s_client CKE protocol version is wrong?
Hi all, I have a confusion for s_client CKE premaster protocol version. Can somebody help to explain it? Thanks! I add -DSSL_DEBUG to do debug output when compiling. Below is my test result: Server side: $./openssl s_server -tls1 Using default temp DH parameters Using default temp ECDH parameters ACCEPT Premaster Secret: - 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t. <--- 03 03(TLSv12) 0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4. 0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F.. Client Random: - a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S 0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z. Server Random: - eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%. 0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k.. Master Secret: - 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u.. 0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW. 0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l.L... Client side: $ ./openssl s_client -connect 10.8.2.150:4433 -cipher RC4-SHA CONNECTED(0003) depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert verify error:num=27:certificate not trusted verify return:1 depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert verify error:num=21:unable to verify the first certificate verify return:1 Premaster Secret: - 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t. <--- 03 03(TLSv12) wrong? 0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4. 0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F.. Client Random: - a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S 0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z. Server Random: - eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%. 0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k.. Master Secret: - 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u.. 0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW. 0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l.L... . certificate ignore . New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE LOCAL PORT is 41469 SSL-Session: Protocol : TLSv1<--Negotiating TLSv1(03 01) as protocol version. Cipher: RC4-SHA Session-ID: FA52422FEE594293111ABAB10129DCA3B8FB74F5958827FDD447DC657A08E6E3 Session-ID-ctx: Master-Key: 2D423BA230B649609F37875DEE75F1180B7BB8B76D2B607C7044F700E22E57E0E6A08B0BF75BA06C26233B914CB8C88E Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: - f0 89 3c ab 06 fc de cc-0f 94 cf be 2d 44 0d 25 ..<.-D.% 0010 - fb 08 8f 48 8b 18 07 a1-46 ab fd 8b 02 82 68 a3 ...HF.h. 0020 - 0e f2 f6 6a d7 55 6b 0b-dd ed 8f ec ad 17 bb 3c ...j.Uk< 0030 - 09 67 05 ae 77 45 0f a2-df de 33 b6 df 8d a4 92 .g..wE3. 0040 - 02 8d a0 0b 22 be 26 a4-21 51 ff f9 9d dc 60 7b ".&.!Q`{ 0050 - bb d3 c6 db e7 2e 54 11-8d 3c f3 0c 53 89 de 0d ..T..<..S... 0060 - 1f 6e 50 b5 05 d2 7e ec-48 75 42 42 10 ba 89 37 .nP...~.HuBB...7 0070 - d6 62 5c c1 34 1c b3 0e-ba f8 46 13 05 13 bf fe .b\.4.F. 0080 - 54 2f 36 f5 d2 7c cf 92-43 2d 3b 3b c0 f7 f0 2d T/6..|..C-;;...- 0090 - 3d 58 a9 0c 98 c3 ed b6-37 b7 18 31 76 e8 40 c5 =X..7..1v.@. Start Time: 1405567904 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- regards, Jinjun OpenSSL self-test report: OpenSSL version: 1.0.1f Last change: Fix for TLS record tampering bug. A carefully crafted i... Options: --prefix=/home/gaojj/share --openssldir=/home/gaojj/share/openssl -Wa,--noexecstack no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-zlib no-zlib-dynamic static-engine OS (uname): Linux array 3.2.0-4-rt-686-pae #1 SMP PREEMPT RT Debian 3.2.46-1 i686 GNU/Linux OS (config): i686-whatever-linux2 Target (default): linux-elf Target: linux-elf Compiler: Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/i586-linux-gnu/4.9/lto-wrapper Target: i586-linux-gnu Configured with: ../src/configure -v --with-pkgversion='Debian 4.9.0-7' --with-bugurl=file:///usr/share/doc/gcc-4.9/RE
Re: s_client CKE protocol version is wrong?
I see, Thank you! 2014-07-18 14:16 GMT+08:00 Thulasi Goriparthi : > Version that is sent by Client in Client Hello may not necessarily be the > version of communication. It gets adjusted with what Server can support. > > In your case, as you force the server to support only TLSv1, communication > protocol gets adjusted to TLSv1(03 01) even though client supports > TLSv1.2(03 03) > > Pre-master-secret needs to be constructed always with Protocol Version > sent in Client Hello. > -- Best Regards, - Gao Jinjun | 高进军 (M): 86-186-1197-5636 MSN: gjin...@gmail.com
Re: s_client CKE protocol version is wrong?
