Hi everyone,

This is a question regarding SSL in general:

We plan to enable HTTPS for our embedded devices web interface.

A1. The device usually operates in a (somehow) closed local network (at least that is what we advise our customers to do).
A2. One customer may also operate multiple of those devices in that network.
A3. The devices "local" domain ("xxxxx.local") and its IP address is configurable and hence not static for one given device.

A3) requires the devices server certificate to be generated with every startup of the device (to take a changed domain and/or IP into account). The devices private key is also generated on startup.

Since we do not want our customers to get a "insecure connection" warning every time he connects to the device and the certificate will change on every device startup we have to sign the servers certificate with a trusted Root CA (which would be a self singed CA created by us).

All devices shall use the same Root CA. Otherwise the customer would have to import the Root CA for every single device (and not just one for ALL devices). That would mean we have to store the "Root CA"s private key on the device (to be able to sign the server certificate).

And that is what I don't have a good feeling about!

Do you have any idea how to handle that problem?!

One idea would be: we'll have an "Intermediate CA" which will be unique for every device and will be created and signed by our "global" Root CA on production. So, the only private key we have to store on the device would be the unique key for the "Intermediate CA" (which will then be used to sign the actual server certificate).

Would that be sufficient (i.e. asap - as secure as possible) for the given scenario?

I'm sorry if the above description is somehow "muddled".

Thanks and greetings,
tdoering

2

(6 replies, posted in wolfSSL)

Hi Kaleb,

we found a solution for the issue. We enabled the following cipher suites on wolfSSL built:

    
    #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
    #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
    #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA384
    #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256

With those enabled the IE11 connection works.

Thanks and Greetings,
tdoering

3

(6 replies, posted in wolfSSL)

Hi Kaleb,

one (probably important) side note: Our IE11 is running on Windows 7. I tried to investigate the issue and found this.

It seems there is a Bug in the TLS1.2 implementation on Windows 7 which might cause the issue. We are now building wolfSSL without DH (define NO_DH) and try to verify that.

Greetings,
tdoering

4

(6 replies, posted in wolfSSL)

Hi Kaleb,

Any news on this?

Thanks and Greetings,
tdoering

5

(6 replies, posted in wolfSSL)

Hi Kaleb,

thank you.

One word about wolfSSL in general:
I was very pleased to see how straightforward the integration of wolfSSL was and is. I dealt with a lot of external libraries and wolfSSL is IMHO most easy to integrate so far.

Greetings,
tdoering

6

(6 replies, posted in wolfSSL)

Hi everyone,

we successfully integrated wolfSSL (3.11.0) server functionality into our embedded device. Our webserver is working fine with web clients like Firefox or Chrome.

However, Microsofts IE11/Edge is showing an error page stating that we should turn on TLS 1.x.

Well, the server is running with wolfSSLv23_server_method() which uses TLS per default. In IE11 settings TLS1.x is enabled and SSH disabled.

Our build settings are:

    #define NO_WRITEV
    #define NO_WOLFSSL_DIR
    #define USE_FAST_MATH
    #define TFM_TIMING_RESISTANT
    #define NO_DEV_RANDOM
    #define USE_CERT_BUFFERS_2048
    #define NO_ERROR_STRINGS
    #define TIME_OVERRIDES
    #define HAVE_ECC
    #define HAVE_ALPN
    #define HAVE_TLS_EXTENSIONS
    #define HAVE_AESGCM
    #define HAVE_SUPPORTED_CURVES
    #define ALT_ECC_SIZE
    #define WOFLSSL_STATIC_RSA
    #define NO_RC4
    #define WOLFSSL_DTLS

    #define WOLFSSL_CERT_GEN
    #define WOLFSSL_ALT_NAMES
    #define WOLFSSL_CERT_EXT
    #define WOLFSSL_CERT_REQ
    #define DEBUG_WOLFSSL

The debug output when connecting with IE11/Edge is as follows:

wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
Handshake not complete, trying to finish
wolfSSL Entering wolfSSL_negotiate
wolfSSL Entering SSL_accept()
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing client hello
Matched No Compression
SNI extension received
Certificate Status Request extension received
Elliptic Curves extension received
Secure Renegotiation extension received
wolfSSL Entering MatchSuite
wolfSSL Entering VerifyServerSuite
Requires RSA
Verified suite validity
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
accept state ACCEPT_CLIENT_HELLO_DONE
accept state ACCEPT_FIRST_REPLY_DONE
growing output buffer

