1 (edited by SamSam 2018-08-08 06:40:06)

Topic: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hello,

Build wolfSSL 3.15.3
./configure --enable-all
make

Use wolfSSL client to connect to host

ww.tvnow.de

1. default method wolfTLSv1_2_client_method_ex without wolfSSL_CTX_UseSupportedCurve call

examples/client/.libs/client -S HOST_NAME -h HOST_NAME -p 443 -d -x -C -g -i 

client use wolfTLSv1_2_client_method_ex method and in the "Client Hello" message wolfSSL send information about following extensions:
- signature_algorithms
- ec_point_formats
- elliptic_curves
- SessionTicket TLS
- server_name
- Unknown 23

result: SSL handshake successful

2. default method wolfTLSv1_2_client_method_ex with wolfSSL_CTX_UseSupportedCurve call

examples/client/.libs/client -S HOST_NAME -h HOST_NAME  -p 443 -d -x -C -g -i -t

client use wolfTLSv1_2_client_method_ex method and in the "Client Hello" message wolfSSL send information about following extensions:
- signature_algorithms
- elliptic_curves
- SessionTicket TLS
- server_name
- Unknown 23
Information about ec_point_formats is missed.
result: SSL handshake failed with error wolfSSL_connect error -313, revcd alert fatal error

3. method wolfSSLv23_client_method_ex

examples/client/.libs/client -S HOST_NAME  -h HOST_NAME  -p 443 -d -x -C -g -i -v d

client use wolfSSLv23_client_method_ex method and in the "Client Hello" message wolfSSL send information about following extensions:
- Unknown 43
- signature_algorithms
- elliptic_curves
- Unknown 51
- SessionTicket TLS
- server_name
Information about ec_point_formats is missed.
result: SSL handshake failed with error wolfSSL_connect error -313, revcd alert fatal error

Summary:
The wolfSSL does not send information about elliptic_curves extension when:
- method wolfSSLv23_client_method_ex
or
- wolfSSL_CTX_UseSupportedCurve was call

It causes  SSL handshake failed.

It looks that host www.tvnow.de need information about  ec_point_formats extension, but the wolfSSL in describad cases does not send it?
Can you explain why? It is posible to call some function to add this extension to "Client Hello" message?

Please note that libcurl always call wolfSSL_CTX_UseSupportedCurve
https://github.com/curl/curl/blob/10d8f … s/cyassl.c

  CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x17); /* secp256r1 */
  CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x19); /* secp521r1 */
  CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x18); /* secp384r1 */

and also use wolfSSLv23_client_method as default.

This results to make impossible to connect to some host using libcurl + wolfSSL.

It looks like bug in the wolfSSL library.
Can you please take a look on this and give solution for this problem, please?

Regards,
Sam Sam

Share

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hi SamSam,

Thank you for using the wolfSSL forums!

2. default method wolfTLSv1_2_client_method_ex with wolfSSL_CTX_UseSupportedCurve call
examples/client/.libs/client -S HOST_NAME e -h HOST_NAME  -p 443 -d -x -C -g -i -t
client use wolfTLSv1_2_client_method_ex method and in the "Client Hello" message wolfSSL send information about following extensions:
- signature_algorithms
- elliptic_curves
- SessionTicket TLS
- server_name
- Unknown 23
Information about ec_point_formats is missed.
result: SSL handshake failed with error wolfSSL_connect error -313, revcd alert fatal error

Unless you modified the client manually this is not using TLS 1.3. This is TLS 1.2. Use argument "-v 4" to set TLS 1.3.
The -t option does NOT need ec_point format, instead this sends the "key_share" extension indicating a desire to use x25519 for key exchange.


3. method wolfSSLv23_client_method_ex
examples/client/.libs/client -S HOST_NAME  -h HOST_NAME  -p 443 -d -x -C -g -i -v d
client use wolfSSLv23_client_method_ex method and in the "Client Hello" message wolfSSL send information about following extensions:
- Unknown 43
- signature_algorithms
- elliptic_curves
- Unknown 51
- SessionTicket TLS
- server_name
Information about ec_point_formats is missed.
result: SSL handshake failed with error wolfSSL_connect error -313, revcd alert fatal error
Summary:
The wolfSSL does not send information about elliptic_curves extension when:
- method wolfSSLv23_client_method_ex
or
- wolfSSL_CTX_UseSupportedCurve was call

I'll look into this one and get back to you on what I find!

Warm Regards,

Kaleb

3 (edited by SamSam 2018-08-07 05:40:18)

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

@Kaleb J. Himes

Thank you for the update.

I did not modify the client source code.

In provided by me examples I do use TLS1.3 nowhere. I used parameter "-t" because with this option function wolfSSL_CTX_UseSupportedCurve  is called.

The problem is when wolfSSL_CTX_UseSupportedCurve is called, as it is done by the libcurl or when you use method wolfSSLv23_client_method_ex  then wwolfSSL does not send information about elliptic_curves extension.

