write sequence number

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

write sequence number

ratheesh kannoth
Hi list,

i am trying to understand write sequence number and read sequence
number.  Setup is simple client server with tls v1.2.

when i made write sequence number to 0 (ssl/t1_enc.c -->
s->s2->write_sequence to 0).  i commented out all increment operate on
write_sequence number. But  s->s2->read_sequence number is unmodified.

But  there is no issue in transmission. Could any one guide me to find
the sequence number used in write direction, is stored where ?


-Ratheesh
Reply | Threaded
Open this post in threaded view
|

Re: write sequence number

Matt Caswell-2


On 26/09/2019 06:42, ratheesh kannoth wrote:
> Hi list,
>
> i am trying to understand write sequence number and read sequence
> number.  Setup is simple client server with tls v1.2.
>
> when i made write sequence number to 0 (ssl/t1_enc.c -->
> s->s2->write_sequence to 0).  i commented out all increment operate on
> write_sequence number. But  s->s2->read_sequence number is unmodified.

I assume you are using OpenSSL 1.0.2?

s->s2 has nothing to do with TLSv1.2. That's for SSLv2 and has been removed from
later versions. In 1.0.2 you need to be looking at s->s3->write_sequence and
s->s3->write_sequence. It's changed location in later releases.

Matt


>
> But  there is no issue in transmission. Could any one guide me to find
> the sequence number used in write direction, is stored where ?
>
>
> -Ratheesh
>
Reply | Threaded
Open this post in threaded view
|

Re: write sequence number

ratheesh kannoth
> I assume you are using OpenSSL 1.0.2?
>
> s->s2 has nothing to do with TLSv1.2. That's for SSLv2 and has been removed from
> later versions. In 1.0.2 you need to be looking at s->s3->write_sequence and
> s->s3->write_sequence. It's changed location in later releases.
>
> Matt
>

Sorry for confusion.
Openssl version = 1_0_1r
TLS protocol =  Tls 1.2

i modified s->s3->write_sequence only.  when i composed this email, i
added wrong text.

-Ratheesh
Reply | Threaded
Open this post in threaded view
|

Re: write sequence number

Matt Caswell-2


On 26/09/2019 10:26, ratheesh kannoth wrote:

>> I assume you are using OpenSSL 1.0.2?
>>
>> s->s2 has nothing to do with TLSv1.2. That's for SSLv2 and has been removed from
>> later versions. In 1.0.2 you need to be looking at s->s3->write_sequence and
>> s->s3->write_sequence. It's changed location in later releases.
>>
>> Matt
>>
>
> Sorry for confusion.
> Openssl version = 1_0_1r

This version is very old and out of support. You should upgrade.

> TLS protocol =  Tls 1.2
>
> i modified s->s3->write_sequence only.  when i composed this email, i
> added wrong text.

I assume you are modifying the increment code in tls1_mac. That codepath is only
hit in certain circumstances:
1) You're not using AEAD based ciphersuites (i.e. GCM or CCM)
2) You're not using "stitched" ciphersuites. These are optimised implementations
which do the encrypt+mac operation all in one go. For test purposes I suggest
you build with no-asm to avoid these optimised versions

Matt