.1.8.1.3.2.1.1 1.1.8.1.3.2.1.1 SEQUENCE
1.1.8.1.3.2.1.1 BOOLEAN: 255
1.2.8.1.3.2.1.1 SEQUENCE
1.2.1.1.3.2.1.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.2.2.1.3.2.1.1 NULL
1.3.2.1.3.2.1.1 BITSTREAM(513): 00 87 C5 75 B7 C0 3F A5 61 FA DE CC 35 C2 F3 F0 FB 61 43 07 3B C9 85 02 78 84 4F 53 BB 3B F7 21 5F 73 F4 07 85 4C 8A 63 0E 40 CE 31 5A 12 27 81 00 04 C8 8F 8D 3D EE BE 77 92 83 19 E9 CB D5 0C C3 BC 3F 28 8F 30 91 2A 5D A4 4D 1F 52 E9 C3 3E B2 14 42 54 97 26 C7 C3 67 D6 E2 92 B8 0C 7C B7 D5 73 E6 4A 06 FC E6 A0 16 35 B4 54 3F 95 5F AC 54 91 70 71 A9 3A 80 A1 3B B1 B5 4E CB 61 28 40 8A 69 CB A2 35 DF CD 14 DA 50 F4 60 7C B3 C8 DC ED 97 4F A6 D2 C6 5D B4 7C 9E CC D6 31 F0 9C 7C CD 74 8B B7 C4 A0 54 24 D9 79 B3 C9 2D F5 D9 BE D4 9B 9F 3B 2C D0 DF 38 59 3C 21 6A E3 7E BD 71 8D 17 71 BA A9 8E 69 EE 6C 01 B2 66 F2 7F 8A 90 94 30 13 CE 53 2E 95 19 98 F5 94 C7 F6 A0 04 24 A6 05 2E CC 0C 2C A3 F4 9E F2 8C 19 F2 88 05 71 08 7C D8 19 19 51 9B C2 9C 05 FE 39 0F 22 E6 9C 73 FA DA 9A 51 E7 65 CD 08 43 DF 3A AE E9 A9 C8 1F B6 09 2B 2B BC BB B8 AD 46 5B 28 21 2D 03 58 55 5F 40 79 DB D8 BB B5 1E C3 FA 6D F0 64 FC A8 8F 76 EB 02 66 3D 61 65 0B 16 2D B3 17 80 D7 DB 1C F0 AC E9 DE 7E 94 C8 6A 7A 9E C0 C8 BD DC FB C7 60 29 5E 28 29 B7 DB 1A 2A 78 36 39 D4 FE 99 D9 C5 94 04 EA 0E 34 63 9A 87 AD D1 B7 54 25 7F BA 59 37 30 1B 5A DC 72 3D A2 98 50 AC 50 19 59 3B 1D 08 63 24 68 C8 C8 37 05 EB D7 1A 97 55 19 15 F5 DE 31 7B E6 E2 8A 4C F5 36 B8 A7 70 03 DF 5D 30 73 F5 4C 3C C5 6B EA 5B FB 11 E9 9B 2B 18 D2 C5 22 F5 52 C4 98 33 D3 4D C4 ED 68 BA 0C E0 B9 4C 5E 88 79 5E 36 53 2B 85 66 56 6C 54 DE 50 20 72 13 9E D8 BB A4 56 03 28 4C F0 A6 23 CB 39 62 7E 3C 4F D3 89 AF 79 9C 88 E3 0B B9 18 76 DE 1B B2 5F 91 A0 1D D5 EE 47 5A D3 66 16 5B FF 3A 89
SIGN SHA256
FINGERPRINT (32): 1D E8 3F 2B 83 CB BC 7F 0B 11 5D A6 91 6E 27 47 AC 6A 8F 6D 09 D0 41 C4 DF 77 9D E6 76 6D 38 55
Loaded certificate: 1
1 SEQUENCE
1.1 SEQUENCE
1.1.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 05 0D
1.1.2 SEQUENCE
1.1.2.1 SEQUENCE
1.1.2.1.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 05 0C
1.1.2.1.2 SEQUENCE
1.1.2.1.2.1 CANNOT READ CERTIFICATE
1.1.2.1.2.2.1 INTEGER(2): 08 00
1.1.2.1.2.3.1 SEQUENCE
1.1.2.1.2.3.1 OBJECT IDENTIFIER(8): 2A 86 48 86 F7 0D 02 09
1.1.2.1.2.3.2 NULL
1.1.2.2.2.3.2 SEQUENCE
1.1.2.2.1.3.2 OBJECT IDENTIFIER(8): 2A 86 48 86 F7 0D 03 07
1.1.2.2.2.3.2 CANNOT READ CERTIFICATE
1.2.2.2.2.1.2 BINARY STRING(2384): E9 E6 B1 ...
Loaded private key
Message type: 16, length: 111
HANDSHAKE MESSAGE
01 00 00 6B 03 03 61 55 27 3B C4 4F DF 55 CE 0A AF 67 07 15 9A 1B 7B F7 0D B7 27 16 BC 03 C9 FD 1F 07 C1 FF B9 80 20 3D 43 16 51 1B 15 F4 58 1E 97 AE A4 1B 4A A8 B0 8A 89 EF 34 00 EC E3 01 E0 41 E9 15 62 C0 D0 BF 00 16 C0 2F C0 13 C0 14 C0 27 CC A8 00 9E 00 6B 00 67 00 39 00 33 CC AA 01 00 00 0C 00 0A 00 08 00 06 00 17 00 18 00 15 => CLIENT HELLO
VERSION REQUIRED BY REMOTE 303, VERSION NOW 303
REMOTE SESSION ID: (32): 3D 43 16 51 1B 15 F4 58 1E 97 AE A4 1B 4A A8 B0 8A 89 EF 34 00 EC E3 01 E0 41 E9 15 62 C0 D0 BF
Extension: 0x0a (10), len: 8
SUPPORTED GROUPS (6): 00 17 00 18 00 15
SELECTED CURVE secp256r1
=> DTLS COOKIE VERIFIED: 0 (110)
<= SENDING SERVER HELLO
<= SENDING CERTIFICATE
<= SENDING DONE
Consumed 116 bytes
Message type: 16, length: 518
HANDSHAKE MESSAGE
10 00 02 02 02 00 13 F4 EB 38 4D F1 89 68 A5 8F 64 AC 3A A9 62 31 EB 46 82 10 AE 41 95 DF 49 60 F6 3F E1 70 24 E6 8E F3 61 72 E0 6B EA 87 81 A1 B5 AB 9C 14 1F 5D 52 1A 7C 45 CA 47 36 DF 2D 12 C3 E7 8D 69 07 7F 91 77 D3 2D DD A5 83 BA B9 CC 5D F6 57 F0 5E DE ED 88 BE 67 31 85 AC 7F 27 80 1E 47 72 32 4A 07 7C 76 52 CB D4 E6 A0 C2 B7 85 C8 3E 53 22 31 79 56 43 ED 91 3A 6F 0E 0F 2A 1D A5 A4 C6 98 A6 18 F5 74 AA 43 97 CF E4 9A D4 9F B1 90 6B D9 0B 59 13 2E 31 FA DE 61 C2 76 62 EA 15 D3 C8 EA D9 EA 4C B3 73 64 38 FA 4E 82 E6 70 7B 0D 70 3B E1 45 AA D5 B9 C2 58 5C 01 29 EE 77 62 B6 3E 90 AA 29 32 59 4C 23 A9 14 E4 3B CE DE F0 AC 19 36 A2 63 8F 80 6D F2 4E 6C 11 C1 53 A1 AA 6C 3C 2B D8 32 C3 F7 08 03 FD F1 23 B8 4D 7E D2 D9 52 84 0C 3C A5 E4 6C C2 63 47 95 C2 75 AC F2 48 96 23 5F C6 1E C5 07 5A 80 4C 82 55 35 7B 0D D9 FA 5A AB 65 C0 4F 94 A9 7B 94 A9 89 25 12 1B 7C 2D F2 BE 8D 48 17 59 0C 82 04 D3 84 EB 53 C1 DF F0 24 08 C5 1B A2 C0 74 CF 44 7B C9 19 FF FC 42 F4 64 1A 6B 2B 5A 50 67 B7 D9 48 95 4C 17 B7 11 AC 88 4B 66 52 B4 E8 10 41 80 7E 5E 51 41 EE E9 6C AA FD 0D DF DE 00 72 2A B7 E5 9C 4A 00 1C B1 3C ED 31 10 CD 95 55 0A 99 CD F8 A4 5D 47 B6 BF 12 96 21 CE 2A 80 95 7A 69 C8 4D 2A B3 06 7B D2 3B 28 FC 78 68 BE 02 69 96 FB 8B AF 5E 6C 17 2A 9D 67 C0 1B 2C AF 2B 7F D7 6A 34 78 43 77 27 61 9C 5A 55 1E DD 7B FB 80 8A 6E B2 B1 08 3D 14 AE EB 84 2F 62 C4 F4 C6 E1 D3 BA 34 30 6E A4 03 8E 62 49 7A 7B A9 38 53 27 73 80 3F 91 23 4E 24 78 AC 21 ED 5C 3C 7C 6E D4 F9 7A 30 CE 9C E9 62 C2 B3 90 84 54 C0 DB AF 03 DB EE CB C4 6C 04 F6 55 C9 5E E9 2B => CLIENT KEY EXCHANGE
Initializing dependencies
Error importing RSA key (code: 7)
broken key
Consumed -2 bytes
ERROR IN CONSUME: -2
Cipher RSA-AES128CBC-SHA
And this is from client:
Message type: 16, length: 81
HANDSHAKE MESSAGE
02 00 00 4D 03 03 3D E8 D8 AD 0C 38 7F E6 41 3E EF B4 A9 B9 5B F4 45 23 AD BC D3 DC F8 09 72 68 90 1C 4F 94 CF EE 20 6E 7F 5F A6 18 F3 18 74 2D A4 12 96 D9 3D 4C 2E 88 4B 00 C1 AF 69 6C F6 B2 23 68 82 7E 05 29 19 00 2F 00 00 05 FF 01 00 01 00 => SERVER HELLO
VERSION REQUIRED BY REMOTE 303, VERSION NOW 303
REMOTE SESSION ID: (32): 6E 7F 5F A6 18 F3 18 74 2D A4 12 96 D9 3D 4C 2E 88 4B 00 C1 AF 69 6C F6 B2 23 68 82 7E 05 29 19
CIPHER: RSA-AES128CBC-SHA
Extension: 0x0ff01 (65281), len: 1
Consumed 86 bytes
Message type: 16, length: 1387
HANDSHAKE MESSAGE
0B 00 05 67 00 05 64 00 05 61 30 82 05 5D 30 82 03 45 A0 03 02 01 02 02 09 00 9C D5 12 02 A1 41 AE 52 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 30 45 31 0B 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 04 08 0C 0A 53 6F 6D 65 2D 53 74 61 74 65 31 21 30 1F 06 03 55 04 0A 0C 18 49 6E 74 65 72 6E 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4C 74 64 30 1E 17 0D 31 38 30 39 32 39 31 30 30 38 30 30 5A 17 0D 31 39 30 39 32 39 31 30 30 38 30 30 5A 30 45 31 0B 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 04 08 0C 0A 53 6F 6D 65 2D 53 74 61 74 65 31 21 30 1F 06 03 55 04 0A 0C 18 49 6E 74 65 72 6E 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4C 74 64 30 82 02 22 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 82 02 0F 00 30 82 02 0A 02 82 02 01 00 BC 53 41 FF 61 E2 CB 70 CD B3 8C A8 26 38 44 70 97 87 D1 D4 48 75 92 37 AB 46 B8 24 52 A0 F8 8B FF 5D D5 62 71 4D 06 A1 48 D1 98 6F 2E 2E 97 BF 74 8D 08 1F B1 12 DA A8 39 F6 8B A9 6A 9A 0D 75 4F 73 30 D3 83 27 D7 A8 CB 36 31 7E AE 91 7C 2B FE 6B 0F 5C B3 43 69 B5 04 6F FB F8 F3 59 9A 65 53 88 F9 04 C3 C4 EC FF A1 00 33 A2 09 44 4E E8 14 84 16 C0 88 9D 20 83 69 42 25 36 FC 5A 18 A5 29 F0 64 7C DF 46 16 05 90 73 7F BD F5 B1 9C 25 00 C3 69 74 3D 7E 16 8E 40 7A FC 12 31 B7 41 01 39 B7 DA A0 66 1D E5 70 20 72 15 C8 16 A7 F4 AA 4D C1 CB 58 65 50 00 1B 58 56 59 2D 0C 09 16 1F E1 EC 37 34 EA 3A B7 F7 6B 90 C6 89 53 8A D8 BD E1 F4 FC BC 1C D6 78 BB 2F 0B 0D CB 83 EC 1A DF FE 8A C5 9E EE 2A 85 9A 7E 38 03 BB BA 85 85 C0 D8 60 97 3E 4A 64 B4 2D CB 5D 49 D0 F1 71 75 BA 17 1E F3 56 6F 40 25 80 DC D7 E5 A9 9A C7 BA B5 80 49 1E B5 2B 1F BF 6B B6 81 7D 39 AD BF A7 43 52 29 9D 00 D9 DC 3A 9F 4E 5E 90 45 73 17 6B 3A 76 49 40 60 E5 71 F2 18 2B 4B 3A 99 10 90 2C 1C 0F 4A 64 C5 83 22 E7 EC 3D 95 05 81 1B 08 82 1B 0F 4F 5F 48 FC B1 09 3F C8 F2 11 09 AB 1F FA 25 E3 08 5B 19 7C D9 6C A6 0D B3 66 59 83 8E D2 B1 EA 20 0E 8F 19 7F 79 56 8D 40 A5 7C 2C 20 B2 85 41 3F DF 58 75 5C 7B 3B 98 D4 BF 77 DE 16 D6 26 4D 90 83 D9 B8 2A 51 A6 B6 0E 8D 63 02 76 B1 0A FB 39 58 99 A0 70 DD 54 D9 85 1F AB F1 54 59 8B D4 D9 C5 60 22 BC 0F 83 F5 9C 7C 94 47 03 0B 1D B9 55 3C 07 BE 98 47 CE E7 1D C8 3C 61 60 55 6C D7 AE 32 EB F1 5B 60 A4 6B 3D 58 59 3A 78 50 F3 31 C6 A9 DA E1 70 18 A1 12 A3 98 46 0F 2A 50 03 E0 2C 78 6C 13 1E 56 E0 FC 31 C0 02 D7 83 87 9F 02 03 01 00 01 A3 50 30 4E 30 1D 06 03 55 1D 0E 04 16 04 14 05 9C 1A FE 5F D0 7A E7 A8 A8 BD 19 46 F3 31 A7 93 F0 DE E9 30 1F 06 03 55 1D 23 04 18 30 16 80 14 05 9C 1A FE 5F D0 7A E7 A8 A8 BD 19 46 F3 31 A7 93 F0 DE E9 30 0C 06 03 55 1D 13 04 05 30 03 01 01 FF 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 03 82 02 01 00 87 C5 75 B7 C0 3F A5 61 FA DE CC 35 C2 F3 F0 FB 61 43 07 3B C9 85 02 78 84 4F 53 BB 3B F7 21 5F 73 F4 07 85 4C 8A 63 0E 40 CE 31 5A 12 27 81 00 04 C8 8F 8D 3D EE BE 77 92 83 19 E9 CB D5 0C C3 BC 3F 28 8F 30 91 2A 5D A4 4D 1F 52 E9 C3 3E B2 14 42 54 97 26 C7 C3 67 D6 E2 92 B8 0C 7C B7 D5 73 E6 4A 06 FC E6 A0 16 35 B4 54 3F 95 5F AC 54 91 70 71 A9 3A 80 A1 3B B1 B5 4E CB 61 28 40 8A 69 CB A2 35 DF CD 14 DA 50 F4 60 7C B3 C8 DC ED 97 4F A6 D2 C6 5D B4 7C 9E CC D6 31 F0 9C 7C CD 74 8B B7 C4 A0 54 24 D9 79 B3 C9 2D F5 D9 BE D4 9B 9F 3B 2C D0 DF 38 59 3C 21 6A E3 7E BD 71 8D 17 71 BA A9 8E 69 EE 6C 01 B2 66 F2 7F 8A 90 94 30 13 CE 53 2E 95 19 98 F5 94 C7 F6 A0 04 24 A6 05 2E CC 0C 2C A3 F4 9E F2 8C 19 F2 88 05 71 08 7C D8 19 19 51 9B C2 9C 05 FE 39 0F 22 E6 9C 73 FA DA 9A 51 E7 65 CD 08 43 DF 3A AE E9 A9 C8 1F B6 09 2B 2B BC BB B8 AD 46 5B 28 21 2D 03 58 55 5F 40 79 DB D8 BB B5 1E C3 FA 6D F0 64 FC A8 8F 76 EB 02 66 3D 61 65 0B 16 2D B3 17 80 D7 DB 1C F0 AC E9 DE 7E 94 C8 6A 7A 9E C0 C8 BD DC FB C7 60 29 5E 28 29 B7 DB 1A 2A 78 36 39 D4 FE 99 D9 C5 94 04 EA 0E 34 63 9A 87 AD D1 B7 54 25 7F BA 59 37 30 1B 5A DC 72 3D A2 98 50 AC 50 19 59 3B 1D 08 63 24 68 C8 C8 37 05 EB D7 1A 97 55 19 15 F5 DE 31 7B E6 E2 8A 4C F5 36 B8 A7 70 03 DF 5D 30 73 F5 4C 3C C5 6B EA 5B FB 11 E9 9B 2B 18 D2 C5 22 F5 52 C4 98 33 D3 4D C4 ED 68 BA 0C E0 B9 4C 5E 88 79 5E 36 53 2B 85 66 56 6C 54 DE 50 20 72 13 9E D8 BB A4 56 03 28 4C F0 A6 23 CB 39 62 7E 3C 4F D3 89 AF 79 9C 88 E3 0B B9 18 76 DE 1B B2 5F 91 A0 1D D5 EE 47 5A D3 66 16 5B FF 3A 89 => CERTIFICATE
