Skip to main content
M
Miyuki
Visitor II
September 16, 2024
Question

ThreadX issue with TLS client when running v1.3

  • September 16, 2024
  • 1 reply
  • 2294 views

Hello, 

I encounter a problem with creating a TLS client connection with a client certificate and private key. 
The server side is Ubuntu based with OpenSSL 3.0.13 30 Jan 2024.
Server certificate validation works without any problems. 
But a weird issue happens when I want to add a client-side certificate with a private key. 
OpenSSL ends with a weird error: [ERROR] header too long
Running on STM32H5 - ThreadX Version 6.2.0

The server has the following options:

mode = 'server',
protocol = 'tlsv1_3',
key = options.ssl..'/server.priv',
certificate = options.ssl..'/server.crt',
cafile = options.ssl..'/client.crt',
verify = { 'peer', 'fail_if_no_peer_cert' },
options = { 'all', 'no_sslv2', 'no_sslv3', 'no_tlsv1', 'no_tlsv1_1' }
 
When I switch the server side to tlsv1_2 everything works as expected 
When I disable  'peer', 'fail_if_no_peer_cert' and keep 'tlsv1_3' it also works 
But with both options, it just does not work. 
The connection from the client using OpenSSL works as expected in all modes, so the problem is only with ThreadX against OpenSSL in 1.3 mode.

Used certificates are using:
Signature Algorithm: ecdsa-with-SHA256
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
ASN1 OID: prime256v1
NIST CURVE: P-256

and key:
EC key
Private-Key: (256 bit)
ASN1 OID: prime256v1
NIST CURVE: P-256


    This topic has been closed for replies.

    1 reply

    M
    MiyukiAuthor
    Visitor II
    September 19, 2024

    Here are verbose logs from the OpenSSL side
    To me, it seems like it really receives gibberish data

    Under TLS1.2 everything works as expected
    ```
    $ openssl s_server -key server-new.priv -cert server-new.crt -CAfile client-new.crt -verify 2 -trace -no_tls1_3 -accept 9000
    verify depth is 2
    Using default temp DH parameters
    ACCEPT
    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 187
    ClientHello, Length=183
    client_version=0x303 (TLS 1.2)
    Random:
    gmt_unix_time=0x66E92455
    random_bytes (len=28): 8995D56F9D5831697EE0C51777BB0A0BC616AF512F13EE1D26773A3B
    session_id (len=0):
    cipher_suites (len=20)
    {0x13, 0x01} TLS_AES_128_GCM_SHA256
    {0x13, 0x04} TLS_AES_128_CCM_SHA256
    {0x13, 0x05} TLS_AES_128_CCM_8_SHA256
    {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
    {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
    {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
    compression_methods (len=1)
    No Compression (0x00)
    extensions, length = 122
    extension_type=supported_groups(10), length=8
    secp256r1 (P-256) (23)
    secp384r1 (P-384) (24)
    secp521r1 (P-521) (25)
    extension_type=ec_point_formats(11), length=2
    uncompressed (0)
    extension_type=supported_versions(43), length=5
    TLS 1.3 (772)
    TLS 1.2 (771)
    extension_type=key_share(51), length=71
    NamedGroup: secp256r1 (P-256) (23)
    key_exchange: (len=65): 04A6342F2B5920ED167B1EAF11849DA511735FA70797FFA46EDE7EB30F8900AF601D930E5F9C199EFE8624B4A430D13628243BD12F6B21FC539B476D1A2A9C5A40
    extension_type=signature_algorithms(13), length=16
    ecdsa_secp256r1_sha256 (0x0403)
    ecdsa_secp384r1_sha384 (0x0503)
    ecdsa_secp521r1_sha512 (0x0603)
    rsa_pkcs1_sha256 (0x0401)
    rsa_pkcs1_sha384 (0x0501)
    rsa_pkcs1_sha512 (0x0601)
    ecdsa_sha224 (0x0303)

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 84
    ServerHello, Length=80
    server_version=0x303 (TLS 1.2)
    Random:
    gmt_unix_time=0x4AB3C6A2
    random_bytes (len=28): AC10B882233B01BE6EE847A1E0034BF06E6D71B39722764E787C450E
    session_id (len=32): 5EB07BEFF8E19739A29720897B71349CFDD4799C9DB947ABE8C800AA3F5B1389
    cipher_suite {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    compression_method: No Compression (0x00)
    extensions, length = 8
    extension_type=ec_point_formats(11), length=4
    uncompressed (0)
    ansiX962_compressed_prime (1)
    ansiX962_compressed_char2 (2)

