s_client CKE protocol version is wrong?
Hi all,
I have a confusion for s_client CKE premaster protocol version.
Can somebody help to explain it? Thanks!
I add -DSSL_DEBUG to do debug output when compiling.
Below is my test result:
Server side:
$./openssl s_server -tls1
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
Premaster Secret:
- 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t. <---
03 03(TLSv12)
0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4.
0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F..
Client Random:
- a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S
0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z.
Server Random:
- eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%.
0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k..
Master Secret:
- 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u..
0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW.
0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l&#;.L...
Client side:
$ ./openssl s_client -connect 10.8.2.150:4433 -cipher RC4-SHA
CONNECTED(0003)
depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test
Server Cert
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test
Server Cert
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test
Server Cert
verify error:num=21:unable to verify the first certificate
verify return:1
Premaster Secret:
- 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t. <---
03 03(TLSv12) wrong?
0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4.
0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F..
Client Random:
- a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S
0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z.
Server Random:
- eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%.
0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k..
Master Secret:
- 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u..
0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW.
0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l&#;.L...
. certificate ignore .
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
LOCAL PORT is 41469
SSL-Session:
Protocol : TLSv1<--Negotiating TLSv1(03 01) as
protocol version.
Cipher: RC4-SHA
Session-ID: FA52422FEE594293111ABAB10129DCA3B8FB74F5958827FDD447DC657A08E6E3
Session-ID-ctx:
Master-Key:
2D423BA230B649609F37875DEE75F1180B7BB8B76D2B607C7044F700E22E57E0E6A08B0BF75BA06C26233B914CB8C88E
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
- f0 89 3c ab 06 fc de cc-0f 94 cf be 2d 44 0d 25 ..<.-D.%
0010 - fb 08 8f 48 8b 18 07 a1-46 ab fd 8b 02 82 68 a3 ...HF.h.
0020 - 0e f2 f6 6a d7 55 6b 0b-dd ed 8f ec ad 17 bb 3c ...j.Uk<
0030 - 09 67 05 ae 77 45 0f a2-df de 33 b6 df 8d a4 92 .g..wE3.
0040 - 02 8d a0 0b 22 be 26 a4-21 51 ff f9 9d dc 60 7b ".&.!Q`{
0050 - bb d3 c6 db e7 2e 54 11-8d 3c f3 0c 53 89 de 0d ..T..<..S...
0060 - 1f 6e 50 b5 05 d2 7e ec-48 75 42 42 10 ba 89 37 .nP...~.HuBB...7
0070 - d6 62 5c c1 34 1c b3 0e-ba f8 46 13 05 13 bf fe .b\.4.F.
0080 - 54 2f 36 f5 d2 7c cf 92-43 2d 3b 3b c0 f7 f0 2d T/6..|..C-;;...-
0090 - 3d 58 a9 0c 98 c3 ed b6-37 b7 18 31 76 e8 40 c5 =X..7..1v.@.
Start Time: 1405567904
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
regards,
Jinjun
OpenSSL self-test report:
OpenSSL version: 1.0.1f
Last change: Fix for TLS record tampering bug. A carefully crafted i...
Options: --prefix=/home/gaojj/share
--openssldir=/home/gaojj/share/openssl -Wa,--noexecstack no-ec_nistp_64_gcc_128
no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store
no-zlib no-zlib-dynamic static-engine
OS (uname): Linux array 3.2.0-4-rt-686-pae #1 SMP PREEMPT RT Debian
3.2.46-1 i686 GNU/Linux
OS (config): i686-whatever-linux2
Target (default): linux-elf
Target: linux-elf
Compiler: Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/i586-linux-gnu/4.9/lto-wrapper
Target: i586-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 4.9.0-7'
--with-bugurl=file:///usr/share/doc/gcc-4.9/RE
Re: s_client CKE protocol version is wrong?