1 SEQUENCE
1.1 SEQUENCE
1.1.1 CONTEXT-SPECIFIC
1.1.1.1 INTEGER(1): 02
1.1.2.1 INTEGER(9): 00 9C D5 12 02 A1 41 AE 52
1.1.3.1 SEQUENCE
1.1.3.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.1.3.2 NULL
1.1.4.2 SEQUENCE
1.1.4.1 EMBEDDED PDV
1.1.4.1.1 SEQUENCE
1.1.4.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.4.1.1.2 STR: [AU]
1.1.4.2.1.2 EMBEDDED PDV
1.1.4.2.1.2 SEQUENCE
1.1.4.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.4.2.1.2 STR: [Some-State]
1.1.4.3.1.2 EMBEDDED PDV
1.1.4.3.1.2 SEQUENCE
1.1.4.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.4.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.5.3.1.2 SEQUENCE
1.1.5.1.1.2 UTC TIME: [180929100800Z]
1.1.5.2.1.2 UTC TIME: [190929100800Z]
1.1.6.2.1.2 SEQUENCE
1.1.6.1.1.2 EMBEDDED PDV
1.1.6.1.1.2 SEQUENCE
1.1.6.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.6.1.1.2 STR: [AU]
1.1.6.2.1.2 EMBEDDED PDV
1.1.6.2.1.2 SEQUENCE
1.1.6.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.6.2.1.2 STR: [Some-State]
1.1.6.3.1.2 EMBEDDED PDV
1.1.6.3.1.2 SEQUENCE
1.1.6.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.6.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.7.3.1.2 SEQUENCE
1.1.7.1.1.2 SEQUENCE
1.1.7.1.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 01
1.1.7.1.2.2 NULL
1.1.7.2.2.2 BITSTREAM(527): 00 30 82 02 0A 02 82 02 01 00 BC 53 41 FF 61 E2 CB 70 CD B3 8C A8 26 38 44 70 97 87 D1 D4 48 75 92 37 AB 46 B8 24 52 A0 F8 8B FF 5D D5 62 71 4D 06 A1 48 D1 98 6F 2E 2E 97 BF 74 8D 08 1F B1 12 DA A8 39 F6 8B A9 6A 9A 0D 75 4F 73 30 D3 83 27 D7 A8 CB 36 31 7E AE 91 7C 2B FE 6B 0F 5C B3 43 69 B5 04 6F FB F8 F3 59 9A 65 53 88 F9 04 C3 C4 EC FF A1 00 33 A2 09 44 4E E8 14 84 16 C0 88 9D 20 83 69 42 25 36 FC 5A 18 A5 29 F0 64 7C DF 46 16 05 90 73 7F BD F5 B1 9C 25 00 C3 69 74 3D 7E 16 8E 40 7A FC 12 31 B7 41 01 39 B7 DA A0 66 1D E5 70 20 72 15 C8 16 A7 F4 AA 4D C1 CB 58 65 50 00 1B 58 56 59 2D 0C 09 16 1F E1 EC 37 34 EA 3A B7 F7 6B 90 C6 89 53 8A D8 BD E1 F4 FC BC 1C D6 78 BB 2F 0B 0D CB 83 EC 1A DF FE 8A C5 9E EE 2A 85 9A 7E 38 03 BB BA 85 85 C0 D8 60 97 3E 4A 64 B4 2D CB 5D 49 D0 F1 71 75 BA 17 1E F3 56 6F 40 25 80 DC D7 E5 A9 9A C7 BA B5 80 49 1E B5 2B 1F BF 6B B6 81 7D 39 AD BF A7 43 52 29 9D 00 D9 DC 3A 9F 4E 5E 90 45 73 17 6B 3A 76 49 40 60 E5 71 F2 18 2B 4B 3A 99 10 90 2C 1C 0F 4A 64 C5 83 22 E7 EC 3D 95 05 81 1B 08 82 1B 0F 4F 5F 48 FC B1 09 3F C8 F2 11 09 AB 1F FA 25 E3 08 5B 19 7C D9 6C A6 0D B3 66 59 83 8E D2 B1 EA 20 0E 8F 19 7F 79 56 8D 40 A5 7C 2C 20 B2 85 41 3F DF 58 75 5C 7B 3B 98 D4 BF 77 DE 16 D6 26 4D 90 83 D9 B8 2A 51 A6 B6 0E 8D 63 02 76 B1 0A FB 39 58 99 A0 70 DD 54 D9 85 1F AB F1 54 59 8B D4 D9 C5 60 22 BC 0F 83 F5 9C 7C 94 47 03 0B 1D B9 55 3C 07 BE 98 47 CE E7 1D C8 3C 61 60 55 6C D7 AE 32 EB F1 5B 60 A4 6B 3D 58 59 3A 78 50 F3 31 C6 A9 DA E1 70 18 A1 12 A3 98 46 0F 2A 50 03 E0 2C 78 6C 13 1E 56 E0 FC 31 C0 02 D7 83 87 9F 02 03 01 00 01
1.1.7.2.1.2 SEQUENCE
1.1.7.2.1.1 INTEGER(513): 00 BC 53 41 FF 61 E2 CB 70 CD B3 8C A8 26 38 44 70 97 87 D1 D4 48 75 92 37 AB 46 B8 24 52 A0 F8 8B FF 5D D5 62 71 4D 06 A1 48 D1 98 6F 2E 2E 97 BF 74 8D 08 1F B1 12 DA A8 39 F6 8B A9 6A 9A 0D 75 4F 73 30 D3 83 27 D7 A8 CB 36 31 7E AE 91 7C 2B FE 6B 0F 5C B3 43 69 B5 04 6F FB F8 F3 59 9A 65 53 88 F9 04 C3 C4 EC FF A1 00 33 A2 09 44 4E E8 14 84 16 C0 88 9D 20 83 69 42 25 36 FC 5A 18 A5 29 F0 64 7C DF 46 16 05 90 73 7F BD F5 B1 9C 25 00 C3 69 74 3D 7E 16 8E 40 7A FC 12 31 B7 41 01 39 B7 DA A0 66 1D E5 70 20 72 15 C8 16 A7 F4 AA 4D C1 CB 58 65 50 00 1B 58 56 59 2D 0C 09 16 1F E1 EC 37 34 EA 3A B7 F7 6B 90 C6 89 53 8A D8 BD E1 F4 FC BC 1C D6 78 BB 2F 0B 0D CB 83 EC 1A DF FE 8A C5 9E EE 2A 85 9A 7E 38 03 BB BA 85 85 C0 D8 60 97 3E 4A 64 B4 2D CB 5D 49 D0 F1 71 75 BA 17 1E F3 56 6F 40 25 80 DC D7 E5 A9 9A C7 BA B5 80 49 1E B5 2B 1F BF 6B B6 81 7D 39 AD BF A7 43 52 29 9D 00 D9 DC 3A 9F 4E 5E 90 45 73 17 6B 3A 76 49 40 60 E5 71 F2 18 2B 4B 3A 99 10 90 2C 1C 0F 4A 64 C5 83 22 E7 EC 3D 95 05 81 1B 08 82 1B 0F 4F 5F 48 FC B1 09 3F C8 F2 11 09 AB 1F FA 25 E3 08 5B 19 7C D9 6C A6 0D B3 66 59 83 8E D2 B1 EA 20 0E 8F 19 7F 79 56 8D 40 A5 7C 2C 20 B2 85 41 3F DF 58 75 5C 7B 3B 98 D4 BF 77 DE 16 D6 26 4D 90 83 D9 B8 2A 51 A6 B6 0E 8D 63 02 76 B1 0A FB 39 58 99 A0 70 DD 54 D9 85 1F AB F1 54 59 8B D4 D9 C5 60 22 BC 0F 83 F5 9C 7C 94 47 03 0B 1D B9 55 3C 07 BE 98 47 CE E7 1D C8 3C 61 60 55 6C D7 AE 32 EB F1 5B 60 A4 6B 3D 58 59 3A 78 50 F3 31 C6 A9 DA E1 70 18 A1 12 A3 98 46 0F 2A 50 03 E0 2C 78 6C 13 1E 56 E0 FC 31 C0 02 D7 83 87 9F
1.1.7.2.1.2 INTEGER(3): 01 00 01
1.1.8.2.1.2 CONSTRUCTED BITSTREAM
1.1.8.1.1.2 SEQUENCE
1.1.8.1.1.2 SEQUENCE
1.1.8.1.1.1 OBJECT IDENTIFIER(3): 55 1D 0E
1.1.8.1.1.2 1.1.8.1.1.2.1 CANNOT READ CERTIFICATE
1.1.8.1.2.2.1.1 SEQUENCE
1.1.8.1.2.1.1.1 OBJECT IDENTIFIER(3): 55 1D 23
1.1.8.1.2.2.1.1 1.1.8.1.2.2.1.1 SEQUENCE
1.1.8.1.2.2.1.1 END OF CONTENT
1.1.8.1.3.2.1.1 SEQUENCE
1.1.8.1.3.1.1.1 OBJECT IDENTIFIER(3): 55 1D 13
1.1.8.1.3.2.1.1 1.1.8.1.3.2.1.1 SEQUENCE
1.1.8.1.3.2.1.1 BOOLEAN: 255
1.2.8.1.3.2.1.1 SEQUENCE
1.2.1.1.3.2.1.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.2.2.1.3.2.1.1 NULL
1.3.2.1.3.2.1.1 BITSTREAM(513): 00 87 C5 75 B7 C0 3F A5 61 FA DE CC 35 C2 F3 F0 FB 61 43 07 3B C9 85 02 78 84 4F 53 BB 3B F7 21 5F 73 F4 07 85 4C 8A 63 0E 40 CE 31 5A 12 27 81 00 04 C8 8F 8D 3D EE BE 77 92 83 19 E9 CB D5 0C C3 BC 3F 28 8F 30 91 2A 5D A4 4D 1F 52 E9 C3 3E B2 14 42 54 97 26 C7 C3 67 D6 E2 92 B8 0C 7C B7 D5 73 E6 4A 06 FC E6 A0 16 35 B4 54 3F 95 5F AC 54 91 70 71 A9 3A 80 A1 3B B1 B5 4E CB 61 28 40 8A 69 CB A2 35 DF CD 14 DA 50 F4 60 7C B3 C8 DC ED 97 4F A6 D2 C6 5D B4 7C 9E CC D6 31 F0 9C 7C CD 74 8B B7 C4 A0 54 24 D9 79 B3 C9 2D F5 D9 BE D4 9B 9F 3B 2C D0 DF 38 59 3C 21 6A E3 7E BD 71 8D 17 71 BA A9 8E 69 EE 6C 01 B2 66 F2 7F 8A 90 94 30 13 CE 53 2E 95 19 98 F5 94 C7 F6 A0 04 24 A6 05 2E CC 0C 2C A3 F4 9E F2 8C 19 F2 88 05 71 08 7C D8 19 19 51 9B C2 9C 05 FE 39 0F 22 E6 9C 73 FA DA 9A 51 E7 65 CD 08 43 DF 3A AE E9 A9 C8 1F B6 09 2B 2B BC BB B8 AD 46 5B 28 21 2D 03 58 55 5F 40 79 DB D8 BB B5 1E C3 FA 6D F0 64 FC A8 8F 76 EB 02 66 3D 61 65 0B 16 2D B3 17 80 D7 DB 1C F0 AC E9 DE 7E 94 C8 6A 7A 9E C0 C8 BD DC FB C7 60 29 5E 28 29 B7 DB 1A 2A 78 36 39 D4 FE 99 D9 C5 94 04 EA 0E 34 63 9A 87 AD D1 B7 54 25 7F BA 59 37 30 1B 5A DC 72 3D A2 98 50 AC 50 19 59 3B 1D 08 63 24 68 C8 C8 37 05 EB D7 1A 97 55 19 15 F5 DE 31 7B E6 E2 8A 4C F5 36 B8 A7 70 03 DF 5D 30 73 F5 4C 3C C5 6B EA 5B FB 11 E9 9B 2B 18 D2 C5 22 F5 52 C4 98 33 D3 4D C4 ED 68 BA 0C E0 B9 4C 5E 88 79 5E 36 53 2B 85 66 56 6C 54 DE 50 20 72 13 9E D8 BB A4 56 03 28 4C F0 A6 23 CB 39 62 7E 3C 4F D3 89 AF 79 9C 88 E3 0B B9 18 76 DE 1B B2 5F 91 A0 1D D5 EE 47 5A D3 66 16 5B FF 3A 89
SIGN SHA256
FINGERPRINT (32): 1D E8 3F 2B 83 CB BC 7F 0B 11 5D A6 91 6E 27 47 AC 6A 8F 6D 09 D0 41 C4 DF 77 9D E6 76 6D 38 55
Consumed 1392 bytes
Message type: 16, length: 4
HANDSHAKE MESSAGE
0E 00 00 00 => SERVER HELLO DONE
<= Building KEY EXCHANGE
Initializing dependencies
SEED: (32): 61 55 27 3B C4 4F DF 55 CE 0A AF 67 07 15 9A 1B 7B F7 0D B7 27 16 BC 03 C9 FD 1F 07 C1 FF B9 80
SEEDB: (32): 3D E8 D8 AD 0C 38 7F E6 41 3E EF B4 A9 B9 5B F4 45 23 AD BC D3 DC F8 09 72 68 90 1C 4F 94 CF EE
=========== Master key ===========
C2 63 E8 38 76 3D 24 F8 C4 6B BB A1 6B AD E4 09 AC 48 ED DB 9D 8A 34 35 B2 6D 30 1A 07 20 AF EC CB 4B E8 92 7B 71 26 58 20 37 71 2F 08 BA FA DC
SEED: (32): 3D E8 D8 AD 0C 38 7F E6 41 3E EF B4 A9 B9 5B F4 45 23 AD BC D3 DC F8 09 72 68 90 1C 4F 94 CF EE
SEEDB: (32): 61 55 27 3B C4 4F DF 55 CE 0A AF 67 07 15 9A 1B 7B F7 0D B7 27 16 BC 03 C9 FD 1F 07 C1 FF B9 80
LOCAL RANDOM (32): 61 55 27 3B C4 4F DF 55 CE 0A AF 67 07 15 9A 1B 7B F7 0D B7 27 16 BC 03 C9 FD 1F 07 C1 FF B9 80
REMOTE RANDOM (32): 3D E8 D8 AD 0C 38 7F E6 41 3E EF B4 A9 B9 5B F4 45 23 AD BC D3 DC F8 09 72 68 90 1C 4F 94 CF EE
=========== EXPANSION ===========
B9 B0 09 12 2A 8F B1 7A 49 F4 57 4E A9 EB 20 8A 7B 9E 8D 93 B6 A1 4D 59 3A CB 7B 46 78 62 25 B0 DA 92 F8 BE 00 AF 30 D1 CE 0E 67 85 AA 0C 6E C2 AB 75 76 3C 15 E0 18 16 4C 83 BC 88 B6 95 0A 8B E1 68 2F A6 80 DE 75 13 B7 8D 64 E9 68 84 03 0D FC 51 A3 A2 E9 5C 89 F4 F8 17 B6 EC F6 B0 BD 31 4B 91 D6 B2 93 36 C5 20 71 D5 05 50 AC EE A9 B1 CF 41 B7 D4 91 5F 01 8A C5 3D 1D 87 E1 46 BB 5B 62 E1 B5 B3 EA 9E 85 57 5D 9D A0 48 CA 16 1A 49 1F 2D 0A 34 06 0D 1B FA DA D6 05 5C 8B F1 F4 5E 01 C4 51 EE 75 6D ED A4 4D A6 C8 D6 9F 39 FA 38 D1 0E EF 97 BC 26 26 86 60 6A D7 AB 0C 44 A0 8E
EXPANSION 104/192
CLIENT KEY (16): CE 0E 67 85 AA 0C 6E C2 AB 75 76 3C 15 E0 18 16
CLIENT IV (16): B7 8D 64 E9 68 84 03 0D FC 51 A3 A2 E9 5C 89 F4
CLIENT MAC KEY (20): B9 B0 09 12 2A 8F B1 7A 49 F4 57 4E A9 EB 20 8A 7B 9E 8D 93
SERVER KEY (16): 4C 83 BC 88 B6 95 0A 8B E1 68 2F A6 80 DE 75 13
SERVER IV (16): F8 17 B6 EC F6 B0 BD 31 4B 91 D6 B2 93 36 C5 20
SERVER MAC KEY (20): B6 A1 4D 59 3A CB 7B 46 78 62 25 B0 DA 92 F8 BE 00 AF 30 D1
Using cipher ID: 2f
<= Building CHANGE CIPHER SPEC
<= Building CLIENT FINISHED
SEED: (32): CC 9E 4B 96 7C 6E E6 70 DC 74 67 F1 B5 46 74 FD 2B EB 16 32 D7 85 AC C8 FD BE D7 B9 B8 4C A2 B4
VERIFY DATA (12): A2 30 FC E0 A5 06 C4 B4 68 08 F7 E0
Consumed 9 bytes
Any idea why?
I'm using the latest version from git... just with a few additional DUMPs. And forcing the suite using:
int tls_choose_cipher(struct TLSContext *context, const unsigned char *buf, int buf_len, int *scsv_set) {
return TLS_RSA_WITH_AES_128_CBC_SHA;
Failure to connect to SMTP server with STARTTLS
During the connection, STARTTLS is issued and we do the tlshello thing, but the server reports:
Anonymous TLS connection established ...: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256
warning: TLS library problem: error:1409444C:SSL routines:ssl3_read_bytes:tlsv1 alert no renegotiation:../ssl/record/rec_layer_s3.c:1543:SSL alert number 100:
lost connection after EHLO ...
