I'm trying to analyze a TLS library for Java (not Bouncy Castle). For some reason, Wireshark refuses to recognize a ClientHello fragment as such. Here is a hex dump of the TCP packet. I have broken it up into it's component parts to make it a bit easier to follow.
TCP stuff
020000004502008a000040004006f9ce0aa5001e5db8d822e28d01bbf3b9a9ab8c64a4fe8018081070fa00000101080a4e4e5d5845aa256f
16 TLS handshake record
0301 TLS v 1.0
0052 Fragment length 82 bytes
01 ClientHello message
00004e Message length 78 bytes
0303 TLS v 1.2
Client random
3c88c697bf2b559cc032faff7caccb17475ae76f36ededf279a9d1b9950e7367
00 Session ID length
0024 Cipher suite length 36 bytes 18 cipher suites
1301 1302 1303 c02b c02f cca9 ccaa c02c c030 c00a c009 c013 c014 009c 009d 002f 0035 000a
01 Compression methods length
00 Compression method null
0000 Extensions length
I'm at a loss to understand why Wireshark and several websites don't recognize this as a valid handshake record. Any help is appreciated.
EDIT:
I re-ran the capture to show how Wireshark interprets the network header.
The raw packet
0000 0c ea c9 75 61 30 3c 22 fb 01 07 f3 08 00 45 00
0010 00 8a 00 00 40 00 40 06 42 23 c0 a8 01 c8 5d b8
0020 d8 22 e9 3b 01 bb ee e9 99 55 53 56 a2 a8 80 18
0030 08 0a dc d0 00 00 01 01 08 0a 4e d6 03 2b db 4f
0040 3f fb 16 03 01 00 52 01 00 00 4e 03 03 8a 80 b9
0050 8c 73 ee 40 30 ef 65 1d 8c 51 d2 39 09 34 17 79
0060 d1 af e1 63 96 1a ac b4 ad 96 03 dd 7a 00 00 24
0070 13 01 13 02 13 03 c0 2b c0 2f cc a9 cc aa c0 2c
0080 c0 30 c0 0a c0 09 c0 13 c0 14 00 9c 00 9d 00 2f
0090 00 35 00 0a 01 00 00 00
The Wireshark interpretation
Frame 3616: 152 bytes on wire (1216 bits), 152 bytes captured (1216 bits) on interface en0, id 0
Interface id: 0 (en0)
Encapsulation type: Ethernet (1)
Arrival Time: Nov 3, 2020 09:03:23.957190000 EST
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1604412203.957190000 seconds
[Time delta from previous captured frame: 0.004793000 seconds]
[Time delta from previous displayed frame: 0.011314000 seconds]
[Time since reference or first frame: 49.409611000 seconds]
Frame Number: 3616
Frame Length: 152 bytes (1216 bits)
Capture Length: 152 bytes (1216 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Ethernet II, Src: Apple_01:07:f3 (3c:22:fb:01:07:f3), Dst: ARRISGro_75:61:30 (0c:ea:c9:75:61:30)
Destination: ARRISGro_75:61:30 (0c:ea:c9:75:61:30)
Source: Apple_01:07:f3 (3c:22:fb:01:07:f3)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.1.200, Dst: 93.184.216.34
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 138
Identification: 0x0000 (0)
Flags: 0x40, Don't fragment
Fragment Offset: 0
Time to Live: 64
Protocol: TCP (6)
Header Checksum: 0x4223 [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.1.200
Destination Address: 93.184.216.34
Transmission Control Protocol, Src Port: 59707, Dst Port: 443, Seq: 1, Ack: 1, Len: 86
Source Port: 59707
Destination Port: 443
[Stream index: 18]
[TCP Segment Len: 86]
Sequence Number: 1 (relative sequence number)
Sequence Number (raw): 4008286549
[Next Sequence Number: 87 (relative sequence number)]
Acknowledgment Number: 1 (relative ack number)
Acknowledgment number (raw): 1398186664
1000 .... = Header Length: 32 bytes (8)
Flags: 0x018 (PSH, ACK)
Window: 2058
[Calculated window size: 131712]
[Window size scaling factor: 64]
Checksum: 0xdcd0 [unverified]
[Checksum Status: Unverified]
Urgent Pointer: 0
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
[SEQ/ACK analysis]
[Timestamps]
TCP payload (86 bytes)
TCP segment data (86 bytes)
Related
I am a novice in macsec, and appreciate any help in understanding why macsec via wpa_supplicant on Ubuntu does not work with the Ruckus ICX7850-48FS switch.
This switch does have macsec option enabled and configured with pre-shared CAK and CKN
However, I cannot ping any device on my network when macsec is set in ICX and wpa_supplicant is running on Ubuntu.
Do I miss something in configuration?
Thank you
Here is what ip command shows:
$ ip -s macsec show
17: macsec0: protect on validate strict sc off sa off encrypt on send_sci on end_station off scb off replay off
cipher suite: GCM-AES-128, using ICV length 16
TXSC: 00e102005f280001 on SA 0
stats: OutPktsUntagged InPktsUntagged OutPktsTooLong InPktsNoTag InPktsBadTag InPktsUnknownSCI InPktsNoSCI InPktsOverrun
0 0 0 107 0 0 2832 0
stats: OutPktsProtected OutPktsEncrypted OutOctetsProtected OutOctetsEncrypted
0 11 0 1218
0: PN 12, state on, key af90ad063d4a31db48edac0d01000000
stats: OutPktsProtected OutPktsEncrypted
0 11
RXSC: 38453b3aa3730003, state on
stats: InOctetsValidated InOctetsDecrypted InPktsUnchecked InPktsDelayed InPktsOK InPktsInvalid InPktsLate InPktsNotValid
InPktsNotUsingSA InPktsUnusedSA
0 0 0 0 0 0 0 0 0 0
0: PN 1, state on, key af90ad063d4a31db48edac0d01000000
stats: InPktsOK InPktsInvalid InPktsNotValid InPktsNotUsingSA InPktsUnusedSA
0 0 0 0 0
wpa_supplicant.config:
ctrl_interface=/var/run/wpa_supplicant eapol_version=3 ap_scan=0
#orig fast_reauth=1 fast_reauth=0 network={
key_mgmt=NONE
#key_mgmt=IEEE8021X
eapol_flags=0
macsec_policy=1
mka_cak=135bd758b0ee5c11c55ff6ab19fdb199
mka_ckn=96437a93ccf10d9dfe347846cce52c7d
mka_priority=100 }
I run wpa_supplicant in debug mode:
wpa_supplicant -dd -K -i eth0 -Dmacsec_linux -c
wpa_supplicant_ubuntu.conf
Wpa_cli status:
> status
bssid=01:80:c2:00:00:03
freq=0
ssid=
id=0
mode=station
pairwise_cipher=NONE
group_cipher=NONE
key_mgmt=NONE
wpa_state=COMPLETED
ip_address=10.100.97.158
address=00:e1:02:00:5f:28
PAE KaY status=Active
Authenticated=No
Secured=Yes
Failed=No
Actor Priority=100
Key Server Priority=16
Is Key Server=No
Number of Keys Distributed=0
Number of Keys Received=1
MKA Hello Time=2000
actor_sci=00:e1:02:00:5f:28#1
key_server_sci=38:45:3b:3a:a3:73#3
participant_idx=0
ckn=96437a93ccf10d9dfe347846cce52c7d
mi=3dfae97ed11d9ba7013cef3d
mn=6
active=Yes
participant=No
retain=No
live_peers=1
potential_peers=0
is_key_server=No
is_elected=Yes
uuid=84d0be70-7d9a-5dba-b0ed-139b3414cf7d
Log of wpa_supplicant:
# ./startWpaSupplicantUbuntu.sh
wpa_supplicant v2.9
random: getrandom() support available
Successfully initialized wpa_supplicant
