What could be a reason when mbedtls_ssl_handshake returns -0x4D80 error code?
Used ciphersuit: MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
What could be a reason when mbedtls_ssl_handshake returns -0x4D80 error code?
Used ciphersuit: MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Hi @Evgeniy_Vasyliev
Using the sample application strerror
you would see:
programs/util/strerror -0x4d80
Last error was: -0x4d80 - ECP - Memory allocation failed
You ran out of memory during your handshake. Are you using a memory constrained board? Note that RSA consumes much memory, and this could cause your memory issues.
If you use a certificate signed with ECP, you will get smaller certificates, due to smaller key sizes, with same security strength as RSA.
I suggest you read https://tls.mbed.org/kb/how-to/reduce-mbedtls-memory-and-storage-footprint for hints on reducing your memory usage.
Regards,
Mbed TLS Team member
Ron
@roneld01, thank you for detailed response.
I am working on STM32F4 and making a web-server on it. I am using code from https://github.com/ARMmbed/mbedtls/blob/development/programs/ssl/ssl_server.c Initially I was using default ciphersuits generated using STM32CubeMx:
and using these ciphersuits it is really working good in Firefox. However, in Google Chrome many of handshake procedures end with error -0x7780 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE), however after resetting the connection it begins to work fine the other time!
So, while in Firefox all the requests are passed without any erros in Google Chrome at each request first there is a handshake error, but after this at subsequent request it is processed well. I can not send to you logs from mbedTLS, however this is a log how it works with Google Chrome:
**00.01.01 14:59:28.305 SSL handshake error: -30592**
00.01.01 14:59:28.305 SslResetSession
00.01.01 14:59:28.356 SSL connection using TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
00.01.01 14:59:28.356 PTS_ProcessHttpRequest
00.01.01 14:59:28.364 SslResetSession
**00.01.01 14:59:28.381 SSL handshake error: -30592**
00.01.01 14:59:28.382 SslResetSession
00.01.01 14:59:28.434 SSL connection using TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
00.01.01 14:59:28.434 PTS_ProcessHttpRequest
00.01.01 14:59:28.449 SslResetSession
**00.01.01 14:59:28.480 SSL handshake error: -30592**
00.01.01 14:59:28.481 SslResetSession
00.01.01 14:59:28.532 SSL connection using TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
00.01.01 14:59:28.532 PTS_ProcessHttpRequest
00.01.01 14:59:28.536 SslResetSession
So, after reading some posts on this forum I thought that enabling RSA will solve the problem with Google Chrome. However, after few days of attempts I still can not make it work (there is really quite little free memory left in MCU). maybe the problem is not in RSA and I am looking in a wrong direction?
Can you please advise what can be a reason on why handshake with Google Chrome will end with error -0x7780 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE), while after resetting the connection it will work?
Thank you.
I was able to get the mbedTLS logs at debug level = 2.
Here is a log when working with Mozilla Firefox (everything seems to work well):
19.06.24 19:00:20.038 ssl_tls.c:6754: |2| => handshake
19.06.24 19:00:20.074 ssl_srv.c:4219: |2| server state: 0
19.06.24 19:00:20.081 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.088 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:20.096 ssl_srv.c:4219: |2| server state: 1
19.06.24 19:00:20.103 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.110 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:20.116 ssl_srv.c:1192: |2| => parse client hello
19.06.24 19:00:20.123 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:20.133 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 19:00:20.140 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 19:00:20.147 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 19:00:20.155 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:20.161 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:20.168 ssl_tls.c:2413: |2| in_left: 5, nb_want: 517
19.06.24 19:00:20.176 ssl_tls.c:2437: |2| in_left: 5, nb_want: 517
19.06.24 19:00:20.186 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 512 (-0xfffffe00)
19.06.24 19:00:20.193 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:20.200 ssl_srv.c:1974: |2| selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
19.06.24 19:00:20.207 ssl_srv.c:2008: |2| <= parse client hello
19.06.24 19:00:20.214 ssl_srv.c:4219: |2| server state: 2
