Topic: BUFFER_ERROR (-328) while establishing a TLS connection
Greetings,
I'm using WolfSSL in s an embedded project for both the TLS server and client sides to establish a TLS1.3 connection.
During the connection establishment the client side reports error -328 while parsing the server hello.
The error condition is in response to this if statement
if (OPAQUE16_LEN > length || length % OPAQUE16_LEN)
return BUFFER_ERROR;
in function TLSX_SupportedCurve_Parse in the file tls.c
I'm using cipher suite: TLS13-AES128-CCM-SHA256
Here is the client hello data:
16 03 03 00 9c 01 00 00 98 03 03 00 00 00 08 00
81 ef 58 00 00 00 01 00 80 bb 3c 00 16 09 9e 00
05 b8 ec 00 16 0b 42 00 00 00 00 00 00 06 13 01
13 04 13 05 01 00 00 69 00 33 00 47 00 45 00 17
00 41 04 6b 17 d1 f2 e1 2c 42 47 f8 bc e6 e5 63
a4 40 f2 77 03 7d 81 2d eb 33 a0 f4 a1 39 45 d8
98 c2 96 4f e3 42 e2 fe 1a 7f 9b 8e e7 eb 4a 7c
0f 9e 16 2b ce 33 57 6b 31 5e ce cb b6 40 68 37
bf 51 f5 00 2b 00 03 02 03 04 00 0d 00 06 00 04
04 03 04 01 00 0a 00 04 00 02 00 17 00 01 00 01
04
Here is the server hello data:
16 03 03 00 7b 02 00 00 77 03 03 75 a8 f8 8d 6f
79 63 b8 51 93 dd a3 dc 6b 48 8e 98 19 59 36 7d
04 04 3b 88 2c c6 1d f4 f5 aa 59 00 13 01 00 00
4f 00 33 00 45 00 17 00 41 04 19 7b 21 ce f6 4e
44 56 b5 36 3d 10 3a 28 f1 de 7c 2f 8b 27 f8 80
a7 60 cc ee 96 fb d5 79 9c ca ae 17 37 07 20 0b
cd 96 79 4e 77 43 3d a2 bb 25 2c 63 3e fa 8a 55
c3 2e 36 2c fe 0e b8 c9 f0 52 00 2b 00 02 03 04
17 03 03 00 1b e7 1b 91 a6 f2 4b 3e f2 fb c7 ab
e7 b6 1f 92 5f dc 58 32 4d f5 dd c6 7e 8c c4 a7
17 03 03 00 2a f6 a8 82 a8 d2 7b 5d 46 72 0e d4
17 ae 8b 36 60 f6 2e e4 85 f7 1f 5c dd 3f 18 6b
5b c9 09 4a a1 98 25 be 82 c9 ef 76 61 10 39 17
03 03 01 8e 72 b6 d4 7f 6f 14 75 63 a2 95 70 19
70 c2 85 47 39 45 66 b7 24 b4 ea 51 f8 f3 0f 89
0c bb 11 c2 be 38 db 1f c9 04 d0 f2 c6 4f dc d3
b1 91 bf 4a 37 56 8f 99 c9 10 4b 2c 17 6c 3e e5
df a2 bd 81 c8 e6 41 99 7b c1 1e b1 15 dc 49 7a
7d 9f b2 aa c9 18 e8 b3 b3 29 55 ce 0a 12 71 8c
5e 6d 2b 83 9e 85 fc 26 fb 3d 11 a7 8a 59 fc 93
c5 28 9a 43 48 29 d1 94 a7 8c e8 ab b0 7b 79 24
99 d8 c8 b5 90 57 b0 65 ff 40 5d 03 4f 5a 0d 14
6b 56 af 3a 6e d1 16 30 31 6e 11 68 85 d5 14 0d
ad 6b 3c 97 5f 84 02 a3 b8 73 67 e6 c0 75 89 c7
5e 6b b4 92 1f 51 4a 70 a2 6a 95 dd 0e f1 d3 02
2e 41 4b c4 b3 6d 11 61 a7 a7 9a 5c 9c e7 b9 12
68 80 cd 96 7d 63 1a b3 3e 15 71 39 aa bb 37 e0
6e 9a 36 7e 1d 04 6e f3 30 ca 94 6d 5c a8 f5 6b
84 f6 d4 e3 2b ed 9d be 86 93 da 67 ad 9e 9d 50
d8 1e bf 18 38 07 47 e2 95 ad 11 a0 92 03 bf 93
12 eb 51 22 d2 ca 1d ec af 71 16 07 da fc d9 ae
0f e7 30 c2 89 08 21
dd 70 03 70 38 f9 f8 d4 09 0c a8 78 4d 70 78 a6
30 b5 ae 47 ab c4 63 92 58 e1 92 d4 30 14 36 ed
c2 3d 3b cd f2 5e 64 5c 8a 8f 05 cd ab 0a 48 9f
2f ea 60 5b f2 f0 f4 54 ef 05 0f 43 f1 1c 5c 5b
30 30 c0 c1 a0 e5 83 5d 40 80 ff 56 eb a5 f1 c4
fb b8 87 ee b9 bc 3c cb b7 be 3e 74 67 e0 33 10
b6 01 6c 2f 3c cb ed 0b a6 28 ac 17 03 03 00 5f
2a 03 4d 8f d4 f0 a3 21 e4 2e 99 c6 f9 b6 d0 a5
d4 94 25 e1 9d 01 88 1c 5a 46 08 c3 35 1a 7a 59
4b f0 77 94 0f eb 4a 73 4d 5c 06 92 d0 59 fe ea
7a dc c0 c1 78 dc 90 15 c0 f2 a6 d6 06 b2 ba 44
