1 Reply by riker

(4 replies, posted in wolfSSH)

And I also found when key exchange init
WolfSSH v1.4.3 send key, first is ecdsa, then rsa, after handshaking, choose ecdsa.
But WolfSSH v1.4.17 packet, first key is rsa, then ecdsa (attach file), choose rsa and fail.

How to change priority?

Go to forum: wolfSSH

2 Reply by riker

(4 replies, posted in wolfSSH)

Hi David,
OS and CPU is FreeRTOS+Zynq.
Compiler option:
ifeq ($(USE_WOLFSSL), 1)
CFLAGS := $(CFLAGS) -D _WOLFSSL -D FREERTOS -D FREERTOS_TCP -D WC_NO_HARDEN -D NO_THREAD_LS -D HAVE_FIPS -D HAVE_FIPS_VERSION=2
CFLAGS := $(CFLAGS) -D HAVE_HASHDRBG -D WOLFSSL_SHA384 -D WOLFSSL_SHA512 -D WOLFSSL_KEY_GEN -D HAVE_ECC -D NO_RC4
CFLAGS := $(CFLAGS) -D WOLFSSH_SFTP -D WOLFSSH_KEYGEN -D WOLFSSH_USER_FILESYSTEM -D HAVE_DH -D DEBUG_WOLFSSH -D WOLFSSL_AES_COUNTER
CFLAGS := $(CFLAGS) -D WOLFSSH_NO_DH_GROUP1_SHA1 -D WOLFSSH_NO_AES_CBC -D WOLFSSH_NO_HMAC_SHA1_96 -D WOLFSSH_NO_HMAC_SHA1
#-DUSE_WOLF_TIMEVAL_T
endif