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 661
    Certificate, Length=657
    certificate_list, length=654
    ASN.1Cert, length=651
    ------details-----
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    79:9a:0e:08:dc:14:22:09:63:a0:bb:05:d3:a6:1e:7d:d7:60:28:85
    Signature Algorithm: ecdsa-with-SHA256
    Issuer: CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Validity
    Not Before: Sep 16 17:47:23 2024 GMT
    Not After : Sep 14 17:47:23 2034 GMT
    Subject: CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Subject Public Key Info:
    Public Key Algorithm: id-ecPublicKey
    Public-Key: (256 bit)
    pub:
    04:ba:0c:6f:92:93:7f:da:61:e7:ee:fa:85:38:32:
    06:19:df:d2:10:11:df:fc:40:16:00:c1:75:c9:9d:
    14:3b:45:b9:f3:3c:ad:6d:5d:37:43:f4:29:21:47:
    a9:35:87:79:e1:15:b8:19:61:62:d2:13:9b:68:2f:
    d8:9b:2d:92:ed
    ASN1 OID: prime256v1
    NIST CURVE: P-256
    X509v3 extensions:
    X509v3 Subject Key Identifier:
    F2:B9:F0:2A:2F:CB:38:45:E8:C1:3C:D9:CC:D4:E4:57:42:DD:D7:4E
    X509v3 Authority Key Identifier:
    F2:B9:F0:2A:2F:CB:38:45:E8:C1:3C:D9:CC:D4:E4:57:42:DD:D7:4E
    X509v3 Basic Constraints: critical
    CA:TRUE
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
    30:45:02:20:38:99:18:e5:31:b0:a2:98:e9:c1:01:3e:94:68:
    25:5f:4d:96:a5:13:9f:eb:4a:2e:39:73:94:73:64:d8:00:4b:
    02:21:00:bc:9a:69:16:bc:d8:f8:1d:4c:00:70:87:2a:e1:e5:
    d5:31:58:3a:98:9d:5e:24:00:ee:78:1b:c9:06:88:c0:f2
    -----BEGIN CERTIFICATE-----
    MIIChzCCAi2gAwIBAgIUeZoOCNwUIgljoLsF06YefddgKIUwCgYIKoZIzj0EAwIw
    gZgxDzANBgNVBAMMBi5sb2NhbDEqMCgGA1UECgwhU2NobmVpZGVyIEVsZWN0cmlj
    IEluZHVzdHJpZXMgU0FTMRowGAYDVQQLDBFHbG9iYWwgT3BlcmF0aW9uczEYMBYG
    A1UEBwwPUnVlaWwgTWFsbWFpc29uMRYwFAYDVQQIDA1JbGUtZGUtRnJhbmNlMQsw
    CQYDVQQGEwJGUjAeFw0yNDA5MTYxNzQ3MjNaFw0zNDA5MTQxNzQ3MjNaMIGYMQ8w
    DQYDVQQDDAYubG9jYWwxKjAoBgNVBAoMIVNjaG5laWRlciBFbGVjdHJpYyBJbmR1
    c3RyaWVzIFNBUzEaMBgGA1UECwwRR2xvYmFsIE9wZXJhdGlvbnMxGDAWBgNVBAcM
    D1J1ZWlsIE1hbG1haXNvbjEWMBQGA1UECAwNSWxlLWRlLUZyYW5jZTELMAkGA1UE
    BhMCRlIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS6DG+Sk3/aYefu+oU4MgYZ
    39IQEd/8QBYAwXXJnRQ7RbnzPK1tXTdD9CkhR6k1h3nhFbgZYWLSE5toL9ibLZLt
    o1MwUTAdBgNVHQ4EFgQU8rnwKi/LOEXowTzZzNTkV0Ld104wHwYDVR0jBBgwFoAU
    8rnwKi/LOEXowTzZzNTkV0Ld104wDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQD
    AgNIADBFAiA4mRjlMbCimOnBAT6UaCVfTZalE5/rSi45c5RzZNgASwIhALyaaRa8
    2PgdTABwhyrh5dUxWDqYnV4kAO54G8kGiMDy
    -----END CERTIFICATE-----
    ------------------