The debug dump from tlse is:
Initializing dependencies
Message type: 16, length: 155
HANDSHAKE MESSAGE
=> SERVER HELLO
VERSION REQUIRED BY REMOTE 303, VERSION NOW 304
REMOTE SESSION ID: (32): 71 CF 4E 40 B8 8B 4E 9B 5B FD 29 BE DC EF 8C CE 5F 9D 60 90 1C 8E 63 24 FE DC 79 17 5A 9D C4 66
Extension: 0x02b (43), len: 2
TLS 1.3 SUPPORTED
Extension: 0x033 (51), len: 69
EXTENSION, KEY SHARE (69): 00 17 00 41 04 6F 3A A0 69 97 A5 0B 25 D9 59 DD 37 5A 27 ED 19 93 B3 24 BD 44 0C AB 91 EA 8C 71 C6 6F 47 20 B7 A2 AE 8F 49 DE 0C 0F 78 E5 02 22 46 71 BD AE 86 CB 77 48 6C 8F D0 11 A0 8D 00 11 5F B6 EB 6C D9
CIPHER: TLS-AES-128-GCM-SHA256
KEY SHARE => secp256r1
OUT_SIZE: 32
ECC DHE (32): DB 62 2B BB 09 1A 29 D5 09 09 15 94 A1 E9 7E 50 2F F0 44 F4 6E 93 75 5D B4 22 02 FA 4C 7F E9 03
Consumed 160 bytes
Message type: 14, length: 1
CHANGE CIPHER SPEC MESSAGE
EXTRACT (32): 33 AD 0A 1C 60 7E C0 3B 09 E6 CD 98 93 68 0C E2 10 AD F3 00 AA 1F 26 60 E1 B2 2E 10 F1 70 F9 2A
null hash (32): E3 B0 C4 42 98 FC 1C 14 9A FB F4 C8 99 6F B9 24 27 AE 41 E4 64 9B 93 4C A4 95 99 1B 78 52 B8 55
INFO (49): 00 20 0D 74 6C 73 31 33 20 64 65 72 69 76 65 64 20 E3 B0 C4 42 98 FC 1C 14 9A FB F4 C8 99 6F B9 24 27 AE 41 E4 64 9B 93 4C A4 95 99 1B 78 52 B8 55
salt (32): 6F 26 15 A1 08 C7 02 C5 67 8F 54 FC 9D BA B6 97 16 C0 76 18 9C 48 25 0C EB EA C3 57 6C 36 11 BA
EXTRACT (32): D4 0E 3A A6 8E F9 AB CC A0 9A C3 BC D6 E8 A7 B0 61 EA 90 DC 87 C5 4F A6 48 31 0B 62 E1 BF 98 88
messages hash (32): 2F 51 82 2A 98 83 9F 79 D6 A8 35 55 40 8C 0B E5 91 52 06 26 C2 F4 B1 C6 C7 07 E5 A3 B5 0C 78 2D
INFO (54): 00 20 12 74 6C 73 31 33 20 63 20 68 73 20 74 72 61 66 66 69 63 20 2F 51 82 2A 98 83 9F 79 D6 A8 35 55 40 8C 0B E5 91 52 06 26 C2 F4 B1 C6 C7 07 E5 A3 B5 0C 78 2D
c hs traffic (32): 0C 7D 0F 8C ED C7 6C E5 11 3A 1C 3C DA 75 AC 42 BC 78 40 55 C8 47 72 4B B5 CF 4A 9A AE 97 E6 EE
INFO (13): 00 10 09 74 6C 73 31 33 20 6B 65 79 00
INFO (12): 00 0C 08 74 6C 73 31 33 20 69 76 00
INFO (54): 00 20 12 74 6C 73 31 33 20 73 20 68 73 20 74 72 61 66 66 69 63 20 2F 51 82 2A 98 83 9F 79 D6 A8 35 55 40 8C 0B E5 91 52 06 26 C2 F4 B1 C6 C7 07 E5 A3 B5 0C 78 2D
INFO (13): 00 10 09 74 6C 73 31 33 20 6B 65 79 00
INFO (12): 00 0C 08 74 6C 73 31 33 20 69 76 00
CLIENT KEY (16): 1D F3 5F 42 A4 D0 C2 D0 21 24 A8 F5 8F 86 EF B7
CLIENT IV (12): CB 06 36 F3 64 4B 33 EA 5F 7D 96 C0
SERVER KEY (16): 29 25 2C 0D 89 74 ED 31 F4 15 AA 49 2A A7 28 BC
SERVER IV (12): A2 81 44 F3 6D A0 34 1D D0 8A 64 1E
INFO (18): 00 20 0E 74 6C 73 31 33 20 66 69 6E 69 73 68 65 64 00
FINISHED (32): CA 1F 9D 25 E1 0E B6 84 45 3D E9 B0 E2 F5 E0 AC EE 4E 48 90 14 17 02 D7 33 46 B6 D2 47 F6 AF F3
INFO (18): 00 20 0E 74 6C 73 31 33 20 66 69 6E 69 73 68 65 64 00
REMOTE FINISHED (32): 78 3A 34 01 22 A2 EA 58 2C 3E AC 7B 65 D1 64 D8 FF E5 D3 4B 35 53 F6 A8 AC 15 6E 9C 1F AA 03 A5
Using cipher ID: 1301
Consumed 6 bytes
Message type: 17, length: 39
encrypted (39): BA 0E 0C 52 8F D8 A4 DD A5 70 C5 D8 EA 58 F8 A0 07 0E F2 14 A6 BC 5F F6 F0 F1 20 19 39 AB F2 53 CC 34 56 24 B5 59 2E
aad (5): 17 03 03 00 27
aad iv (12): A2 81 44 F3 6D A0 34 1D D0 8A 64 1E
PT SIZE: 23
decrypted (23): 08 00 00 12 00 10 00 0A 00 0C 00 0A 00 1D 00 1E 00 17 00 19 00 18 16
tag (16): F6 F0 F1 20 19 39 AB F2 53 CC 34 56 24 B5 59 2E
HANDSHAKE MESSAGE
Consumed 27 bytes
Message type: 17, length: 1394
encrypted (1394): 2A 65 F7 B1 47 81 4B 51 79 73 FD 15 1A 79 F7 BB 51 D7 4F 03 20 3B 36 50 EE FB 23 76 D9 E9 5A 8C 52 6A A8 C4 C7 B1 8D 63 00 24 BA 26 EE 56 58 C0 78 3D CB E2 D0 5F F6 72 2D B4 8D B8 3B 69 B3 B6 93 5A 82 06 E4 0A 07 E6 E8 2C 20 85 61 94 0C A2 E3 8E 64 90 BA E2 82 6A DA A3 6F 83 89 B9 46 59 5F AA 5B AD 27 E8 AB 90 9C CD 48 67 DE EC 5E FA 4D 91 3B BA B5 35 18 D5 15 66 6F AF 9C 65 15 06 A2 66 49 35 AB 0A 20 77 CC 15 65 C3 E1 A6 65 06 15 D0 A7 2B 78 6C B8 28 E5 DF E4 2E D2 7B 76 44 AB 61 0E 9C E0 08 63 7B 10 3E 19 6C 12 E4 BA 12 F8 41 34 E1 F3 D2 E7 D2 F9 9D 2C 7B 28 8A 63 CF 47 BF D2 CD 5C 68 97 EA 51 E4 64 58 57 DB B6 7D F8 BA C4 DE E3 28 B8 4F 75 9F BC F1 C6 0C CC D9 8D 7E 03 CD A6 48 01 CD 4D 85 F4 B7 31 8C AC FD DD A4 0E 3E C8 0F 10 9C E4 35 B7 E6 23 EB D0 1D 24 5A 34 CD 7C F0 54 D8 90 03 3D B7 95 A7 C3 8F 43 D2 33 4F 2F 49 6A D4 5A 20 CD 42 D7 E8 0C E8 9F 0C 3B B7 B8 E4 E8 15 00 23 08 FC E5 14 6A 58 B5 F5 98 F1 E5 51 72 35 5F 38 4D 8A FA C6 4F 90 52 02 90 27 9E BC 15 5A 6D D8 F9 BC 49 E9 B1 55 E7 99 2A AC 91 93 E4 EC E6 3D 3C BD BA 8F 38 07 0A 71 2F 43 0F DB 08 52 62 AE 8B 06 4B DA 78 F7 A0 4E 4A 4C E7 13 C6 45 A3 FD 95 43 F3 3E 4E E7 DA DC DC 29 1A 98 42 BA 13 7E C8 15 12 C5 C5 DE E6 E0 49 30 DE A2 E4 5A C0 32 5F D6 DA ED AA D2 EC 26 CB 1B 23 52 8B DA BB 73 F4 F9 52 FF 14 D4 8F B7 90 AA D5 D2 07 02 26 CB CA 96 3D 35 A2 6D 5D 5E E7 4C 15 1A C3 24 7B 46 70 0F 6B 3F AE 58 5E AE FF 9F 6F 74 14 B2 FF 43 AC 93 BB 2A E1 2E 71 D4 67 9D F7 28 A1 9D BF 87 DC E7 E2 63 3D 56 C8 07 01 56 9B 61 AA BD 9B 78 43 25 7E 66 51 F2 F0 50 BC 26 04 64 09 6D 6E C1 78 40 9E 29 A1 13 C5 69 8A 06 FB C7 FC 6D F6 EE F6 EF 01 7D EC E0 86 7B C3 AF 2E 34 26 97 0D 47 48 8F CD 5C F4 45 D8 51 EA F0 2F 89 7C 4B 1F 21 0C A2 BB DE E6 13 25 4B EA 58 A9 88 2A CF 20 CB 1A 7C B7 C0 17 46 B2 1C B5 F3 CD 08 64 EB 87 BB 35 33 81 08 89 66 0B D3 B7 94 52 2C FA 24 2C D8 D6 83 F3 04 81 40 E8 12 F3 F5 88 08 1E 5B 2B DB 41 9D FF 0C 0C 7A 9A 2B 54 79 78 B0 A6 DB FB 25 DF 55 D0 A2 F8 F1 7B 41 E6 9A 8D 49 BA D9 0F 76 13 DB 41 1C 6B A2 B8 F3 C4 DD 7C F1 C9 CD CC CF 27 88 10 E6 0F 09 DC 6F 2F A2 EC 25 DA 3A F0 E3 56 49 FD BF AD 97 B3 90 40 99 7E 31 A1 98 86 3E 0D 77 BD 88 9A B2 9D 52 10 6C 34 32 13 47 37 E3 DE D8 98 78 A5 5E 66 59 00 0D B9 2F 96 2E E1 D8 A2 CB 91 BD 99 AF AF 31 EB 46 AB 6E FB 84 11 66 6A AD 33 3F DA 1F 55 3F F1 1E 1B 2D D6 E4 77 00 97 D1 33 0D 6C 8A BD A6 69 1C C1 0B 9D 63 D7 DD 77 77 BD 37 11 BA 9B 26 A6 4E 81 FA 8E 67 7B 4E 00 4F 35 34 E8 36 B4 6A 61 30 E1 02 16 B5 B1 37 29 E9 63 B3 E0 4F D3 1F DE 3C DA F8 28 53 81 4E B2 40 D5 57 9E 08 88 2D 92 F9 4D 84 5B 9A A2 9D D8 DD 55 BF 12 14 A7 7E 68 1D 62 9E 7E 26 40 04 98 43 F1 E0 EF E6 18 DC 0F 9A 87 94 02 D0 F5 90 2C B4 F4 6B 43 B6 8E 6C 6B A2 22 41 A4 A9 76 C6 2E 5E 92 CD 01 01 90 46 EA B3 31 F9 08 38 A0 4C FF 39 08 0E DC 5F 75 70 75 4C 90 0D DF 98 F3 55 57 0B BD 9C 80 10 21 23 A1 6D 2C 33 92 B1 68 73 BF 19 C9 81 5C 2A 78 57 23 B7 FD FF 36 E7 CB 74 E5 92 ED F1 58 FB B7 24 B4 68 4E 7B 1B 80 C2 A3 2B B2 31 6C 27 A2 BC B5 91 5B B8 D6 BA 0B 14 AF 69 4B A8 E6 7A 7A 55 11 C6 CA C6 E2 9B 6A 9E 5B 70 49 CA FB 56 2F F2 6E CF 41 E1 6E E7 39 55 0F C8 17 AE E5 A0 B8 C1 68 14 3D 4C 3F AF D4 B7 E7 C1 78 79 EB A6 74 13 C7 81 FC D7 F3 49 0C 5F D3 A6 54 96 F4 B0 7A 05 32 5E DC 34 03 8B 8A 7E 55 58 DD 3F A4 0F A4 24 4E 6D C1 83 E4 BA 2E B1 95 F6 CD 68 CF 7F 77 B8 2F DB 31 0B 89 FF 45 E7 9C 47 D9 DE D7 88 7F 81 D6 0C F2 36 EF 93 A0 DB 34 2C A2 50 4F E8 B2 79 CA 62 8E CF 62 22 41 CD 03 E9 EE 3D 1A 0C 54 B4 62 BB 52 4A 32 14 00 88 51 F6 2B 1D 88 B3 32 9C 0C 4E 7C B7 81 95 6B 38 14 79 1D BD 2A F4 76 33 4E 78 A2 1E E7 AA A4 42 16 E8 C8 A9 7A E3 06 C8 C5 61 B0 A4 8C 1F 46 AE EA 34 12 4C AD D4 9B F3 35 49 C5 E4 95 23 5B FB A5 DE 2A D0 90 D0 B9 4C B9 D0 F1 2B 62 CA E8 6F 42 57 A5 66 64 31 ED E3 D7 37 F6 E0 F9 05 F9 E6 F4 BF 66 15 B8 19 3D 57 21 0A 81 E9 B2 9E E9 DE 91 F7 35 4D 49 E1 07 63 EB FF 26 3E AC 1A 6B 0B B9 84 58 CF 57 C3 25 A6 72 6B 3F 44 35 88 B0 D8 C5 6F BD F8 00 63 40 B6 80 4E CE 25 B2 62 B3 36 5F 22 E4 89 17 42 29 51 3B 3A 33 A8 F5 D2 B7 D9 64 95 6F 88 3C E4 3B DC 8F 6D CF 3A 02 4E DC EE D3 66 19 5E D6 AB 7B CE 50 7D E8 E4 7D E3 21 3D 64 81 E2 E6 F4 92 6E 94 B3 D9 D4 7B 79 C1 3A C2 11 3E 3F 2B 44 2A 2A 8B 20
aad (5): 17 03 03 05 72
aad iv (12): A2 81 44 F3 6D A0 34 1D D0 8A 64 1F
PT SIZE: 1378
decrypted (1378): 0B 00 05 5D 00 00 05 59 00 05 54 30 82 05 50 30 82 04 38 A0 03 02 01 02 02 12 03 A2 ED C6 3F 09 A5 9F EF 7A 3C C3 60 8E 5A AC 2B 66 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 30 32 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 16 30 14 06 03 55 04 0A 13 0D 4C 65 74 27 73 20 45 6E 63 72 79 70 74 31 0B 30 09 06 03 55 04 03 13 02 52 33 30 1E 17 0D 32 31 30 35 31 36 30 38 35 38 31 38 5A 17 0D 32 31 30 38 31 34 30 38 35 38 31 38 5A 30 16 31 14 30 12 06 03 55 04 03 13 0B 72 6F 6E 77 61 72 65 2E 6F 72 67 30 82 01 22 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02 82 01 01 00 BE D9 3C B5 1E 4F D0 12 38 AC 4D 54 E1 49 56 5D E8 27 C2 A2 A8 94 A6 92 D4 78 1B 8D 23 53 3C 11 C8 CE 0B 42 36 7B 2F EE F3 22 87 07 56 B8 00 BC 79 BD C5 4B 88 39 CE 2F CA 73 AE 97 1C 3A 2D 3A 95 BE 58 69 D5 7A 3C C4 79 AF 6D 02 7B 82 B0 F0 33 4F 83 D8 65 62 03 D8 EF 4C 51 0A 18 5B 1D 8D 40 51 46 D1 3B 00 66 11 86 0D 3A 29 15 DC 26 A6 B5 71 F3 D3 4E 46 B3 24 2A 1F E1 AB ED E7 65 C1 72 B0 28 0C 51 70 68 3F 5B CC A6 63 79 FC FD 83 A2 13 80 40 DB E5 03 24 31 DD AD C9 0E C5 61 06 46 5B 9B 6E 1E 04 10 B2 4C A3 F0 8A 63 7A 67 F4 4F A0 0C C3 99 46 E7 CD AD E7 C1 71 E6 F9 4D C6 69 96 DA 27 F6 BB 5A 79 BB DD 3C 97 5C B5 5F 01 DF 34 AE DE 4F 73 9F 81 24 9F 11 53 86 BC 47 89 35 53 DF 34 E5 3A 00 20 24 51 A5 57 EE 37 48 F3 EC AF 8E 23 9A 51 B4 5B 44 F4 AE 9D 18 4C AE 8D 02 03 01 00 01 A3 82 02 7A 30 82 02 76 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 07 03 02 30 0C 06 03 55 1D 13 01 01 FF 04 02 30 00 30 1D 06 03 55 1D 0E 04 16 04 14 84 C3 F1 B5 3F 1A CA 2E 9C 96 A5 CA 13 4D 84 A3 62 C2 8D A4 30 1F 06 03 55 1D 23 04 18 30 16 80 14 14 2E B3 17 B7 58 56 CB AE 50 09 40 E6 1F AF 9D 8B 14 C2 C6 30 55 06 08 2B 06 01 05 05 07 01 01 04 49 30 47 30 21 06 08 2B 06 01 05 05 07 30 01 86 15 68 74 74 70 3A 2F 2F 72 33 2E 6F 2E 6C 65 6E 63 72 2E 6F 72 67 30 22 06 08 2B 06 01 05 05 07 30 02 86 16 68 74 74 70 3A 2F 2F 72 33 2E 69 2E 6C 65 6E 63 72 2E 6F 72 67 2F 30 4B 06 03 55 1D 11 04 44 30 42 82 0E 61 61 72 6F 6E 2D 74 65 63 68 2E 63 6F 6D 82 0B 72 6F 6E 77 61 72 65 2E 6F 72 67 82 12 77 77 77 2E 61 61 72 6F 6E 2D 74 65 63 68 2E 63 6F 6D 82 0F 77 77 77 2E 72 6F 6E 77 61 72 65 2E 6F 72 67 30 4C 06 03 55 1D 20 04 45 30 43 30 08 06 06 67 81 0C 01 02 01 30 37 06 0B 2B 06 01 04 01 82 DF 13 01 01 01 30 28 30 26 06 08 2B 06 01 05 05 07 02 01 16 1A 68 74 74 70 3A 2F 2F 63 70 73 2E 6C 65 74 73 65 6E 63 72 79 70 74 2E 6F 72 67 30 82 01 03 06 0A 2B 06 01 04 01 D6 79 02 04 02 04 81 F4 04 81 F1 00 EF 00 76 00 5C DC 43 92 FE E6 AB 45 44 B1 5E 9A D4 56 E6 10 37 FB D5 FA 47 DC A1 73 94 B2 5E E6 F6 C7 0E CA 00 00 01 79 74 9C B9 D2 00 00 04 03 00 47 30 45 02 21 00 A2 9E 3B 46 42 CD 48 5C D7 B1 49 64 0E 3F 9E 2B B3 3F 31 C4 5D 35 9F EF 01 96 47 20 92 12 31 15 02 20 77 26 4F 52 07 40 A1 D2 C3 E7 44 C3 98 22 99 EA AE 3B 5D 22 60 2D 5B F0 C9 6C 33 F7 43 69 3F 08 00 75 00 F6 5C 94 2F D1 77 30 22 14 54 18 08 30 94 56 8E E3 4D 13 19 33 BF DF 0C 2F 20 0B CC 4E F1 64 E3 00 00 01 79 74 9C B9 FB 00 00 04 03 00 46 30 44 02 20 6D 65 34 3A 0F 81 21 0E 22 34 3E A9 ED B5 B9 DF E0 C0 9F AB B2 7B B2 D1 E0 B7 52 C9 D1 4F FF D4 02 20 59 0B D5 13 C8 59 97 8E C1 8B 4F 4A B1 21 79 2C 9D D4 75 A6 0B 5B DB A6 2D 2D 1D DA 00 89 57 3D 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 03 82 01 01 00 79 E6 3A C9 34 81 75 A9 25 E5 A1 33 AB E4 28 87 56 1B 61 32 D2 53 DF C9 26 0D 56 8D 48 44 39 FF AB 7B B0 FD 51 78 56 DD BF E3 43 31 0E D3 7F 5F 9F 30 AE E4 28 98 40 6A 93 1C 64 5A DC 61 9F 3C 83 61 AE EF E9 97 2A A9 3A 05 52 A0 2D 65 66 72 FF 88 1F 71 04 7C 65 E1 84 A6 EF 07 BC 65 7D 10 73 8E 7D AD 9C 9F B7 37 EA 6E DD 0D F2 E4 1F 3C D8 06 1A 24 41 DB 8E BE 5C D8 8F 95 F6 31 26 74 F7 7C 17 5A C1 0E FC B1 8B A8 C7 85 7C F3 F7 20 6A 0F 8D 3C 4B 44 97 B2 B1 C9 35 7E F8 35 CA 31 DF 80 35 7E 2A 08 22 26 82 59 C0 4C 91 6E 25 ED 16 8B BF 83 CA A1 EB 4C 62 BC 1E B4 4A 0D 0B ED AB 42 16 A5 C1 6B 63 98 8B 7F 67 42 B2 92 BA 50 76 B6 61 C2 29 F8 83 1C 04 B6 9C 43 34 0F 6A 6F E0 A6 DA 7A E4 D9 BD F6 CB 3F 51 91 43 38 DB 41 26 D7 BD A3 36 DA 42 15 2C 6D 66 A3 87 0A A3 54 00 00 16
tag (16): D9 D4 7B 79 C1 3A C2 11 3E 3F 2B 44 2A 2A 8B 20
HANDSHAKE MESSAGE
=> CERTIFICATE
Consumed 1382 bytes
Message type: 17, length: 281
encrypted (281): C6 96 1E F4 C5 B6 94 12 1E 06 78 E1 46 EF ED A2 AD F3 30 31 18 3C 68 09 3E 9B B8 B4 95 7B E8 9F 0E 2D 10 7D 39 75 9D 73 CD D4 76 FC 15 F3 24 97 4C EE 87 26 B3 D1 75 80 88 D7 8D 24 2E 2A 55 8E 8F 96 6E CE F1 C8 06 6E 9A AB 93 6D 4D 38 E8 70 DF 13 ED 49 35 41 EA D1 82 87 4E 60 5E B2 F2 75 8A 69 77 54 13 96 2E 33 E6 D7 98 79 3F 40 06 D0 A7 15 42 FC 6B 7F 5F 36 1A 4E AB 0F 6E F6 60 7B E4 FF 3A CC 10 05 B8 54 89 1D CC AD 26 38 66 CF 6A 97 45 83 DA 3B F0 41 7D EA B4 EF 32 7D D0 12 B1 63 26 1C E4 F7 6B CE 99 6D 12 71 CD 1C 3A 4B 51 EF C7 74 6D B4 7A BC CA 15 C2 26 FE C8 1D F5 2C A6 0D 0F 45 16 42 12 4D FE 9B DD 28 39 8B 82 53 37 E2 29 44 9C 5A 35 3E 30 06 4B FA 80 61 7C C8 0A F0 59 01 9E B9 AA 84 C9 A9 7C A3 0C 0B BA F5 E2 2E 66 C0 FC 3B CB F7 EE 41 B4 ED 1D ED 6A 72 08 77 05 42 D2 0F 14 1D 09 6A 38 67 F2 9D 62 4C 60 04 AF 69 8C B3 94 07
