PSK with TLSv1.3
Johannes Bauer
dfnsonfsduifb at gmx.de
Wed Oct 23 11:32:19 UTC 2019
On 23.10.19 11:24, Johannes Bauer wrote:
> All error checking omitted for now, this is obviously just a sample.
> When I try to connect to my server on the command line using s_client:
>
> $ openssl s_client -connect 127.0.0.1:12345 -psk_identity foo -psk 001122
>
> The server pukes:
>
> PSK server SSL 0x623000000100 identity foo len 3 sess (nil)
> 139933268309760:error:141F906E:SSL routines:tls_parse_ctos_psk:bad
> extension:../ssl/statem/extensions_srvr.c:1267:
>
> And I have no idea what that's supposed to mean.
One step further... I've peeked at s_server.c and copied some of that
code. I.e., concretely I now am at:
const unsigned char tls13_aes128gcmsha256_id[] = { 0x13, 0x01 };
const SSL_CIPHER *cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);
if (!cipher) {
return 0;
}
SSL_SESSION_set_cipher(sess, cipher);
But, uhm... this is positively terrifying code. Is this how it's
supposed to look, i.e., hard-coded magic numbers in the application?! Or
is that just the route s_server took and there's a preferred, better way?
In any case, while it throws a different error message now, it still
does not work:
PSK server SSL 0x62300000fd00 identity foo len 3 sess (nil)
140710464452352:error:14201076:SSL routines:tls_choose_sigalg:no
suitable signature algorithm:../ssl/t1_lib.c:2649:
I've never in the setup limited the signature algorithms and s_client
does not, either (when I peek at the ClientHello it advertises a whole
bunch of signature algorithms).
Any advice?
Thank you,
Johannes
More information about the openssl-users
mailing list