Comments (16)
eduardsui
commented on September 15, 2024
1
Hello! Iām fine, thank you Ron, still sailing. Hope to get back sometime at the end of this month. I will update this soon. Now Iām enjoying the nice weather and the breeze.
from tlse.
turbo
commented on September 15, 2024
Note this only applied to TLS1.2 with ECDSA. TLS 1.3 works fine.
from tlse.
ronaaron
commented on September 15, 2024
Were you able to implement a fix for this?
from tlse.
turbo
commented on September 15, 2024
No, I don't know enough about ECDSA (yet) to do this properly. For now, I'm using a fallback in my own fork, see the flowchart at the end of https://github.com/turbo/nuTLS
from tlse.
ronaaron
commented on September 15, 2024
Thanks. Hopefully Eduard is ok and will make an appearance soon.
from tlse.
ronaaron
commented on September 15, 2024
Oh, I'm happy to hear that! Be well and stay safe.
from tlse.
turbo
commented on September 15, 2024
That's good to hear!
Side note: if you want to get rid of the google license if x25519 is used, the NaCl code (public domain) works as a drop-in replacement, see: https://github.com/turbo/nuTLS/blob/master/nutls.c#L18563-L18815
from tlse.
ronaaron
commented on September 15, 2024
It looks like one of my issues is actually this. Perhaps both of them are.
from tlse.
eduardsui
commented on September 15, 2024
@turbo, can you provide a test domain for this issue?
Thanks!
from tlse.
turbo
commented on September 15, 2024
Feel free to use the domains from the issue. std.fyi is my domain.
from tlse.
eduardsui
commented on September 15, 2024
I'm trying to understand what is happening. I'm getting an alert, just after the hello message (0x28 - I think this is handshake failure). I'm not sure why... TLSe already reports supporting ecdsa_secp256r1_sha256(0x0403)... but I get this alert. Does anyone has some idea why?
from tlse.
ronaaron
commented on September 15, 2024
I think I'm seeing the same thing from a user trying to access https://api.tiingo.com/
from tlse.
ronaaron
commented on September 15, 2024
Enabling DEBUG in tlssimple.c with the 'api.tiigo.com' host, I get:
Initializing dependencies
Message type: 15, length: 2
ALERT MESSAGE
02 50 Consumed -12 bytes
ERROR IN CONSUME: -12
SSL write error -6
from tlse.
eduardsui
commented on September 15, 2024
It seems that SHA384 ciphers don't work as expected. If I remove the SHA348 ciphers, everything works fine.
from tlse.
eduardsui
commented on September 15, 2024
Ok, fixed the SHA384 issue, @ronaaron, now it should be ok. It seems that there were multiple issues with the client hello. I use this library mainly as a server so thank you for testing the client.
from tlse.
ronaaron
commented on September 15, 2024
Excellent work, Eduard. I can confirm that the problem I was having with that one site is over (had to specify TLS ver 1.3 to connect, but it now works).
from tlse.
Related Issues (20)
- Failure to notice incorrect handshake on SSL_connect
- TLS 1.3 server incompatible with openssl
- LTC_ARGCHK 'b != NULL' HOT 3
- Support for latest libtomcrypt HOT 5
- SSL_read function strange behavior vs openssl's SSL_read HOT 1
- Merge into tomcrypt HOT 2
- what is "for semantic compatibility" means? HOT 1
- Examples expects testcert folder. HOT 1
- HTTPS Server wont respond when using ECDHE-RSA-AES256GCM-SHA384 cipher HOT 1
- Growtopia wont respond when using TLSe HOT 14
- Async sockets. HOT 5
- Tomcrypt version HOT 2
- Is its possible to make HTTPS Proxy using TLSe? HOT 3
- A website using Cloudflare is giving me 403 when using test client code, but works with Chrome, why? HOT 5
- TLSE fails to contact Cloudflare server, where curl works fine, I eliminated every cause I could think of HOT 8
- How do i set TLSe Client Cipher? HOT 2
- TLS 1.3: Early data
- CHECK_SIZE in tls_parse_verify_tls13 HOT 11
- Examples: tlshelloworld.c, tls_read or recv? HOT 1
- CANNOT READ CERTIFICATE and ALERT MESSAGE ERROR HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ššš
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ā¤ļø Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tlse.