Trouble with handshake with WolfSSL

Question

I'm having some issues using WolfSSL. I tried to ask a question on the WolfSSL forums, but registration is not working right now.

I am using WolfSSL to develop a simple email client for the Nintendo Wii. WolfSSL is the only library that claims to have Wii compatibility. I've successfully built the library with devKitPro, and everything seems to be working, but it fails on the handshake.

Here is some sample code:

bool Internet::sslSetup(){

  if(wolfSSL_Init() != SSL_SUCCESS){
    sslReportError();
    return false;
  }
  setState("SSL Init");

  method = wolfSSLv23_client_method();
  if (method == NULL) {
    sslReportError();
    return false;
  }
  setState("SSL Method Set");

  ctx = wolfSSL_CTX_new(method);
  wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);

  if(ctx == NULL){
    sslReportError();
    return false;
  }
  setState("SSL Ctx Init");

  sslSocket = wolfSSL_new(ctx);
  if(sslSocket == NULL){
    sslReportError();
    return false;
  }
  setState("SSL Socket Init");

  wolfSSL_set_fd(sslSocket, socket);
  if(sslSocket == NULL){
    sslReportError();
    return false;
  }
  setState("SSL Socket connected to net socket");

  return true;
}

I don't have any way to debug on the Wii, so I am relegated to text debugging. Here is my log for the WolfSSL debug output:

13 05 2016 00:55 wolfSSL Entering wolfSSL_Init 
13 05 2016 00:55 wolfSSL Entering WOLFSSL_CTX_new 
13 05 2016 00:55 wolfSSL Entering wolfSSL_CertManagerNew 
13 05 2016 00:55 wolfSSL Leaving WOLFSSL_CTX_new, return 0 
13 05 2016 00:55 wolfSSL Entering wolfSSL_CTX_set_verify 
13 05 2016 00:55 wolfSSL Entering SSL_new 
13 05 2016 00:55 wolfSSL Leaving SSL_new, return 0 
13 05 2016 00:55 wolfSSL Entering SSL_set_fd 
13 05 2016 00:55 wolfSSL Leaving SSL_set_fd, return 1 
13 05 2016 00:55 wolfSSL Entering SSL_connect() 
13 05 2016 00:55 growing output buffer
13 05 2016 00:55 Shrinking output buffer
13 05 2016 00:55 connect state: CLIENT_HELLO_SENT 
13 05 2016 00:55 received record layer msg 
13 05 2016 00:55 got ALERT! 
13 05 2016 00:55 Got alert 
13 05 2016 00:55 wolfSSL error occurred, error = 40 
13 05 2016 00:55 wolfSSL error occurred, error = -313

Any ideas? Trying to connect to smtp.gmail.com on port 465.

When connecting to Google Servers it is common for the server to ignore any "Client Hello" packet that does not contain the elliptic curve extension when ECC cipher suites are enabled. As of release 3.10.2 wolfSSL made this the default behavior. (https://github.com/wolfSSL/wolfssl#release-3102-of-wolfssl-has-bug-fixes-and-new-features-including) If working with older releases please see the blog post which was initially shared by @Mircea Baja in the comments on the accepted answer below. (Link provided here)https://www.wolfssl.com/using-supported-elliptic-curves-extension-with-wolfssl/ — Kaleb, Oct 18 '17 at 17:33

score 2 · Accepted Answer · edited Oct 07 '21 at 06:06

2

It looks like a TLS handshake error because:

the client sent the client hello
it received an alert
alert 40 means handshake error, see https://www.rfc-editor.org/rfc/rfc5246#section-7.2

Next steps would be to:

investigate what's the -313 error
can you get a wireshark trace from a computer on the same network to get more details of what the sever hello contains? e.g. that could happen for several reasons e.g. server not happy with the list of cyphers available from client

edited Oct 07 '21 at 06:06

Community

1
1

answered May 13 '16 at 23:50

Mircea Baja

464
4
14

1

-313 is defined as: `FATAL_ERROR = -313, /* recvd alert fatal error */` I did a wireshark trace, but can't really see what the issue is. All I see is the client hello, and the server subsequently responding with the handshake failure. You can download the trace [here](https://drive.google.com/file/d/0BxezHoN6fOJ9cTVVejM4LXhXMDA/view?usp=sharing) – Aaron Lehrian May 14 '16 at 00:10
1

It could still be the cipher suite that the client proposes, in your dump the client practically proposes only DHE cipher suites. If I connect with `openssl s_client -connect smtp.gmail.com:465` I can see that the cipher suite gmail is happy with is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) which your client did not send – Mircea Baja May 14 '16 at 00:28
1

Basically the google guys are keen users of elliptic curve cryptography and your client did not send a EC cipher (you can see the list of cipher suites sent by the client by expanding in wireshark the client hello message until you get to the Cipher Suites in SSL – Mircea Baja May 14 '16 at 00:40
1

Got it! I will try to figure out how to enable other ciphers in WolfSSL. – Aaron Lehrian May 14 '16 at 01:00
1

Got that cipher added in, same result. [Here](https://drive.google.com/open?id=0BxezHoN6fOJ9YXNOR2x6SUFyaU0)'s the Wireshark dump. – Aaron Lehrian May 14 '16 at 01:35
1

Yes, I can see you have the EC ciphers but you don't have in the client hello message an Extension specifying the elliptic_curves supported by client. E.g. research into items similar to: https://www.wolfssl.com/wolfSSL/Blog/Entries/2014/2/5_Using_Supported_Elliptic_Curves_Extension_with_CyaSSL.html https://github.com/wolfSSL/wolfssl/issues/366 https://bugs.eclipse.org/bugs/show_bug.cgi?id=473678 – Mircea Baja May 14 '16 at 01:52

Trouble with handshake with WolfSSL

1 Answers1