aad (5): 17 03 03 01 19
aad iv (12): A2 81 44 F3 6D A0 34 1D D0 8A 64 1C
PT SIZE: 265
decrypted (265): 0F 00 01 04 08 04 01 00 8F DA B2 7E 43 4D 5F E1 77 B8 EC 69 13 9C 81 B7 A6 59 7A EE 04 0F DF C9 3F 89 A8 C3 8D 19 D9 69 5F 4D B5 33 30 F0 BB 77 3E 24 AD D4 61 0C E6 93 2F FD F0 DA AE B7 23 C0 99 2F 54 CE 6F 59 69 0F F5 76 C8 CF 8A C9 EF 7B 7B 36 3E 9D B1 0A C7 F7 9E 89 17 C9 B7 BE 26 F0 1E C8 45 22 DE 8D 1F F2 7B 5A C5 2A 15 75 E9 D2 75 47 04 21 20 23 E3 B8 74 4B F5 90 A8 E8 4A CD 53 42 74 22 62 16 3C 4C 30 4C 1F 53 2C 0A 67 41 33 83 AC 56 9C BA 8A 2B C6 68 43 BF B1 D3 76 6A BB F9 32 D1 11 A4 07 9D C7 E0 99 AF EC 99 CF 45 59 21 F1 90 74 52 28 15 EB 02 14 AE 7C 28 0D 64 91 BD 51 96 69 7A 8D A1 B4 92 09 79 73 4E 87 2F 5E 7A A6 23 08 36 1F FB 0B F4 39 CD 6A B8 88 42 BA DE 69 D8 19 DD 7E CE 56 BA 49 06 68 34 C7 C2 6C 7F F0 A2 0C 0E D7 CA 27 8C 7E AE 9D 78 92 52 A9 7F 8D A3 BF 7B 94 30 16
tag (16): 09 6A 38 67 F2 9D 62 4C 60 04 AF 69 8C B3 94 07
HANDSHAKE MESSAGE
=> CERTIFICATE VERIFY
signature data (130): 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 4C 53 20 31 2E 33 2C 20 63 6C 69 65 6E 74 20 43 65 72 74 69 66 69 63 61 74 65 56 65 72 69 66 79 00 45 01 F4 30 A4 29 8E 4C 3E 02 F0 00 33 D8 D5 45 A2 FD A8 C7 49 F8 D2 89 A7 14 4F 17 5E B0 15 02
Consumed 269 bytes
Message type: 17, length: 53
encrypted (53): 0C F9 FF 65 6B ED CC 79 57 7C C1 64 A6 2D A0 99 96 B3 1E A2 BE ED 7D 02 95 11 C1 96 B0 30 44 43 01 51 5C 9B 4F 70 B5 4A 6F A8 DB 06 CE 07 FA 8F E6 BF 6C D4 FC
aad (5): 17 03 03 00 35
aad iv (12): A2 81 44 F3 6D A0 34 1D D0 8A 64 1D
PT SIZE: 37
decrypted (37): 14 00 00 20 F7 5D 75 A4 A7 2F B4 EB 98 0F 84 2E 46 91 29 D8 3B 85 B9 1A 1E CB 5E 6B 07 C1 94 BD 14 00 D6 4C 16
tag (16): 70 B5 4A 6F A8 DB 06 CE 07 FA 8F E6 BF 6C D4 FC
HANDSHAKE MESSAGE
=> FINISHED
HS HASH (32): E3 62 A0 E9 CF E6 5E 61 EC 57 6F 91 F8 C6 63 00 A1 1E 22 14 8C B0 D8 98 CD FC 85 6E 9D 43 A0 D0
HS FINISH (32): CA 1F 9D 25 E1 0E B6 84 45 3D E9 B0 E2 F5 E0 AC EE 4E 48 90 14 17 02 D7 33 46 B6 D2 47 F6 AF F3
HS REMOTE FINISH (32): 78 3A 34 01 22 A2 EA 58 2C 3E AC 7B 65 D1 64 D8 FF E5 D3 4B 35 53 F6 A8 AC 15 6E 9C 1F AA 03 A5
<= SENDING FINISHED
HS HASH (32): 96 71 45 37 9D 4E FF 80 47 E7 6B 78 16 A0 7F 1F 51 90 E8 DE 20 DD BF E1 08 3D 83 53 C1 34 3E E6
HS FINISH (32): CA 1F 9D 25 E1 0E B6 84 45 3D E9 B0 E2 F5 E0 AC EE 4E 48 90 14 17 02 D7 33 46 B6 D2 47 F6 AF F3
HS REMOTE FINISH (32): 78 3A 34 01 22 A2 EA 58 2C 3E AC 7B 65 D1 64 D8 FF E5 D3 4B 35 53 F6 A8 AC 15 6E 9C 1F AA 03 A5
VERIFY DATA (32): EB CF AA 23 49 C4 26 E0 97 9E 10 5F 93 EC AC AE E6 82 CA 7F 43 2D 12 72 AA D2 1D 49 EB 24 AA 4A
USING PREVIOUS SECRET (32): D4 0E 3A A6 8E F9 AB CC A0 9A C3 BC D6 E8 A7 B0 61 EA 90 DC 87 C5 4F A6 48 31 0B 62 E1 BF 98 88
INFO (49): 00 20 0D 74 6C 73 31 33 20 64 65 72 69 76 65 64 20 E3 B0 C4 42 98 FC 1C 14 9A FB F4 C8 99 6F B9 24 27 AE 41 E4 64 9B 93 4C A4 95 99 1B 78 52 B8 55
salt (32): 71 32 FC 00 11 5A DA 9F 53 73 77 9A 41 89 23 1E 99 23 DF C2 20 10 F4 71 E3 D4 91 FC 48 2C 91 E1
EXTRACT (32): C4 65 16 FF 32 AA 9A 87 43 0F C9 4A D8 FC 65 AC C9 91 9F 0F 6E 34 49 E9 75 56 0B D0 8C A4 D9 22
messages hash (32): 7A CE A8 EB EA D9 84 7D DB C3 A0 39 95 DF 2D 98 E0 A0 A5 89 3B B1 B3 56 84 05 A8 27 A1 81 A5 25
INFO (54): 00 20 12 74 6C 73 31 33 20 63 20 61 70 20 74 72 61 66 66 69 63 20 96 71 45 37 9D 4E FF 80 47 E7 6B 78 16 A0 7F 1F 51 90 E8 DE 20 DD BF E1 08 3D 83 53 C1 34 3E E6
c ap traffic (32): 8F F1 F6 5B 8D C6 28 15 C9 BE DA A1 F9 A2 F5 F7 E1 BC E3 D4 6A 48 12 1F 38 08 83 FD 1A 0C 2A E3
INFO (13): 00 10 09 74 6C 73 31 33 20 6B 65 79 00
INFO (12): 00 0C 08 74 6C 73 31 33 20 69 76 00
INFO (54): 00 20 12 74 6C 73 31 33 20 73 20 61 70 20 74 72 61 66 66 69 63 20 96 71 45 37 9D 4E FF 80 47 E7 6B 78 16 A0 7F 1F 51 90 E8 DE 20 DD BF E1 08 3D 83 53 C1 34 3E E6
INFO (13): 00 10 09 74 6C 73 31 33 20 6B 65 79 00
INFO (12): 00 0C 08 74 6C 73 31 33 20 69 76 00
CLIENT KEY (16): C1 BD 35 3F 7D 88 AF 94 74 20 92 C1 5C C9 4F 82
CLIENT IV (12): A9 AF 3E 94 4B 34 49 BC 77 2C 0D D2
SERVER KEY (16): 7B 9E 9C 90 7B 04 3A D4 07 D5 E7 98 FB 01 22 8E
SERVER IV (12): 21 CD A1 40 F8 D0 34 76 B0 D1 4C A8
Using cipher ID: 1301
Consumed 41 bytes
Message type: 17, length: 234
encrypted (234): 54 31 B3 10 A1 6B 58 32 24 93 0C B9 93 D4 0E FB BE 13 5A 31 EC FA A1 C1 B9 1D C3 C9 B1 0E 82 6B EC 6D 32 8A 88 EF 7B F8 3D 8F 92 2E C5 D4 C5 3D DF AA 19 E2 30 CE 29 11 03 D5 13 4B D1 2B 90 3B F1 03 38 D9 57 FB 4A 44 CB 8C 68 01 30 1C 0B E5 C9 03 36 D6 FE 2D AF 9E CF 77 F3 06 BF 95 07 83 78 AC C7 1E 63 9F 70 93 73 6C 40 42 48 65 D0 72 70 76 90 FB 14 A6 75 69 DF 03 32 C5 4B 75 88 2E 64 D0 A7 37 A3 14 05 81 44 1A AF 99 83 AC 56 54 6A CB EC 2D 97 1B 01 80 0F 17 1D 24 B7 C8 F2 89 D3 D2 E5 69 75 CC 5F 0C 27 6A D3 E7 85 B0 88 52 24 86 F8 2D FC 86 4B 26 9D 7C 10 6F 4A A4 A5 94 D0 FC 96 3C 9E C0 DA 34 E9 9E D6 AB 5C 9C D2 B6 FF FD D8 B0 BB F8 C4 B1 BB 59 9C 50 04 17 19 CF 7B BC 92 21 06 FC CD 16 4D 00
aad (5): 17 03 03 00 EA
aad iv (12): 21 CD A1 40 F8 D0 34 76 B0 D1 4C A8
PT SIZE: 218
decrypted (218): 04 00 00 D5 00 00 1C 20 BF 77 BB 92 08 00 00 00 00 00 00 00 00 00 C0 F5 82 43 07 3B E6 0B 58 B8 A4 6E D8 4D DA C0 B2 C1 4D CC 3E E0 31 27 8F B2 DB A2 E1 DB 59 8E 1F 36 A4 08 E1 57 6E CC F9 82 1B DF 98 68 C6 E3 DE CB 9F FE 95 05 D1 EC 42 A4 3F C2 3A BD 52 82 E6 43 41 3C 33 B6 4A 8B 5D 5C 9D F9 76 98 44 07 8B C7 13 79 B9 38 B3 59 6A 45 FC 20 0A 07 20 EE E1 1A E1 7F D5 BE DD 38 FF 20 40 2A 5C D1 7C 6A BD 45 5B CF D9 92 B6 78 84 0C 93 60 2A 4E 8E E2 51 54 4D 46 07 5F 6C 39 3E A8 BE C0 AB 5B BE 05 39 FA 31 A9 52 C2 81 25 1B EB E6 7A DF 5F 23 A6 4A 2F CC E9 0B CB B6 32 F3 1D D6 8E 58 A9 FE 3F 3B 57 EB A9 56 4A F9 B8 DD D1 33 D2 84 C5 11 B6 D8 00 00 16
tag (16): 9C 50 04 17 19 CF 7B BC 92 21 06 FC CD 16 4D 00
HANDSHAKE MESSAGE
Consumed 222 bytes
Message type: 17, length: 195
encrypted (195): 6C 1E E0 21 25 3D FC C4 A9 3B FE B7 56 95 54 66 AC 64 17 C2 38 EF 8E C6 7C 5C 20 C6 71 4B AE D5 98 25 34 50 0F 1C 0D 7A F4 F3 53 BF 1D D0 44 E4 1A 65 CA C2 B3 37 6E C2 F6 63 1A 87 04 FF 1B ED 87 04 54 7E 90 99 56 29 73 E8 EB B5 31 A4 93 AC 80 C3 2D D7 D7 19 80 BE A7 84 02 71 C8 BA 96 16 3C 2A 7F 9A 82 38 DE 63 23 86 27 54 50 1E 21 85 24 7A ED FD D8 B6 24 72 38 09 FF F1 B0 BE A5 BF 30 87 D8 9C A6 4D A2 62 91 8D 3A 0A 0B E9 D7 13 AB DF 0C 4B 4B D7 77 C7 B7 9F 00 CF 04 19 7B 6A 20 AF A6 B5 B2 44 9E 35 6E 6F 48 65 C7 E2 28 62 A4 CB EA D3 91 C1 89 EC 36 01 D0 97 47 42 39 B9 5B 7B 5F
aad (5): 17 03 03 00 C3
aad iv (12): 21 CD A1 40 F8 D0 34 76 B0 D1 4C A9
PT SIZE: 179
decrypted (179): 32 35 30 2D 6D 61 69 6C 2E 72 6F 6E 77 61 72 65 2E 6F 72 67 0D 0A 32 35 30 2D 50 49 50 45 4C 49 4E 49 4E 47 0D 0A 32 35 30 2D 53 49 5A 45 0D 0A 32 35 30 2D 45 54 52 4E 0D 0A 32 35 30 2D 41 55 54 48 20 50 4C 41 49 4E 20 4C 4F 47 49 4E 0D 0A 32 35 30 2D 41 55 54 48 3D 50 4C 41 49 4E 20 4C 4F 47 49 4E 0D 0A 32 35 30 2D 45 4E 48 41 4E 43 45 44 53 54 41 54 55 53 43 4F 44 45 53 0D 0A 32 35 30 2D 38 42 49 54 4D 49 4D 45 0D 0A 32 35 30 2D 44 53 4E 0D 0A 32 35 30 2D 53 4D 54 50 55 54 46 38 0D 0A 32 35 30 20 43 48 55 4E 4B 49 4E 47 0D 0A 17
tag (16): D3 91 C1 89 EC 36 01 D0 97 47 42 39 B9 5B 7B 5F
APPLICATION DATA MESSAGE (TLS VERSION: 304):
250-mail.ronware.org
250-PIPELINING
250-SIZE
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
Consumed 183 bytes
-DNO_TLS_WITH_CHACHA20_POLY1305 broken
Hi,
It appears -DNO_TLS_WITH_CHACHA20_POLY1305 tries to use some DTLS code that's not in:
pannekake:~/nmu/tlse> gcc examples/tlshelloworld.c -o tlshello -ltomcrypt -ltommath -DLTM_DESC -DNO_TLS_WITH_CHACHA20_POLY1305
In file included from examples/tlshelloworld.c:1:
examples/../tlse.c: In function ‘dtls_reset_cookie_secret’:
examples/../tlse.c:1388:16: error: ‘dtls_secret’ undeclared (first use in this function); did you mean ‘tls_sni_se ’?
tls_random(dtls_secret, sizeof(dtls_secret));
^~~~~~~~~~~
tls_sni_set
examples/../tlse.c:1388:16: note: each undeclared identifier is reported only once for each function it appears in
In file included from examples/tlshelloworld.c:1:
examples/../tlse.c: In function ‘_private_tls13_key’:
examples/../tlse.c:2797:21: error: ‘TLS_CHACHA20_IV_LENGTH’ undeclared (first use in this function); did you mean TLS_AES_IV_LENGTH’?
iv_length = TLS_CHACHA20_IV_LENGTH;
^~~~~~~~~~~~~~~~~~~~~~
TLS_AES_IV_LENGTH
examples/../tlse.c: In function ‘tls_packet_update’:
examples/../tlse.c:3837:88: error: ‘POLY1305_TAGLEN’ undeclared (first use in this function)
*((unsigned short *)&aad[3]) = htons(packet->len + POLY1305_TAGLEN - header_size);
^~~~~~~~~~~~~~~
examples/../tlse.c: In function ‘_private_dtls_build_cookie’:
examples/../tlse.c:5922:47: error: ‘dtls_secret’ undeclared (first use in this function); did you mean ‘tls_sni_se ’?
hmac_init(&hmac, find_hash("sha256"), dtls_secret, sizeof(dtls_secret));
^~~~~~~~~~~
tls_sni_set
Support for latest libtomcrypt
Last release of ltc is v1.18.2, released mid 2018 and there have been many changes and addition in master branch since
(example: inbuilt support for x22519 and ed25519)
This also means there have been breaking changes around ecc and tlse will not compile with latest ltc
Are there any plans to support this?
SSL_set_fd should return 1 when OK
The SSL_set_fd function returns 0 after successful completion. This should be 1.
Support for false start /early data in TLS 1.2
tls_close_notify should send a "warning" TLS alert instead of "critical"
If a "critical" TLS alert is sent, then openssl, libressl show this message at each connection close:
4151646920:error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000):s3_pkt.c:1293:SSL alert number 0. Their shell exit statuses are 1.
A change is trivial: tls_build_packet inside tls_close_notify should pass critical parameter as 0 instead of 1. With this, both clients show successful closed message, with shell exit status 0.
Strange error: "UNSUPPORTED TLS VERSION 0"
Compiling with debug info, and trying to access "https://www.posti.fi/fi"
Getting:
Initializing dependencies
UNSUPPORTED TLS VERSION 0
Consumed -4 bytes
ERROR IN CONSUME: -4
TLS 1.3 server incompatible with openssl
Server returns with Cipher UNKNOWN when trying to connect on TLS 1.3 with default openssl configurations and other tls client implementations. Only managed to connect TLSe itself.
How to reproduce:
- Install some ecc key/certificate
- Run
examples/tlssimpleserver.c openssl s_client -tls1_3 -connect 127.0.0.1:2000
result: Server doesn't establish connection, says Cipher UNKNOWN
How to use client certificate? I can't find proper interfaces to load client certificate and key.
I use SSL_CTX_use_certificate_file to load client certificate and SSL_CTX_use_PrivateKey_file to load key file.
Android 6.0.1 cannot connect using TLSv1.2
Android 6.0.1 using Google Chrome 64.0.3282.137 cannot connect to my TLSe enabled http server.
According to strace, TLSe waits for more data to come then timeout drops client.
The pcap file is at https://lynxlynx.ru/tmp/androidclient.pcap port number 9999 must be decoded as SSL in Wireshark. Maybe I could provide a log output with strace, but connect attempt was made using real certificates.
While my httpd server still uses compatibility API, most other clients (including my cyanogenmod tablet) connect just fine, as ssllabs say too. Can you look at it?
Buffer overflow in tls_parse_message
I ran cppcheck --enable=warning --quiet . in the root directory of this project and cppcheck detects a buffer overflow in tls_parse_message function:
[tlse.c:7703]: (error) Array 'context.crypto.ctx_remote_mac.remote_aead_iv[4]' accessed at index 11, which is out of bounds.
Socket descriptor can be zero
The common check for invalid descriptor in the code is (ssl_data->fd <= 0), which is wrong. Zero is a valid descriptor.
Connect (to wikipedia) with V13 succeeds, but cannot read data. V12 works
Just as I said. I expect that SSL_connect() would have some kind of error.