Initializing interface 'eth0' conf 'wpa_supplicant_ubuntu.conf' driver 'macsec_linux' ctrl_interface 'N/A' bridge 'N/A'
Configuration file 'wpa_supplicant_ubuntu.conf' -> '/home/dima/Desktop/macsec/wpa_supplicant_ubuntu.conf'
Reading configuration file '/home/dima/Desktop/macsec/wpa_supplicant_ubuntu.conf'
ctrl_interface='/var/run/wpa_supplicant'
eapol_version=3
ap_scan=0
fast_reauth=0
Line: 7 - start of a new network block
key_mgmt: 0x4
eapol_flags=0 (0x0)
macsec_policy=1 (0x1)
MKA-CAK - hexdump(len=16): [REMOVED]
MKA-CKN - hexdump(len=16): [REMOVED]
mka_priority=100 (0x64)
Priority group 0
id=0 ssid=''
driver_wired_init_common: Added multicast membership with packet socket
Add interface eth0 to a new radio N/A
eth0: Own MAC address: 00:e1:02:00:5f:28
eth0: RSN: flushing PMKID list in the driver
eth0: Setting scan request: 0.100000 sec
TDLS: TDLS operation not supported by driver
TDLS: Driver uses internal link setup
TDLS: Driver does not support TDLS channel switching
eth0: WPS: UUID based on MAC address: 84d0be70-7d9a-5dba-b0ed-139b3414cf7d
ENGINE: Loading builtin engines
ENGINE: Loading builtin engines
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
eth0: Added interface eth0
eth0: State: DISCONNECTED -> DISCONNECTED
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
KaY: Initialize - ifname=eth0 addr=00:e1:02:00:5f:28 port=0 priority=100
KaY: Generated SCI: 00:e1:02:00:5f:28#1
macsec_drv_get_capability
KaY: state machine created
macsec_drv_macsec_init
macsec_linux: ifname=eth0 parent_ifi=2
KaY: secy init macsec done
CP: state machine created
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_enable_encrypt -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state INIT
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state CHANGE
macsec_drv_enable_controlled_port -> FALSE
eth0: Already associated with a configured network - generating associated event
eth0: Event ASSOC (0) received
eth0: Association info event
FT: Stored MDIE and FTIE from (Re)Association Response - hexdump(len=0):
eth0: State: DISCONNECTED -> ASSOCIATED
eth0: Associated to a new BSS: BSSID=01:80:c2:00:00:03
eth0: Select network based on association information
eth0: Network configuration found for the current AP
eth0: WPA: clearing AP WPA IE
eth0: WPA: clearing AP RSN IE
eth0: WPA: clearing own WPA/RSN IE
eth0: Failed to get scan results
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=ForceAuthorized
KaY: state machine removed
CP: state machine removed
macsec_drv_macsec_deinit
KaY: Initialize - ifname=eth0 addr=00:e1:02:00:5f:28 port=0 priority=100
KaY: Generated SCI: 00:e1:02:00:5f:28#1
macsec_drv_get_capability
KaY: state machine created
macsec_drv_macsec_init
macsec_linux: ifname=eth0 parent_ifi=2
KaY: secy init macsec done
CP: state machine created
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_enable_encrypt -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state INIT
macsec_drv_enable_controlled_port -> FALSE
CP: CP entering state CHANGE
macsec_drv_enable_controlled_port -> FALSE
KaY: Create MKA (ifname=eth0 mode=PSK authenticator=No)
KaY: CKN - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
KaY: CAK - hexdump(len=16): [REMOVED]
KaY: Selected random MI: 3dfae97ed11d9ba7013cef3d
KaY: Create transmit SC - SCI: 00:e1:02:00:5f:28#1
macsec_drv_enable_protect_frames -> TRUE
macsec_drv_set_replay_protect -> FALSE, 0
macsec_linux: eth0: create_transmit_sc -> 00:e1:02:00:5f:28::1 (conf_offset=0)
macsec_linux: eth0: create_transmit_sc: ifi=16 ifname=macsec0
macsec_linux: macsec0: try_commit controlled_port_enabled=0
macsec_linux: macsec0: try_commit protect_frames=1
macsec_linux: macsec0: try_commit encrypt=1
macsec_linux: macsec0: try_commit replay_protect=0 replay_window=0
KaY: Derived KEK - hexdump(len=16): [REMOVED]
KaY: Derived ICK - hexdump(len=16): [REMOVED]
eth0: Associated with 01:80:c2:00:00:03
eth0: WPA: Association event - clear replay counter
eth0: WPA: Clear old PTK
TDLS: Remove peers on association
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state S_FORCE_AUTH
EAPOL: Supplicant port status: Authorized
EAPOL: SUPP_BE entering state IDLE
eth0: Cancelling authentication timeout
eth0: State: ASSOCIATED -> COMPLETED
eth0: CTRL-EVENT-CONNECTED - Connection to 01:80:c2:00:00:03 completed [id=0 id_str=]
eth0: Cancelling scan request
eth0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
KaY: Participant timer (ifname=eth0)
KaY: Encode and send an MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=00:e1:02:00:5f:28 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=64
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 100
Key Server: 1
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 00:e1:02:00:5f:28#1
Actor's Member Identifier: 3dfae97ed11d9ba7013cef3d
Actor's Message Number: 1
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
KaY: ICV - hexdump(len=16): 48 1d a5 ad f5 59 23 02 a1 61 b7 84 af 5e 82 50
KaY: Outgoing MKPDU - hexdump(len=82): 01 80 c2 00 00 03 00 e1 02 00 5f 28 88 8e 03 05 00 40 01 64 e0 2c 00 e1 02 00 5f 28 00 01 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 01 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 48 1d a5 ad f5 59 23 02 a1 61 b7 84 af 5e 82 50
EAPOL: disable timer tick
l2_packet_receive: src=38:45:3b:3a:a3:73 len=92
eth0: RX EAPOL from 38:45:3b:3a:a3:73
RX EAPOL - hexdump(len=92): 03 05 00 58 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 02 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 01 ff 00 00 10 37 e1 1d 33 e1 1e 79 96 71 2d bb 52 b0 c8 54 12
eth0: Ignored received EAPOL frame since no key management is configured
l2_packet_receive: src=38:45:3b:3a:a3:73 len=106
KaY: RX EAPOL-MKA - hexdump(len=106): 01 80 c2 00 00 03 38 45 3b 3a a3 73 88 8e 03 05 00 58 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 02 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 01 ff 00 00 10 37 e1 1d 33 e1 1e 79 96 71 2d bb 52 b0 c8 54 12
KaY: Decode received MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=38:45:3b:3a:a3:73 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=88