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 148
    ServerKeyExchange, Length=144
    KeyExchangeAlgorithm=ECDHE
    named_curve: secp256r1 (P-256) (23)
    point (len=65): 044D2C1189B8DB8C621EDB2336CF307843E7EB04B664277D2F3F65A195B0D24FF5DD8F501E0AE62F11691E0B02491D215D5847CAF73A4B450669203FB0399A0BE0
    Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
    Signature (len=71): 3045022069F1015C0450D9616D804D1A2AD11DB0274CABEADF5C357868ABABA543D3035202210096EC6318BD70128FAC63C13FD4C057FB36A16C46B42D8023E0E41D89D3E609AD

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 209
    CertificateRequest, Length=205
    certificate_types (len=3)
    rsa_sign (1)
    dss_sign (2)
    ecdsa_sign (64)
    signature_algorithms (len=40)
    ecdsa_secp256r1_sha256 (0x0403)
    ecdsa_secp384r1_sha384 (0x0503)
    ecdsa_secp521r1_sha512 (0x0603)
    ed25519 (0x0807)
    ed448 (0x0808)
    rsa_pss_pss_sha256 (0x0809)
    rsa_pss_pss_sha384 (0x080a)
    rsa_pss_pss_sha512 (0x080b)
    rsa_pss_rsae_sha256 (0x0804)
    rsa_pss_rsae_sha384 (0x0805)
    rsa_pss_rsae_sha512 (0x0806)
    rsa_pkcs1_sha256 (0x0401)
    rsa_pkcs1_sha384 (0x0501)
    rsa_pkcs1_sha512 (0x0601)
    ecdsa_sha224 (0x0303)
    rsa_pkcs1_sha224 (0x0301)
    dsa_sha224 (0x0302)
    dsa_sha256 (0x0402)
    dsa_sha384 (0x0502)
    dsa_sha512 (0x0602)
    certificate_authorities (len=157)
    DistinguishedName (len=155): CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 4
    ServerHelloDone, Length=0

    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 660
    Certificate, Length=656
    certificate_list, length=653
    ASN.1Cert, length=650
    ------details-----
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    4a:dc:5d:19:07:ba:f6:7a:c0:a0:5f:b1:da:69:e1:08:4e:8e:c6:ec
    Signature Algorithm: ecdsa-with-SHA256
    Issuer: CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Validity
    Not Before: Sep 16 17:47:13 2024 GMT
    Not After : Sep 14 17:47:13 2034 GMT
    Subject: CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Subject Public Key Info:
    Public Key Algorithm: id-ecPublicKey
    Public-Key: (256 bit)
    pub:
    04:c6:b4:a6:a1:7a:7e:df:80:4f:55:83:ee:b6:4c:
    e4:af:71:a9:02:66:6a:f9:de:89:84:a1:e3:90:04:
    f8:7e:21:a7:48:42:59:5c:4d:3f:66:e6:e4:c6:33:
    82:e5:0d:45:29:28:38:eb:48:23:a9:c3:c2:56:4a:
    be:6e:7f:6b:d8
    ASN1 OID: prime256v1
    NIST CURVE: P-256
    X509v3 extensions:
    X509v3 Subject Key Identifier:
    AC:5E:2E:B5:E9:BC:71:42:F3:0A:BE:BE:E1:D6:2E:69:7B:75:A3:10
    X509v3 Authority Key Identifier:
    AC:5E:2E:B5:E9:BC:71:42:F3:0A:BE:BE:E1:D6:2E:69:7B:75:A3:10
    X509v3 Basic Constraints: critical
    CA:TRUE
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
    30:44:02:20:5c:43:d5:a9:e3:b1:77:b9:82:e7:f2:ff:b6:3a:
    40:c2:66:70:51:e7:35:2f:48:2c:19:74:2c:e1:f5:5f:24:09:
    02:20:15:71:a9:21:4d:9c:3b:fb:57:90:65:97:63:0c:f8:4e:
    53:e3:82:af:2c:d1:b1:17:0d:29:f0:c3:29:b0:8c:6c
    -----BEGIN CERTIFICATE-----
    MIIChjCCAi2gAwIBAgIUStxdGQe69nrAoF+x2mnhCE6OxuwwCgYIKoZIzj0EAwIw
    gZgxDzANBgNVBAMMBi5sb2NhbDEqMCgGA1UECgwhU2NobmVpZGVyIEVsZWN0cmlj
    IEluZHVzdHJpZXMgU0FTMRowGAYDVQQLDBFHbG9iYWwgT3BlcmF0aW9uczEYMBYG
    A1UEBwwPUnVlaWwgTWFsbWFpc29uMRYwFAYDVQQIDA1JbGUtZGUtRnJhbmNlMQsw
    CQYDVQQGEwJGUjAeFw0yNDA5MTYxNzQ3MTNaFw0zNDA5MTQxNzQ3MTNaMIGYMQ8w
    DQYDVQQDDAYubG9jYWwxKjAoBgNVBAoMIVNjaG5laWRlciBFbGVjdHJpYyBJbmR1
    c3RyaWVzIFNBUzEaMBgGA1UECwwRR2xvYmFsIE9wZXJhdGlvbnMxGDAWBgNVBAcM
    D1J1ZWlsIE1hbG1haXNvbjEWMBQGA1UECAwNSWxlLWRlLUZyYW5jZTELMAkGA1UE
    BhMCRlIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGtKahen7fgE9Vg+62TOSv
    cakCZmr53omEoeOQBPh+IadIQllcTT9m5uTGM4LlDUUpKDjrSCOpw8JWSr5uf2vY
    o1MwUTAdBgNVHQ4EFgQUrF4utem8cULzCr6+4dYuaXt1oxAwHwYDVR0jBBgwFoAU
    rF4utem8cULzCr6+4dYuaXt1oxAwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQD
    AgNHADBEAiBcQ9Wp47F3uYLn8v+2OkDCZnBR5zUvSCwZdCzh9V8kCQIgFXGpIU2c
    O/tXkGWXYwz4TlPjgq8s0bEXDSnwwymwjGw=
    -----END CERTIFICATE-----
    ------------------

