Re: How to debug a TLSv1.3 protocol problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 19/05/2020 11:49, Claus Assmann wrote:
> On Mon, May 18, 2020, Viktor Dukhovni wrote:
> 
>> I'll strongly second Matt's request for a PCAP file.
> 
> If tcpdump is "good enough" then that should be attached.
> If wireshark and some TLS decoding is needed, then I need
> some time to figure that out.

The pcap file doesn't have the required info - however the SSL_trace
output gives the same kind of data, so that's good enough for now.


> I've added SSL_trace as suggested and the output is below.

Thanks that's useful.

> When I compare M1 with openssl s_client the main difference
> is that s_client has
> extension_type=padding
> but I don't see where/how M1 would turn that off (or where
> s_client turns it on?)

This shouldn't make any difference. I'd be very surprised if it was to
do with that.

>From the trace output I can see that the client sends a ClientHello to
the server. The server responds with an HRR, and the client re-issues a
new ClientHello. So far so good. However, at this point the server
doesn't like something about the new ClientHello and fails.


In your original email you got this output from the info callback on the
server side:

> SSL_accept:error in TLSv1.3 early data

This comes from this code in the info callback which you lifted from s_cb.c:

    } else if (where & SSL_CB_EXIT) {
        if (ret == 0)
            BIO_printf(bio_err, "%s:failed in %s\n",
                       str, SSL_state_string_long(s));
        else if (ret < 0)
            BIO_printf(bio_err, "%s:error in %s\n",
                       str, SSL_state_string_long(s));
    }

Please could you modify this as follows:

@@ -481,6 +481,7 @@ void apps_ssl_info_callback(const SSL *s, int where,
int ret)
         else if (ret < 0)
             BIO_printf(bio_err, "%s:error in %s\n",
                        str, SSL_state_string_long(s));
+        ERR_print_errors(bio_err);
     }
 }


Now retry the handshake and send the output.

