[openssl-users] Call for testing TLS 1.3

Matt Caswell matt at openssl.org
Wed May 23 12:33:36 UTC 2018 


On 23/05/18 12:39, John Jiang wrote:
> Hi,
> If just using s_server and s_client, can I test the TLS 1.3 features,
> likes HelloRetryRequest and resumption?

Yes.

To create a normal (full handshake) TLSv1.3 connection just use
s_server/s_client in the normal way, e.g.

$ openssl s_server -cert cert.pem -key key.pem
$ openssl s_client

To test resumption first create a full handshake TLSv1.3 connection and
save the session:

$ openssl s_server -cert cert.pem -key key.pem
$ openssl s_client -sess_out session.pem

Close the s_client instance by entering "Q" followed by enter. Then
(without closing the s_server instance) resume the session:

$ openssl s_client -sess_in session.pem


A HelloRetryRequest will occur if the key share provided by the client
is not acceptable to the server. By default the client will send an
X25519 key share, so if the server does not accept that group then an
HRR will result, e.g.

$ openssl s_server -cert cert.pem -key key.pem -groups P-256
$ openssl s_client


Of course a HelloRetryRequest all happens at the protocol layer and is
invisible as far as a user of the command line apps is concerned. You
will have to look at what happens "on the wire" to actually see it in
action - for example by using wireshark. Alternatively you can compile
OpenSSL with the "enable-ssl-trace" option, and pass the "-trace" flag
to s_server or s_client to see what protocol messages are being exchanged.

Matt



> 
> 2018-04-29 18:43 GMT+08:00 Kurt Roeckx <kurt at roeckx.be
> <mailto:kurt at roeckx.be>>:
> 
>     The upcomming OpenSSL 1.1.1 release will have TLS 1.3 support. TLS
>     1.3 brings a lot of changes that might cause incompatibility. For
>     an overview see https://wiki.openssl.org/index.php/TLS1.3
>     <https://wiki.openssl.org/index.php/TLS1.3>
> 
>     We are considering if we should enable TLS 1.3 by default or not,
>     or when it should be enabled. For that, we would like to know how
>     applications behave with the latest beta release.
> 
>     When testing this, it's important that both sides of the
>     connection support the same TLS 1.3 draft version. OpenSSL
>     currently implements draft 26. We would like to see tests
>     for OpenSSL acting as client and server.
> 
>     https://github.com/tlswg/tls13-spec/wiki/Implementations
>     <https://github.com/tlswg/tls13-spec/wiki/Implementations> lists
>     other TLS 1.3 implementations and the draft they currently
>     support. Note that the versions listed there might not be for the
>     latest release. It also lists some https test servers.
> 
>     We would really like to see a diverse set of applictions being
>     tested. Please report any results you have to us.
> 
> 
>     Kurt
> 
>     -- 
>     openssl-users mailing list
>     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
> 
> 
> 
>

More information about the openssl-users mailing list