    depth=0 CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    verify return:1
    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 70
    ClientKeyExchange, Length=66
    KeyExchangeAlgorithm=ECDHE
    ecdh_Yc (len=65): 042B1D935F0D94EF7C0A4DE9265F068088E89311FD7C5D314157A45D7204AE97A5F0FD565D7CEF923CD0759A8C34434000D1461F0BEDD320B4DBB00D6D2F321E5A

    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 78
    CertificateVerify, Length=74
    Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
    Signature (len=70): 3044022073342DB77C9641EDC92CE6C6FCC913FC3AC66D89FAC0753A6243BF8EE225078D022016F978D5DB84F1D64CC19179B30644B5AB62618D8190263CB6FDFBEAB8B8FC42

    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ChangeCipherSpec (20)
    Length = 1
    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 40
    Finished, Length=12
    verify_data (len=12): 5763D6B3D8E57BAC9C666F09

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ChangeCipherSpec (20)
    Length = 1
    change_cipher_spec (1)

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 40
    Finished, Length=12
    verify_data (len=12): 3DD77479769A18A1AC41D85E

    -----BEGIN SSL SESSION PARAMETERS-----
    MIIDCAIBAQICAwMEAsArBCBesHvv+OGXOaKXIIl7cTSc/dR5nJ25R6voyACqP1sT
    iQQwMtabpzNc/0di/FHmTHAL8/IrHF0VUO3IFm0GlHlpVy3MQw3ne7TTDW+/PvsO
    Q5CSoQYCBGbqoymiBAICHCCjggKKMIIChjCCAi2gAwIBAgIUStxdGQe69nrAoF+x
    2mnhCE6OxuwwCgYIKoZIzj0EAwIwgZgxDzANBgNVBAMMBi5sb2NhbDEqMCgGA1UE
    CgwhU2NobmVpZGVyIEVsZWN0cmljIEluZHVzdHJpZXMgU0FTMRowGAYDVQQLDBFH
    bG9iYWwgT3BlcmF0aW9uczEYMBYGA1UEBwwPUnVlaWwgTWFsbWFpc29uMRYwFAYD
    VQQIDA1JbGUtZGUtRnJhbmNlMQswCQYDVQQGEwJGUjAeFw0yNDA5MTYxNzQ3MTNa
    Fw0zNDA5MTQxNzQ3MTNaMIGYMQ8wDQYDVQQDDAYubG9jYWwxKjAoBgNVBAoMIVNj
    aG5laWRlciBFbGVjdHJpYyBJbmR1c3RyaWVzIFNBUzEaMBgGA1UECwwRR2xvYmFs
    IE9wZXJhdGlvbnMxGDAWBgNVBAcMD1J1ZWlsIE1hbG1haXNvbjEWMBQGA1UECAwN
    SWxlLWRlLUZyYW5jZTELMAkGA1UEBhMCRlIwWTATBgcqhkjOPQIBBggqhkjOPQMB
    BwNCAATGtKahen7fgE9Vg+62TOSvcakCZmr53omEoeOQBPh+IadIQllcTT9m5uTG
    M4LlDUUpKDjrSCOpw8JWSr5uf2vYo1MwUTAdBgNVHQ4EFgQUrF4utem8cULzCr6+
    4dYuaXt1oxAwHwYDVR0jBBgwFoAUrF4utem8cULzCr6+4dYuaXt1oxAwDwYDVR0T
    AQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBcQ9Wp47F3uYLn8v+2OkDCZnBR
    5zUvSCwZdCzh9V8kCQIgFXGpIU2cO/tXkGWXYwz4TlPjgq8s0bEXDSnwwymwjGyk
    BgQEAQAAALMDAgEX
    -----END SSL SESSION PARAMETERS-----
    Client certificate
    -----BEGIN CERTIFICATE-----
    MIIChjCCAi2gAwIBAgIUStxdGQe69nrAoF+x2mnhCE6OxuwwCgYIKoZIzj0EAwIw
    gZgxDzANBgNVBAMMBi5sb2NhbDEqMCgGA1UECgwhU2NobmVpZGVyIEVsZWN0cmlj
    IEluZHVzdHJpZXMgU0FTMRowGAYDVQQLDBFHbG9iYWwgT3BlcmF0aW9uczEYMBYG
    A1UEBwwPUnVlaWwgTWFsbWFpc29uMRYwFAYDVQQIDA1JbGUtZGUtRnJhbmNlMQsw
    CQYDVQQGEwJGUjAeFw0yNDA5MTYxNzQ3MTNaFw0zNDA5MTQxNzQ3MTNaMIGYMQ8w
    DQYDVQQDDAYubG9jYWwxKjAoBgNVBAoMIVNjaG5laWRlciBFbGVjdHJpYyBJbmR1
    c3RyaWVzIFNBUzEaMBgGA1UECwwRR2xvYmFsIE9wZXJhdGlvbnMxGDAWBgNVBAcM
    D1J1ZWlsIE1hbG1haXNvbjEWMBQGA1UECAwNSWxlLWRlLUZyYW5jZTELMAkGA1UE
    BhMCRlIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGtKahen7fgE9Vg+62TOSv
    cakCZmr53omEoeOQBPh+IadIQllcTT9m5uTGM4LlDUUpKDjrSCOpw8JWSr5uf2vY
    o1MwUTAdBgNVHQ4EFgQUrF4utem8cULzCr6+4dYuaXt1oxAwHwYDVR0jBBgwFoAU
    rF4utem8cULzCr6+4dYuaXt1oxAwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQD
    AgNHADBEAiBcQ9Wp47F3uYLn8v+2OkDCZnBR5zUvSCwZdCzh9V8kCQIgFXGpIU2c
    O/tXkGWXYwz4TlPjgq8s0bEXDSnwwymwjGw=
    -----END CERTIFICATE-----
    subject=CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    issuer=CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Shared ciphers:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256
    Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224
    Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224
    Peer signing digest: SHA256
    Peer signature type: ECDSA
    Supported Elliptic Curve Point Formats: uncompressed
    Supported groups: secp256r1:secp384r1:secp521r1
    Shared groups: secp256r1:secp384r1:secp521r1
    CIPHER is ECDHE-ECDSA-AES128-GCM-SHA256
    Secure Renegotiation IS NOT supported
    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 212
    GET / HTTP/1.1
    Host: wss://10.6.6.23:9000
    Upgrade: websocket
    Connection: Upgrade
    ```

     