Here's code which demonstrates:
#include <stdio.h>
#include <sys/types.h>
#ifdef _WIN32
#include <winsock2.h>
#define socklen_t int
#else
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#endif
#define TLS_AMALGAMATION
#define TFM_DESC
//#define DEBUG 1
#include "../tlse.c"
int main(int argc, char *argv[]) {
int sockfd, portno, n;
struct sockaddr_in serv_addr;
struct hostent *server;
int ret;
char msg[] = "GET %s HTTP/1.1\r\nHost: %s:%i\r\n\r\n";
char msg_buffer[0xFF];
char buffer[8192];
char root_buffer[0xFFFFF];
char *ref_argv[] = {"", "en.wikipedia.org", "443"};
char *req_file = "/w/api.php?format=json&srsearch=wine&action=query&list=search&srlimit=100";
#ifdef _WIN32
// Windows: link against ws2_32.lib
WSADATA wsaData;
WSAStartup(MAKEWORD(2, 2), &wsaData);
#else
// ignore SIGPIPE
signal(SIGPIPE, SIG_IGN);
#endif
SSL_library_init();
SSL_load_error_strings();
// V13 doesn't work, but V12 does:
SSL *clientssl = tls_create_context(0, TLS_V13);
if (!clientssl) {
fprintf(stderr, "Error initializing client context\n");
return -1;
}
argv = ref_argv;
portno = 443;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
fprintf(stderr, "ERROR opening socket");
return -2;
}
server = gethostbyname(argv[1]);
if (server == NULL) {
fprintf(stderr, "ERROR, no such host\n");
return -3;
}
memset((char *) &serv_addr, 0, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
memcpy((char *)&serv_addr.sin_addr.s_addr, (char *)server->h_addr, server->h_length);
serv_addr.sin_port = htons(portno);
if (connect(sockfd,(struct sockaddr *)&serv_addr,sizeof(serv_addr)) < 0) {
fprintf(stderr, "ERROR connecting to %s", argv[1]);
return -4;
}
snprintf(msg_buffer, sizeof(msg_buffer), msg, req_file, argv[1], portno);
// starting from here is identical with libssl
SSL_set_fd(clientssl, sockfd);
// set sni
tls_sni_set(clientssl, argv[1]);
if ((ret = SSL_connect(clientssl)) != 1) {
fprintf(stderr, "Handshake Error %i\n", ret);
return -5;
}
fprintf(stderr, "SENDING:\n%s\n", msg_buffer);
ret = SSL_write(clientssl, msg_buffer, strlen(msg_buffer));
if (ret < 0) {
fprintf(stderr, "SSL write error %i\n", ret);
return -6;
}
while ((ret = SSL_read(clientssl, buffer, sizeof(buffer))) > 0) {
fwrite(buffer, ret, 1, stdout);
}
if (ret < 0)
fprintf(stderr, "SSL read error %i\n", ret);
SSL_shutdown(clientssl);
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
SSL_CTX_free(clientssl);
return 0;
}#include <stdio.h>
#include <sys/types.h>
#ifdef _WIN32
#include <winsock2.h>
#define socklen_t int
#else
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#endif
#define TLS_AMALGAMATION
#define TFM_DESC
//#define DEBUG 1
#include "../tlse.c"
int main(int argc, char *argv[]) {
int sockfd, portno, n;
struct sockaddr_in serv_addr;
struct hostent *server;
int ret;
char msg[] = "GET %s HTTP/1.1\r\nHost: %s:%i\r\n\r\n";
char msg_buffer[0xFF];
char buffer[8192];
char root_buffer[0xFFFFF];
char *ref_argv[] = {"", "en.wikipedia.org", "443"};
char *req_file = "/w/api.php?format=json&srsearch=wine&action=query&list=search&srlimit=100";
#ifdef _WIN32
// Windows: link against ws2_32.lib
WSADATA wsaData;
WSAStartup(MAKEWORD(2, 2), &wsaData);
#else
// ignore SIGPIPE
signal(SIGPIPE, SIG_IGN);
#endif
SSL_library_init();
SSL_load_error_strings();
// V13 doesn't work, but V12 does:
SSL *clientssl = tls_create_context(0, TLS_V13);
if (!clientssl) {
fprintf(stderr, "Error initializing client context\n");
return -1;
}
argv = ref_argv;
portno = 443;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
fprintf(stderr, "ERROR opening socket");
return -2;
}
server = gethostbyname(argv[1]);
if (server == NULL) {
fprintf(stderr, "ERROR, no such host\n");
return -3;
}
memset((char *) &serv_addr, 0, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
memcpy((char *)&serv_addr.sin_addr.s_addr, (char *)server->h_addr, server->h_length);
serv_addr.sin_port = htons(portno);
if (connect(sockfd,(struct sockaddr *)&serv_addr,sizeof(serv_addr)) < 0) {
fprintf(stderr, "ERROR connecting to %s", argv[1]);
return -4;
}
snprintf(msg_buffer, sizeof(msg_buffer), msg, req_file, argv[1], portno);
// starting from here is identical with libssl
SSL_set_fd(clientssl, sockfd);
// set sni
tls_sni_set(clientssl, argv[1]);
if ((ret = SSL_connect(clientssl)) != 1) {
fprintf(stderr, "Handshake Error %i\n", ret);
return -5;
}
fprintf(stderr, "SENDING:\n%s\n", msg_buffer);
ret = SSL_write(clientssl, msg_buffer, strlen(msg_buffer));
if (ret < 0) {
fprintf(stderr, "SSL write error %i\n", ret);
return -6;
}
while ((ret = SSL_read(clientssl, buffer, sizeof(buffer))) > 0) {
fwrite(buffer, ret, 1, stdout);
}
if (ret < 0)
fprintf(stderr, "SSL read error %i\n", ret);
SSL_shutdown(clientssl);
#ifdef _WIN32
closesocket(sockfd);
#else
close(sockfd);
#endif
SSL_CTX_free(clientssl);
return 0;
}
Support for Linux kTLS
Hi,
Is there any chance of getting kTLS support in TLSe? I have a high-throughput use-case and would love to use sendfile() if possible (especially since it saves the malloc), since 99% of my traffic will be able to use that.
Memory leaks in 'tlse.c'
When checking with "valgrind --leak-check=full", it seems some memory leaks are detected:
==30771== 38,400 bytes in 1 blocks are definitely lost in loss record 41 of 50
==30771== at 0x4C2FD5F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30771== by 0x44B2F9: tls_load_root_certificates (tlse.c:9525)
==30771== by 0x44BBEC: SSL_CTX_root_ca (tlse.c:9869)
==30771== by 0x44FF61: SSL_CONNECT (ssl.SSL_CONNECT.h:31)
==30771==
==30771== 256,122 bytes in 1 blocks are definitely lost in loss record 42 of 50
==30771== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30771== by 0x44BB8D: SSL_CTX_root_ca (tlse.c:9865)
==30771== by 0x44FF61: SSL_CONNECT (ssl.SSL_CONNECT.h:31)
The latter can easily be fixed by adding a 'TLS_FREE(buf)' at line 9883 but I guess this is not the preferred way?
Client Certificate Request freezes handshake.
Maybe this issue is related to a particular implementation on a client side.
When Client Verification is enabled like this:
tls_request_client_certificate(ctx);
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,(tls_validation_function)tls_default_verify);
handshake stops after the server sends tls_certificate_request(). The client just does not respond anything.
Is Client Certificate Request/Client Verification stable/tested ?
Compile warnings in amalgamated libtomcrypt.c
This is a wonderful project and really useful! I got TLS working with HTTP but also SMTP and POP3. Thanks for sharing your code.
For your information, when compiling with GCC 4.4 or 4.8 in Centos or Ubuntu some compile warnings about struct initialization pop up:
programming/ooo/tlse-master/libtomcrypt.c:31995: warning: excess elements in struct initializer
programming/ooo/tlse-master/libtomcrypt.c:31995: warning: (near initialization for 'rijndael_desc')
programming/ooo/tlse-master/libtomcrypt.c:31996: warning: excess elements in struct initializer
programming/ooo/tlse-master/libtomcrypt.c:31996: warning: (near initialization for 'rijndael_desc')
programming/ooo/tlse-master/libtomcrypt.c:32004: warning: excess elements in struct initializer
programming/ooo/tlse-master/libtomcrypt.c:32004: warning: (near initialization for 'aes_desc')
programming/ooo/tlse-master/libtomcrypt.c:32005: warning: excess elements in struct initializer
programming/ooo/tlse-master/libtomcrypt.c:32005: warning: (near initialization for 'aes_desc')
Second time export doesn't work
Hello, I'm using this very cool "exportable tls" feature in my research and find out that the second time tls_export_context fails in attached program. When I tried to export imported context, tls_export_context returns NULL. It seems the context->exportable_keys and context->exportablle_size members are missing in imported context.
Is it by design or a bug? Is it impossible to export imported context?
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <stdbool.h>
#include <string.h>
#include <stdnoreturn.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <tlse.c>
static noreturn void die(const char *msg) {
perror(msg);
exit(EXIT_FAILURE);
}
int create_lsock(const char *addr, uint16_t port, int backlog) {
int sock, err;
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock < 0) {
return sock;
}
struct sockaddr_in in_addr;
in_addr.sin_family = AF_INET;
in_addr.sin_addr.s_addr = inet_addr(addr);
in_addr.sin_port = htons(port);
err = bind(sock, (struct sockaddr *)&in_addr, sizeof(in_addr));
if (err) {
close(sock);
return err;
}
listen(sock, backlog);
return sock;
}
int main(int argc, char **argv) {
int lsock, err;
lsock = create_lsock("127.0.0.1", atoi(argv[1]), 100);
if (lsock < 0) {
die("create_lsock");
}
SSL_CTX *sctx = SSL_CTX_new(SSLv3_server_method());
if (!sctx) {
close(lsock);
die("SSL_CTX_new");
}
SSL_CTX_use_certificate_file(sctx,
"testcert/server.crt", SSL_SERVER_RSA_CERT);
SSL_CTX_use_PrivateKey_file(sctx,
"testcert/server.key", SSL_SERVER_RSA_KEY);
if (!SSL_CTX_check_private_key(sctx)) {
close(lsock);
die("SSL_CTX_check_private_key");
}
int csock;
struct sockaddr_in caddr;
socklen_t clen = sizeof(caddr);
csock = accept(lsock, (struct sockaddr *)&caddr, &clen);
if (csock < 0) {
die("accept");
}
SSL *cctx = SSL_new(sctx);
if (!cctx) {
close(lsock);
close(csock);
die("SSL_new");
}
tls_make_exportable(cctx, 1);
SSL_set_fd(cctx, csock);
if (!SSL_accept(cctx)) {
close(lsock);
close(csock);
die("SSL_accept");
}
int export_size;
uint8_t export_buf[0xFFFF];
export_size = tls_export_context(cctx, export_buf, 0xFFFF, 1);
if (export_size < 0) {
close(csock);
SSL_free(cctx);
die("tls_export_context1");
}
SSL *new = tls_import_context(export_buf, export_size);
if (new == NULL) {
close(csock);
SSL_free(cctx);
die("tls_import_context1");
}
tls_make_exportable(new, 1);
/* This will fail */
export_size = tls_export_context(new, export_buf, 0xFFFF, 1);
if (export_size < 0) {
close(csock);
SSL_free(cctx);
die("tls_export_context2");
}
new = tls_import_context(export_buf, export_size);
if (new == NULL) {
close(csock);
SSL_free(cctx);
die("tls_import_context2");
}
close(csock);
SSL_free(cctx);
SSL_free(new);
}Strict aliasing violation warning
First, thanks for great lib ! Second, may be safer to use memcpy here as it is not clear how it will work in different pointer size machines (32bit/64bit ?):
tlse.c: In function Б─≤int chacha20_poly1305_aead(chacha_ctx*, unsigned char*, unsigned int, unsigned char*, unsigned int, unsigned char*, unsigned char*)Б─≥:
tlse.c:803:21: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(int *)&trail[4] = 0;
^
tlse.c:805:22: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(int *)&trail[12] = 0;
^
tlse.c: In function Б─≤void tls_packet_update(TLSPacket*)Б─≥:
tlse.c:3355:67: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(unsigned short *)&temp_buf[3] = *(unsigned short *)&packet->buf[header_size - 2];
^
tlse.c:3397:50: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((uint64_t *)aad) = *(uint64_t *)&packet->buf[3];
^
tlse.c:3399:50: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((uint64_t *)aad) = htonll(packet->context->local_sequence_number);
^
tlse.c:3403:57: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((unsigned short *)&aad[11]) = htons(packet->len - header_size);
^
tlse.c: In function Б─≤int __private_tls_build_random(TLSPacket*)Б─≥:
tlse.c:5702:41: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(unsigned short *)&rand_bytes[0] = htons(packet->context->version);
^
tlse.c:5705:41: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(unsigned short *)&rand_bytes[0] = htons(DTLS_V12);
^
tlse.c:5707:41: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(unsigned short *)&rand_bytes[0] = htons(TLS_V12);
^
tlse.c: In function Б─≤int tls_parse_message(TLSContext*, unsigned char*, int, tls_validation_function)Б─≥:
tlse.c:6508:34: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((uint64_t *)aad) = htonll(dtls_sequence_number);
^
tlse.c:6510:34: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((uint64_t *)aad) = htonll(context->remote_sequence_number);
^
tlse.c:6522:41: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((unsigned short *)&aad[11]) = htons(pt_length);
^
tlse.c:6565:34: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((uint64_t *)aad) = htonll(dtls_sequence_number);
^
tlse.c:6567:34: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((uint64_t *)aad) = htonll(context->remote_sequence_number);
^
tlse.c:6571:41: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*((unsigned short *)&aad[11]) = htons(pt_length);
^
tlse.c:6595:29: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(int *)&trail[4] = 0;
^
tlse.c:6597:30: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(int *)&trail[12] = 0;
^
tlse.c:6677:43: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
*(unsigned short *)&temp_buf[3] = htons(length);
^
Make TLS_MALLOC functions redefinable by application
In tlse.c, on lines 79-81 I see three malloc related defines. It would be great to wrap them into #ifndef / #endif so user application could provide it's own wrappers. My code uses xmalloc/xfree style functions which error out if there is no enough memory. FYI, provided libtomcrypt.c already gives such possibility by redefining it's XMALLOC/etc. stuff, see lines starting from 12978 and 2799.
There is also a little bug in libtomcrypt.c: function der_sequence_free uses plain free instead of XFREE on line 22810.
Armv7 tls_packet_update
Hi! I use tlse in my Android project - DPITunnel and there is one error or bug.
In my project with you library i try to connect to server with SSL_accept method and it works most times, but only on armv7 devices and release build type it gives me this error "Fatal signal 7 (SIGBUS) at 0x613939bd (code=1), thread 30210 (Thread-1211)"
Backtrace
#00 pc 000baeb0 /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (tls_packet_update+567)
#1 pc 000bf8d9 /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (tls_build_encrypted_extensions+132)
#2 pc 000bf23f /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (tls_parse_payload+1102)
#3 pc 000bfd4d /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (tls_parse_message+660)
#4 pc 000c12bb /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (tls_consume_stream+150)
#5 pc 000c21b3 /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (SSL_accept+122)
#6 pc 000d047d /data/app-lib/ru.evgeniy.dpitunnel-1/libdpi-bypass.so (init_tls_server_client(int&, TLSContext*)+52)
LTC_ARGCHK 'b != NULL'
I ran into a crash while using NO_TLS_LEGACY_SUPPORT with TLS 1.3 on https://www.ssllabs.com/ssltest/ using tlssimpleserver.c (master)
Callstack:
!crypt_argchk
!find_prng
!_private_tls_decrypt_dhe <-- buffer == nullptr
!_private_tls_parse_key_share
!tls_parse_hello
!tls_parse_payload
!tls_parse_message
!tls_consume_stream
!SSL_accept
Dump:
Accepting new connection!
Message type: 16, length: 1027
HANDSHAKE MESSAGE
=> CLIENT HELLO
VERSION REQUIRED BY REMOTE 303, VERSION NOW 304
Extension: 0x00 (0), len: 46
SNI HOST INDICATOR: [xxxxxx]
Extension: 0x0a (10), len: 66
SUPPORTED GROUPS (64): 00 19 01 00 01 01 00 01 00 02 00 03 00 04 00 05 00 06 00 07 00 08 00 09 00 0A 00 0B 00 0C 00 0D 00 0E 00 0F 00 10 00 11 00 12 00 13 00 14 00 15 00 16 00 1A 00 1B 00 1C 00 1E 01 02 01 03 01 04
Extension: 0x0b (11), len: 2
SUPPORTED POINT FORMATS (2): 01 00
Extension: 0x0d (13), len: 42
SUPPORTED SIGNATURES (42): 00 28 08 04 08 07 06 01 06 02 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03 02 03 03 02 01 02 02 02 03 08 08 08 05 08 06
Extension: 0x02b (43), len: 3
SUPPORTED VERSIONS (3): 02 03 04
TLS 1.3 SUPPORTED
Extension: 0x033 (51), len: 787
EXTENSION, KEY SHARE (787): 03 11 00 19 00 85 04 00 06 A8 15 06 6C 75 9D 60 E1 31 CF 71 C3 BC 80 83 2F B4 7A 93 01 B9 17 5B 92 36 B5 96 6C D6 A7 2A 88 37 D8 1F 22 59 BB 95 EB A4 ED 80 45 AD C9 6A 81 C2 D9 92 13 E1 5F 43 9A B5 92 FD D5 F0 2C 4E 27 01 D2 9F 60 F6 70 CB 76 B4 11 C5 C5 27 DB 0D 11 02 F9 CD B3 4E 0F 6D 55 92 BB E0 40 E5 C6 B7 15 BD 35 38 00 1A D1 48 90 41 D7 E8 D3 B4 B5 6F C0 F2 BB FC 05 30 9A 17 E0 8F C9 22 C6 84 F9 A4 1D 67 1E 01 00 01 00 F5 80 84 F3 E0 0A E5 64 8F 93 3A 05 AA 7F C8 9F A6 BC 24 97 27 8F AE F1 7B 03 66 AA 02 03 2D 92 4C 79 82 22 1A B2 57 80 E5 64 7B 07 BF DD 1F 8B DC D0 43 6D 09 23 75 52 A1 30 47 4B B3 3D 61 BE 02 77 BB 99 72 4A 50 57 1C 52 5A 43 31 BF A8 BF 6E 9E 9C F0 98 AC 42 D9 57 FC 34 7E 73 56 E2 7D 40 3E C9 E6 F9 B9 78 DD AF 90 BF 44 00 B8 66 32 BC B6 DE 42 40 AF 26 87 9D 1A 38 D8 87 96 CF 27 31 42 92 D7 3E F1 E4 E8 7E 07 4D 04 02 C7 8A 1B 93 6F C8 D6 69 BC 30 2A 40 9D BB 57 68 83 DF A3 3E 7E A6 79 ED 7F E2 64 26 8E 7E C1 15 81 37 9B 0A F1 67 2A 7F 0D 20 3C B9 A0 53 95 78 4A E7 1F 2D E5 AC 6C 0F 53 55 44 72 98 8C 51 D3 9E 3F D4 87 9E 75 E1 E8 05 0D DE E0 31 53 63 80 4D B7 9D 37 A2 99 2E A6 9D AC F9 78 E8 6E 6D 51 77 95 87 75 91 95 17 D0 24 34 23 2C BC EC 9D CC CD 14 FC 01 01 01 80 C3 11 82 36 A9 C0 A4 D0 38 F9 66 45 8F A7 92 2E 14 EA 1F 3C 3F 15 93 56 4E AB 53 6E 8E B3 1C 4D 8E 56 3F 0C 0D C2 79 1A D6 62 32 62 F7 AD ED 5F 7D BD 31 F5 5F 2F 81 45 C6 68 88 B9 02 7B F2 1A BB 83 F9 23 88 8B 88 FB C0 F9 DB EA 87 C8 80 AE 5B 98 2A 02 F6 2A A5 44 6E B1 5E F4 33 AF 3C 73 4F E9 BC AA 9B 01 43 D6 BE 4D B5 64 EF 8C 06 CC 21 3E EF 98 3C 51 2D 68 8B 8E 13 07 42 A5 54 2F 23 AB F0 B4 0B 06 23 AD 43 3D C7 BA 0D D9 C5 01 E7 FB 5B 1D E3 59 38 81 77 0B 0B 91 B1 7D B0 9B FA D3 6B B2 1A 52 00 5C 46 26 7B D8 73 67 A8 BF 99 5C 31 EB 72 C2 A7 6F 64 09 84 B9 4B F3 FE 28 BD C8 3C 3A CB 15 3E E3 40 4D C6 0C 29 6A E0 82 D1 8A 9A F0 8A 92 FF DE 4A 4E 86 34 C9 84 2D F1 B5 86 92 9F C6 67 3F D6 0D D5 0F A9 69 40 51 AA 78 B3 DD 65 F6 5A C3 6C 65 24 9F 9E 09 77 80 71 BD A7 D7 75 C8 43 3D 4A E0 91 31 69 C0 3F 04 92 6E EB F9 05 79 87 E3 E3 BC 22 01 B1 5D 61 34 AF A0 BA B0 D4 56 59 C7 55 90 ED 23 A9 1E AA 75 94 81 B3 DB 0A 3B EF F2 C4 FF 8C 87 8B 7F 8C 22 C6 09 3C 79 AB 3C 5C E7 B4 A1 03 C5 35 CA 6E 19 10 4D FF 20 45 68 A2 88 C8 71 34 27 F6 AC FF B3 20 10 37 C3 AE 97 DA A6 52 D4 53 6F 6E 00 9D 22 84 89 F0 E1 E7 67 86 A0 61 BB 93 7C 67 86 22 F8 F2
LTC_ARGCHK 'b != NULL' failure on line 200 of file src/math/ltm_desc.c
Debug Error!
Cannot compile with TLS_ACCEPT_SECURE_RENEGOTIATION
Complains about 'buf' not defined.
SSL_write / tls_write buffer pointer is not read only
My code is strict about whatever target memory may or may not be modified, so I use const keyword extensively where it matters. However SSL_write's buf pointer is just void *, not const void *. The same is with tls_write. Compiler gives me a warning about that because my wrapper function accepts const void *.
Even my OpenSSL 1.0.0l manual page says buf pointer is const void *.
The fix should be trivial.
Assertion failure on ECDHE handshake
I'm trying to adapt my program to using TLSe, but when connecting with a wget client, I get an assertion failure:
Starting program: /home/sesse/dev/cubemap/cubemap
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Initializing dependencies
[Thu, 29 Mar 2018 12:29:11 +0200] INFO: Cubemap 1.3.2 starting.