59 8f bf 39 48 b0 8e 1f 1f ac d0 96 52 71 81 3f
2d 9f dc be 1a 23 e6 61 20 c3 c9 35 b6 55 71 17
03 03 00 35 f5 87 54 32 eb d8 ad c0 63 cb 7b 36
ef 49 b5 50 cf f1 8e 80 94 3f b9 aa 6e d3 23 03
46 9d 08 1d 35 5e 7f da 41 2f 6c dc 40 b0 d2 cf
9f 39 d5 0b d0 01 57 1b 27
Here are my user settings (I was unable to upload the file)
#ifndef _WIN_USER_SETTINGS_H_
#define _WIN_USER_SETTINGS_H_
/* Verify this is Windows */
#ifndef _WIN32
#error This user_settings.h header is only designed for Windows
#endif
#define tls_print_msg(x)
#define tls_print_error_code(x)
#define tls_print_msg_and_code(x, y)
#define WOLFSSL_MAX_SEND_SZ 2048
#define NO_SESSION_CACHE
//#define HAVE_MAX_FRAGMENT
//#define MAX_CHAIN_DEPTH 4 // maximum chain depth limited to 4 based on available memory space.
#undef SESSION_CERTS
#define SESSION_CERTS
#define NO_WOLFSSL_CLIENT
///// Feature settings
#undef WOLFSSL_TLS13
#define WOLFSSL_TLS13
#undef WOLFSSL_NO_TLS12
#define WOLFSSL_NO_TLS12
#undef NO_OLD_TLS
#define NO_OLD_TLS
#undef HAVE_TLS_EXTENSIONS
#define HAVE_TLS_EXTENSIONS
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
#undef HAVE_ECC
#define HAVE_ECC
#undef HAVE_SESSION_TICKET
#undef HAVE_HKDF
#define HAVE_HKDF
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_8192
#undef HAVE_X963_KDF
#define HAVE_X963_KDF
#undef HAVE_AEAD
#define HAVE_AEAD
#undef HAVE_CHACHA
// TODO: Remove the following
//#define HAVE_FFDHE_8192 // KJ: Not used on client side
//#define WOLFSSL_DH_CONST
//#define HAVE_FFDHE_2048
// #define HAVE_FFDHE_4096
// KJ: Uncomment this to see a printout of all Wolf data
// #define WOLFSSL_LOG_PRINTF
/* Change to "if 1" to enable debug */
#if 1
#define DEBUG_WOLFSSL
#define WOLFSSL_DEBUG_TLS
#endif
#undef NO_RSA
#define NO_RSA
#ifndef NO_RSA
#define WC_RSA_PSS
#define WC_RSA_BLINDING
#endif
#undef NO_DES3
#define NO_DES3
#undef NO_DSA
#define NO_DSA
#undef NO_MD4
#define NO_MD4
#undef NO_MD5
#define NO_MD5
#undef NO_SHA
//#define NO_SHA
#undef NO_RC4
#define NO_RC4
// TODO: Is this needed
#undef NO_DH
//#define NO_DH
#undef NO_PSK
#define NO_PSK
#undef NO_PWDBASED
#define NO_PWDBASED
#undef NO_ARC4
#define NO_ARC4
#undef USER_TICKS
//#define USER_TICKS
#undef BUILD_GCM
//#define BUILD_GCM
#undef HAVE_AESCCM
#define HAVE_AESCCM
#undef HAVE_AESGCM
// #define HAVE_AESGCM
#ifdef HAVE_AESGCM
#define GCM_TABLE_4BIT
#endif
#undef WOLFSSL_AES_COUNTER
#define WOLFSSL_AES_COUNTER
#undef WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_DIRECT
#undef HAVE_OCSP
//#define HAVE_OCSP
#ifdef HAVE_OCSP
#define HAVE_CERTIFICATE_STATUS_REQUEST
#endif
#undef WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_REQ
#undef WOLFSSL_ALT_NAMES
#define WOLFSSL_ALT_NAMES
#ifdef WOLFSSL_ALT_NAMES
#define WC_CTC_MAX_ALT_SIZE (256)
#define WOLFSSL_CERT_EXT
#define WOLFSSL_ASN_TEMPLATE
#define WOLFSSL_CUSTOM_OID
#define HAVE_OID_ENCODING
#define HAVE_OID_DECODING
#endif
#undef WOLFSSL_SESSION_STATS
#define WOLFSSL_SESSION_STATS
/////
///// System capability settings
#define WOLFSSL_USER_IO
/////
///// Hardening