    M
    MiyukiAuthor
    Visitor II
    September 19, 2024

    But in TLS1.3 mode it seems that something really goes wrong
    ```
    $ openssl s_server -key server-new.priv -cert server-new.crt -CAfile client-new.crt -verify 2 -trace -accept 9000
    verify depth is 2
    Using default temp DH parameters
    ACCEPT
    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 187
    ClientHello, Length=183
    client_version=0x303 (TLS 1.2)
    Random:
    gmt_unix_time=0x66E92455
    random_bytes (len=28): 8995D56F9D5831697EE0C51777BB0A0BC616AF512F13EE1D26773A3B
    session_id (len=0):
    cipher_suites (len=20)
    {0x13, 0x01} TLS_AES_128_GCM_SHA256
    {0x13, 0x04} TLS_AES_128_CCM_SHA256
    {0x13, 0x05} TLS_AES_128_CCM_8_SHA256
    {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
    {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
    {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
    compression_methods (len=1)
    No Compression (0x00)
    extensions, length = 122
    extension_type=supported_groups(10), length=8
    secp256r1 (P-256) (23)
    secp384r1 (P-384) (24)
    secp521r1 (P-521) (25)
    extension_type=ec_point_formats(11), length=2
    uncompressed (0)
    extension_type=supported_versions(43), length=5
    TLS 1.3 (772)
    TLS 1.2 (771)
    extension_type=key_share(51), length=71
    NamedGroup: secp256r1 (P-256) (23)
    key_exchange: (len=65): 04A6342F2B5920ED167B1EAF11849DA511735FA70797FFA46EDE7EB30F8900AF601D930E5F9C199EFE8624B4A430D13628243BD12F6B21FC539B476D1A2A9C5A40
    extension_type=signature_algorithms(13), length=16
    ecdsa_secp256r1_sha256 (0x0403)
    ecdsa_secp384r1_sha384 (0x0503)
    ecdsa_secp521r1_sha512 (0x0603)
    rsa_pkcs1_sha256 (0x0401)
    rsa_pkcs1_sha384 (0x0501)
    rsa_pkcs1_sha512 (0x0601)
    ecdsa_sha224 (0x0303)

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = Handshake (22)
    Length = 123
    ServerHello, Length=119
    server_version=0x303 (TLS 1.2)
    Random:
    gmt_unix_time=0x9B6A4850
    random_bytes (len=28): 94583727622853D031969068BF839543D2C7BEC47C722A39502E3DDF
    session_id (len=0):
    cipher_suite {0x13, 0x01} TLS_AES_128_GCM_SHA256
    compression_method: No Compression (0x00)
    extensions, length = 79
    extension_type=supported_versions(43), length=2
    TLS 1.3 (772)
    extension_type=key_share(51), length=69
    NamedGroup: secp256r1 (P-256) (23)
    key_exchange: (len=65): 045B1B5ECCAB185A15D3B52DE56A30185CA867925E3EA4075489F078FE613BCEBE5CD2F3A73B45C2BDFE1A88C43840D9A8602212E738825D4733C931F1F1026DEF

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ChangeCipherSpec (20)
    Length = 1
    change_cipher_spec (1)

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 49
    Inner Content Type = Handshake (22)
    EncryptedExtensions, Length=28
    extensions, length = 26
    extension_type=supported_groups(10), length=22
    ecdh_x25519 (29)
    secp256r1 (P-256) (23)
    ecdh_x448 (30)
    secp521r1 (P-521) (25)
    secp384r1 (P-384) (24)
    ffdhe2048 (256)
    ffdhe3072 (257)
    ffdhe4096 (258)
    ffdhe6144 (259)
    ffdhe8192 (260)