[New Thread 0x7ffff50c4700 (LWP 24999)]
1 SEQUENCE
1.1 SEQUENCE
1.1.1 INTEGER(9): 00 BC 34 0C 3A 60 F9 34 C0
1.1.3 SEQUENCE
1.1.3.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.1.3.2 NULL
1.1.4.2 SEQUENCE
1.1.4.1 EMBEDDED PDV
1.1.4.1.1 SEQUENCE
1.1.4.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.4.1.1.2 STR: [NO]
1.1.4.2.1.2 EMBEDDED PDV
1.1.4.2.1.2 SEQUENCE
1.1.4.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.4.2.1.2 STR: [Some-State]
1.1.4.3.1.2 EMBEDDED PDV
1.1.4.3.1.2 SEQUENCE
1.1.4.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.4.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.4.4.1.2 EMBEDDED PDV
1.1.4.4.1.2 SEQUENCE
1.1.4.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.4.4.1.2 STR: [klump.sesse.net]
1.1.5.4.1.2 SEQUENCE
1.1.5.1.1.2 UTC TIME: [180328215649Z]
1.1.5.2.1.2 UTC TIME: [201223215649Z]
1.1.6.2.1.2 SEQUENCE
1.1.6.1.1.2 EMBEDDED PDV
1.1.6.1.1.2 SEQUENCE
1.1.6.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.6.1.1.2 STR: [NO]
1.1.6.2.1.2 EMBEDDED PDV
1.1.6.2.1.2 SEQUENCE
1.1.6.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.6.2.1.2 STR: [Some-State]
1.1.6.3.1.2 EMBEDDED PDV
1.1.6.3.1.2 SEQUENCE
1.1.6.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.6.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.6.4.1.2 EMBEDDED PDV
1.1.6.4.1.2 SEQUENCE
1.1.6.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.6.4.1.2 STR: [klump.sesse.net]
1.1.7.4.1.2 SEQUENCE
1.1.7.1.1.2 SEQUENCE
1.1.7.1.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 01
1.1.7.1.2.2 NULL
1.1.7.2.2.2 BITSTREAM(271): 00 30 82 01 0A 02 82 01 01 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05 02 03 01 00 01
1.1.7.2.1.2 SEQUENCE
1.1.7.2.1.1 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.1.7.2.1.2 INTEGER(3): 01 00 01
1.2.7.2.1.2 SEQUENCE
1.2.1.2.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.2.2.2.1.2 NULL
1.3.2.2.1.2 BITSTREAM(257): 00 00 EC D6 8D 45 AF DA 4E 82 76 63 5B 1B B4 C4 B3 A2 B3 D4 23 48 37 6E B5 CC DE D7 28 29 99 E5 A4 14 7E 9B 06 A8 06 53 02 AD 84 32 25 93 7A 43 F2 E8 68 81 55 9A C2 45 57 C5 92 0C FD E9 E8 1A D5 5E 42 6D 3D 2E 1D 65 88 02 EE 47 39 42 F7 4E 66 61 95 AA 8A A7 AB AB 70 EC 40 52 3C 09 CB F9 F1 C6 3A D4 71 59 4A 17 88 72 D6 C5 AC A3 53 DA AA 84 1B 54 16 9D 65 20 56 37 DF 0D E5 1D BE D3 18 A6 BB 0E 7E 32 5B A1 83 5F 56 96 4C A0 C0 A0 1F 3C E5 F1 85 18 93 AC EE 5B B1 EB E4 04 F6 6D 00 EE 94 43 83 B8 BB A4 55 F2 41 23 AC F1 E2 AF 84 2B 9B DD 3E 68 EF D7 68 C1 EB B0 CE 21 71 81 40 CE 54 5A 16 1F DD 2D F1 7B 1A 7C 1F F6 31 D4 66 DC 39 15 7D B7 12 6C 5A B1 23 8D EE 91 5D 88 15 FD 89 D3 16 BE 90 E9 70 8F 96 F6 66 9F EB C5 19 05 31 17 FC C3 31 86 45 B7 E6 7E 6D BD E2 EB D3
CANNOT READ CERTIFICATE
Loaded certificate: 1
1 SEQUENCE
1.1 INTEGER(1): 00
1.2 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.3 INTEGER(3): 01 00 01
1.4 INTEGER(257): 00 AB 7A E0 90 66 46 D3 EC A9 37 D7 6E 4A 80 60 FC 1E 2A FC C3 0B 34 9F E2 55 02 F7 84 FB E7 74 CB E2 7D F2 A6 A8 37 F0 4D BF FD F8 E3 EF 1F 22 95 07 ED 00 CA 6B 75 DF BB 0B 63 72 01 83 C3 AD D9 9F 5D 58 F8 51 99 32 87 C6 56 5D AF 09 F7 4F 56 1D 10 9A 01 D7 60 BC 05 9A 24 04 4C 88 EC E5 C0 7A 7A D3 56 8A 36 DF 30 B0 FF 57 89 1E EB 58 5F 14 C5 D9 69 68 1A F3 80 60 2B DF A7 14 60 A6 8F EC 96 F2 E2 8F E0 97 90 AE 6C BB E3 95 E1 57 34 38 7E B3 A8 25 6C B8 F0 BA 17 29 CD B2 B4 E0 3E 72 EF A2 86 A5 73 CD FD AC CE 63 FA BD CB 4F CE 04 60 51 B8 E3 FF E8 C4 F3 99 99 5F 3A 95 18 EF 42 9B 9B 66 0B 63 88 C9 34 63 F3 71 D3 E7 10 A3 61 27 50 5D B9 07 E4 AC EE 65 01 0C 3F 19 1A 29 5D F0 AF F6 0C 33 26 A9 EA 7D 27 DE BA 7A 8E 72 EA F2 22 EF EC A1 DB 8D 92 F6 A3 DF 14 0F D6 61
1.5 INTEGER(129): 00 E0 48 21 85 92 C1 EA 16 42 92 CA 13 47 3C 21 B1 70 E2 7D 70 D8 76 50 53 CD 84 EE C9 4A B7 D2 EA 2A E1 8D 91 8B D1 94 CC 3C AE 44 CB D6 06 55 98 36 6B A3 FE 61 78 EB 7C 74 48 CB EC 8F 79 68 32 4D A3 50 0D 27 6F 67 24 A9 54 F9 20 EC 17 9C FA DD F3 29 88 B6 D9 5E F0 CB 22 2A E6 68 55 4B AB 67 A3 1A 17 A0 82 D7 99 0A CC 2E 86 BB 0E 5A 1E 89 A9 37 A1 64 82 5B 58 52 EF 98 7B 97 98 20 3D
1.6 INTEGER(129): 00 D5 9E 82 34 B1 2B 05 B2 D0 49 2E 4F 85 0A 75 E5 A9 24 8B 02 17 45 5A F7 9F 4E 01 9C 15 71 AA 4D C7 49 0D 5D FC 62 F1 7C 90 6A BF 89 DF D1 9C 1B 3A D6 4E B7 E3 19 C0 8D EB 3F 28 75 F7 CE DB 59 59 C6 70 16 01 83 0A E1 12 92 56 51 4B 9D B6 5C 7C 2E ED F4 F6 C1 1E 43 C3 67 5C CD 2E 2E 37 7F DA 92 4D A5 A9 5F DF 41 67 E0 35 77 4F D4 A0 08 71 7D 55 57 75 18 87 66 8A 23 90 DA 2F 8B 6E 69
1.7 INTEGER(129): 00 BD 28 D8 EC F9 6C 07 6C A2 D5 7F 0D 67 65 35 DD 9C 21 CA 3E A4 B2 94 E9 39 4B 46 C2 0A FC A3 2C D0 E1 CF 2E D4 47 FD 41 8C 64 46 AD CC 63 27 49 EB 8C 39 92 50 CF 55 7D 6F ED FD E0 14 DA 06 A1 76 8D A8 F4 8F 30 0C 44 05 75 1F 71 3E EE 63 7D CA 38 4D ED 7A 9A 36 D2 CB E0 93 62 24 D8 DB AB 43 0B 72 F4 3E 72 5C 38 3D BD 1B F8 92 47 76 86 8F 00 63 65 01 8A 58 54 54 0E B4 02 79 46 DA D9
1.8 INTEGER(128): 36 BD 89 AC 2B 02 55 51 7F 22 61 A5 AA F8 05 42 36 D7 D0 6F 56 BB 45 16 53 52 50 03 49 53 79 4A B9 18 B5 3E 32 60 C0 75 25 24 D5 B4 65 10 77 AA 5A A7 74 40 97 07 90 5A 4D C0 3F 84 0B 5E 8C C3 16 C8 4D 0C B6 92 78 05 39 17 1A DB 76 3F 11 EE 1D 3C 81 69 D6 99 A2 41 C7 1F 03 9E E8 88 9B 5C 3E 0C 63 AD 61 FB D9 60 0F 58 5B 1B 19 EF E8 9A 81 4A 96 C5 F4 91 B6 90 C6 31 5A FB 2E 57 D2 91
1.9 INTEGER(129): 00 A8 41 95 63 D7 17 0E 42 C2 7D BD 3E 71 2A 2B 94 3F 39 FC E5 19 6F A4 B0 A9 D4 26 76 AE 1D 8A A0 FC C3 14 C6 94 7B 22 11 83 6E AC 59 36 49 F8 29 D7 A1 86 F3 4C 34 5C A6 C1 0D 06 F3 02 5E 94 27 E7 1E D7 8B A1 83 95 24 CE 72 2C 77 87 E5 BA 39 C1 93 29 BA CB 57 63 B2 D6 24 28 5E 40 D3 B9 6C A4 33 CC D1 51 C9 E0 B1 B6 E8 98 A7 CE 13 63 CE B2 FF 22 4C 5A 8B AD 8F 43 25 10 3E 70 16 4C 6D
Loaded private key
1 SEQUENCE
1.1 SEQUENCE
1.1.1 INTEGER(9): 00 BC 34 0C 3A 60 F9 34 C0
1.1.3 SEQUENCE
1.1.3.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.1.3.2 NULL
1.1.4.2 SEQUENCE
1.1.4.1 EMBEDDED PDV
1.1.4.1.1 SEQUENCE
1.1.4.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.4.1.1.2 STR: [NO]
1.1.4.2.1.2 EMBEDDED PDV
1.1.4.2.1.2 SEQUENCE
1.1.4.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.4.2.1.2 STR: [Some-State]
1.1.4.3.1.2 EMBEDDED PDV
1.1.4.3.1.2 SEQUENCE
1.1.4.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.4.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.4.4.1.2 EMBEDDED PDV
1.1.4.4.1.2 SEQUENCE
1.1.4.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.4.4.1.2 STR: [klump.sesse.net]
1.1.5.4.1.2 SEQUENCE
1.1.5.1.1.2 UTC TIME: [180328215649Z]
1.1.5.2.1.2 UTC TIME: [201223215649Z]
1.1.6.2.1.2 SEQUENCE
1.1.6.1.1.2 EMBEDDED PDV
1.1.6.1.1.2 SEQUENCE
1.1.6.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.6.1.1.2 STR: [NO]
1.1.6.2.1.2 EMBEDDED PDV
1.1.6.2.1.2 SEQUENCE
1.1.6.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.6.2.1.2 STR: [Some-State]
1.1.6.3.1.2 EMBEDDED PDV
1.1.6.3.1.2 SEQUENCE
1.1.6.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.6.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.6.4.1.2 EMBEDDED PDV
1.1.6.4.1.2 SEQUENCE
1.1.6.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.6.4.1.2 STR: [klump.sesse.net]
1.1.7.4.1.2 SEQUENCE
1.1.7.1.1.2 SEQUENCE
1.1.7.1.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 01
1.1.7.1.2.2 NULL
1.1.7.2.2.2 BITSTREAM(271): 00 30 82 01 0A 02 82 01 01 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05 02 03 01 00 01
1.1.7.2.1.2 SEQUENCE
1.1.7.2.1.1 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.1.7.2.1.2 INTEGER(3): 01 00 01
1.2.7.2.1.2 SEQUENCE
1.2.1.2.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.2.2.2.1.2 NULL
1.3.2.2.1.2 BITSTREAM(257): 00 00 EC D6 8D 45 AF DA 4E 82 76 63 5B 1B B4 C4 B3 A2 B3 D4 23 48 37 6E B5 CC DE D7 28 29 99 E5 A4 14 7E 9B 06 A8 06 53 02 AD 84 32 25 93 7A 43 F2 E8 68 81 55 9A C2 45 57 C5 92 0C FD E9 E8 1A D5 5E 42 6D 3D 2E 1D 65 88 02 EE 47 39 42 F7 4E 66 61 95 AA 8A A7 AB AB 70 EC 40 52 3C 09 CB F9 F1 C6 3A D4 71 59 4A 17 88 72 D6 C5 AC A3 53 DA AA 84 1B 54 16 9D 65 20 56 37 DF 0D E5 1D BE D3 18 A6 BB 0E 7E 32 5B A1 83 5F 56 96 4C A0 C0 A0 1F 3C E5 F1 85 18 93 AC EE 5B B1 EB E4 04 F6 6D 00 EE 94 43 83 B8 BB A4 55 F2 41 23 AC F1 E2 AF 84 2B 9B DD 3E 68 EF D7 68 C1 EB B0 CE 21 71 81 40 CE 54 5A 16 1F DD 2D F1 7B 1A 7C 1F F6 31 D4 66 DC 39 15 7D B7 12 6C 5A B1 23 8D EE 91 5D 88 15 FD 89 D3 16 BE 90 E9 70 8F 96 F6 66 9F EB C5 19 05 31 17 FC C3 31 86 45 B7 E6 7E 6D BD E2 EB D3
CANNOT READ CERTIFICATE
Loaded certificate: 1
1 SEQUENCE
1.1 INTEGER(1): 00
1.2 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.3 INTEGER(3): 01 00 01
1.4 INTEGER(257): 00 AB 7A E0 90 66 46 D3 EC A9 37 D7 6E 4A 80 60 FC 1E 2A FC C3 0B 34 9F E2 55 02 F7 84 FB E7 74 CB E2 7D F2 A6 A8 37 F0 4D BF FD F8 E3 EF 1F 22 95 07 ED 00 CA 6B 75 DF BB 0B 63 72 01 83 C3 AD D9 9F 5D 58 F8 51 99 32 87 C6 56 5D AF 09 F7 4F 56 1D 10 9A 01 D7 60 BC 05 9A 24 04 4C 88 EC E5 C0 7A 7A D3 56 8A 36 DF 30 B0 FF 57 89 1E EB 58 5F 14 C5 D9 69 68 1A F3 80 60 2B DF A7 14 60 A6 8F EC 96 F2 E2 8F E0 97 90 AE 6C BB E3 95 E1 57 34 38 7E B3 A8 25 6C B8 F0 BA 17 29 CD B2 B4 E0 3E 72 EF A2 86 A5 73 CD FD AC CE 63 FA BD CB 4F CE 04 60 51 B8 E3 FF E8 C4 F3 99 99 5F 3A 95 18 EF 42 9B 9B 66 0B 63 88 C9 34 63 F3 71 D3 E7 10 A3 61 27 50 5D B9 07 E4 AC EE 65 01 0C 3F 19 1A 29 5D F0 AF F6 0C 33 26 A9 EA 7D 27 DE BA 7A 8E 72 EA F2 22 EF EC A1 DB 8D 92 F6 A3 DF 14 0F D6 61
1.5 INTEGER(129): 00 E0 48 21 85 92 C1 EA 16 42 92 CA 13 47 3C 21 B1 70 E2 7D 70 D8 76 50 53 CD 84 EE C9 4A B7 D2 EA 2A E1 8D 91 8B D1 94 CC 3C AE 44 CB D6 06 55 98 36 6B A3 FE 61 78 EB 7C 74 48 CB EC 8F 79 68 32 4D A3 50 0D 27 6F 67 24 A9 54 F9 20 EC 17 9C FA DD F3 29 88 B6 D9 5E F0 CB 22 2A E6 68 55 4B AB 67 A3 1A 17 A0 82 D7 99 0A CC 2E 86 BB 0E 5A 1E 89 A9 37 A1 64 82 5B 58 52 EF 98 7B 97 98 20 3D
1.6 INTEGER(129): 00 D5 9E 82 34 B1 2B 05 B2 D0 49 2E 4F 85 0A 75 E5 A9 24 8B 02 17 45 5A F7 9F 4E 01 9C 15 71 AA 4D C7 49 0D 5D FC 62 F1 7C 90 6A BF 89 DF D1 9C 1B 3A D6 4E B7 E3 19 C0 8D EB 3F 28 75 F7 CE DB 59 59 C6 70 16 01 83 0A E1 12 92 56 51 4B 9D B6 5C 7C 2E ED F4 F6 C1 1E 43 C3 67 5C CD 2E 2E 37 7F DA 92 4D A5 A9 5F DF 41 67 E0 35 77 4F D4 A0 08 71 7D 55 57 75 18 87 66 8A 23 90 DA 2F 8B 6E 69
1.7 INTEGER(129): 00 BD 28 D8 EC F9 6C 07 6C A2 D5 7F 0D 67 65 35 DD 9C 21 CA 3E A4 B2 94 E9 39 4B 46 C2 0A FC A3 2C D0 E1 CF 2E D4 47 FD 41 8C 64 46 AD CC 63 27 49 EB 8C 39 92 50 CF 55 7D 6F ED FD E0 14 DA 06 A1 76 8D A8 F4 8F 30 0C 44 05 75 1F 71 3E EE 63 7D CA 38 4D ED 7A 9A 36 D2 CB E0 93 62 24 D8 DB AB 43 0B 72 F4 3E 72 5C 38 3D BD 1B F8 92 47 76 86 8F 00 63 65 01 8A 58 54 54 0E B4 02 79 46 DA D9
1.8 INTEGER(128): 36 BD 89 AC 2B 02 55 51 7F 22 61 A5 AA F8 05 42 36 D7 D0 6F 56 BB 45 16 53 52 50 03 49 53 79 4A B9 18 B5 3E 32 60 C0 75 25 24 D5 B4 65 10 77 AA 5A A7 74 40 97 07 90 5A 4D C0 3F 84 0B 5E 8C C3 16 C8 4D 0C B6 92 78 05 39 17 1A DB 76 3F 11 EE 1D 3C 81 69 D6 99 A2 41 C7 1F 03 9E E8 88 9B 5C 3E 0C 63 AD 61 FB D9 60 0F 58 5B 1B 19 EF E8 9A 81 4A 96 C5 F4 91 B6 90 C6 31 5A FB 2E 57 D2 91
1.9 INTEGER(129): 00 A8 41 95 63 D7 17 0E 42 C2 7D BD 3E 71 2A 2B 94 3F 39 FC E5 19 6F A4 B0 A9 D4 26 76 AE 1D 8A A0 FC C3 14 C6 94 7B 22 11 83 6E AC 59 36 49 F8 29 D7 A1 86 F3 4C 34 5C A6 C1 0D 06 F3 02 5E 94 27 E7 1E D7 8B A1 83 95 24 CE 72 2C 77 87 E5 BA 39 C1 93 29 BA CB 57 63 B2 D6 24 28 5E 40 D3 B9 6C A4 33 CC D1 51 C9 E0 B1 B6 E8 98 A7 CE 13 63 CE B2 FF 22 4C 5A 8B AD 8F 43 25 10 3E 70 16 4C 6D
Loaded private key
1 SEQUENCE
1.1 SEQUENCE
1.1.1 INTEGER(9): 00 BC 34 0C 3A 60 F9 34 C0
1.1.3 SEQUENCE
1.1.3.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.1.3.2 NULL
1.1.4.2 SEQUENCE
1.1.4.1 EMBEDDED PDV
1.1.4.1.1 SEQUENCE
1.1.4.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.4.1.1.2 STR: [NO]
1.1.4.2.1.2 EMBEDDED PDV
1.1.4.2.1.2 SEQUENCE
1.1.4.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.4.2.1.2 STR: [Some-State]
1.1.4.3.1.2 EMBEDDED PDV
1.1.4.3.1.2 SEQUENCE
1.1.4.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.4.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.4.4.1.2 EMBEDDED PDV
1.1.4.4.1.2 SEQUENCE
1.1.4.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.4.4.1.2 STR: [klump.sesse.net]
1.1.5.4.1.2 SEQUENCE
1.1.5.1.1.2 UTC TIME: [180328215649Z]
1.1.5.2.1.2 UTC TIME: [201223215649Z]
1.1.6.2.1.2 SEQUENCE
1.1.6.1.1.2 EMBEDDED PDV
1.1.6.1.1.2 SEQUENCE
1.1.6.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.6.1.1.2 STR: [NO]