Thanks

Matt




> 
> ------------------------------------------------------------
> M8 client side:
> Sent Record
> Header:
>   Version = TLS 1.0 (0x301)
>   Content Type = Handshake (22)
>   Length = 512
>     ClientHello, Length=508
>       client_version=0x303 (TLS 1.2)
>       Random:
>         gmt_unix_time=0x2CE5293F
>         random_bytes (len=28): 60F8FD89D6BFFC32D30870CF534B271108BD7E00452949D9E2CECD7D
>       session_id (len=32): E028F6D32F2F0FB8CC112794C7AA4E97AD76EDF6B955F49B51CA837F6115ABE2
>       cipher_suites (len=62)
>         {0x13, 0x02} TLS_AES_256_GCM_SHA384
>         {0x13, 0x03} TLS_CHACHA20_POLY1305_SHA256
>         {0x13, 0x01} TLS_AES_128_GCM_SHA256
>         {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
>         {0xC0, 0x30} TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>         {0x00, 0x9F} TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
>         {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xCC, 0xA8} TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xCC, 0xAA} TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
>         {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>         {0x00, 0x9E} TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
>         {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
>         {0xC0, 0x28} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
>         {0x00, 0x6B} TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
>         {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
>         {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
>         {0x00, 0x67} TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
>         {0xC0, 0x0A} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
>         {0xC0, 0x14} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>         {0x00, 0x39} TLS_DHE_RSA_WITH_AES_256_CBC_SHA
>         {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
>         {0xC0, 0x13} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0x33} TLS_DHE_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0x9D} TLS_RSA_WITH_AES_256_GCM_SHA384
>         {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
>         {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
>         {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
>         {0x00, 0x35} TLS_RSA_WITH_AES_256_CBC_SHA
>         {0x00, 0x2F} TLS_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
>       compression_methods (len=1)
>         No Compression (0x00)
>       extensions, length = 373
>         extension_type=ec_point_formats(11), length=4
>           uncompressed (0)
>           ansiX962_compressed_prime (1)
>           ansiX962_compressed_char2 (2)
>         extension_type=supported_groups(10), length=12
>           ecdh_x25519 (29)
>           secp256r1 (P-256) (23)
>           ecdh_x448 (30)
>           secp521r1 (P-521) (25)
>           secp384r1 (P-384) (24)
>         extension_type=encrypt_then_mac(22), length=0
>         extension_type=extended_master_secret(23), length=0
>         extension_type=signature_algorithms(13), length=48
>           ecdsa_secp256r1_sha256 (0x0403)
>           ecdsa_secp384r1_sha384 (0x0503)
>           ecdsa_secp521r1_sha512 (0x0603)
>           ed25519 (0x0807)
>           ed448 (0x0808)
>           rsa_pss_pss_sha256 (0x0809)
>           rsa_pss_pss_sha384 (0x080a)
>           rsa_pss_pss_sha512 (0x080b)
>           rsa_pss_rsae_sha256 (0x0804)
>           rsa_pss_rsae_sha384 (0x0805)
>           rsa_pss_rsae_sha512 (0x0806)
>           rsa_pkcs1_sha256 (0x0401)
>           rsa_pkcs1_sha384 (0x0501)
>           rsa_pkcs1_sha512 (0x0601)
>           ecdsa_sha224 (0x0303)
>           ecdsa_sha1 (0x0203)
>           rsa_pkcs1_sha224 (0x0301)
>           rsa_pkcs1_sha1 (0x0201)
>           dsa_sha224 (0x0302)
>           dsa_sha1 (0x0202)
>           dsa_sha256 (0x0402)
>           dsa_sha384 (0x0502)
>           dsa_sha512 (0x0602)
>         extension_type=supported_versions(43), length=9
>           TLS 1.3 (772)
>           TLS 1.2 (771)
>           TLS 1.1 (770)
>           TLS 1.0 (769)
>         extension_type=psk_key_exchange_modes(45), length=2
>           psk_dhe_ke (1)
>         extension_type=key_share(51), length=38
>             NamedGroup: ecdh_x25519 (29)
>             key_exchange:  (len=32): 3E7E05E66F3F978082E7445E0A6FA9C73F4F4C1E6423AA3FAB7B80C8E521F629
>         extension_type=padding(21), length=224
>           0000 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           000f - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           001e - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           002d - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           003c - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           004b - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           005a - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0069 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0078 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0087 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0096 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00a5 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00b4 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00c3 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00d2 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00      ..............
> 
> Received Record
> Header:
>   Version = TLS 1.2 (0x303)
>   Content Type = Handshake (22)
>   Length = 88
>     ServerHello, Length=84
>       server_version=0x303 (TLS 1.2)
>       Random:
>         gmt_unix_time=0xCF21AD74
>         random_bytes (len=28): E59A6111BE1D8C021E65B891C2A211167ABB8C5E079E09E2C8A8339C
>       session_id (len=32): E028F6D32F2F0FB8CC112794C7AA4E97AD76EDF6B955F49B51CA837F6115ABE2
>       cipher_suite {0x13, 0x02} TLS_AES_256_GCM_SHA384
>       compression_method: No Compression (0x00)
>       extensions, length = 12
>         extension_type=supported_versions(43), length=2
>             TLS 1.3 (772)