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 225
    Inner Content Type = Handshake (22)
    CertificateRequest, Length=204
    request_context (len=0):
    extensions, length = 201
    extension_type=signature_algorithms(13), length=34
    ecdsa_secp256r1_sha256 (0x0403)
    ecdsa_secp384r1_sha384 (0x0503)
    ecdsa_secp521r1_sha512 (0x0603)
    ed25519 (0x0807)
    ed448 (0x0808)
    rsa_pss_pss_sha256 (0x0809)
    rsa_pss_pss_sha384 (0x080a)
    rsa_pss_pss_sha512 (0x080b)
    rsa_pss_rsae_sha256 (0x0804)
    rsa_pss_rsae_sha384 (0x0805)
    rsa_pss_rsae_sha512 (0x0806)
    rsa_pkcs1_sha256 (0x0401)
    rsa_pkcs1_sha384 (0x0501)
    rsa_pkcs1_sha512 (0x0601)
    ecdsa_sha224 (0x0303)
    rsa_pkcs1_sha224 (0x0301)
    extension_type=certificate_authorities(47), length=159
    0000 - 00 9d 00 9b 30 81 98 31-0f 30 0d 06 03 55 04 ....0..1.0...U.
    000f - 03 0c 06 2e 6c 6f 63 61-6c 31 2a 30 28 06 03 ....local1*0(..
    001e - 55 04 0a 0c 21 53 63 68-6e 65 69 64 65 72 20 U...!Schneider
    002d - 45 6c 65 63 74 72 69 63-20 49 6e 64 75 73 74 Electric Indust
    003c - 72 69 65 73 20 53 41 53-31 1a 30 18 06 03 55 ries SAS1.0...U
    004b - 04 0b 0c 11 47 6c 6f 62-61 6c 20 4f 70 65 72 ....Global Oper
    005a - 61 74 69 6f 6e 73 31 18-30 16 06 03 55 04 07 ations1.0...U..
    0069 - 0c 0f 52 75 65 69 6c 20-4d 61 6c 6d 61 69 73 ..Rueil Malmais
    0078 - 6f 6e 31 16 30 14 06 03-55 04 08 0c 0d 49 6c on1.0...U....Il
    0087 - 65 2d 64 65 2d 46 72 61-6e 63 65 31 0b 30 09 e-de-France1.0.
    0096 - 06 03 55 04 06 13 02 46-52 ..U....FR

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 681
    Inner Content Type = Handshake (22)
    Certificate, Length=660
    context (len=0):
    certificate_list, length=656
    ASN.1Cert, length=651
    ------details-----
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    79:9a:0e:08:dc:14:22:09:63:a0:bb:05:d3:a6:1e:7d:d7:60:28:85
    Signature Algorithm: ecdsa-with-SHA256
    Issuer: CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Validity
    Not Before: Sep 16 17:47:23 2024 GMT
    Not After : Sep 14 17:47:23 2034 GMT
