> From: owner-openssl-us...@openssl.org  On Behalf Of Jeffrey Walton
> Sent: Tuesday, March 04, 2014 12:34

> The Wireshark trace is useless (to me) because its only displaying TCP
> traffic (and not breaking out the SSL/TLS protocol). I can't break the
> bits out in my head.
> 
right-click one of your packets in the packet list, DecodeAs...,
make sure Transport has your port number (here 8443),
pick SSL in the list at the right, OK.

> Here's -debug from a separate s_client on a different physical machine.
> 
> $ /usr/local/ssl/bin/openssl s_client -tls1_2 -connect
> debian-q500:8443 -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -debug
> CONNECTED(00000003)
> write to 0x736bc0 [0x7406f3] (163 bytes => 163 (0xA3))
> 0000 - 16 03 01 00 9e 01 00 00-9a 03 03 12 a5 1d c3 7e   ...............~
> 0010 - 5e e1 dc 20 c3 9e da dd-cb 66 8f 0b d0 6c 24 13   ^.. .....f...l$.
> 0020 - e0 b5 de ef 54 5f cd 2c-4c 53 37 00 00 04 c0 2b   ....T_.,LS7....+
> 0030 - 00 ff 01 00 00 6d 00 0b-00 04 03 00 01 02 00 0a   .....m..........

> 0040 - 00 34 00 32 00 0e 00 0d-00 19 00 0b 00 0c 00 18   .4.2............
> 0050 - 00 09 00 0a 00 16 00 17-00 08 00 06 00 07 00 14   ................
> 0060 - 00 15 00 04 00 05 00 12-00 13 00 01 00 02 00 03   ................
> 0070 - 00 0f 00 10 00 11 00 23-00 00 00 0d 00 20 00 1e   .......#..... ..

bytes at 42 through 75 are (body of) supported_curves and 
does include 00 17 which is P-256 -- which s_client always does.

> 0080 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02   ................
> 0090 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f   ................
> 00a0 - 00 01 01                                          ...
> read from 0x736bc0 [0x73c1a3] (5 bytes => 5 (0x5))
> 0000 - 15 03 03 00 02                                    .....
> read from 0x736bc0 [0x73c1a8] (2 bytes => 2 (0x2))
> 0000 - 02 28                                             .(
> 139925962778272:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3
> alert handshake failure:s3_pkt.c:1256:SSL alert number 40
> 139925962778272:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl
> handshake failure:s3_pkt.c:596:
<snip>

but that reminds me: does your ECDSA cert have the publickey in 
named=OID format, NOT explicit (prime + coefficients + point + order etc.)?

If your real client, like openssl, only offers named curves not explicit,
a cert containing an explicit key cannot be selected, even if the explicit 
parameters are actually the parameters for a name-able curve.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to