I see, Thank you! 2014-07-18 14:16 GMT+08:00 Thulasi Goriparthi : > Version that is sent by Client in Client Hello may not necessarily be the > version of communication. It gets adjusted with what Server can support. > > In your case, as you force the server to support only TLSv1, communication > protocol gets adjusted to TLSv1(03 01) even though client supports > TLSv1.2(03 03) > > Pre-master-secret needs to be constructed always with Protocol Version > sent in Client Hello. > -- Best Regards, - Gao Jinjun | 高进军 (M): 86-186-1197-5636 MSN: gjin...@gmail.com
Re: s_client CKE protocol version is wrong?
Version that is sent by Client in Client Hello may not necessarily be the version of communication. It gets adjusted with what Server can support. In your case, as you force the server to support only TLSv1, communication protocol gets adjusted to TLSv1(03 01) even though client supports TLSv1.2(03 03) Pre-master-secret needs to be constructed always with Protocol Version sent in Client Hello.
s_client CKE protocol version is wrong?
Hi all,
I have a confusion for s_client CKE premaster protocol version.
Can somebody help to explain it? Thanks!
I add -DSSL_DEBUG to do debug output when compiling.
Below is my test result:
Server side:
$./openssl s_server -tls1 (server only accept TLSv1 connection)
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
Premaster Secret:
- 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t.
<--- 03 03(TLSv12)
0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4.
0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F..
Client Random:
- a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S
0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z.
Server Random:
- eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%.
0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k..
Master Secret:
- 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u..
0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW.
0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l&#;.L...
Client side:
$ ./openssl s_client -connect 10.8.2.150:4433 -cipher RC4-SHA
CONNECTED(0003)
depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN =
Test Server Cert
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN =
Test Server Cert
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN =
Test Server Cert
verify error:num=21:unable to verify the first certificate
verify return:1
Premaster Secret:
- 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t.
<--- 03 03(TLSv12) wrong?
0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4.
0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F..
Client Random:
- a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S
0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z.
Server Random:
- eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%.
0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k..
Master Secret:
- 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u..
0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW.
0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l&#;.L...
. certificate ignore .
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
LOCAL PORT is 41469
SSL-Session:
Protocol : TLSv1<--Negotiating TLSv1(03
01) as protocol version.
Cipher: RC4-SHA
Session-ID:
FA52422FEE594293111ABAB10129DCA3B8FB74F5958827FDD447DC657A08E6E3
Session-ID-ctx:
Master-Key:
2D423BA230B649609F37875DEE75F1180B7BB8B76D2B607C7044F700E22E57E0E6A08B0BF75BA06C26233B914CB8C88E
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
- f0 89 3c ab 06 fc de cc-0f 94 cf be 2d 44 0d 25
..<.-D.%
0010 - fb 08 8f 48 8b 18 07 a1-46 ab fd 8b 02 82 68 a3
...HF.h.
0020 - 0e f2 f6 6a d7 55 6b 0b-dd ed 8f ec ad 17 bb 3c
...j.Uk<
0030 - 09 67 05 ae 77 45 0f a2-df de 33 b6 df 8d a4 92
.g..wE3.
0040 - 02 8d a0 0b 22 be 26 a4-21 51 ff f9 9d dc 60 7b
".&.!Q`{
0050 - bb d3 c6 db e7 2e 54 11-8d 3c f3 0c 53 89 de 0d
..T..<..S...
0060 - 1f 6e 50 b5 05 d2 7e ec-48 75 42 42 10 ba 89 37
.nP...~.HuBB...7
0070 - d6 62 5c c1 34 1c b3 0e-ba f8 46 13 05 13 bf fe
.b\.4.F.
0080 - 54 2f 36 f5 d2 7c cf 92-43 2d 3b 3b c0 f7 f0 2d
T/6..|..C-;;...-
0090 - 3d 58 a9 0c 98 c3 ed b6-37 b7 18 31 76 e8 40 c5 =X..7..1v.@
.
Start Time: 1405567904
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
--
Best Regards,
-
Gao Jinjun
MSN: gjin...@gmail.com
testlog
Description: Binary data