I gave step by step scenario how to reproduce the problem.

At now there is no possible to connect to http://www.tvnow.de/ via curl when the wolfSSL 3.15.3 (./configure --enable-all) is used as SSL backend and this is the main problem, all others are only my own investigation.

Best regards,
Sam Sam

Share

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

@SamSam,


Just letting you know I have asked @embhorn to take a look at your report as a possible maintenance item. He is reviewing and will post an update when he has a solution.

- Kaleb

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hi Sam Sam,

I am trying to reproduce the issues you have reported. For now I would like to try using only wolfSSL, we can add CURL in later.

I have configured wolfSSL using:

$ ./configure --enable-all

I am able to connect to the "www.tvnow.de" host using the example client:

$ ./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i
peer's cert info:
 issuer : /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
 subject: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.tvnow.de
 altname = tvnow.de
 altname = *.tvnow.de
 serial number:1c:6b:0d:e8:9a:44:80:03:c3:a1:0e:03:bd:8e:6a:92 
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
SSL curve name is SECP256R1
Client Random : C70D72DD1A0B6FD211139FF47EF63367DB43A16D7A3AC3807CF5C8649B4B1021
SSL connect ok, sending GET...
HTTP/1.0 302 Found
Location: https://www.tvnow.de/index.html
Server: BigIP
C
onnection: close
Content-Length: 0

Also, I can specify the SSL version with the "-v <num>" option:

./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -v 2
./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -v 3

Only the values 2 and 3 for SSL version are successful with that host.

Does this match your results so far?

Thanks,
Eric Blankenhorn
wolfSSL Support

6 (edited by SamSam 2018-08-19 13:16:39)

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

@embhorn

Your question is strange because in the first post you can find these informations.

As you can see the problem is with commands:

./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -v d

and

./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -t

So, the problem is when wolfSSLv23_client_method_ex  is used or when method wolfSSL_CTX_UseSupportedCurve was called.
In such situation wwolfSSL does not send information about elliptic_curves extension and this is a problem.
I checked this using wireshark.

I already wrote this two times. So, your question is really strange. Did you read my posts?

Regards,
SamSam

Share

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hi @SamSam

This issue was due to a bug in the wolfSSL library. The code changes are available for you to review here:
https://github.com/wolfSSL/wolfssl/pull/1772

The two use cases are both passing now.

Please let us know when you have had an opportunity to test the changes.

Best regards,

Eric Blankenhorn
wolfSSL Support

8 (edited by SamSam 2018-08-27 13:48:04)

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hello @embhorn,

Thank you for the update and for the fix.

These is my test results:

mkdir /mnt/work/wolfsssl_test/
cd /mnt/work/wolfsssl_test/
git clone https://github.com/wolfSSL/wolfssl.git
mkdir rootfs
cd wolfssl/
./autogen.sh

export CC="gcc -Wno-error=overflow"
./configure --enable-all --prefix=/mnt/work/wolfsssl_test/rootfs
make
make install
# TEST 1 - with wolfSSL_CTX_UseSupportedCurve call
./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -t
# PASS

# TEST 2 - wolfSSLv23_client_method_ex
./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -v d
# PASS

cd ..
wget https://curl.haxx.se/download/curl-7.61.0.tar.gz
tar -xvf curl-7.61.0.tar.gz
cd curl-7.61.0
./configure --prefix=/mnt/work/wolfsssl_test/rootfs --without-ssl --with-wolfssl=/mnt/work/wolfsssl_test/rootfs
make
make install

export LD_LIBRARY_PATH=/mnt/work/wolfsssl_test/rootfs/lib
# TEST 3 curl
/mnt/work/wolfsssl_test/rootfs/bin/curl https://www.tvnow.de/
# PASS

Thank you very much. What is the expected date when official release will be deployed with this patch?

Best Regards,
SamSam

Share

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hi SamSam,

wolfSSL targets a release every 3 months. Our last release was on June 20th of 2018 so our next target date would be sometime around Sep 20th give or take. We do not have a hard release date at this time but it could be anytime between now and the beginning of October.

Do you have any timelines you are facing and if so can you share what your timelines are and what is driving the effort on your side?


Warm Regards,

Kaleb

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

Hello Kaleb,

No I don't have any timelines. I am using wolfSSL as a TLS backed for PyCurl (Python curl wrapper).
The project is OpenSource plugin for Set-Top-Boxes with Engima2 software.

Here is the link to the repository of this project:
https://gitlab.com/iptvplayer-for-e2/iptvplayer-for-e2

Thank you very much for all information and fix.

Best Regards,
SamSam

Share

Re: [SOLVED] wolfSSL 3.15.3, TLSv1.3 and ec_point_formats extensions

SamSam,

It was our pleasure! Thanks for sharing the project details, that is very exciting to see! Thank you also for using the wolfSSL forums to address your issue. If anything else comes up in the future please reach out to us anytime, you can use the public forums here or you can shoot us an email at support@wolfssl.com for quicker response times!

Cheers,

Kaleb