1.1.6.2.1.2 EMBEDDED PDV
1.1.6.2.1.2 SEQUENCE
1.1.6.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.6.2.1.2 STR: [Some-State]
1.1.6.3.1.2 EMBEDDED PDV
1.1.6.3.1.2 SEQUENCE
1.1.6.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.6.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.6.4.1.2 EMBEDDED PDV
1.1.6.4.1.2 SEQUENCE
1.1.6.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.6.4.1.2 STR: [klump.sesse.net]
1.1.7.4.1.2 SEQUENCE
1.1.7.1.1.2 SEQUENCE
1.1.7.1.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 01
1.1.7.1.2.2 NULL
1.1.7.2.2.2 BITSTREAM(271): 00 30 82 01 0A 02 82 01 01 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05 02 03 01 00 01
1.1.7.2.1.2 SEQUENCE
1.1.7.2.1.1 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.1.7.2.1.2 INTEGER(3): 01 00 01
1.2.7.2.1.2 SEQUENCE
1.2.1.2.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.2.2.2.1.2 NULL
1.3.2.2.1.2 BITSTREAM(257): 00 00 EC D6 8D 45 AF DA 4E 82 76 63 5B 1B B4 C4 B3 A2 B3 D4 23 48 37 6E B5 CC DE D7 28 29 99 E5 A4 14 7E 9B 06 A8 06 53 02 AD 84 32 25 93 7A 43 F2 E8 68 81 55 9A C2 45 57 C5 92 0C FD E9 E8 1A D5 5E 42 6D 3D 2E 1D 65 88 02 EE 47 39 42 F7 4E 66 61 95 AA 8A A7 AB AB 70 EC 40 52 3C 09 CB F9 F1 C6 3A D4 71 59 4A 17 88 72 D6 C5 AC A3 53 DA AA 84 1B 54 16 9D 65 20 56 37 DF 0D E5 1D BE D3 18 A6 BB 0E 7E 32 5B A1 83 5F 56 96 4C A0 C0 A0 1F 3C E5 F1 85 18 93 AC EE 5B B1 EB E4 04 F6 6D 00 EE 94 43 83 B8 BB A4 55 F2 41 23 AC F1 E2 AF 84 2B 9B DD 3E 68 EF D7 68 C1 EB B0 CE 21 71 81 40 CE 54 5A 16 1F DD 2D F1 7B 1A 7C 1F F6 31 D4 66 DC 39 15 7D B7 12 6C 5A B1 23 8D EE 91 5D 88 15 FD 89 D3 16 BE 90 E9 70 8F 96 F6 66 9F EB C5 19 05 31 17 FC C3 31 86 45 B7 E6 7E 6D BD E2 EB D3
CANNOT READ CERTIFICATE
Loaded certificate: 1
1 SEQUENCE
1.1 INTEGER(1): 00
1.2 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.3 INTEGER(3): 01 00 01
1.4 INTEGER(257): 00 AB 7A E0 90 66 46 D3 EC A9 37 D7 6E 4A 80 60 FC 1E 2A FC C3 0B 34 9F E2 55 02 F7 84 FB E7 74 CB E2 7D F2 A6 A8 37 F0 4D BF FD F8 E3 EF 1F 22 95 07 ED 00 CA 6B 75 DF BB 0B 63 72 01 83 C3 AD D9 9F 5D 58 F8 51 99 32 87 C6 56 5D AF 09 F7 4F 56 1D 10 9A 01 D7 60 BC 05 9A 24 04 4C 88 EC E5 C0 7A 7A D3 56 8A 36 DF 30 B0 FF 57 89 1E EB 58 5F 14 C5 D9 69 68 1A F3 80 60 2B DF A7 14 60 A6 8F EC 96 F2 E2 8F E0 97 90 AE 6C BB E3 95 E1 57 34 38 7E B3 A8 25 6C B8 F0 BA 17 29 CD B2 B4 E0 3E 72 EF A2 86 A5 73 CD FD AC CE 63 FA BD CB 4F CE 04 60 51 B8 E3 FF E8 C4 F3 99 99 5F 3A 95 18 EF 42 9B 9B 66 0B 63 88 C9 34 63 F3 71 D3 E7 10 A3 61 27 50 5D B9 07 E4 AC EE 65 01 0C 3F 19 1A 29 5D F0 AF F6 0C 33 26 A9 EA 7D 27 DE BA 7A 8E 72 EA F2 22 EF EC A1 DB 8D 92 F6 A3 DF 14 0F D6 61
1.5 INTEGER(129): 00 E0 48 21 85 92 C1 EA 16 42 92 CA 13 47 3C 21 B1 70 E2 7D 70 D8 76 50 53 CD 84 EE C9 4A B7 D2 EA 2A E1 8D 91 8B D1 94 CC 3C AE 44 CB D6 06 55 98 36 6B A3 FE 61 78 EB 7C 74 48 CB EC 8F 79 68 32 4D A3 50 0D 27 6F 67 24 A9 54 F9 20 EC 17 9C FA DD F3 29 88 B6 D9 5E F0 CB 22 2A E6 68 55 4B AB 67 A3 1A 17 A0 82 D7 99 0A CC 2E 86 BB 0E 5A 1E 89 A9 37 A1 64 82 5B 58 52 EF 98 7B 97 98 20 3D
1.6 INTEGER(129): 00 D5 9E 82 34 B1 2B 05 B2 D0 49 2E 4F 85 0A 75 E5 A9 24 8B 02 17 45 5A F7 9F 4E 01 9C 15 71 AA 4D C7 49 0D 5D FC 62 F1 7C 90 6A BF 89 DF D1 9C 1B 3A D6 4E B7 E3 19 C0 8D EB 3F 28 75 F7 CE DB 59 59 C6 70 16 01 83 0A E1 12 92 56 51 4B 9D B6 5C 7C 2E ED F4 F6 C1 1E 43 C3 67 5C CD 2E 2E 37 7F DA 92 4D A5 A9 5F DF 41 67 E0 35 77 4F D4 A0 08 71 7D 55 57 75 18 87 66 8A 23 90 DA 2F 8B 6E 69
1.7 INTEGER(129): 00 BD 28 D8 EC F9 6C 07 6C A2 D5 7F 0D 67 65 35 DD 9C 21 CA 3E A4 B2 94 E9 39 4B 46 C2 0A FC A3 2C D0 E1 CF 2E D4 47 FD 41 8C 64 46 AD CC 63 27 49 EB 8C 39 92 50 CF 55 7D 6F ED FD E0 14 DA 06 A1 76 8D A8 F4 8F 30 0C 44 05 75 1F 71 3E EE 63 7D CA 38 4D ED 7A 9A 36 D2 CB E0 93 62 24 D8 DB AB 43 0B 72 F4 3E 72 5C 38 3D BD 1B F8 92 47 76 86 8F 00 63 65 01 8A 58 54 54 0E B4 02 79 46 DA D9
1.8 INTEGER(128): 36 BD 89 AC 2B 02 55 51 7F 22 61 A5 AA F8 05 42 36 D7 D0 6F 56 BB 45 16 53 52 50 03 49 53 79 4A B9 18 B5 3E 32 60 C0 75 25 24 D5 B4 65 10 77 AA 5A A7 74 40 97 07 90 5A 4D C0 3F 84 0B 5E 8C C3 16 C8 4D 0C B6 92 78 05 39 17 1A DB 76 3F 11 EE 1D 3C 81 69 D6 99 A2 41 C7 1F 03 9E E8 88 9B 5C 3E 0C 63 AD 61 FB D9 60 0F 58 5B 1B 19 EF E8 9A 81 4A 96 C5 F4 91 B6 90 C6 31 5A FB 2E 57 D2 91
1.9 INTEGER(129): 00 A8 41 95 63 D7 17 0E 42 C2 7D BD 3E 71 2A 2B 94 3F 39 FC E5 19 6F A4 B0 A9 D4 26 76 AE 1D 8A A0 FC C3 14 C6 94 7B 22 11 83 6E AC 59 36 49 F8 29 D7 A1 86 F3 4C 34 5C A6 C1 0D 06 F3 02 5E 94 27 E7 1E D7 8B A1 83 95 24 CE 72 2C 77 87 E5 BA 39 C1 93 29 BA CB 57 63 B2 D6 24 28 5E 40 D3 B9 6C A4 33 CC D1 51 C9 E0 B1 B6 E8 98 A7 CE 13 63 CE B2 FF 22 4C 5A 8B AD 8F 43 25 10 3E 70 16 4C 6D
Loaded private key
1 SEQUENCE
1.1 SEQUENCE
1.1.1 INTEGER(9): 00 BC 34 0C 3A 60 F9 34 C0
1.1.3 SEQUENCE
1.1.3.1 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.1.3.2 NULL
1.1.4.2 SEQUENCE
1.1.4.1 EMBEDDED PDV
1.1.4.1.1 SEQUENCE
1.1.4.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.4.1.1.2 STR: [NO]
1.1.4.2.1.2 EMBEDDED PDV
1.1.4.2.1.2 SEQUENCE
1.1.4.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.4.2.1.2 STR: [Some-State]
1.1.4.3.1.2 EMBEDDED PDV
1.1.4.3.1.2 SEQUENCE
1.1.4.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.4.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.4.4.1.2 EMBEDDED PDV
1.1.4.4.1.2 SEQUENCE
1.1.4.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.4.4.1.2 STR: [klump.sesse.net]
1.1.5.4.1.2 SEQUENCE
1.1.5.1.1.2 UTC TIME: [180328215649Z]
1.1.5.2.1.2 UTC TIME: [201223215649Z]
1.1.6.2.1.2 SEQUENCE
1.1.6.1.1.2 EMBEDDED PDV
1.1.6.1.1.2 SEQUENCE
1.1.6.1.1.1 OBJECT IDENTIFIER(3): 55 04 06
1.1.6.1.1.2 STR: [NO]
1.1.6.2.1.2 EMBEDDED PDV
1.1.6.2.1.2 SEQUENCE
1.1.6.2.1.1 OBJECT IDENTIFIER(3): 55 04 08
1.1.6.2.1.2 STR: [Some-State]
1.1.6.3.1.2 EMBEDDED PDV
1.1.6.3.1.2 SEQUENCE
1.1.6.3.1.1 OBJECT IDENTIFIER(3): 55 04 0A
1.1.6.3.1.2 STR: [Internet Widgits Pty Ltd]
1.1.6.4.1.2 EMBEDDED PDV
1.1.6.4.1.2 SEQUENCE
1.1.6.4.1.1 OBJECT IDENTIFIER(3): 55 04 03
1.1.6.4.1.2 STR: [klump.sesse.net]
1.1.7.4.1.2 SEQUENCE
1.1.7.1.1.2 SEQUENCE
1.1.7.1.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 01
1.1.7.1.2.2 NULL
1.1.7.2.2.2 BITSTREAM(271): 00 30 82 01 0A 02 82 01 01 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05 02 03 01 00 01
1.1.7.2.1.2 SEQUENCE
1.1.7.2.1.1 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.1.7.2.1.2 INTEGER(3): 01 00 01
1.2.7.2.1.2 SEQUENCE
1.2.1.2.1.2 OBJECT IDENTIFIER(9): 2A 86 48 86 F7 0D 01 01 0B
1.2.2.2.1.2 NULL
1.3.2.2.1.2 BITSTREAM(257): 00 00 EC D6 8D 45 AF DA 4E 82 76 63 5B 1B B4 C4 B3 A2 B3 D4 23 48 37 6E B5 CC DE D7 28 29 99 E5 A4 14 7E 9B 06 A8 06 53 02 AD 84 32 25 93 7A 43 F2 E8 68 81 55 9A C2 45 57 C5 92 0C FD E9 E8 1A D5 5E 42 6D 3D 2E 1D 65 88 02 EE 47 39 42 F7 4E 66 61 95 AA 8A A7 AB AB 70 EC 40 52 3C 09 CB F9 F1 C6 3A D4 71 59 4A 17 88 72 D6 C5 AC A3 53 DA AA 84 1B 54 16 9D 65 20 56 37 DF 0D E5 1D BE D3 18 A6 BB 0E 7E 32 5B A1 83 5F 56 96 4C A0 C0 A0 1F 3C E5 F1 85 18 93 AC EE 5B B1 EB E4 04 F6 6D 00 EE 94 43 83 B8 BB A4 55 F2 41 23 AC F1 E2 AF 84 2B 9B DD 3E 68 EF D7 68 C1 EB B0 CE 21 71 81 40 CE 54 5A 16 1F DD 2D F1 7B 1A 7C 1F F6 31 D4 66 DC 39 15 7D B7 12 6C 5A B1 23 8D EE 91 5D 88 15 FD 89 D3 16 BE 90 E9 70 8F 96 F6 66 9F EB C5 19 05 31 17 FC C3 31 86 45 B7 E6 7E 6D BD E2 EB D3
CANNOT READ CERTIFICATE
Loaded certificate: 1
1 SEQUENCE
1.1 INTEGER(1): 00
1.2 INTEGER(257): 00 BB 26 E2 7B 9E 70 1F 64 54 95 6F 99 13 F1 17 FD B6 19 1F 66 03 7C 62 10 DC 46 99 C1 7D A0 09 E7 A3 1A BF 71 F6 81 10 DE 3B 89 D8 67 34 07 38 77 72 B5 AC A6 FB 43 CD 71 4A 56 D8 D6 95 09 9A 72 AD 23 FE D8 F6 E5 62 AF 20 76 FA 20 86 CF DA 56 29 22 5E BF 35 B2 80 52 C4 23 95 19 45 EB 07 2C 1A 87 F5 F1 D8 25 2E 53 7F E2 06 07 B5 B4 04 BB E4 58 2C 06 E9 AF 0A 5A 37 54 24 48 A5 11 C2 9C 59 86 94 48 C5 12 23 9C 21 91 AB 25 9B 83 5C 25 93 76 C6 A7 93 08 A8 D7 48 84 AA A0 DD C5 4E EF 3C F4 B1 E8 2B 60 51 60 43 CE 6F 94 7E 48 1B 59 72 85 5C BD 00 A4 7A 76 9D F4 79 50 84 2B EA 76 AA 12 9F B4 AF E7 A7 F1 2A 35 BA 06 5C 4A 4C F3 DD 91 F3 90 B2 A9 88 59 38 71 22 3E 38 04 77 5F EF 5A 95 84 30 2D F0 05 DD 68 24 8E 40 21 79 A2 E5 7F 83 AA 71 A6 8C F3 67 BF A7 4B 3F 5E 6F 05
1.3 INTEGER(3): 01 00 01
1.4 INTEGER(257): 00 AB 7A E0 90 66 46 D3 EC A9 37 D7 6E 4A 80 60 FC 1E 2A FC C3 0B 34 9F E2 55 02 F7 84 FB E7 74 CB E2 7D F2 A6 A8 37 F0 4D BF FD F8 E3 EF 1F 22 95 07 ED 00 CA 6B 75 DF BB 0B 63 72 01 83 C3 AD D9 9F 5D 58 F8 51 99 32 87 C6 56 5D AF 09 F7 4F 56 1D 10 9A 01 D7 60 BC 05 9A 24 04 4C 88 EC E5 C0 7A 7A D3 56 8A 36 DF 30 B0 FF 57 89 1E EB 58 5F 14 C5 D9 69 68 1A F3 80 60 2B DF A7 14 60 A6 8F EC 96 F2 E2 8F E0 97 90 AE 6C BB E3 95 E1 57 34 38 7E B3 A8 25 6C B8 F0 BA 17 29 CD B2 B4 E0 3E 72 EF A2 86 A5 73 CD FD AC CE 63 FA BD CB 4F CE 04 60 51 B8 E3 FF E8 C4 F3 99 99 5F 3A 95 18 EF 42 9B 9B 66 0B 63 88 C9 34 63 F3 71 D3 E7 10 A3 61 27 50 5D B9 07 E4 AC EE 65 01 0C 3F 19 1A 29 5D F0 AF F6 0C 33 26 A9 EA 7D 27 DE BA 7A 8E 72 EA F2 22 EF EC A1 DB 8D 92 F6 A3 DF 14 0F D6 61
1.5 INTEGER(129): 00 E0 48 21 85 92 C1 EA 16 42 92 CA 13 47 3C 21 B1 70 E2 7D 70 D8 76 50 53 CD 84 EE C9 4A B7 D2 EA 2A E1 8D 91 8B D1 94 CC 3C AE 44 CB D6 06 55 98 36 6B A3 FE 61 78 EB 7C 74 48 CB EC 8F 79 68 32 4D A3 50 0D 27 6F 67 24 A9 54 F9 20 EC 17 9C FA DD F3 29 88 B6 D9 5E F0 CB 22 2A E6 68 55 4B AB 67 A3 1A 17 A0 82 D7 99 0A CC 2E 86 BB 0E 5A 1E 89 A9 37 A1 64 82 5B 58 52 EF 98 7B 97 98 20 3D
1.6 INTEGER(129): 00 D5 9E 82 34 B1 2B 05 B2 D0 49 2E 4F 85 0A 75 E5 A9 24 8B 02 17 45 5A F7 9F 4E 01 9C 15 71 AA 4D C7 49 0D 5D FC 62 F1 7C 90 6A BF 89 DF D1 9C 1B 3A D6 4E B7 E3 19 C0 8D EB 3F 28 75 F7 CE DB 59 59 C6 70 16 01 83 0A E1 12 92 56 51 4B 9D B6 5C 7C 2E ED F4 F6 C1 1E 43 C3 67 5C CD 2E 2E 37 7F DA 92 4D A5 A9 5F DF 41 67 E0 35 77 4F D4 A0 08 71 7D 55 57 75 18 87 66 8A 23 90 DA 2F 8B 6E 69
1.7 INTEGER(129): 00 BD 28 D8 EC F9 6C 07 6C A2 D5 7F 0D 67 65 35 DD 9C 21 CA 3E A4 B2 94 E9 39 4B 46 C2 0A FC A3 2C D0 E1 CF 2E D4 47 FD 41 8C 64 46 AD CC 63 27 49 EB 8C 39 92 50 CF 55 7D 6F ED FD E0 14 DA 06 A1 76 8D A8 F4 8F 30 0C 44 05 75 1F 71 3E EE 63 7D CA 38 4D ED 7A 9A 36 D2 CB E0 93 62 24 D8 DB AB 43 0B 72 F4 3E 72 5C 38 3D BD 1B F8 92 47 76 86 8F 00 63 65 01 8A 58 54 54 0E B4 02 79 46 DA D9
1.8 INTEGER(128): 36 BD 89 AC 2B 02 55 51 7F 22 61 A5 AA F8 05 42 36 D7 D0 6F 56 BB 45 16 53 52 50 03 49 53 79 4A B9 18 B5 3E 32 60 C0 75 25 24 D5 B4 65 10 77 AA 5A A7 74 40 97 07 90 5A 4D C0 3F 84 0B 5E 8C C3 16 C8 4D 0C B6 92 78 05 39 17 1A DB 76 3F 11 EE 1D 3C 81 69 D6 99 A2 41 C7 1F 03 9E E8 88 9B 5C 3E 0C 63 AD 61 FB D9 60 0F 58 5B 1B 19 EF E8 9A 81 4A 96 C5 F4 91 B6 90 C6 31 5A FB 2E 57 D2 91
1.9 INTEGER(129): 00 A8 41 95 63 D7 17 0E 42 C2 7D BD 3E 71 2A 2B 94 3F 39 FC E5 19 6F A4 B0 A9 D4 26 76 AE 1D 8A A0 FC C3 14 C6 94 7B 22 11 83 6E AC 59 36 49 F8 29 D7 A1 86 F3 4C 34 5C A6 C1 0D 06 F3 02 5E 94 27 E7 1E D7 8B A1 83 95 24 CE 72 2C 77 87 E5 BA 39 C1 93 29 BA CB 57 63 B2 D6 24 28 5E 40 D3 B9 6C A4 33 CC D1 51 C9 E0 B1 B6 E8 98 A7 CE 13 63 CE B2 FF 22 4C 5A 8B AD 8F 43 25 10 3E 70 16 4C 6D
Loaded private key
[New Thread 0x7ffff48c3700 (LWP 25000)]
[New Thread 0x7fffeffff700 (LWP 25001)]
[New Thread 0x7fffef7fe700 (LWP 25002)]
[New Thread 0x7fffeeffd700 (LWP 25003)]
[New Thread 0x7fffee7fc700 (LWP 25004)]
[New Thread 0x7fffedffb700 (LWP 25005)]
[New Thread 0x7fffe57fa700 (LWP 25006)]
NEED DATA: 8244/83
Message type: 16, length: 225
HANDSHAKE MESSAGE
=> CLIENT HELLO
VERSION REQUIRED BY REMOTE 303, VERSION NOW 303
Extension: 0x05 (5), len: 5
Extension: 0x0ff01 (65281), len: 1
Extension: 0x023 (35), len: 0
Extension: 0x0a (10), len: 12
SUPPORTED GROUPS (10): 00 17 00 18 00 19 00 15 00 13
SELECTED CURVE secp256r1
Extension: 0x0b (11), len: 2
SUPPORTED POINT FORMATS (2): 01 00
Extension: 0x0d (13), len: 22
SUPPORTED SIGNATURES (22): 00 14 04 01 04 03 05 01 05 03 06 01 06 03 03 01 03 03 02 01 02 03
=> DTLS COOKIE VERIFIED: 0 (224)
<= SENDING SERVER HELLO
<= SENDING CERTIFICATE
<= SENDING EPHEMERAL DH KEY
LTC_ARGCHK 'ltc_mp.name != NULL' failure on line 57 of file src/pk/ecc/ecc_make_key.c
Thread 5 "cubemap" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffef7fe700 (LWP 25002)]
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 ../sysdeps/unix/sysv/linux/raise.c: Ingen slik fil eller filkatalog.