KaY: EAPOL-MKA Packet Body (MKPDU) - hexdump(len=88): 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 02 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 01 ff 00 00 10 37 e1 1d 33 e1 1e 79 96 71 2d bb 52 b0 c8 54 12
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 16
Key Server: 1
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 38:45:3b:3a:a3:73#3
Actor's Member Identifier: 6961e3c6b1dddcdbd81ce04f
Actor's Message Number: 1
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
KaY: Received ICV - hexdump(len=16): 37 e1 1d 33 e1 1e 79 96 71 2d bb 52 b0 c8 54 12
KaY: Potential peer created
MI: 6961e3c6b1dddcdbd81ce04f MN: 1 SCI: 00:00:00:00:00:00#0
Potential Peer List parameter set
Body Length: 16
Member Id: 3dfae97ed11d9ba7013cef3d Message Number: 1
KaY: My MI - received MN 1, most recently transmitted MN 1
KaY: i_in_peerlist=Yes is_in_live_peer=No
KaY: Create receive SC: SCI 38:45:3b:3a:a3:73#3
KaY: Move potential peer to live peer
MI: 6961e3c6b1dddcdbd81ce04f MN: 1 SCI: 38:45:3b:3a:a3:73#3
macsec_linux: macsec0: create_receive_sc -> 38:45:3b:3a:a3:73::3 (conf_offset=0 validation=2)
KaY: Peer 6961e3c6b1dddcdbd81ce04f was elected as the key server
CTRL_IFACE monitor attached /tmp/wpa_ctrl_133358-44\x00
CTRL-DEBUG: ctrl_sock-sendto: sock=6 sndbuf=212992 outq=0 send_len=3
CTRL-DEBUG: ctrl_sock-sendto: sock=6 sndbuf=212992 outq=0 send_len=5
KaY: Participant timer (ifname=eth0)
KaY: Encode and send an MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=00:e1:02:00:5f:28 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=84
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 100
Key Server: 0
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 00:e1:02:00:5f:28#1
Actor's Member Identifier: 3dfae97ed11d9ba7013cef3d
Actor's Message Number: 2
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
Live Peer List parameter set
Body Length: 16
Member Id: 6961e3c6b1dddcdbd81ce04f Message Number: 1
KaY: ICV - hexdump(len=16): fb 8f 40 14 50 60 3c 1b 24 88 6f ce c1 d1 21 ca
KaY: Outgoing MKPDU - hexdump(len=102): 01 80 c2 00 00 03 00 e1 02 00 5f 28 88 8e 03 05 00 54 01 64 60 2c 00 e1 02 00 5f 28 00 01 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 02 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 fb 8f 40 14 50 60 3c 1b 24 88 6f ce c1 d1 21 ca
l2_packet_receive: src=38:45:3b:3a:a3:73 len=168
eth0: RX EAPOL from 38:45:3b:3a:a3:73
RX EAPOL - hexdump(len=168): 03 05 00 a4 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 02 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 02 03 10 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 04 10 00 1c 00 00 00 01 fd f6 00 f4 87 75 41 73 0a 64 37 f2 4a 28 e4 92 0e cf 16 03 67 ee 19 f4 ff 00 00 10 c7 f1 51 03 81 c4 19 36 3c bc bb 87 40 65 58 cf
eth0: Ignored received EAPOL frame since no key management is configured
l2_packet_receive: src=38:45:3b:3a:a3:73 len=182
KaY: RX EAPOL-MKA - hexdump(len=182): 01 80 c2 00 00 03 38 45 3b 3a a3 73 88 8e 03 05 00 a4 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 02 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 02 03 10 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 04 10 00 1c 00 00 00 01 fd f6 00 f4 87 75 41 73 0a 64 37 f2 4a 28 e4 92 0e cf 16 03 67 ee 19 f4 ff 00 00 10 c7 f1 51 03 81 c4 19 36 3c bc bb 87 40 65 58 cf
KaY: Decode received MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=38:45:3b:3a:a3:73 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=164
KaY: EAPOL-MKA Packet Body (MKPDU) - hexdump(len=164): 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 02 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 02 03 10 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 04 10 00 1c 00 00 00 01 fd f6 00 f4 87 75 41 73 0a 64 37 f2 4a 28 e4 92 0e cf 16 03 67 ee 19 f4 ff 00 00 10 c7 f1 51 03 81 c4 19 36 3c bc bb 87 40 65 58 cf
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 16
Key Server: 1
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 38:45:3b:3a:a3:73#3
Actor's Member Identifier: 6961e3c6b1dddcdbd81ce04f
Actor's Message Number: 2
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
KaY: Received ICV - hexdump(len=16): c7 f1 51 03 81 c4 19 36 3c bc bb 87 40 65 58 cf
Live Peer List parameter set
Body Length: 16
Member Id: 3dfae97ed11d9ba7013cef3d Message Number: 2
KaY: My MI - received MN 2, most recently transmitted MN 2
KaY: i_in_peerlist=Yes is_in_live_peer=Yes
MACsec SAK Use parameter set
Latest Key AN....: 0
Latest Key Tx....: No
Latest Key Rx....: Yes
Old Key AN.......: 0
Old Key Tx.......: No
Old Key Rx.......: No
Plain Tx.........: No
Plain Rx.........: No
Delay Protect....: No
Body Length......: 40
Key Server MI....: 6961e3c6b1dddcdbd81ce04f
Key Number.......: 1
Lowest PN........: 1
Old Key Server MI: 000000000000000000000000
Old Key Number...: 0
Old Lowest PN....: 1
KaY: Latest key is invalid
Distributed SAK parameter set
Distributed AN........: 0
Confidentiality Offset: 1
Body Length...........: 28
Key Number............: 1
AES Key Wrap of SAK...: - hexdump(len=24): fd f6 00 f4 87 75 41 73 0a 64 37 f2 4a 28 e4 92 0e cf 16 03 67 ee 19 f4
AES Key Unwrap of SAK.: - hexdump(len=16): [REMOVED]
CP: CP entering state SECURED
macsec_drv_set_current_cipher_suite -> 0080020001000001
macsec_drv_enable_protect_frames -> TRUE
macsec_linux: macsec0: try_commit protect_frames=1
macsec_drv_enable_encrypt -> TRUE
macsec_linux: macsec0: try_commit encrypt=1
macsec_drv_set_replay_protect -> FALSE, 0
macsec_linux: macsec0: try_commit replay_protect=0 replay_window=0
CP: CP entering state RECEIVE
KaY: Create receive SA(an: 0 lowest_pn: 1) of SC
macsec_linux: macsec0: create_receive_sa -> 0 on 38:45:3b:3a:a3:73::3 (enable_receive=0 next_pn=1)
macsec_linux: SA keyid - hexdump(len=16): 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 01 00 00 00
macsec_linux: SA key - hexdump(len=16): [REMOVED]
KaY: Create transmit SA(an: 0, next_pn: 1) of SC
macsec_linux: macsec0: create_transmit_sa -> 0 on 00:e1:02:00:5f:28::1 (enable_transmit=0 next_pn=1)
macsec_linux: SA keyid - hexdump(len=16): 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 01 00 00 00
macsec_linux: SA key - hexdump(len=16): [REMOVED]
macsec_linux: macsec0: enable_receive_sa -> 0 on 38:45:3b:3a:a3:73::3
CP: CP entering state RECEIVING
CP: CP entering state READY
KaY: Encode and send an MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=00:e1:02:00:5f:28 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=128
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 100
Key Server: 0
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 00:e1:02:00:5f:28#1
Actor's Member Identifier: 3dfae97ed11d9ba7013cef3d
Actor's Message Number: 3
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
Live Peer List parameter set
Body Length: 16
Member Id: 6961e3c6b1dddcdbd81ce04f Message Number: 2
macsec_drv_get_transmit_next_pn
macsec_linux: macsec_drv_get_transmit_next_pn: err 0 result 1
MACsec SAK Use parameter set
Latest Key AN....: 0
Latest Key Tx....: No
Latest Key Rx....: Yes
Old Key AN.......: 0
Old Key Tx.......: No
Old Key Rx.......: No
Plain Tx.........: No
Plain Rx.........: No
Delay Protect....: No
Body Length......: 40
Key Server MI....: 6961e3c6b1dddcdbd81ce04f
Key Number.......: 1
Lowest PN........: 1
Old Key Server MI: 000000000000000000000000
Old Key Number...: 0
Old Lowest PN....: 1
KaY: ICV - hexdump(len=16): 3f 58 1e c3 42 14 f6 20 50 53 a9 81 7b 75 6f b0
KaY: Outgoing MKPDU - hexdump(len=146): 01 80 c2 00 00 03 00 e1 02 00 5f 28 88 8e 03 05 00 80 01 64 60 2c 00 e1 02 00 5f 28 00 01 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 03 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 02 03 10 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 3f 58 1e c3 42 14 f6 20 50 53 a9 81 7b 75 6f b0
CP: CP entering state TRANSMIT
macsec_drv_enable_controlled_port -> TRUE
macsec_linux: macsec0: try_commit controlled_port_enabled=1
macsec_linux: macsec0: enable_transmit_sa -> 0 on 00:e1:02:00:5f:28::1
macsec_linux: macsec0: try_commit encoding_sa=0
CP: CP entering state TRANSMITTING
KaY: Encode and send an MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=00:e1:02:00:5f:28 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=128
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 100
Key Server: 0
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 00:e1:02:00:5f:28#1
Actor's Member Identifier: 3dfae97ed11d9ba7013cef3d
Actor's Message Number: 4
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
Live Peer List parameter set
Body Length: 16
Member Id: 6961e3c6b1dddcdbd81ce04f Message Number: 2
macsec_drv_get_transmit_next_pn
macsec_linux: macsec_drv_get_transmit_next_pn: err 0 result 1
MACsec SAK Use parameter set
Latest Key AN....: 0
Latest Key Tx....: Yes
Latest Key Rx....: Yes
Old Key AN.......: 0
Old Key Tx.......: No
Old Key Rx.......: No
Plain Tx.........: No
Plain Rx.........: No
Delay Protect....: No
Body Length......: 40
Key Server MI....: 6961e3c6b1dddcdbd81ce04f
Key Number.......: 1
Lowest PN........: 1
Old Key Server MI: 000000000000000000000000
Old Key Number...: 0
Old Lowest PN....: 1
KaY: ICV - hexdump(len=16): 69 b6 ef f1 6b 29 44 26 d3 40 50 2e 0a b3 e2 89
KaY: Outgoing MKPDU - hexdump(len=146): 01 80 c2 00 00 03 00 e1 02 00 5f 28 88 8e 03 05 00 80 01 64 60 2c 00 e1 02 00 5f 28 00 01 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 04 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 02 03 30 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 69 b6 ef f1 6b 29 44 26 d3 40 50 2e 0a b3 e2 89
CP: CP entering state RETIRE
KaY: Participant timer (ifname=eth0)
KaY: Encode and send an MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=00:e1:02:00:5f:28 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=128
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 100
Key Server: 0
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 00:e1:02:00:5f:28#1
Actor's Member Identifier: 3dfae97ed11d9ba7013cef3d
Actor's Message Number: 5
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
Live Peer List parameter set
Body Length: 16
Member Id: 6961e3c6b1dddcdbd81ce04f Message Number: 2
macsec_drv_get_transmit_next_pn
macsec_linux: macsec_drv_get_transmit_next_pn: err 0 result 2
MACsec SAK Use parameter set
Latest Key AN....: 0
Latest Key Tx....: Yes
Latest Key Rx....: Yes
Old Key AN.......: 0
Old Key Tx.......: No
Old Key Rx.......: No
Plain Tx.........: No
Plain Rx.........: No
Delay Protect....: No
Body Length......: 40
Key Server MI....: 6961e3c6b1dddcdbd81ce04f
Key Number.......: 1
Lowest PN........: 1
Old Key Server MI: 000000000000000000000000
Old Key Number...: 0
Old Lowest PN....: 1
KaY: ICV - hexdump(len=16): 96 2e 06 f1 a4 80 5f 24 da 41 a2 fa 73 53 5a 75
KaY: Outgoing MKPDU - hexdump(len=146): 01 80 c2 00 00 03 00 e1 02 00 5f 28 88 8e 03 05 00 80 01 64 60 2c 00 e1 02 00 5f 28 00 01 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 05 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 02 03 30 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 96 2e 06 f1 a4 80 5f 24 da 41 a2 fa 73 53 5a 75
l2_packet_receive: src=38:45:3b:3a:a3:73 len=136
eth0: RX EAPOL from 38:45:3b:3a:a3:73
RX EAPOL - hexdump(len=136): 03 05 00 84 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 03 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 05 03 30 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ff 00 00 10 d7 5a 9c f8 26 7d 54 fc 7a 92 5f e3 36 ff 71 eb
eth0: Ignored received EAPOL frame since no key management is configured
l2_packet_receive: src=38:45:3b:3a:a3:73 len=150
KaY: RX EAPOL-MKA - hexdump(len=150): 01 80 c2 00 00 03 38 45 3b 3a a3 73 88 8e 03 05 00 84 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 03 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 05 03 30 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ff 00 00 10 d7 5a 9c f8 26 7d 54 fc 7a 92 5f e3 36 ff 71 eb
KaY: Decode received MKPDU (ifname=eth0)
KaY: Ethernet header: DA=01:80:c2:00:00:03 SA=38:45:3b:3a:a3:73 Ethertype=0x888e
KaY: Common EAPOL PDU structure: Protocol Version=3 Packet Type=5 Packet Body Length=132
KaY: EAPOL-MKA Packet Body (MKPDU) - hexdump(len=132): 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 03 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 05 03 30 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ff 00 00 10 d7 5a 9c f8 26 7d 54 fc 7a 92 5f e3 36 ff 71 eb
MKA Basic Parameter Set
MKA Version Identifier: 1
Key Server Priority: 16
Key Server: 1
MACsec Desired: 1
MACsec Capability: 2
Parameter set body length: 44
SCI: 38:45:3b:3a:a3:73#3
Actor's Member Identifier: 6961e3c6b1dddcdbd81ce04f
Actor's Message Number: 3
Algorithm Agility: 0080c201
CAK Name - hexdump(len=16): 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d
KaY: Received ICV - hexdump(len=16): d7 5a 9c f8 26 7d 54 fc 7a 92 5f e3 36 ff 71 eb
Live Peer List parameter set
Body Length: 16
Member Id: 3dfae97ed11d9ba7013cef3d Message Number: 5
KaY: My MI - received MN 5, most recently transmitted MN 5
KaY: i_in_peerlist=Yes is_in_live_peer=Yes
MACsec SAK Use parameter set
Latest Key AN....: 0
Latest Key Tx....: Yes
Latest Key Rx....: Yes
Old Key AN.......: 0
Old Key Tx.......: No
Old Key Rx.......: No
Plain Tx.........: No
Plain Rx.........: No
Delay Protect....: No
Body Length......: 40
Key Server MI....: 6961e3c6b1dddcdbd81ce04f
Key Number.......: 1
Lowest PN........: 1
Old Key Server MI: 000000000000000000000000
Old Key Number...: 0
Old Lowest PN....: 1
l2_packet_receive: src=38:45:3b:3a:a3:73 len=136
eth0: RX EAPOL from 38:45:3b:3a:a3:73
RX EAPOL - hexdump(len=136): 03 05 00 84 01 10 e0 2c 38 45 3b 3a a3 73 00 03 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 04 00 80 c2 01 96 43 7a 93 cc f1 0d 9d fe 34 78 46 cc e5 2c 7d 01 00 00 10 3d fa e9 7e d1 1d 9b a7 01 3c ef 3d 00 00 00 05 03 30 00 28 69 61 e3 c6 b1 dd dc db d8 1c e0 4f 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ff 00 00 10 a5 fc ed db e1 b4 1a 61 d8 ec 73 3a ff 9e 54 e7
eth0: Ignored received EAPOL frame since no key management is configured
Here is macsec part of ICX configuration:
dot1x-mka-enable
mka-cfg-group test
key-server-priority 20
macsec cipher-suite gcm-aes-128
enable-mka ethernet 1/1/4
pre-shared-key 135bd758b0ee5c11c55ff6ab19fdb199 key-name 96437a93ccf10d9dfe347846cce52c7d
!
Your wpa_supplicant.config formatting looks odd in your question, but I'm guessing it works on your system based on the log output.
I think you should have a new macsec0 device which handles the encryption and decryption, and that should be the interface you use once MACsec is properly configured on eth0. eth0 traffic will not be usable unless the switch side MACsec configuration allows unencrypted traffic as well as encrypted.
Summary:
eth0 is unsecure traffic (if configured to allow unsecure traffic)
macsec0 is secure traffic
I am trying to implement a SSL client into my IoT project. I have copied the SSL_Client example I found in STM32Cube_FW_F7_V1.15.0 into my project and was able to compile succesfully. However the SSL handshake fails with -0x7780 MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE. I attach the console debug output:
. Seeding the random number generator... ok
. Loading the CA root certificate ... ok (1 skipped)
. Connecting to tcp/www.google.de/443... ok
. Setting up the SSL/TLS structure... ok
. Performing the SSL/TLS handshake...=> handshake
client state: 0
=> flush output
<= flush output
client state: 1
=> flush output
<= flush output
=> write client hello
client hello, max version: [3:3]
dumping 'client hello, random bytes' (32 bytes)
0000: 88 d9 c4 b1 4f 82 ef a2 74 80 5c 6e 3f c4 29 ca ....O...t.\n?.).
0010: a4 8d 61 2b f6 37 ec 93 39 cb 7d d0 39 5a 67 9b ..a+.7..9.}.9Zg.
client hello, session id len.: 0
dumping 'client hello, session id' (0 bytes)
client hello, add ciphersuite: c02b
client hello, add ciphersuite: c031
client hello, add ciphersuite: c02d
client hello, add ciphersuite: 00a8
client hello, got 4 ciphersuites (excluding SCSVs)
adding EMPTY_RENEGOTIATION_INFO_SCSV
client hello, compress len.: 1
client hello, compress alg.: 0
client hello, adding server name extension: mbed TLS Server 1
client hello, adding signature_algorithms extension
client hello, adding supported_elliptic_curves extension
client hello, adding supported_point_formats extension
client hello, adding encrypt_then_mac extension
client hello, adding extended_master_secret extension
client hello, total extension length: 62
=> write handshake message
=> write record
output record: msgtype = 22, version = [3:3], msglen = 117
dumping 'output record sent to network' (122 bytes)
0000: 16 03 03 00 75 01 00 00 71 03 03 88 d9 c4 b1 4f ....u...q......O
0010: 82 ef a2 74 80 5c 6e 3f c4 29 ca a4 8d 61 2b f6 ...t.\n?.)...a+.
0020: 37 ec 93 39 cb 7d d0 39 5a 67 9b 00 00 0a c0 2b 7..9.}.9Zg.....+
0030: c0 31 c0 2d 00 a8 00 ff 01 00 00 3e 00 00 00 16 .1.-.......>....
0040: 00 14 00 00 11 6d 62 65 64 20 54 4c 53 20 53 65 .....mbed TLS Se
0050: 72 76 65 72 20 31 00 0d 00 0a 00 08 04 03 04 01 rver 1..........
0060: 03 03 03 01 00 0a 00 04 00 02 00 17 00 0b 00 02 ................
0070: 01 00 00 16 00 00 00 17 00 00 ..........
=> flush output
message length: 122, out_left: 122
ssl->f_send() returned 122 (-0xffffff86)
<= flush output
<= write record
<= write handshake message
<= write client hello
client state: 2
=> flush output
<= flush output
=> parse server hello
=> read record
=> fetch input
in_left: 0, nb_want: 5
in_left: 0, nb_want: 5
ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
<= fetch input
dumping 'input record header' (5 bytes)
0000: 15 03 03 00 02 .....
input record: msgtype = 21, version = [3:3], msglen = 2
=> fetch input
in_left: 5, nb_want: 7
in_left: 5, nb_want: 7
ssl->f_recv(_timeout)() returned 2 (-0xfffffffe)
<= fetch input
dumping 'input record from network' (7 bytes)
0000: 15 03 03 00 02 02 28 ......(
got an alert message, type: [2:40]
is a fatal alert message (msg 40)
mbedtls_ssl_handle_message_type() returned -30592 (-0x7780)
mbedtls_ssl_read_record() returned -30592 (-0x7780)
<= handshake
failed
! mbedtls_ssl_handshake returned -0x7780
I am thankfull for every hint in the right direction.
client hello, adding server name extension: mbed TLS Server 1
The client is using the SNI extension to indicate that it wants to talk to mbed TLS Server 1. The server on port 443 of www.google.de can respond as www.google.de, google.de and a bunch of other names that Google controls, but it does know about mbed TLS Server 1, so it sends a fatal alert indicating that it cannot complete the handshake.
You can use the sample client as is to talk to the sample server whose source code should be next to it. To contact another server, you need to change or remove the call to mbedtls_ssl_set_hostname.
I am trying to connect to Azure IoT hub by using libmosquitto sdk using following code.
struct mosquitto *mosq_Connection_1;
bool mosq_ConnectionStatus_1;
void mqtt_init(void)
{
mosquitto_lib_init();
}
bool mqtt_ConnectToServer(struct mosquitto **mosq, char *mqtt_ip, int mqtt_port, char *mqtt_username, char *mqtt_password, int mqtt_keepAlive)
{
bool clean_session = true;
*mosq = mosquitto_new("123457", clean_session, NULL);
if(!(*mosq))
{
perror("mqtt error: Out of memory.\n");
return false;
}
printf("mqtt: mqtt_ip:%s\n",mqtt_ip);
printf("mqtt: mqtt_port:%d\n",mqtt_port);
printf("mqtt: mqtt_port:%s\n",mqtt_username);
printf("mqtt: mqtt Password:%s\n",mqtt_password);
mosquitto_log_callback_set(*mosq, my_log_callback);
mosquitto_connect_callback_set(*mosq, my_connect_callback);
mosquitto_message_callback_set(*mosq, my_message_callback);
mosquitto_subscribe_callback_set(*mosq, my_subscribe_callback);
mosquitto_disconnect_callback_set(*mosq,my_disconnect_callBack);
mosquitto_publish_callback_set(*mosq,my_publish_callBack);
// mosquitto_opts_set(*mosq, MOSQ_OPT_PROTOCOL_VERSION, "MQTT_PROTOCOL_V311");
if(mosquitto_tls_set(*mosq, "cert.cer", NULL, NULL, NULL, NULL)!= MOSQ_ERR_SUCCESS)
{
perror("mqtt: mosquitto_tls_set");
return false;
}
/* mosquitto_tls_insecure_set(*mosq, 1);
mosquitto_tls_opts_set(*mosq, 0, "tlsv1", NULL); */
if(1)//mqtt_username != NULL && mqtt_password != NULL)
{
mosquitto_username_pw_set(*mosq,mqtt_username,mqtt_password);
}
if(mosquitto_connect(*mosq, mqtt_ip, mqtt_port, mqtt_keepAlive))
{
perror("mqtt: Unable to connect.\n");
return false;
}
else
{
return true;
}
// mosquitto_loop_start(*mosq);
}
void mqtt_close(struct mosquitto *mosq)
{
printf("Closing mqtt Socket\n");
if(mosq == mosq_Connection_1)
mosq_ConnectionStatus_1 = false;
else if(mosq == mosq_Connection_2)
mosq_ConnectionStatus_2 = false;
else if(mosq == mosq_Connection_3)
mosq_ConnectionStatus_3 = false;
mosquitto_destroy(mosq);
mosquitto_lib_cleanup();
//mqtt_init();
}
int main()
{
bool clean_session = true;
mqtt_init();
mqtt_ConnectToServer(&mosq_Connection_1, <ip Address>, <Port Number>,<username>, <Password>, 60);
mosquitto_loop_start(mosq_Connection_1);
}
Now the problem is if i run this code on ubantu system then it is working fine and but i am trying to do the same on sierra wireless WP7608 board then it is not connecting to server. can somebody explain what is going wrong?
Thanks in advance.
Edited: I tried checking ssl certificate verification by using following command and it gives following logs.
Command: openssl s_client -connect UX101Test.azure-devices.net:8883 -state -debug -tls1_2
.....
09f0 - 86 c3 77 61 75 ee a1 86-ba 39 ab f2 f4 9d ad 0d ..wau....9......
0a00 - 35 7b 78 8f 94 b3 76 06-ce ad 6c 19 03 46 ef c6 5{x...v...l..F..
0a10 - 44 71 2e cd 15 35 28 70-5a 27 a5 40 7d 20 9a 26 Dq...5(pZ'.#} .&
0a20 - 89 72 6f 86 be 46 b3 fd-65 01 57 3a 67 21 81 fd .ro..F..e.W:g!..
0a30 - d5 4c ae 06 0d 00 00 1a-03 01 02 40 00 12 04 01 .L.........#....
0a40 - 05 01 02 01 04 03 05 03-02 03 02 02 06 01 06 03 ................
0a50 - 00 00 0e ...
0a56 - <SPACES/NULS>
SSL_connect:unknown state
depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify error:num=9:certificate is not yet valid
notBefore=May 12 18:46:00 2000 GMT
SSL_connect:unknown state
SSL_connect:unknown state
SSL_connect:unknown state
SSL_connect:unknown state
write to 0xcd830 [0xdcdf8] (12 bytes => 12 (0xC))
0000 - 16 03 03 00 07 0b 00 00-03 .........
000c - <SPACES/NULS>
SSL_connect:unknown state
write to 0xcd830 [0xdcdf8] (107 bytes => 107 (0x6B))
0000 - 16 03 03 00 66 10 00 00-62 61 04 2a 95 39 c0 c2 ....f...ba.*.9..
0010 - 78 f4 8e ce c6 9e 90 7d-be f5 f4 45 b7 73 7d 59 x......}...E.s}Y
0020 - c7 c5 a2 cc 95 21 dc 09-d6 29 73 3e 67 fe ac d6 .....!...)s>g...
0030 - ba cf d5 79 c7 ea 98 05-1e 3a bf db 8a 2a 01 ec ...y.....:...*..
0040 - 57 d6 cf a1 94 23 97 11-e6 6b 77 ee 34 c0 87 8b W....#...kw.4...
0050 - 19 f1 fc de 52 f3 23 40-d7 9c 9f 71 f0 b7 a4 37 ....R.##...q...7
0060 - 86 a2 6a c8 2f e1 ac fa-32 5b 85 ..j./...2[.
SSL_connect:unknown state
write to 0xcd830 [0xdcdf8] (6 bytes => 6 (0x6))
0000 - 14 03 03 00 01 01 ......
SSL_connect:unknown state
write to 0xcd830 [0xdcdf8] (85 bytes => 85 (0x55))
0000 - 16 03 03 00 50 86 27 6f-bf ae 55 88 16 b2 00 eb ....P.'o..U.....
0010 - 93 8c e9 ec ce 27 12 e3-c9 ff d1 72 5e 35 4b 57 .....'.....r^5KW
0020 - 5c 38 f1 f8 ea ad 45 ea-ff 98 16 77 67 a3 92 0b \8....E....wg...
0030 - de 8e 27 f0 c7 45 b6 13-4e c4 49 e1 41 bf 8c ae ..'..E..N.I.A...
0040 - 4d ac 5a f6 70 58 9b 22-ec f0 e4 da 06 cc 6e 59 M.Z.pX."......nY
0050 - cf 7e e1 70 c2 .~.p.
SSL_connect:unknown state
SSL_connect:unknown state
read from 0xcd830 [0xd33eb] (5 bytes => 5 (0x5))
0000 - 14 03 03 00 01 .....
read from 0xcd830 [0xd33f0] (1 bytes => 1 (0x1))
0000 - 01 .
read from 0xcd830 [0xd33eb] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 50 ....P
read from 0xcd830 [0xd33f0] (80 bytes => 80 (0x50))
0000 - ab bc 29 dc 16 05 bd 69-ba c1 00 89 88 48 72 b8 ..)....i.....Hr.
0010 - 35 63 8f 14 b5 d6 2b ac-01 66 74 fb dc cd 92 09 5c....+..ft.....
0020 - 86 99 b3 57 51 8b 84 d0-ed 4c 9d ba 13 6e 52 04 ...WQ....L...nR.
0030 - 42 f3 f9 9c 48 a3 01 e2-2b d2 73 b9 8f d8 48 cb B...H...+.s...H.
0040 - 29 74 a2 ec b5 d6 18 5e-ec 9c a1 3e d2 a1 69 64 )t.....^...>..id
SSL_connect:unknown state
---
Certificate chain
0 s:/CN=*.azure-devices.net
i:/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Microsoft IT/CN=Microsoft IT TLS CA 5
1 s:/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Microsoft IT/CN=Microsoft IT TLS CA 5
i:/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIIADCCBeigAwIBAgITLQAF3vCaC1etBscWiQAAAAXe8DANBgkqhkiG9w0BAQsF
ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT
B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE
CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDUw
HhcNMTkwNDEyMjMwMzMzWhcNMjAwNDEyMjMwMzMzWjAeMRwwGgYDVQQDDBMqLmF6
dXJlLWRldmljZXMubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
0FO0Rpkuh7KcVBFm5N8w0RpXmadeog9d9Mx1OSGPnrHpzFZPCiwDWdFOt4mrkCTx
/dRPXTI0jWc/O3ugYicaEkL05S7128jzbL+Cf9CQdw5rFPEUaORChtzKheIk5FD+
ckFQ9OchjQlvg60hK7Ctjb1QLWZUVXd2M9rWPZM9plPIrIJHfJQbCSVl2+hrByZx
dFx84vM/1pjOqTcncxa9BqczfJFnEtU3r2ADzNrjmt3V96ONPhNscgdaZyronwOE
cWsAkqOYYNPFHQmqA5yO8rC777lyzRtguIcpxu3KikVWkPrYELPMqpIWimFpSB53
9KfP+bsQVre1zhi8XFcZhwIDAQABo4IDxzCCA8MwggEFBgorBgEEAdZ5AgQCBIH2
BIHzAPEAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWoT0+aC
AAAEAwBHMEUCIQDimA41GQw92ryPf5qWX98yD2FrW/O4WhDX3paXzg64WgIgEWqL
RNXJt0IXpY46pwGkK8BtQyRl4hQhhYruvr1rpsQAdwBVgdTCFpA2AUrqC5tXPFPw
wOQ4eHAlCBcvo6odBxPTDAAAAWoT0+e5AAAEAwBIMEYCIQDyVsjPmbDq5W49ceSo
QwtTHevdroIWgt2tDQyRpoF5rQIhAKIsdhZ2mh3oXS4ikFV9yKI0j9ck1FbWP8/R
ldt0LfQXMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEw
PgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUIh9qGdYPu2QGCyYUbgbWeYYX062CB
XYTS30KC55N6AgFkAgEdMIGFBggrBgEFBQcBAQR5MHcwUQYIKwYBBQUHMAKGRWh0
dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMElU
JTIwVExTJTIwQ0ElMjA1LmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNv
Y3NwLmNvbTAdBgNVHQ4EFgQUtUnsROINIxU8u5mj4kXjHQ+0rwEwCwYDVR0PBAQD
AgSwMF0GA1UdEQRWMFSCEyouYXp1cmUtZGV2aWNlcy5uZXSCGiouYW1xcHdzLmF6
dXJlLWRldmljZXMubmV0giEqLnN1Lm1hbmFnZW1lbnQtYXp1cmUtZGV2aWNlcy5u
ZXQwgawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29m
dC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUy
MDUuY3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwv
TWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDUuY3JsME0GA1UdIARGMEQwQgYJ
KwYBBAGCNyoBMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNv
bS9wa2kvbXNjb3JwL2NwczAfBgNVHSMEGDAWgBQI/iWfdOqHBMK8u46oOF8zxtFs
ZTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQAD
ggIBADGX1X1v9qEE1nQILzDMdSdO7bRm7V/URztxnOeXAg543ogCgUhJdtxNV066
wv/2Dz3F+pVYDPa2aiPuUJtSc/d6GKm2OFTI6nLnXPkE5nazwob9CpWOdebIK29j
J7oWcKycXUiB7Tkcw/jobajJ5O/yI27F4dWAukD/vaVnuD7+lus/qGWjVzTmznmU
7WvddtSqwJIbT9sL3QevEEs5sWMmmtma2hGofBVAEHo4BHnzeTiy0avezxVLtoyy
aLCF23EoOWvMPr6ubvAzRYmgf6OFDJXMch2LNO6UXxCK29HFg78DpWJfHNv2m9dl
KZ8XuYFpVrAy6UlkAXDjjQH1VRqoMg0n2Fjjya84IFUWtqq427qN7pCYXMUUD7zo
W/euyctxulYLkma37JrAGnJibKSTWPtxGCByEceRkE+M0Yt03MFKpWk+Vz+ZMDWG
2K/H8GIOdjHCc6cKw6vgIvRr325zQLzcbODgPNe65shWG/4ca6dSc4eGSEZAjzXH
N6FMCe21E+WSj6HZTk17eElT+KraHIdtIkJO4qdEdma4lYYjT95E1HlC9YsJBQ/T
fUOvp4nKaOQXCwnSsGIjll4LftK2G48vBTn27ezmYoxXH/Z5sOBewJPmoZUxqJko
hpAJQj4x9EIXmatFZFbMq/thgmEza/Nt/knBeRaUPwj4zlQk
-----END CERTIFICATE-----
subject=/CN=*.azure-devices.net
issuer=/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Microsoft IT/CN=Microsoft IT TLS CA 5
---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Shared Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Peer signing digest: SHA1
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 4105 bytes and written 517 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-SHA256
Session-ID: 3E270000A31239A85D6AA73B0D90EA677147146A5BDCC69C4BF34EB506B62C92
Session-ID-ctx:
Master-Key: 957B93FED2CFF6ACA05AE2F339C408FD5E5E20304745935DDDB86B88D9BE5963F0FBC07ABCCAB746741750C8A9402F7A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 315965102
Timeout : 7200 (sec)
Verify return code: 9 (certificate is not yet valid)
can anyone help me how to deal with certificates at device side.