>         extension_type=key_share(51), length=2
>             NamedGroup: secp256r1 (P-256) (23)
> 
> Sent Record
> Header:
>   Version = TLS 1.2 (0x303)
>   Content Type = ChangeCipherSpec (20)
>   Length = 1
>     change_cipher_spec (1)
> 
> Sent Record
> Header:
>   Version = TLS 1.2 (0x303)
>   Content Type = Handshake (22)
>   Length = 512
>     ClientHello, Length=508
>       client_version=0x303 (TLS 1.2)
>       Random:
>         gmt_unix_time=0x2CE5293F
>         random_bytes (len=28): 60F8FD89D6BFFC32D30870CF534B271108BD7E00452949D9E2CECD7D
>       session_id (len=32): E028F6D32F2F0FB8CC112794C7AA4E97AD76EDF6B955F49B51CA837F6115ABE2
>       cipher_suites (len=62)
>         {0x13, 0x02} TLS_AES_256_GCM_SHA384
>         {0x13, 0x03} TLS_CHACHA20_POLY1305_SHA256
>         {0x13, 0x01} TLS_AES_128_GCM_SHA256
>         {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
>         {0xC0, 0x30} TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>         {0x00, 0x9F} TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
>         {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xCC, 0xA8} TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xCC, 0xAA} TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
>         {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>         {0x00, 0x9E} TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
>         {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
>         {0xC0, 0x28} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
>         {0x00, 0x6B} TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
>         {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
>         {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
>         {0x00, 0x67} TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
>         {0xC0, 0x0A} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
>         {0xC0, 0x14} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>         {0x00, 0x39} TLS_DHE_RSA_WITH_AES_256_CBC_SHA
>         {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
>         {0xC0, 0x13} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0x33} TLS_DHE_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0x9D} TLS_RSA_WITH_AES_256_GCM_SHA384
>         {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
>         {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
>         {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
>         {0x00, 0x35} TLS_RSA_WITH_AES_256_CBC_SHA
>         {0x00, 0x2F} TLS_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
>       compression_methods (len=1)
>         No Compression (0x00)
>       extensions, length = 373
>         extension_type=ec_point_formats(11), length=4
>           uncompressed (0)
>           ansiX962_compressed_prime (1)
>           ansiX962_compressed_char2 (2)
>         extension_type=supported_groups(10), length=12
>           ecdh_x25519 (29)
>           secp256r1 (P-256) (23)
>           ecdh_x448 (30)
>           secp521r1 (P-521) (25)
>           secp384r1 (P-384) (24)
>         extension_type=encrypt_then_mac(22), length=0
>         extension_type=extended_master_secret(23), length=0
>         extension_type=signature_algorithms(13), length=48
>           ecdsa_secp256r1_sha256 (0x0403)
>           ecdsa_secp384r1_sha384 (0x0503)
>           ecdsa_secp521r1_sha512 (0x0603)
>           ed25519 (0x0807)
>           ed448 (0x0808)
>           rsa_pss_pss_sha256 (0x0809)
>           rsa_pss_pss_sha384 (0x080a)
>           rsa_pss_pss_sha512 (0x080b)
>           rsa_pss_rsae_sha256 (0x0804)
>           rsa_pss_rsae_sha384 (0x0805)
>           rsa_pss_rsae_sha512 (0x0806)
>           rsa_pkcs1_sha256 (0x0401)
>           rsa_pkcs1_sha384 (0x0501)
>           rsa_pkcs1_sha512 (0x0601)
>           ecdsa_sha224 (0x0303)
>           ecdsa_sha1 (0x0203)
>           rsa_pkcs1_sha224 (0x0301)
>           rsa_pkcs1_sha1 (0x0201)
>           dsa_sha224 (0x0302)
>           dsa_sha1 (0x0202)
>           dsa_sha256 (0x0402)
>           dsa_sha384 (0x0502)
>           dsa_sha512 (0x0602)
>         extension_type=supported_versions(43), length=9
>           TLS 1.3 (772)
>           TLS 1.2 (771)
>           TLS 1.1 (770)
>           TLS 1.0 (769)
>         extension_type=psk_key_exchange_modes(45), length=2
>           psk_dhe_ke (1)
>         extension_type=key_share(51), length=71
>             NamedGroup: secp256r1 (P-256) (23)
>             key_exchange:  (len=65): 04942A4A721CA99765B0FBEF01CB5B79C88011CCCECE4B93FA082CF7DBD3992D4602BBAC27DF4355243FC4B33C801A989BEC3BB1E818262CED50B7448DAF4C65B1
>         extension_type=padding(21), length=191
>           0000 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           000f - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           001e - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           002d - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           003c - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           004b - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           005a - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0069 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0078 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0087 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0096 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00a5 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00b4 - 00 00 00 00 00 00 00 00-00 00 00               ...........
> 
> Received Record
> Header:
>   Version = TLS 1.2 (0x303)
>   Content Type = ChangeCipherSpec (20)
>   Length = 1
> 
> ------------------------------------------------------------
> S8 server side:
> Received Record
> Header:
>   Version = TLS 1.0 (0x301)
>   Content Type = Handshake (22)
>   Length = 512
>     ClientHello, Length=508
>       client_version=0x303 (TLS 1.2)
>       Random:
>         gmt_unix_time=0x2CE5293F
>         random_bytes (len=28): 60F8FD89D6BFFC32D30870CF534B271108BD7E00452949D9E2CECD7D