Version that is sent by Client in Client Hello may not necessarily be the version of communication. It gets adjusted with what Server can support. In your case, as you force the server to support only TLSv1, communication protocol gets adjusted to TLSv1(03 01) even though client supports TLSv1.2(03 03) Pre-master-secret needs to be constructed always with Protocol Version sent in Client Hello.
s_client CKE protocol version is wrong?
Hi all, I have a confusion for s_client CKE premaster protocol version. Can somebody help to explain it? Thanks! I add -DSSL_DEBUG to do debug output when compiling. Below is my test result: Server side: $./openssl s_server -tls1 (server only accept TLSv1 connection) Using default temp DH parameters Using default temp ECDH parameters ACCEPT Premaster Secret: - 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t. <--- 03 03(TLSv12) 0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4. 0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F.. Client Random: - a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S 0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z. Server Random: - eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%. 0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k.. Master Secret: - 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u.. 0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW. 0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l.L... Client side: $ ./openssl s_client -connect 10.8.2.150:4433 -cipher RC4-SHA CONNECTED(0003) depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert verify error:num=27:certificate not trusted verify return:1 depth=0 C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert verify error:num=21:unable to verify the first certificate verify return:1 Premaster Secret: - 03 03 bd b0 7c d3 65 1b-9c f2 80 91 f7 f3 74 b0 |.e...t. <--- 03 03(TLSv12) wrong? 0010 - 47 f4 5c fe f2 d4 68 b1-fc 74 75 53 7a 45 34 d4 G.\...h..tuSzE4. 0020 - 24 56 0f 3c af 8d bf bb-1e 4f af 83 8b 46 f0 8f $V.<.O...F.. Client Random: - a7 17 2c 08 39 2f ae b5-51 3e 7e 6c 95 46 a9 53 ..,.9/..Q>~l.F.S 0010 - 2a 84 1a a8 db b4 f6 94-d9 91 8a e3 99 5c 5a 97 *\Z. Server Random: - eb b2 e3 f8 7d fb b1 a3-75 e1 05 2b 5d 9f 25 03 }...u..+].%. 0010 - 29 73 2e 61 87 47 95 05-3d f3 f7 75 8f 6b 16 82 )s.a.G..=..u.k.. Master Secret: - 2d 42 3b a2 30 b6 49 60-9f 37 87 5d ee 75 f1 18 -B;.0.I`.7.].u.. 0010 - 0b 7b b8 b7 6d 2b 60 7c-70 44 f7 00 e2 2e 57 e0 .{..m+`|pDW. 0020 - e6 a0 8b 0b f7 5b a0 6c-26 23 3b 91 4c b8 c8 8e .[.l.L... . certificate ignore . New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE LOCAL PORT is 41469 SSL-Session: Protocol : TLSv1<--Negotiating TLSv1(03 01) as protocol version. Cipher: RC4-SHA Session-ID: FA52422FEE594293111ABAB10129DCA3B8FB74F5958827FDD447DC657A08E6E3 Session-ID-ctx: Master-Key: 2D423BA230B649609F37875DEE75F1180B7BB8B76D2B607C7044F700E22E57E0E6A08B0BF75BA06C26233B914CB8C88E Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: - f0 89 3c ab 06 fc de cc-0f 94 cf be 2d 44 0d 25 ..<.-D.% 0010 - fb 08 8f 48 8b 18 07 a1-46 ab fd 8b 02 82 68 a3 ...HF.h. 0020 - 0e f2 f6 6a d7 55 6b 0b-dd ed 8f ec ad 17 bb 3c ...j.Uk< 0030 - 09 67 05 ae 77 45 0f a2-df de 33 b6 df 8d a4 92 .g..wE3. 0040 - 02 8d a0 0b 22 be 26 a4-21 51 ff f9 9d dc 60 7b ".&.!Q`{ 0050 - bb d3 c6 db e7 2e 54 11-8d 3c f3 0c 53 89 de 0d ..T..<..S... 0060 - 1f 6e 50 b5 05 d2 7e ec-48 75 42 42 10 ba 89 37 .nP...~.HuBB...7 0070 - d6 62 5c c1 34 1c b3 0e-ba f8 46 13 05 13 bf fe .b\.4.F. 0080 - 54 2f 36 f5 d2 7c cf 92-43 2d 3b 3b c0 f7 f0 2d T/6..|..C-;;...- 0090 - 3d 58 a9 0c 98 c3 ed b6-37 b7 18 31 76 e8 40 c5 =X..7..1v.@ . Start Time: 1405567904 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- -- Best Regards, - Gao Jinjun MSN: gjin...@gmail.com testlog Description: Binary data