    Subject: CN = .local, O = Schneider Electric Industries SAS, OU = Global Operations, L = Rueil Malmaison, ST = Ile-de-France, C = FR
    Subject Public Key Info:
    Public Key Algorithm: id-ecPublicKey
    Public-Key: (256 bit)
    pub:
    04:ba:0c:6f:92:93:7f:da:61:e7:ee:fa:85:38:32:
    06:19:df:d2:10:11:df:fc:40:16:00:c1:75:c9:9d:
    14:3b:45:b9:f3:3c:ad:6d:5d:37:43:f4:29:21:47:
    a9:35:87:79:e1:15:b8:19:61:62:d2:13:9b:68:2f:
    d8:9b:2d:92:ed
    ASN1 OID: prime256v1
    NIST CURVE: P-256
    X509v3 extensions:
    X509v3 Subject Key Identifier:
    F2:B9:F0:2A:2F:CB:38:45:E8:C1:3C:D9:CC:D4:E4:57:42:DD:D7:4E
    X509v3 Authority Key Identifier:
    F2:B9:F0:2A:2F:CB:38:45:E8:C1:3C:D9:CC:D4:E4:57:42:DD:D7:4E
    X509v3 Basic Constraints: critical
    CA:TRUE
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
    30:45:02:20:38:99:18:e5:31:b0:a2:98:e9:c1:01:3e:94:68:
    25:5f:4d:96:a5:13:9f:eb:4a:2e:39:73:94:73:64:d8:00:4b:
    02:21:00:bc:9a:69:16:bc:d8:f8:1d:4c:00:70:87:2a:e1:e5:
    d5:31:58:3a:98:9d:5e:24:00:ee:78:1b:c9:06:88:c0:f2
    -----BEGIN CERTIFICATE-----
    MIIChzCCAi2gAwIBAgIUeZoOCNwUIgljoLsF06YefddgKIUwCgYIKoZIzj0EAwIw
    gZgxDzANBgNVBAMMBi5sb2NhbDEqMCgGA1UECgwhU2NobmVpZGVyIEVsZWN0cmlj
    IEluZHVzdHJpZXMgU0FTMRowGAYDVQQLDBFHbG9iYWwgT3BlcmF0aW9uczEYMBYG
    A1UEBwwPUnVlaWwgTWFsbWFpc29uMRYwFAYDVQQIDA1JbGUtZGUtRnJhbmNlMQsw
    CQYDVQQGEwJGUjAeFw0yNDA5MTYxNzQ3MjNaFw0zNDA5MTQxNzQ3MjNaMIGYMQ8w
    DQYDVQQDDAYubG9jYWwxKjAoBgNVBAoMIVNjaG5laWRlciBFbGVjdHJpYyBJbmR1
    c3RyaWVzIFNBUzEaMBgGA1UECwwRR2xvYmFsIE9wZXJhdGlvbnMxGDAWBgNVBAcM
    D1J1ZWlsIE1hbG1haXNvbjEWMBQGA1UECAwNSWxlLWRlLUZyYW5jZTELMAkGA1UE
    BhMCRlIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS6DG+Sk3/aYefu+oU4MgYZ
    39IQEd/8QBYAwXXJnRQ7RbnzPK1tXTdD9CkhR6k1h3nhFbgZYWLSE5toL9ibLZLt
    o1MwUTAdBgNVHQ4EFgQU8rnwKi/LOEXowTzZzNTkV0Ld104wHwYDVR0jBBgwFoAU
    8rnwKi/LOEXowTzZzNTkV0Ld104wDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQD
    AgNIADBFAiA4mRjlMbCimOnBAT6UaCVfTZalE5/rSi45c5RzZNgASwIhALyaaRa8
    2PgdTABwhyrh5dUxWDqYnV4kAO54G8kGiMDy
    -----END CERTIFICATE-----
    ------------------
    No extensions

