Topic: Custom Extension

Hello everyone

For my Master thesis I am playing around with an implementation of Remote Attestation into TLS using wolfSSL.
I've created necessary functions and implemented reading and writing the extension data from/to in-/outcoming messages.

I am using a small playground to test this communication between a client and a server.
However, whatever I do, the extension data is somehow not being written into the ClientHello message correctly, whereas the total extension size counter gets increased.
This of course results in a decode error on the server side.

I added log statements and it seems that writing the extension data inside the switch branch of the new extension never gets executed, as if the extension wasn't there.
Maybe I miss something obvious? I'd be very glad if someone can look over my changes.
I already put weeks of try-and-error into it, following and debugging the code flow and it just doesn't make sense to me.

My (dummy implementation) changes can be found here: https://github.com/joeftiger/wolfssl/tree/RA
And my playground implementation is here: https://github.com/joeftiger/wolfssl-playground/tree/RA

I tried to keep this implementation example minimal by using only 1 byte as extension data.

Thank you very much for your help!

Share

Re: Custom Extension

Hi,

I've had a quick scan of your changes. nothing really jumps out as being wrong. Perhaps it would be a good idea to get wireshark to see and make sure you know the root cause.

Can you please let me know what wireshark shows you?

Warm regards, Anthony

Share

Re: Custom Extension

Hello Anthony

The decode error inside wolfSSL is a BUFFER_ERROR inside DoTls13SupportedVersions during the ClientHello check for extensions.

/* TLS 1.3 must have extensions */
if (i < helloSz) {
    if (i + OPAQUE16_LEN > helloSz)
        return BUFFER_ERROR;
    ato16(&input[i], &totalExtSz);
    i += OPAQUE16_LEN;
    if (totalExtSz != helloSz - i)    // failure here
        return BUFFER_ERROR;
...

I have appended a wireshark capture of a tried connection.
The extension length field is correct
The overall handshake length field is off by 5 zeroed bytes at the very end of the handshake which correspond exactly to my custom extension:
- 2 bytes extension type
- 2 bytes extension length
- 1 byte extension data

Thank you for trying to help me!

Share

Re: Custom Extension

Hi,

I don't see your attachment.

You're probably going to need to run a debugger such as gdb to see if you are actually writing the extension as you expected.

Warm regards, Anthony

Share

5 (edited by hasnoidea 2023-05-10 19:19:17)

Re: Custom Extension

Hello Anthony

I tried using the debugger and I don't see it being written to the extension data.
That's what I am confused about as I thought I'd have written enough code for that to happen.
Unless wolfSSL does smth. unexpected somewhere.

I readded the file, apparently I had to  press two buttons for the upload :-)

Post's attachments

failure.pcapng 1.6 kb, 2 downloads since 2023-05-11 

You don't have the permssions to download the attachments of this post.

Share

Re: Custom Extension

I see the 5 0 bytes at the end.  When you use the debugger, does your code that writes in the header, length and content get executed? If not, you need to figure out why.

Warm regards, Anthony

Share

Re: Custom Extension

After introducing more debug statements I found out that

TLSX_Write()

skips my extension because some semaphore is being held.
I have no idea why this semaphore is switched on, however. I didn't switch it on myself.
It comes from

TLSX_WriteRequest()

I really put hours into trying to fix this one single behaviour, because it's difficult to navigate the source code of wolfSSL without much documentation.

Share

Re: Custom Extension

Hi, Can you be more specific?  Which semaphore?

Warm regards, Anthony

Share