3

I have a PSK Server and Client example using Open SSL that work very well with one another. However, what I need to do is make my client using PolarSSL/mBedTLS talk to the server. I am experiencing handshake failure once the client sends ChangeCipherSpec and EncryptedHandshakeMessage. Any ideas what could be wrong?

I have used https://bitbucket.org/tiebingzhang/tls-psk-server-client-example/overview as reference.

Sample mBedTLS/PolarSSL code is as below:

        static const unsigned char *psk_identity = "Client_identity";
        static const unsigned char *psk_key = "1A1A1A1A1A1A1A1A";

        ssl_set_endpoint(&context,SSL_IS_CLIENT);
        ssl_set_authmode(&context, SSL_VERIFY_NONE );
        ssl_set_rng(&context, random_vector_generate, NULL);
        ssl_set_ciphersuites(&context, default_ciphers);
        ssl_set_bio(&context, transport_read,
                   NULL,
                   transport_write,
                   NULL);
        ssl_set_psk(&context, psk_key, strlen((char *)psk_key), psk_identity, strlen((char *)psk_identity));
        ssl_handshake(&context);

@Note The only change to the server code is that I have changed the Preshared Key size to 16 from 32.

Also the configuration used for PolarSSL is below:

#define POLARSSL_AES_C
#define POLARSSL_CIPHER_C
#define POLARSSL_CTR_DRBG_C
#define POLARSSL_MD_C
#define POLARSSL_MD5_C
#define POLARSSL_SHA1_C
#define POLARSSL_SSL_CLI_C
#define POLARSSL_SSL_TLS_C
#define POLARSSL_PLATFORM_C
#define POLARSSL_PLATFORM_MEMORY
#define POLARSSL_CIPHER_MODE_CBC
#define POLARSSL_DEBUG_C
#define POLARSSL_BIGNUM_C

#define POLARSSL_AES_ROM_TABLES

#define POLARSSL_PSK_MAX_LEN    32
Krishna Shingala
  • 61
  • 2
  • 4
  • One detail I missed mentioning is I have no time implementation in my Client while the working client does have a time implementation. – Krishna Shingala Apr 13 '15 at 09:02
  • Hi. Could you please provide a [minimal code example](http://stackoverflow.com/help/mcve) so that we can reproduce this issue? – GoBusto Apr 13 '15 at 09:05
  • Included code references. Hope this helps! – Krishna Shingala Apr 13 '15 at 11:15
  • If the 'Finished' fails it is because (1) handshake messages were tampered or otherwise not the same at both ends, or the key does not agree because (2) the two ends didn't compute the key-derivation algorithm correctly or (3) the two ends didn't have the same PSK value (exactly). My bet is on (3). – dave_thompson_085 Apr 13 '15 at 15:23
  • Your evaluation is accurate Dave! Thank you so much! If you look the Open SSL example I am using it is converting the PSK to binary while in my example I continue to use the PSK as string and this results in failure in handshake. Thanks again! (Will appreciate if your response as an answer!) – Krishna Shingala Apr 15 '15 at 12:15

0 Answers0