Hello!
I use openssl-1.0.1e in a debian system and i try to make some scenarios
with TLSv1.2 using the applications s_server and s_client.
I run on the same system in different consoles
openssl s_server -accept 4061 -tls1_2 -cert /root/CERT.pem -key
/root/CERTKey.pem -pass stdin -CApath /root/ -CAfile CERT.crt -cipher
AES256-SHA256 -debug -msg
openssl s_client -connect localhost:4061 -tls1_2 -cert /root/CERT.pem -key
/root/CERTKey.pem -pass stdin -CApath /root/ -CAfile CERT.crt -prexit
-debug -no_ticket -cipher AES256-SHA256
The output at server is
......................................................................................
<<< TLS 1.2 Handshake [length 0106], ClientKeyExchange
10 00 01 02 01 00 61 1b 0f e0 97 47 e7 ef 65 e3
f6 cb c2 6b 9b 30 34 e3 aa f3 8a 29 03 c5 d0 37
25 01 9c a9 f4 09 cd 39 50 7f 38 3d a1 1e dd 23
cf 99 d1 b0 a7 95 68 ab 25 5f 7f e7 cb 3e 55 fe
ef 72 da ca 5c 54 71 67 ac e3 d6 5d a5 eb 94 e7
c7 1e 33 f2 61 55 0a e8 cc ef 2b d9 0f 13 61 4d
1a 58 ac c9 0e 7e 3f 79 99 7d f1 81 0b 29 28 c7
41 f6 98 9c 3f 01 1e 9e ed da 48 b0 d8 94 61 54
eb b3 87 40 43 ae 67 5a 34 c6 91 f5 95 18 e0 e6
45 0f 17 03 40 f8 b3 cf 6b b8 6e 06 5c a6 15 56
6f eb e3 56 ea f6 ec 75 84 91 51 5c 8d 7e 7f 6d
ba 3e 8a d7 12 50 57 28 c9 26 74 20 03 4c d9 08
2d 3e dc 88 e9 66 a9 27 6d 6e 8a dd 9f 4f a3 26
a8 0c ce 0d 95 2e 1f 33 1d 16 31 12 f7 7b 86 0a
4d 11 d1 d0 1a 38 24 9b a3 53 68 30 be 05 79 b8
8f 81 76 dd a1 8a 6c f0 84 bd b2 39 32 53 9f 77
a5 9b 24 22 f4 14
read from 0x100beab0 [0x100c9313] (5 bytes => 5 (0x5))
0000 - 14 03 03 00 01 .....
read from 0x100beab0 [0x100c9318] (1 bytes => 1 (0x1))
0000 - 01
<<< TLS 1.2 ChangeCipherSpec [length 0001]
01
read from 0x100beab0 [0x100c9313] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 40 ....@
read from 0x100beab0 [0x100c9318] (64 bytes => 64 (0x40))
0000 - 90 98 ae 1d e2 27 20 b6-1c 73 94 52 8e 9d 39 e0 .....' ..s.R..9.
0010 - 04 8d bc 7c 48 fe 4e 8b-7b ea 2a ea 89 52 3d 81 ...|H.N.{.*..R=.
0020 - 45 cc 36 bb 98 a7 ec d8-69 a2 7a 34 23 54 cf 15 E.6.....i.z4#T..
0030 - 9d 35 66 83 4a 0a 6d 51-70 27 4b 26 e9 cf c2 06 .5f.J.mQp'K&....
write to 0x100beab0 [0x100d2d20] (7 bytes => 7 (0x7))
0000 - 15 03 03 00 02 02 14 .......
>>> TLS 1.2 Alert [length 0002], fatal bad_record_mac
02 14
ERROR
1208113256:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or
bad record mac:s3_pkt.c:484:
shutting down SSL
After the ClientKeyExchange message the server replies with fatal Alert
"decryption error".
If i make the same scenario using the protocol TLSv1.1 or a lower version,
there is no appearance of this error??
So it seems that it's relevant with the protocol version TLSv1.2.
Does this error has been reported?
Is there any patch for 1.0.1 for this issue?
Thanks in advance!!