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 97
    Inner Content Type = Handshake (22)
    CertificateVerify, Length=76
    Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
    Signature (len=72): 304602210082964C9673E72D87215BC1849DA8B21AEB1573082C15C497070D1FE52A03AAE102210093B23B3A1E2BBCCE5D31840022AC4F3AE40ED4660D96249C6A868A56DD0548A2

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 53
    Inner Content Type = Handshake (22)
    Finished, Length=32
    verify_data (len=32): 9C137ABE570F80121EB79E0DE39C7B873F481BCDC8FFF10E1723C3DCFF06047A

    Received Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 680
    Inner Content Type = Handshake (22)
    Certificate, Length=659
    context (len=0):
    certificate_list, length=655
    ASN.1Cert, length=650<UNPARSEABLE CERTIFICATE>
    <TRAILING GARBAGE AFTER CERTIFICATE>
    Message length parse error!

    Sent Record
    Header:
    Version = TLS 1.2 (0x303)
    Content Type = ApplicationData (23)
    Length = 19
    Inner Content Type = Alert (21)
    Level=fatal(2), description=decode error(50)

    ERROR
    408736B2737A0000:error:0680007B:asn1 encoding routines:ASN1_get_object:header too long:../crypto/asn1/asn1_lib.c:105:
    408736B2737A0000:error:06800066:asn1 encoding routines:asn1_check_tlen:bad object header:../crypto/asn1/tasn_dec.c:1178:
    408736B2737A0000:error:0688010A:asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../crypto/asn1/tasn_dec.c:752:
    408736B2737A0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../crypto/asn1/tasn_dec.c:676:Field=issuerUID, Type=X509_CINF
    408736B2737A0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../crypto/asn1/tasn_dec.c:685:Field=cert_info, Type=X509
    408736B2737A0000:error:0680007B:asn1 encoding routines:ASN1_get_object:header too long:../crypto/asn1/asn1_lib.c:105:
    408736B2737A0000:error:06800066:asn1 encoding routines:asn1_check_tlen:bad object header:../crypto/asn1/tasn_dec.c:1178:
    408736B2737A0000:error:0688010A:asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../crypto/asn1/tasn_dec.c:752:
    408736B2737A0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../crypto/asn1/tasn_dec.c:676:Field=issuerUID, Type=X509_CINF
    408736B2737A0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../crypto/asn1/tasn_dec.c:685:Field=cert_info, Type=X509
    408736B2737A0000:error:0A08000D:SSL routines:tls_process_client_certificate:ASN1 lib:../ssl/statem/statem_srvr.c:3463:
    shutting down SSL
    CONNECTION CLOSED
    ```

    M
    MiyukiAuthor
    Visitor II
    September 22, 2024

    There are bugs in the version provided by ST 
    This issue is solved with version 6.4.0 available on GitHub in the official ThreadX repository 
    It is very inconvenient to be two versions back with major problems 

    Terms & ConditionsAccessibility statement