Debug log:
2024-09-30 07:00:22 SSH[DEBUG] Entering CtxResourceFree()
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_CTX_free()
2024-09-30 07:00:22 SSH[DEBUG] Entering HandshakeInfoFree()
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 1
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 16
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 1
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 16
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 1
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 16
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] Entering sshResourceFree()
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_free()
2024-09-30 07:00:22 SSH[DEBUG] connect error: CLIENT_KEXDH_INIT_SENT, -1018
2024-09-30 07:00:22 SSH[DEBUG] PR5: txCount = 352, rxCount = 2016
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: releasing dynamic buffer
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 1
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 904
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 904
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 904
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] PR4: Shrinking input buffer
2024-09-30 07:00:22 SSH[DEBUG] PR3: peerMacSz = 0
2024-09-30 07:00:22 SSH[DEBUG] Leaving DoKexDhReply(), ret = -1018
2024-09-30 07:00:22 SSH[DEBUG] DoKexDhReply: Signature Verify fail (-229)
2024-09-30 07:00:22 SSH[DEBUG] DKDR: public key accepted
2024-09-30 07:00:22 SSH[DEBUG] DKDR: Calling the public key check callback
2024-09-30 07:00:22 SSH[DEBUG] Entering DoKexDhReply()
2024-09-30 07:00:22 SSH[DEBUG] Decoding MSGID_KEXDH_REPLY
2024-09-30 07:00:22 SSH[DEBUG] DoPacket sequence number: 1
2024-09-30 07:00:22 SSH[DEBUG] VM: keyLen = 0
2024-09-30 07:00:22 SSH[DEBUG] VM: seq = 1
2024-09-30 07:00:22 SSH[DEBUG] VM: inSz = 904
2024-09-30 07:00:22 SSH[DEBUG] VerifyMac none
2024-09-30 07:00:22 SSH[DEBUG] Decrypt none
2024-09-30 07:00:22 SSH[DEBUG] Receive: recvd = 896
2024-09-30 07:00:22 SSH[INFO] GID: readjust size
2024-09-30 07:00:22 SSH[DEBUG] PR2: size = 904
2024-09-30 07:00:22 SSH[DEBUG] Decrypt none
2024-09-30 07:00:22 SSH[DEBUG] Receive: recvd = 8
2024-09-30 07:00:22 SSH[INFO] GID: readjust size
2024-09-30 07:00:22 SSH[DEBUG] PR1: size = 8
2024-09-30 07:00:22 SSH[DEBUG] connect state: CLIENT_KEXDH_INIT_SENT
2024-09-30 07:00:22 SSH[DEBUG] Leaving SendKexDhInit(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: releasing dynamic buffer
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 80
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 80
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 91
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: Shrinking output buffer
2024-09-30 07:00:22 SSH[DEBUG] Embed Send sent 80
2024-09-30 07:00:22 SSH[DEBUG] Embed Send trying to send 80
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_SendPacket()
2024-09-30 07:00:22 SSH[DEBUG] Encrypt none
2024-09-30 07:00:22 SSH[DEBUG] CreateMac none
2024-09-30 07:00:22 SSH[DEBUG] BP: paddingSz = 5
2024-09-30 07:00:22 SSH[DEBUG] Entering SendKexDhInit()
2024-09-30 07:00:22 SSH[DEBUG] connect state: SERVER_KEXINIT_DONE
2024-09-30 07:00:22 SSH[DEBUG] PR5: txCount = 272, rxCount = 1112
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: releasing dynamic buffer
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 1
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 1112
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 1112
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 1112
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] PR4: Shrinking input buffer
2024-09-30 07:00:22 SSH[DEBUG] PR3: peerMacSz = 0
2024-09-30 07:00:22 SSH[DEBUG] Leaving DoKexInit(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] DKI: For Future Use
2024-09-30 07:00:22 SSH[DEBUG]  packet follows: no
2024-09-30 07:00:22 SSH[DEBUG] DKI: KEX Packet Follows
2024-09-30 07:00:22 SSH[DEBUG] DKI: Languages - Server to Client
2024-09-30 07:00:22 SSH[DEBUG] DKI: Languages - Client to Server
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = none
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: Compression Algorithms - Server to Client
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = none
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: Compression Algorithms - Client to Server
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = hmac-sha2-256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: MAC Algorithms - Server to Client
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = hmac-sha2-256
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = hmac-sha2-256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: MAC Algorithms - Client to Server
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes256-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes192-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes128-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: Enc Algorithms - Server to Client
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes128-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes192-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes256-ctr
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes256-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes192-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = aes128-ctr
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: Enc Algorithms - Client to Server
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = ecdsa-sha2-nistp256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = rsa-sha2-256
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = ecdsa-sha2-nistp256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = rsa-sha2-256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: Server Host Key Algorithms
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = diffie-hellman-group-exchange-s
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = ecdh-sha2-nistp256
2024-09-30 07:00:22 SSH[DEBUG] Leaving GetNameList(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = ext-info-s
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = diffie-hellman-group14-sha256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = diffie-hellman-group-exchange-s
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = ecdh-sha2-nistp256
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] GNL: name ID = unknown
2024-09-30 07:00:22 SSH[DEBUG] Entering GetNameList()
2024-09-30 07:00:22 SSH[DEBUG] DKI: KEX Algorithms
2024-09-30 07:00:22 SSH[DEBUG] Entering DoKexInit()
2024-09-30 07:00:22 SSH[DEBUG] Decoding MSGID_KEXINIT
2024-09-30 07:00:22 SSH[DEBUG] DoPacket sequence number: 0
2024-09-30 07:00:22 SSH[DEBUG] VM: keyLen = 0
2024-09-30 07:00:22 SSH[DEBUG] VM: seq = 0
2024-09-30 07:00:22 SSH[DEBUG] VM: inSz = 1112
2024-09-30 07:00:22 SSH[DEBUG] VerifyMac none
2024-09-30 07:00:22 SSH[DEBUG] Decrypt none
2024-09-30 07:00:22 SSH[DEBUG] Receive: recvd = 1104
2024-09-30 07:00:22 SSH[INFO] GID: readjust size
2024-09-30 07:00:22 SSH[DEBUG] PR2: size = 1112
2024-09-30 07:00:22 SSH[DEBUG] Decrypt none
2024-09-30 07:00:22 SSH[DEBUG] Receive: recvd = 8
2024-09-30 07:00:22 SSH[INFO] GID: readjust size
2024-09-30 07:00:22 SSH[DEBUG] PR1: size = 8
2024-09-30 07:00:22 SSH[DEBUG] connect state: CLIENT_KEXINIT_SENT
2024-09-30 07:00:22 SSH[DEBUG] Leaving SendKexInit(), ret = 0
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: releasing dynamic buffer
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 272
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 272
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 280
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: Shrinking output buffer
2024-09-30 07:00:22 SSH[DEBUG] Embed Send sent 272
2024-09-30 07:00:22 SSH[DEBUG] Embed Send trying to send 272
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_SendPacket()
2024-09-30 07:00:22 SSH[DEBUG] Encrypt none
2024-09-30 07:00:22 SSH[DEBUG] CreateMac none
2024-09-30 07:00:22 SSH[DEBUG] BP: paddingSz = 8
2024-09-30 07:00:22 SSH[DEBUG] Entering SendKexInit()
2024-09-30 07:00:22 SSH[DEBUG] connect state: SERVER_VERSION_DONE
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: releasing dynamic buffer
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 21
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 21
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 255
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] Receive: recvd = 21
2024-09-30 07:00:22 SSH[DEBUG] connect state: CLIENT_VERSION_SENT
2024-09-30 07:00:22 SSH[DEBUG] Leaving ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: releasing dynamic buffer
2024-09-30 07:00:22 SSH[DEBUG] SB: usedSz = 0, forcedFree = 0
2024-09-30 07:00:22 SSH[DEBUG]   buf->length = 24
2024-09-30 07:00:22 SSH[DEBUG]   buf->idx = 24
2024-09-30 07:00:22 SSH[DEBUG]   buf->bufferSz = 24
2024-09-30 07:00:22 SSH[DEBUG] Entering ShrinkBuffer()
2024-09-30 07:00:22 SSH[DEBUG] SB: Shrinking output buffer
2024-09-30 07:00:22 SSH[DEBUG] Embed Send sent 24
2024-09-30 07:00:22 SSH[DEBUG] Embed Send trying to send 24
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_SendPacket()
2024-09-30 07:00:22 SSH[DEBUG] SSH-2.0-wolfSSHv1.4.17
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_connect()
2024-09-30 07:00:22 SSH[SFTP] Trying to do SSH connect first
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_set_fd()
2024-09-30 07:00:22 SSH[DEBUG] Leaving wolfSSH_new(), ssh = 0x5010900
2024-09-30 07:00:22 SSH[DEBUG] Entering HandshakeInfoNew()
2024-09-30 07:00:22 SSH[DEBUG] Entering SshInit()
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_new()
2024-09-30 07:00:22 SSH[DEBUG] Leaving wolfSSH_CTX_new(), ctx = 0x5010828
2024-09-30 07:00:22 SSH[DEBUG] Entering CtxInit()
2024-09-30 07:00:22 SSH[DEBUG] Entering wolfSSH_CTX_new()

Go to forum: wolfSSH

3 Topic by riker

(4 replies, posted in wolfSSH)

I am using WolfSSH (1.4.17) connect to MobaXterm (V24.2) SFTP server.
But authentication fail!
Old WolfSSH (1.4.3) is ok.

Then check WolfSSH debug log, shows:
>> DoKexDhReply: Signature Verify fail (-229)
>> Leaving DoKeyDhRelay(), ret = -1018

Check the error code -1018, is WS_RSA_E,
RSA signature fail, but why?

Go to forum: wolfSSH