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007ffff652e231 in __GI_abort () at abort.c:79
#2 0x00007ffff72447df in crypt_argchk () from /usr/lib/x86_64-linux-gnu/libtomcrypt.so.1
#3 0x00007ffff725de6f in ecc_make_key_ex () from /usr/lib/x86_64-linux-gnu/libtomcrypt.so.1
#4 0x0000555555590cef in tls_build_server_key_exchange (context=context@entry=0x7ffff7ea3010,
method=method@entry=6) at tlse/tlse.c:4710
#5 0x0000555555595d7d in tls_parse_payload (context=0x7ffff7ea3010, buf=<optimized out>, buf_len=225,
certificate_verify=0x0) at tlse/tlse.c:6341
#6 0x00005555555961c5 in tls_parse_message (context=context@entry=0x7ffff7ea3010, buf=<optimized out>,
buf_len=buf_len@entry=230, certificate_verify=certificate_verify@entry=0x0) at tlse/tlse.c:6674
#7 0x0000555555596e34 in tls_consume_stream (context=0x7ffff7ea3010,
buf=buf@entry=0x7fffef7fd620 "\026\003\001", buf_len=<optimized out>,
certificate_verify=certificate_verify@entry=0x0) at tlse/tlse.c:7662
#8 0x000055555556536b in Server::process_client (this=this@entry=0x7ffff7f6a248,
client=client@entry=0x7fffd0000f58) at server.cpp:474
#9 0x000055555556602f in Server::add_client (this=this@entry=0x7ffff7f6a248, sock=16) at server.cpp:273
#10 0x00005555555661a3 in Server::process_queued_data (this=this@entry=0x7ffff7f6a248) at server.cpp:898
#11 0x00005555555662c1 in Server::do_work (this=0x7ffff7f6a248) at server.cpp:137
#12 0x000055555557c246 in Thread::do_work_thunk (arg=0x7ffff7f6a248) at thread.cpp:63
#13 0x00007ffff774e5aa in start_thread (arg=0x7fffef7fe700) at pthread_create.c:463
#14 0x00007ffff65eecbf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
This is with libtomcrypt 1.8.1; maybe some incompatibilities remaining?
Cannot be built with the current version of libtomcrypt (from Git)
Probably, some structures are changed.
In file included from tlssimple.c:11:
./../tlse.c:1984:44: error: member reference type 'ltc_ecc_dp' is not a pointer; did you mean to use '.'?
if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) {
~~~~~~~^~
.
./../tlse.c:996:67: note: expanded from macro 'mp_read_radix'
#define mp_read_radix(a, b, c) ltc_mp.read_radix(a, b, c)
^
./../tlse.c:1987:40: error: member reference type 'ltc_ecc_dp' is not a pointer; did you mean to use '.'?
if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK) {
~~~~~~~^~
.
./../tlse.c:996:67: note: expanded from macro 'mp_read_radix'
#define mp_read_radix(a, b, c) ltc_mp.read_radix(a, b, c)
^
./../tlse.c:2078:10: error: no member named 'idx' in 'ecc_key'
key->idx = -1;
~~~ ^
./../tlse.c:2079:14: error: assigning to 'ltc_ecc_dp' from incompatible type 'const ltc_ecc_set_type *'
key->dp = dp;
^ ~~
./../tlse.c:2264:10: error: no member named 'idx' in 'ecc_key'
key->idx = -1;
~~~ ^
./../tlse.c:2265:14: error: assigning to 'ltc_ecc_dp' from incompatible type 'const ltc_ecc_set_type *'
key->dp = dp;
^ ~~
There are some warnings too.
Possible bug in SSL_connect()
Around line 10339 in tlse.c, the code
if (tls_established(context))
return 1;
if (context->critical_error)
return TLS_GENERIC_ERROR;
is wrong, I think. Because in bug #55 the tls_consume_stream() actually fails (returns -4) but the tls_established() returns true.
I think the critical_error check should happen first.
EAGAIN & EINTR should be expected
EAGAIN & EINTR ( WSAEWOULDBLOCK & WSAEINTR on windows) errors are conditional and not necessarily mean that something wrong with the socket. Truth is these codes appear with both blocked and non-blocked sockets. So, when you are attempting to send/read directly from socket you should expect these codes and process them accordingly. Otherwise you may terminate a legit connection. The simplest example from method _tls_ssl_private_send_pending updated by me (I need linux/macOS only, so no windows code here and usleep() is not mandatory of course):
int _tls_ssl_private_send_pending(struct TLSContext *context){
....
while ((out_buffer) && (out_buffer_len > 0)) {
int res;
if(ssl_data->fd < 0) return TLS_GENERIC_ERROR;
if (write_cb){
res = write_cb(ssl_data->fd, (char *)&out_buffer[out_buffer_index], out_buffer_len, 0);
}else{
res = send(ssl_data->fd, (char *)&out_buffer[out_buffer_index], out_buffer_len, 0);
if(res < 0){
int err = errno();
//NRD: EAGAIN & EINTR are expected.
if (err == EAGAIN || err == EINTR){
usleep(1000); continue;
}
}
}
if (res <= 0) {
send_res = res;
break;
}
out_buffer_len -= res;
out_buffer_index += res;
send_res += res;
}
Multipurpose implementation should be more complex of course.
tls_load_root_certificates does not contain TLS_X509_V1_SUPPORT
I guess TLS_X509_V1_SUPPORT switch should be copied from tls_load_certificates.
Various Coverity warnings
Hi,
I analyzed a project that uses TLSe using Coverity's free service (Scan), and it found a number of issues in TLSe that I thought I'd pass on. (I can invite you to the project if you wish to have a look directly in the system yourself; the error messages are somewhat more detailde.)
The ones that I found immediately relevant (line numbers are at bdbf5ecc):
- tlse.c:9685: setsockopt() to set TCP_ULP to "tls" doesn't check the return value.
- tlse.c:1733: Various _done() functions are assigned to err (indicating they can actually return an error?), but never actually checked.
- tlse.c:5237: “key_size = strlen(default_dhe_g);” is unreachable code; it cannot be reached whether default_dhe_g is nullptr or not. I assume the || should have been && earlier?
- tls_build_certificate(): This function returns early if !all_certificate_size, yet checks it again immediately below (causing more dead code).
- __private_tls_prefer_ktls(): context is dereferenced, and only then NULL-checked later. Either the order should be switched around, or the NULL check is redundant.
In all, there are 20 reported issues, of which I would assume there's one or two issues that could potentially be real user-facing bugs. Whether the dead code is important to you or not is a different story, of course :-) And then, there are probably some straight-out false positives.
Compile error with external libtomcrypt (1.18.1)
I'm trying to compile with external libtomcrypt (ie., no TLS_AMALGAMATION), using 1.18.1 (ie., the latest version). I get two classes of errors, though. First, it seems there are some redefinitions of Poly1305 functions:
tlse/tlse.c:540:6: error: conflicting types for ‘poly1305_init’
void poly1305_init(poly1305_context *ctx, const unsigned char key[32]) {
^~~~~~~~~~~~~
In file included from /usr/include/tomcrypt.h:86:0,
from tlse/tlse.c:47:
/usr/include/tomcrypt_mac.h:118:5: note: previous declaration of ‘poly1305_init’ was here
int poly1305_init(poly1305_state *st, const unsigned char *key, unsigned long keylen);
^~~~~~~~~~~~~
I can compile out Poly1305, but there's still this one:
tlse/tlse.c: In function ‘__private_tls_decrypt_rsa’:
tlse/tlse.c:1452:100: error: ‘LTC_LTC_PKCS_1_V1_5’ undeclared (first use in this function); did you mean ‘LTC_PKCS_1_V1_5’?
err = rsa_decrypt_key_ex(buffer, len, out, &out_size, (unsigned char *)"Concept", 7, hash_idx, LTC_LTC_PKCS_1_V1_5, &res, &key);
^~~~~~~~~~~~~~~~~~~
LTC_PKCS_1_V1_5
I think maybe this changed from 1.17 to 1.18; can that be right? Is it documented anywhere what version of libtomcrypt is supported?
Implement TLS_ECDSA_SIGN_SHA256_OID (prevents access to Cloudflare Domains)
A significant amount of internet traffic is shielded by Cloudflare. Including my website, which is why I was surprised to see certificate validation fail for them. Here's why and what would need to be done to fix it.
When we modify the non-blocking low-level example (tlsclienthello) to use proper certificate validation, we'll run into an issue with tls_certificate_chain_is_valid. For domains like google.com and tio.run, this works fine but fails for domains like std.fyi which use Cloudflare's SSL.
A quick openssl s_client -connect <host>:443 shows us why. google.com's certificate (Google CA) and tio.run's cert (LetsEncrypt CA) use RSA as the signature type and SHA256 as the digest. The digest is verified by tls_certificate_verify_signature which is called by tls_certificate_chain_is_valid.
With a cert using ECDSA as the signature algorithm, tls_certificate_verify_signature will fail. It does so because the algorithm field is completely empty. The reason for that is a bug in the tls_certificate_set_algorithm function. That function doesn't error if no matching OID was found for the given length, instead it just silently returns, leaving the algorithm and single fields zero'd out.
If we compile with debugging and catch the moment where the sig alg is supposed to be set:
if (_is_field(fields, algorithm_id)){
DEBUG_PRINT(" !!!SIGN_ALGO!!! ");
tls_certificate_set_algorithm(&cert->algorithm, &buffer[pos], length);
}we can see that Cloudflare's cert returns this OID (I also added a debug print to set_algo to catch aforementioned silent error):
HANDSHAKE MESSAGE
=> CERTIFICATE
1 SEQUENCE
1.1 SEQUENCE
1.1.1 CONTEXT-SPECIFIC
1.1.1.1 INTEGER(1): 02
1.1.2.1 INTEGER(16): 0F 2D 3B A8 03 88 D7 77 0A 84 D6 75 1E 28 5A 79
1.1.3.1 SEQUENCE
1.1.3.1 !!!SIGN_ALGO!!! (ERROR: L8 ALGO DOESN'T MATCH ANY OID) OBJECT IDENTIFIER(8): 2A 86 48 CE 3D 04 03 02
This confirms my suspicion. In fact, the received OID 2A 86 48 CE 3D 04 03 02 matches TLS_ECDSA_SIGN_SHA256_OID, which is part of a commented line in tlse.c, but none of the ECDSA algos are handled by signature verification functions.
To summarize, two problems identified here:
tls_certificate_set_algorithmshould fail early when no matching OID was found instead of silently carrying on- ECSDA support needs to be added. Cloudflare customers can't change the default cert settings and I predict a steady increase in CAs switching to ECDSA sigs over the next few years.
The only workaround, for now, is to either no-op the entire tls_certificate_chain_is_valid call or no-op tls_certificate_verify_signature for the specific case of empty algorithm fields.
Can't connect with certain servers
(reported also via email)
The relevant debug dump is
SIGN SHA256
Consumed 2620 bytes
Message type: 16, length: 333
HANDSHAKE MESSAGE
=> SERVER KEY EXCHANGE
IANA CURVE NUMBER: 23
SIGNATURE (69/0/65): 0C 85 75 74 6D EC D5 59 85 66 3F 9D 8E 94 16 F8 2E F1 06 5C 51 01 BA FB 62 BA 25 41 6F 15 DA FA EF B3 6B CE 65 99 39 CC 4E C6 93 5B 30 FF 5D 31 43 01 36 E5 78 39 5B 15 ED A7 EA 98 A5 B5 F6 DD 94 CC 6C C6 C3 C4 BA 5E 01 DB 50 52 11 C3 74 DC AC D7 C3 A3 06 08 8D 87 8E E8 EC C8 01 FC A1 34 D1 A8 39 35 D4 EF A0 F9 C3 08 B3 92 B8 E7 5E D5 AF 1E CF 08 D9 EF EB 81 FB 27 5D 35 AD 96 A5 D9 1C B4 20 AF FC 2F E1 86 FD CF F2 AE 8B 59 15 CD 45 8F DC E4 39 BA 93 92 7C 78 5A 64 5F 3D 00 C6 01 89 6D 9D 1C 03 9D D1 CF 16 F0 F1 3A 36 F8 63 53 3A 6B 20 D5 88 2C 3C 31 DC A7 18 40 C0 AE E5 55 87 6E 2B F1 32 79 FB 54 C4 95 FE 59 62 40 00 69 21 8C B1 19 DE 23 87 1F 7D 4C C6 07 65 6B E5 A7 2B 50 52 75 39 85 5F AD F0 A5 64 CD 32 0B D6 FF DD 0B 93 59 C3 EC D6 26 95 01 3B A8 9E CA 7A
OUT_SIZE: 32
ECC DHE (32): 8B B5 72 A4 D1 C9 E7 57 8B 6E 19 DC F2 10 A6 22 A3 19 A0 10 4B 36 27 AC 55 04 3E F5 6E 19 6F 8B
Consumed 338 bytes
Message type: 16, length: 4
HANDSHAKE MESSAGE
=> SERVER HELLO DONE
<= Building KEY EXCHANGE
=========== Master key ===========
1E 20 A8 41 EC 09 A3 34 09 BE 20 C0 B8 86 09 D0 B1 60 22 C2 4B 93 18 70 FD 0C 1A F7 85 BD 12 29 B8 27 4E 10 9B A2 59 DE F3 12 D2 B2 D6 DB CD B1
LOCAL RANDOM (32): 5E F9 9D DD 5F BA AC D4 28 8A D4 57 C1 59 71 48 DF 8B 19 3D 2D A0 A8 62 A5 D6 90 3F 35 BB 9F 2F
REMOTE RANDOM (32): 9B 88 5D 3E 04 9F D9 5D 12 6F D8 F0 98 CA F2 62 C8 EE 92 CF 9C 2C 73 9D 44 4F 57 4E 47 52 44 01
=========== EXPANSION ===========
F0 C0 AD ED 52 66 CC 5F 08 AD D6 D3 81 A2 4F 9E 55 D8 5C C1 EB 44 76 C2 D0 51 59 BA 85 61 1C 3B 9E B4 9D DE E8 D4 03 DD 56 B7 11 66 4F 52 64 50 3A 85 9B F3 25 9C 22 88 BA 32 39 71 73 09 2F 34 71 C4 BC FE 91 94 CE DC 44 D4 F7 3C 10 24 86 53 13 E7 90 29 52 5A A2 B4 63 36 51 71 E3 4B F4 4D 3B A7 2B 2F 48 C6 2E 67 7C 31 A4 8A F2 B3 F9 F6 68 62 FE 2E A6 9A 9D 3F 29 CE 1D 44 52 08 9A A0 5F B6 FC B9 A4 0D B8 D7 F8 5E 37 88 9E 86 F1 34 CD E0 D7 C8 AF 3D 7A CF 68 35 98 4B D4 E3 88 1C 11 78 7D F5 20 0D 6C 9C 1F CC 3D ED AC 15 B6 5F 66 DD D4 8E DD D6 A9 2F 10 AF 3C D6 90 E4 CE E0
EXPANSION 40/192
CLIENT KEY (16): F0 C0 AD ED 52 66 CC 5F 08 AD D6 D3 81 A2 4F 9E
CLIENT IV (4): 9E B4 9D DE
CLIENT MAC KEY (32): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
SERVER KEY (16): 55 D8 5C C1 EB 44 76 C2 D0 51 59 BA 85 61 1C 3B
SERVER IV (4): E8 D4 03 DD
SERVER MAC KEY (32): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Using cipher ID: c02f
<= Building CHANGE CIPHER SPEC
<= Building CLIENT FINISHED
VERIFY DATA (12): F2 CC 9C F9 81 C5 7D A3 07 15 EF 5B
Consumed 9 bytes
Message type: 14, length: 1
CHANGE CIPHER SPEC MESSAGE
Consumed 6 bytes
Message type: 16, length: 40
encrypted (40): F3 98 96 14 99 DD 2B 98 80 C0 E4 7D 16 64 AE 6D 32 5D 34 01 85 79 33 E3 73 D0 57 5E D5 3C E2 BE 08 8C 4E EE 16 73 A3 EB
aad (13): 00 00 00 00 00 00 00 00 16 03 03 00 10
aad iv (12): E8 D4 03 DD F3 98 96 14 99 DD 2B 98
PT SIZE: 16
decrypted (16): 14 00 00 0C 08 C4 F0 95 50 35 14 37 56 AE 16 77
tag (16): 73 D0 57 5E D5 3C E2 BE 08 8C 4E EE 16 73 A3 EB
HANDSHAKE MESSAGE
=> FINISHED
Consumed 21 bytes
Message type: 16, length: 28
encrypted (28): F3 98 96 14 99 DD 2B 99 14 43 55 9D D6 F6 A5 43 05 2C ED EA EF DB DB 9E 15 05 55 EF
aad (13): 00 00 00 00 00 00 00 01 16 03 03 00 04
aad iv (12): E8 D4 03 DD F3 98 96 14 99 DD 2B 99
PT SIZE: 4
decrypted (4): 00 00 00 00
tag (16): D6 F6 A5 43 05 2C ED EA EF DB DB 9E 15 05 55 EF
HANDSHAKE MESSAGE
Consumed 9 bytes
Message type: 15, length: 26
encrypted (26): F3 98 96 14 99 DD 2B 9A E1 6C 98 B6 90 3D 32 81 FA 22 ED 89 30 31 7A F9 35 22
aad (13): 00 00 00 00 00 00 00 02 15 03 03 00 02
aad iv (12): E8 D4 03 DD F3 98 96 14 99 DD 2B 9A
PT SIZE: 2
decrypted (2): 02 28
tag (16): 98 B6 90 3D 32 81 FA 22 ED 89 30 31 7A F9 35 22
ALERT MESSAGE
02 28 Consumed -12 bytes
ERROR IN CONSUME: -12
Latest release?
Sorry, I know about "releases" tab. However, the last version was released more than a year ago. A little confused. Is "master" branch stable?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.