//#define WC_NO_HARDEN // disable the warning to use harden options
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT // has a substantial performance impact, nullifies ECC HW acceleration
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT // only needed by USE_FAST_MATH, minimal impact
/////
///// Logging
//#define DEBUG_WOLFSSL
#ifdef DEBUG_WOLFSSL
//#define WOLFSSL_DEBUG
//#define WOLFSSL_DEBUG_TLS
#ifdef WOLFSSL_STATIC_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#define WOLFSSL_DEBUG_STATIC_MEMORY
#endif
//#define WOLFSSL_DEBUG_ERRORS_ONLY
#else
//#define NO_ERROR_STRINGS
#endif
/////
///// Math settings
#undef USE_FAST_MATH
//#define USE_FAST_MATH
// Do not include ECC optimizers if using SP Math for ECC
#undef TFM_ECC224
//#define TFM_ECC224
#undef TFM_ECC256
//#define TFM_ECC256
#undef TFM_ECC521
//#define TFM_ECC521
/////
// Note that the benchmark tests show best performance using TFM except for ECC math
//#define SP_WORD_SIZE 32
//#define WOLFSSL_SP_MATH_ALL
//#define WOLFSSL_SP_ASM
//#define WOLFSSL_SP_MATH // if desired, do not define to allow USE_FAST_MATH to work for DH
//#define WOLFSSL_HAVE_SP_ECC // much faster than USE_FAST_MATH
//#define WOLFSSL_HAVE_SP_DH // slower than USE_FAST_MATH in benchmarks
//#define WOLFSSL_SP_FAST_NCT_EXPTMOD
/////
////////////////////////KJ/////////////////////////
//#define WOLFSSL_ALLOW_SERVER_SC_EXT
#define WOLFSSL_VERBOSE_ERRORS
#define HAVE_SUPPORTED_CURVES
#define HAVE_TLS_EXTENSIONS
#define NO_ASN_TIME
// NOTE!!!!!!! KJ: These definitions are needed to include the function that can verify the signature on the TLS client cert.
// Namely: wc_CheckCertSigPubKey(...)
#define OPENSSL_EXTRA
#define NO_BIO
#define USE_WOLF_STRTOK
////////////////////////KJ/////////////////////////
#undef WOLFSSL_DER_LOAD
#define WOLFSSL_DER_LOAD
// #define WC_RSA_PSS
//#define WOLFSSL_DTLS
//#define WOLFSSL_DTLS13
//#define WOLFSSL_SEND_HRR_COOKIE
//#define WOLFSSL_DTLS_CID
/* Configurations */
#if defined(HAVE_FIPS)
/* FIPS */
#define OPENSSL_EXTRA
#define HAVE_THREAD_LS
#define WOLFSSL_KEY_GEN
#define HAVE_HASHDRBG
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define NO_PSK
#define NO_RC4
#define NO_DSA
#define NO_MD4
#define GCM_NONCE_MID_SZ 12
#else
/* Enables blinding mode, to prevent timing attacks */
// #define WC_RSA_BLINDING
#define NO_MULTIBYTE_PRINT
#if defined(WOLFSSL_LIB)
/* The lib */
#define OPENSSL_EXTRA
//#define WOLFSSL_RIPEMD
#define NO_PSK
//#define HAVE_EXTENDED_MASTER
#define WOLFSSL_SNIFFER
//#define HAVE_SECURE_RENEGOTIATION
//#define HAVE_AESGCM
//#define WOLFSSL_AESGCM_STREAM
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define HAVE_SUPPORTED_CURVES
#define HAVE_TLS_EXTENSIONS
#define HAVE_ECC
#define ECC_SHAMIR
#define ECC_TIMING_RESISTANT
//#define WOLFSSL_SP_X86_64
//#define SP_INT_BITS 4096
#else
/* The servers and clients */
#define OPENSSL_EXTRA
#define NO_PSK
#endif
#endif /* HAVE_FIPS */
#endif /* _WIN_USER_SETTINGS_H_ */
Since I'm using WolfSSL for the client and the server, I can't figure out why I'm getting the malformed buffer error.
Thanks in advance for your help.