I had to update mosquitto version 1.5.2 or above and it solved my problem.
Thank you.
I am working in establishing a secure communication channel between a java server and a tls client. During the handshake, all goes well, the client Hello and server Hello messages are correct. Moreover, they both generate the same master secret for the engaged session. But at the really end of the handshake, server throws an exception telling "Ciphertext sanity check fails".
Client trace
0050 - 34 68 ed 2f 6e 4h./n
>>> TLS 1.2 ChangeCipherSpec [length 0001]
01
write to 0x1878b98 [0x18891f0] (6 bytes => 6 (0x6))
0000 - 14 03 03 00 01 01 ......
>>> TLS 1.2 Handshake [length 0010], Finished
14 00 00 0c 14 54 0c 4d c0 22 62 90 c2 92 a1 d1
write to 0x1878b98 [0x18891f0] (45 bytes => 45 (0x2D))
0000 - 16 03 03 00 28 b7 76 bd-36 cd cd eb 8d 9f 34 46 ....(.v.6.....4F
0010 - 25 f7 61 cc cd a3 8e af-6d da 14 60 3c 0f 50 21 %.a.....m..`<.P!
0020 - f4 cc 7a a4 af cf 75 d8-48 54 ee b9 44 ..z...u.HT..D
read from 0x1878b98 [0x187f7e3] (5 bytes => 5 (0x5))
0000 - 15 03 03 00 02 .....
read from 0x1878b98 [0x187f7e8] (2 bytes => 2 (0x2))
0000 - 02 28 .(
<<< TLS 1.2 Alert [length 0002], fatal handshake_failure
02 28
Server's side:
[Raw read]: length = 5
0000: 14 03 03 00 01 .....
[Raw read]: length = 1
0000: 01 .
Thread-0, READ: TLSv1.2 Change Cipher Spec, length = 1
[Raw read]: length = 5
0000: 16 03 03 00 28 ....(
[Raw read]: length = 40
0000: B7 76 BD 36 CD CD EB 8D 9F 34 46 25 F7 61 CC CD .v.6.....4F%.a..
0010: A3 8E AF 6D DA 14 60 3C 0F 50 21 F4 CC 7A A4 AF ...m..`<.P!..z..
0020: CF 75 D8 48 54 EE B9 44 .u.HT..D
Thread-0, READ: TLSv1.2 Handshake, length = 40
%% Invalidated: [Session-1, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
Thread-0, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
Thread-0, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 28 ......(
Thread-0, called closeSocket()
Thread-0, handling exception: javax.net.ssl.SSLHandshakeException: ciphertext sanity check failed
What I can not understand is why the server is launching such exception while it succeeds in decrypting the ChangeCipherSpec message sent from the client? What could be the reason for such exception?
N.B: I already check and they both derived the same master key, here it is:
Server's side
CONNECTION KEYGEN:
Client Nonce:
0000: 48 B2 6C 02 B1 40 0B D9 6E 14 EB 7A 93 7D 2F 07 H.l..#..n..z../.
0010: 90 CF 1E 5D 65 8A 66 89 54 D4 60 50 BD AC AB 34 ...]e.f.T.`P...4
Server Nonce:
0000: 54 FD 9A E3 BB D4 15 61 A6 0C D3 30 FA 07 0A 16 T......a...0....
0010: 79 A8 79 0B 0A 81 00 95 9C CA C0 7A F1 FF 37 E7 y.y........z..7.
Master Secret:
0000: 39 5B EB 11 66 09 25 B5 6D E4 C7 86 E4 3E 10 BB 9[..f.%.m....>..
0010: B4 F0 D9 B7 BD 7D 8F AD 58 38 31 42 B6 90 53 AD ........X81B..S.
0020: 54 46 36 DC F5 75 8A 9D 77 58 D5 24 6C 96 90 02 TF6..u..wX.$l...
Client's side
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-GCM-SHA256
Session-ID: 54FD9AE3A3B3BF807F408FA830641F850702E986C27FC631AF8E8E3097038166
Session-ID-ctx:
Master-Key: 395BEB11660925B56DE4C786E43E10BBB4F0D9B7BD7D8FAD58383142B69053AD544636DCF5758A9D7758D5246C969002
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
Thanks in advance to you guys.
I am trying to make sense of a SSL Client Hello packet, but I am stuck on the last view bytes.
0000 16 03 00 00 58 01 00 00 54 03 03 52 f3 8a b2 f6 ....X...T..R....
0010 35 b8 08 39 25 5f 61 73 d5 b6 af 4d 3c 1a 2d 70 5..9%_as...M<.-p
0020 58 2e be 8a 89 b6 5c e1 9a 3f 81 00 00 18 00 35 X.....\..?.....5
0030 00 2f 00 0a 00 05 00 04 00 38 00 32 00 13 00 66 ./.......8.2...f
0040 00 39 00 33 00 16 01 00 00 13 ff 01 00 01 00 00 .9.3............
0050 0d 00 0a 00 08 04 02 04 01 02 01 02 02 .............
What I got so far:
16: msg type
03 00: SSL version
00 58: Record Length
01: Handshake Type - Client_Hello
00 00 54: Message Length
03 03: Client preferred version
52 f3 8a b2 f6 35 ... 5c e1 9a 3f 81: random data/ timestamp
00: Session ID Length 0
00 18: Ciphersuit Length
00 35 .. 00 16: cipher suites
01: compression method length
00: compression method
00 13 ff 01 00 01 00 00 0d 00 0a 00 08 04 02 04 01 02 01 02 02: what is this ?
At first a thought it was challenge data, but it seems to be constant over all the packages.
My main guide for deciphering the packet was: http://www.ntu.edu.sg/home/ehchua/programming/webprogramming/HTTP_SSL.html (under Client_Hello)
(sorry for the bad formatting)
The bytes after the compression method are TLS extensions (see RFC 5246, section 7.4.1.2 Client Hello).
0x13 0x00 length of extensions
The first one is the renegotiation_info extension (see RFC 5746, Section 3.2 Extension Definition):
0xff 0x01 renegotiation_info
0x00 0x01 length
0x00 0x00 for inital handshakes
The other one is the signature_algorithms extension (RFC 5246, section 7.4.1.4.1):
0x00 0x0d signature_algorithm
0x00 0x0a length
0x00 0x08 HashAlgorithm: none, SignatureAlgorithm: 0x08
0x04 0x02 HashAlgorithm: sha-256, SignatureAlgorithm: dsa
0x04 0x01 HashAlgorithm: sha-256, SignatureAlgorithm: rsa
0x02 0x01 HashAlgorithm: sha-1, SignatureAlgorithm: rsa
0x02 0x02 HashAlgorithm: sha-1, SignatureAlgorithm: dsa