openSSL client has problem to connect with JSSE based server on TLS?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

openSSL client has problem to connect with JSSE based server on TLS?

Xia David You -X (xiyou - Varite Inc. at Cisco)
HI,
I have an openSSL/Stunnel based client. and we are trying to connect to a JSSE based server on TLS.
The ssldump simply say that "handshake_failure". and from successful connection log of other JSSE based connection it appears they are using different cipher.
 
Does " Unknown value 0x39" cipher need special setup on either side?
 
Two SSL dump attached( success run JSSE to JSSE, failed one with openssl to JSSE).
 
thanks
David
 

ssldumpsp.txt (36K) Download Attachment
tlsdumpOpenSSL2JSSE.log (15K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: openSSL client has problem to connect with JSSE based server on TLS?

Marek.Marcola
Hello,

> I have an openSSL/Stunnel based client. and we are trying to connect
> to a JSSE based server on TLS.
> The ssldump simply say that "handshake_failure". and from successful
> connection log of other JSSE based connection it appears they are
> using different cipher.
>  
> Does " Unknown value 0x39" cipher need special setup on either side?
Value 0x39 means  DHE-RSA-AES256-SHA.
>From command "openssl ciphers -v | grep AES" we will get:
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1

this means that DH will be used for key_echange and RSA will be used
for certificate_verify (aes256 for encription, sha1 for mac).

Error in this situation may come from verifiying ClientKeyExchange or
CertificateVerify message (ChangeCipherSpec is VERY simple :-).
Because all 3 messages are sent in one TCP segment
(or one write()) we can not tell witch packet has "error".
My proposition is to remove DH by setting (for testing) cipher
to  AES256-SHA. This will give more information from ssldump
like RSA decrypted pre_master_secret value.
You may change this with -cipher option in "openssl s_client"
or using function SSL_CTX_set_cipher_list() if you writing
your own application using OpenSSL.

Best regards,
--
Marek Marcola <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]