RE: Does OpenSSL has DTLS support
DTLS is in openssl 0.9.8a. There are some bugs in it and it doesn't exactly comply with the DTLS draft (the change cipherspec is incorrectly encoded). I am still waiting for patches to fix the problems. I didn't actually code anything with the openssl APIs. I only used the sample client/server apps for interop testing with a DTLS SDK I created for the company I work for. Take a look at the sample apps and you should be able to figure out most of the details for how to add it to your own app. One thing to remember is that DTLS does not ensure that your application data is delivered reliably. Datagrams may be lost or arrive out of order. That is something you will have to deal with yourself. DTLS only ensures that the handshake protocol can be reliably negotiated, through a combination of message fragmentation and re-transmission timers. Alerts and application datagrams are never re-transmitted and may not be delivered in the same order they were sent by the peer. If you already have an application running over UDP then you probably already have a way for dealing with these issues or you maybe don't need to care. If you are moving an application from TCP w/TLS to UDP w/DTLS then you will have to implement some mechanism to handle these issues for your application data. I believe the openssl sample apps simply ignore these issues. hope this helps rob From: Pjothi [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Does OpenSSL has DTLS support Date: Sat, 28 Jan 2006 20:14:47 +0100 Dear all, Does OpenSSL has DTLS support ? If yes, from which version is DTLS supported ? Are there any tutorials /briefs avaiable for adding DTLS support for applications? It would be very helpful if any of you can give me some information regarding this, I thank you one and all, regards, Pjothi __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
errors in DTLS implementation in openssl0.9.8a
Openssl 0.9.8a is incorrectly encoding the DTLS version as 0x01,0x00 instead of 0xfe,0xff $ ./openssl s_client -dtls1 -debug CONNECTED(0003) write to 0x5d3640 [0x5dd3f8] (119 bytes = 119 (0x77)) - 16 01 00 00 00 00 00 00-00 00 00 00 6a 01 00 00 j... Openssl 0.9.8a is incorrectly encoding the ChangeCipherSpec message as 3 bytes instead of 1 byte, including a 2 byte message sequence number. $ ./openssl s_client -dtls1 -debug snipped write to 0x5d3640 [0x5e2d80] (16 bytes = 16 (0x10)) - 14 01 00 00 00 00 00 00-00 00 03 00 03 01 00 03 The first 13 bytes are the record header followed by the CCS which is 3 bytes: 01 00 03 There is no MSN in the CCS. I had a lengthy discussion with Eric on this topic and he was very clear that the CCS has no MSN and he did not want to add it to the CCS. I also discovered it is very easy to crash openssl or make the handshake fail using the -mtu argument (testing on windows xp). ./openssl s_server -dtls1 -debug -mtu 100 ./openssl s_client -dtls1 -debug -mtu 100 - server Segmentation fault (core dumped) ./openssl s_server -dtls1 -debug -mtu 128 ./openssl s_client -dtls1 -debug -mtu 128 - server 888:error:143F8412:SSL routines:DTLS1_READ_BYTES:sslv3 alert bad certificate - client 4052:error:1409000D:SSL routines:SSL3_GET_SERVER_CERTIFICATE:ASN1 lib:s3_clnt.c ./openssl s_server -dtls1 -debug -mtu 256 ./openssl s_client -dtls1 -debug -mtu 256 - server DTLS1_READ_BYTES:sslv3 alert bad certificate - client 3080:error:1409000D:SSL routines:SSL3_GET_SERVER_CERTIFICATE:ASN1 lib:s3_clnt.c ./openssl s_server -dtls1 -debug -mtu 512 ./openssl s_client -dtls1 -debug -mtu 512 - server SSL3_GET_FINISHED:digest check failed - client handshake failure __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
ssltest TLS_RSA_WITH_AES_128_SHA
I cannot figure out how to get ssltest to negotiate TLS_RSA_WITH_AES_128_SHA. I tried several combinations of the -cipher command but it always negotiates AES256 instead of AES128. I am using 0.9.8a test/ssltest -time -num 1000 -tls1 -cipher AES128-SHA Using BIO pair (-bio_pair) Available compression methods: NONE client authentication TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 512 bit RSA 1000 handshakes of 1024 bytes done Approximate total server time: 8.17 s Approximate total client time: 8.20 s __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]