> From: owner-openssl-us...@openssl.org On Behalf Of Jeffrey Walton > Sent: Tuesday, March 04, 2014 12:34
> The Wireshark trace is useless (to me) because its only displaying TCP > traffic (and not breaking out the SSL/TLS protocol). I can't break the > bits out in my head. > right-click one of your packets in the packet list, DecodeAs..., make sure Transport has your port number (here 8443), pick SSL in the list at the right, OK. > Here's -debug from a separate s_client on a different physical machine. > > $ /usr/local/ssl/bin/openssl s_client -tls1_2 -connect > debian-q500:8443 -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -debug > CONNECTED(00000003) > write to 0x736bc0 [0x7406f3] (163 bytes => 163 (0xA3)) > 0000 - 16 03 01 00 9e 01 00 00-9a 03 03 12 a5 1d c3 7e ...............~ > 0010 - 5e e1 dc 20 c3 9e da dd-cb 66 8f 0b d0 6c 24 13 ^.. .....f...l$. > 0020 - e0 b5 de ef 54 5f cd 2c-4c 53 37 00 00 04 c0 2b ....T_.,LS7....+ > 0030 - 00 ff 01 00 00 6d 00 0b-00 04 03 00 01 02 00 0a .....m.......... > 0040 - 00 34 00 32 00 0e 00 0d-00 19 00 0b 00 0c 00 18 .4.2............ > 0050 - 00 09 00 0a 00 16 00 17-00 08 00 06 00 07 00 14 ................ > 0060 - 00 15 00 04 00 05 00 12-00 13 00 01 00 02 00 03 ................ > 0070 - 00 0f 00 10 00 11 00 23-00 00 00 0d 00 20 00 1e .......#..... .. bytes at 42 through 75 are (body of) supported_curves and does include 00 17 which is P-256 -- which s_client always does. > 0080 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02 ................ > 0090 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f ................ > 00a0 - 00 01 01 ... > read from 0x736bc0 [0x73c1a3] (5 bytes => 5 (0x5)) > 0000 - 15 03 03 00 02 ..... > read from 0x736bc0 [0x73c1a8] (2 bytes => 2 (0x2)) > 0000 - 02 28 .( > 139925962778272:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 > alert handshake failure:s3_pkt.c:1256:SSL alert number 40 > 139925962778272:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl > handshake failure:s3_pkt.c:596: <snip> but that reminds me: does your ECDSA cert have the publickey in named=OID format, NOT explicit (prime + coefficients + point + order etc.)? If your real client, like openssl, only offers named curves not explicit, a cert containing an explicit key cannot be selected, even if the explicit parameters are actually the parameters for a name-able curve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org