Shrinking output buffer

accept state SERVER_HELLO_SENT
growing output buffer

Shrinking output buffer

accept state CERT_SENT
wolfSSL Entering SendCertificateStatus
accept state CERT_STATUS_SENT
wolfSSL Entering SendServerKeyExchange
Using ephemeral ECDH
wolfSSL Entering EccMakeKey
wolfSSL Leaving EccMakeKey, return 0
growing output buffer

wolfSSL Entering RsaSign
wolfSSL Leaving RsaSign, return 0
wolfSSL Entering VerifyRsaSign
wolfSSL Leaving VerifyRsaSign, return 0
Shrinking output buffer

wolfSSL Leaving SendServerKeyExchange, return 0
accept state KEY_EXCHANGE_SENT
accept state CERT_REQ_SENT
growing output buffer

Shrinking output buffer

accept state SERVER_HELLO_DONE
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing client key exchange
wolfSSL Entering DoClientKeyExchange
wolfSSL Entering EccSharedSecret
wolfSSL Leaving EccSharedSecret, return 0
wolfSSL Leaving DoClientKeyExchange, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
received record layer msg
got CHANGE CIPHER SPEC
PadCheck failed
VerifyMac failed
wolfSSL error occurred, error = -305
wolfSSL error occurred, error = -312
wolfSSL Leaving wolfSSL_negotiate, return -1
wolfSSL Leaving wolfSSL_read_internal(), return -1
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
Handshake not complete, trying to finish
wolfSSL Entering wolfSSL_negotiate
wolfSSL Entering SSL_accept()
Client attempting to connect with different version
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing client hello
    downgrading to TLSv1
Matched No Compression
SNI extension received
Certificate Status Request extension received
Elliptic Curves extension received
Secure Renegotiation extension received
wolfSSL Entering MatchSuite
wolfSSL Entering VerifyServerSuite
Requires RSA
Verified suite validity
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
accept state ACCEPT_CLIENT_HELLO_DONE
accept state ACCEPT_FIRST_REPLY_DONE
growing output buffer

Shrinking output buffer

accept state SERVER_HELLO_SENT
growing output buffer

Shrinking output buffer

accept state CERT_SENT
wolfSSL Entering SendCertificateStatus
accept state CERT_STATUS_SENT
wolfSSL Entering SendServerKeyExchange
Using ephemeral ECDH
wolfSSL Entering EccMakeKey
wolfSSL Leaving EccMakeKey, return 0
growing output buffer

wolfSSL Entering RsaSign
wolfSSL Leaving RsaSign, return 0
wolfSSL Entering VerifyRsaSign
wolfSSL Leaving VerifyRsaSign, return 0
Shrinking output buffer

wolfSSL Leaving SendServerKeyExchange, return 0
accept state KEY_EXCHANGE_SENT
accept state CERT_REQ_SENT
growing output buffer

Shrinking output buffer

accept state SERVER_HELLO_DONE
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing client key exchange
wolfSSL Entering DoClientKeyExchange
wolfSSL Entering EccSharedSecret
wolfSSL Leaving EccSharedSecret, return 0
wolfSSL Leaving DoClientKeyExchange, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
received record layer msg
got CHANGE CIPHER SPEC
PadCheck failed
VerifyMac failed
wolfSSL error occurred, error = -305
wolfSSL error occurred, error = -312
wolfSSL Leaving wolfSSL_negotiate, return -1
wolfSSL Leaving wolfSSL_read_internal(), return -1
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
Handshake not complete, trying to finish
wolfSSL Entering wolfSSL_negotiate
wolfSSL Entering SSL_accept()
Embed receive connection closed
wolfSSL error occurred, error = -308
wolfSSL Leaving wolfSSL_negotiate, return -1
wolfSSL Leaving wolfSSL_read_internal(), return -1
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
wolfSSL Leaving SSL_free, return 0

Here it seems the PadCheck fails. Any ideas how to resolve this?

Thanks and greetings,
tdoering