>       session_id (len=32): E028F6D32F2F0FB8CC112794C7AA4E97AD76EDF6B955F49B51CA837F6115ABE2
>       cipher_suites (len=62)
>         {0x13, 0x02} TLS_AES_256_GCM_SHA384
>         {0x13, 0x03} TLS_CHACHA20_POLY1305_SHA256
>         {0x13, 0x01} TLS_AES_128_GCM_SHA256
>         {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
>         {0xC0, 0x30} TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>         {0x00, 0x9F} TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
>         {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xCC, 0xA8} TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xCC, 0xAA} TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>         {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
>         {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>         {0x00, 0x9E} TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
>         {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
>         {0xC0, 0x28} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
>         {0x00, 0x6B} TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
>         {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
>         {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
>         {0x00, 0x67} TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
>         {0xC0, 0x0A} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
>         {0xC0, 0x14} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>         {0x00, 0x39} TLS_DHE_RSA_WITH_AES_256_CBC_SHA
>         {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
>         {0xC0, 0x13} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0x33} TLS_DHE_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0x9D} TLS_RSA_WITH_AES_256_GCM_SHA384
>         {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256
>         {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256
>         {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256
>         {0x00, 0x35} TLS_RSA_WITH_AES_256_CBC_SHA
>         {0x00, 0x2F} TLS_RSA_WITH_AES_128_CBC_SHA
>         {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
>       compression_methods (len=1)
>         No Compression (0x00)
>       extensions, length = 373
>         extension_type=ec_point_formats(11), length=4
>           uncompressed (0)
>           ansiX962_compressed_prime (1)
>           ansiX962_compressed_char2 (2)
>         extension_type=supported_groups(10), length=12
>           ecdh_x25519 (29)
>           secp256r1 (P-256) (23)
>           ecdh_x448 (30)
>           secp521r1 (P-521) (25)
>           secp384r1 (P-384) (24)
>         extension_type=encrypt_then_mac(22), length=0
>         extension_type=extended_master_secret(23), length=0
>         extension_type=signature_algorithms(13), length=48
>           ecdsa_secp256r1_sha256 (0x0403)
>           ecdsa_secp384r1_sha384 (0x0503)
>           ecdsa_secp521r1_sha512 (0x0603)
>           ed25519 (0x0807)
>           ed448 (0x0808)
>           rsa_pss_pss_sha256 (0x0809)
>           rsa_pss_pss_sha384 (0x080a)
>           rsa_pss_pss_sha512 (0x080b)
>           rsa_pss_rsae_sha256 (0x0804)
>           rsa_pss_rsae_sha384 (0x0805)
>           rsa_pss_rsae_sha512 (0x0806)
>           rsa_pkcs1_sha256 (0x0401)
>           rsa_pkcs1_sha384 (0x0501)
>           rsa_pkcs1_sha512 (0x0601)
>           ecdsa_sha224 (0x0303)
>           ecdsa_sha1 (0x0203)
>           rsa_pkcs1_sha224 (0x0301)
>           rsa_pkcs1_sha1 (0x0201)
>           dsa_sha224 (0x0302)
>           dsa_sha1 (0x0202)
>           dsa_sha256 (0x0402)
>           dsa_sha384 (0x0502)
>           dsa_sha512 (0x0602)
>         extension_type=supported_versions(43), length=9
>           TLS 1.3 (772)
>           TLS 1.2 (771)
>           TLS 1.1 (770)
>           TLS 1.0 (769)
>         extension_type=psk_key_exchange_modes(45), length=2
>           psk_dhe_ke (1)
>         extension_type=key_share(51), length=38
>             NamedGroup: ecdh_x25519 (29)
>             key_exchange:  (len=32): 3E7E05E66F3F978082E7445E0A6FA9C73F4F4C1E6423AA3FAB7B80C8E521F629
>         extension_type=padding(21), length=224
>           0000 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           000f - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           001e - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           002d - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           003c - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           004b - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           005a - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0069 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0078 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0087 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           0096 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00a5 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00b4 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00c3 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00   ...............
>           00d2 - 00 00 00 00 00 00 00 00-00 00 00 00 00 00      ..............
> 
> Sent Record
> Header:
>   Version = TLS 1.2 (0x303)
>   Content Type = Handshake (22)
>   Length = 88
>     ServerHello, Length=84
>       server_version=0x303 (TLS 1.2)
>       Random:
>         gmt_unix_time=0xCF21AD74
>         random_bytes (len=28): E59A6111BE1D8C021E65B891C2A211167ABB8C5E079E09E2C8A8339C
>       session_id (len=32): E028F6D32F2F0FB8CC112794C7AA4E97AD76EDF6B955F49B51CA837F6115ABE2
>       cipher_suite {0x13, 0x02} TLS_AES_256_GCM_SHA384
>       compression_method: No Compression (0x00)
>       extensions, length = 12
>         extension_type=supported_versions(43), length=2
>             TLS 1.3 (772)
>         extension_type=key_share(51), length=2
>             NamedGroup: secp256r1 (P-256) (23)
> 
> Sent Record
> Header:
>   Version = TLS 1.2 (0x303)
>   Content Type = ChangeCipherSpec (20)
>   Length = 1
>     change_cipher_spec (1)
>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux