Topic: Moving from TLS1.2 to TLS1.3 on PIC32

Hi,

Our PIC32MZ runs perfectly with wolfMQTT and TLS1.2.

The server is an OPENSSL server that a TLS1.3 support was added to it lately.

Our company wants to move on to TLS1.3.

To do so, i did the following:

1. uncommented:
#define WOLFSSL_TLS13
in user_settings.h file

2. added the following define's to user_settings.h file (otherwise project would not build):

#define WC_RSA_PSS    //gil - added to support TLSv13
#define HAVE_HKDF

3. In the in the TLS certificate and callback verify function:
changed the call from wolfTLSv1_2_client_method() (in wolfSSL_CTX_new) to wolfTLSv1_3_client_method()

Then i have a printout of the logfile:

wolfSSL Entering wolfCrypt_Init
wolfSSL Entering WOLFSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_verify
wolfSSL Entering wolfSSL_CTX_load_verify_buffer
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
    Parsed new CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
wolfSSL Leaving AddCA, return 0
   Processed a CA
Processed at least one valid CA. Other stuff OK
wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
wolfSSL Entering PemToDer
Checking cert signature type
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Not ECDSA cert signature
wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
wolfSSL Entering PemToDer
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering wolfSSL_dtls_set_using_nonblock
wolfSSL_dtls_set_using_nonblock() is DEPRECATED for non-DTLS use.
wolfSSL Entering SSL_connect()
wolfSSL Entering SendTls13ClientHello
Adding signature algorithms extension
Adding supported versions extension
growing output buffer

Key Share extension to write
Supported Versions extension to write
Signature Algorithms extension to write
Supported Groups extension to write
Shrinking output buffer

wolfSSL Leaving SendTls13ClientHello, return 0
connect state: CLIENT_HELLO_SENT
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
growing input buffer

received record layer msg
wolfSSL Entering DoTls13HandShakeMsg()
wolfSSL Entering DoTls13HandShakeMsgType
processing server hello
wolfSSL Entering DoTls13ServerHello
growing output buffer

Shrinking output buffer

wolfSSL Leaving DoTls13HandShakeMsgType(), return -32

Can you please help me understand why error -323 occurs, and what could possibly cause that?

Regards,

Gil

Share

Re: Moving from TLS1.2 to TLS1.3 on PIC32

Gil,

-323 is just a WANT_READ error, meaning the library tried to read information from the transport layer but either nothing was there yet or only a partial message had arrived and the -323 error tells our internal state machine that it needs to try and read again later.

Possible causes are network congestion, packets being dropped at end-points between your client and the destination, etc.


Warm Regards,

K

Re: Moving from TLS1.2 to TLS1.3 on PIC32

Hi Kaleb,

So now i am trying to verify why this is happening.

I uncommented #define WOLFMQTT_DEBUG_SOCKET and got the following messege:
MqttSocket_TlsConnect Error -1: Num -328

This error means:
BUFFER_ERROR                 = -328,   /* malformed buffer input   */

so i searched to forum and i have found a case that have a simillar phenomena:
https://www.wolfssl.com/forums/topic113 … u1404.html

Well, we are not using ECDH, but still, as you wrote in this ticket:
"If you use a DHE_RSA cipher suite rather than sending back a "Server Hello Done" message at the end of the handshake, that endpoint responds with this plaintext message.

use only10UVeriSign Trust NetworkN0L10    UFR10U
    KEYNECTIS1
0UROOT10UKEYNECTIS ROOT CA

So wolfSSL, which is looking for a TLS packet that is encoded as the SERVER HELLO DONE message, thinks it is a malformed message"

Is there anything i can do to verify this is the case?

Regards,
Gil

Share

Re: Moving from TLS1.2 to TLS1.3 on PIC32

Gilo,

Before making that logical leap I would need to see a wireshark trace to review the packets coming back from the server. That was a very odd edge case that we were never able to figure out what that plain text message use was for nor why it was sent when only DHE cipher suites were used, we had never seen anything like it before or since and it was a custom proprietary server so I suspect they had some custom setup going on.

In fact in your case I would tend to lean tword a more recent case we had come through our Zendesk domain involving TLS 1.3 in wolfSSL trying to talk to Filezilla TLS 1.3 which actually turned out to be TLS 1.3 - draft 18 in Filezilla. wolfSSL kept appace with the TLS 1.3 as it progressed and we implemented:

draft-18, draft-22, draft-23, draft-26, draft-28 and finally the final draft: RFC-8446.

Draft 18 was the most common one implemented by us, google, openssl, and several other vendors at the time and then drafts 19 - RFC-8446 came in fairly rapid succession and most other vendors didn't implement them or did only one or two others.

When using RFC-8446 TLS 1.3 to talk to draft-18 TLS 1.3 we have seen the error you're reporting because the handshake progressed differently between the two drafts. Can you check if the TLS 1.3 implementation in your version of openssl is the final draft (RFC-8446) or if it is one of the other draft versions?

Warm Regards,

K

Re: Moving from TLS1.2 to TLS1.3 on PIC32

Hi Kaleb,

Thanks for your great assistance, i will be out of the office this week, so i will get back to you next week with the following info:

1. I will check which draft is it!
2. I will have a wireshark trace!

Regards,

Fonea Gil

Share