19.06.24 19:00:20.221 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.228 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:20.238 ssl_srv.c:2383: |2| => write server hello
19.06.24 19:00:20.246 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:20.253 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.260 ssl_tls.c:2490: |2| message length: 92, out_left: 92
19.06.24 19:00:20.267 ssl_tls.c:2496: |2| ssl->f_send() returned 92 (-0xffffffa4)
19.06.24 19:00:20.274 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:20.281 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:20.287 ssl_srv.c:2600: |2| <= write server hello
19.06.24 19:00:20.298 ssl_srv.c:4219: |2| server state: 3
19.06.24 19:00:20.304 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.311 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:20.318 ssl_tls.c:4259: |2| => write certificate
19.06.24 19:00:20.326 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:20.335 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.341 ssl_tls.c:2490: |2| message length: 1163, out_left: 1163
19.06.24 19:00:20.349 ssl_tls.c:2496: |2| ssl->f_send() returned 1163 (-0xfffffb75)
19.06.24 19:00:20.359 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:20.365 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:20.373 ssl_tls.c:4363: |2| <= write certificate
19.06.24 19:00:20.380 ssl_srv.c:4219: |2| server state: 4
19.06.24 19:00:20.387 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:20.393 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:20.400 ssl_srv.c:3232: |2| => write server key exchange
19.06.24 19:00:20.410 ssl_srv.c:3011: |2| ECDHE curve: secp384r1
19.06.24 19:00:21.173 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:21.180 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:21.187 ssl_tls.c:2490: |2| message length: 185, out_left: 185
19.06.24 19:00:21.195 ssl_tls.c:2496: |2| ssl->f_send() returned 185 (-0xffffff47)
19.06.24 19:00:21.202 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:21.209 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:21.234 ssl_srv.c:3316: |2| <= write server key exchange
19.06.24 19:00:21.244 ssl_srv.c:4219: |2| server state: 5
19.06.24 19:00:21.251 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:21.258 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:21.265 ssl_srv.c:2645: |2| => write certificate request
19.06.24 19:00:21.272 ssl_srv.c:2663: |2| <= skip write certificate request
19.06.24 19:00:21.279 ssl_srv.c:4219: |2| server state: 6
19.06.24 19:00:21.286 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:21.293 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:21.302 ssl_srv.c:3324: |2| => write server hello done
19.06.24 19:00:21.309 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:21.316 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:21.324 ssl_tls.c:2490: |2| message length: 9, out_left: 9
19.06.24 19:00:21.331 ssl_tls.c:2496: |2| ssl->f_send() returned 9 (-0xfffffff7)
19.06.24 19:00:21.338 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:21.344 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:21.354 ssl_srv.c:3343: |2| <= write server hello done
19.06.24 19:00:21.362 ssl_srv.c:4219: |2| server state: 7
19.06.24 19:00:21.368 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:21.375 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:21.382 ssl_tls.c:4376: |2| => parse certificate
19.06.24 19:00:21.389 ssl_tls.c:4406: |2| <= skip parse certificate
19.06.24 19:00:21.396 ssl_srv.c:4219: |2| server state: 8
19.06.24 19:00:21.403 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:21.413 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:21.420 ssl_srv.c:3664: |2| => parse client key exchange
19.06.24 19:00:21.427 ssl_tls.c:3809: |2| => read record
19.06.24 19:00:21.434 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:21.441 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 19:00:21.655 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 19:00:21.662 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 19:00:21.669 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:21.679 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:21.686 ssl_tls.c:2413: |2| in_left: 5, nb_want: 107
19.06.24 19:00:21.693 ssl_tls.c:2437: |2| in_left: 5, nb_want: 107
19.06.24 19:00:21.700 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 102 (-0xffffff9a)
19.06.24 19:00:21.707 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:21.714 ssl_tls.c:3846: |2| <= read record
19.06.24 19:00:22.185 ssl_tls.c:0509: |2| => derive keys
19.06.24 19:00:22.199 ssl_tls.c:0983: |2| <= derive keys
19.06.24 19:00:22.206 ssl_srv.c:3928: |2| <= parse client key exchange
19.06.24 19:00:22.212 ssl_srv.c:4219: |2| server state: 9
19.06.24 19:00:22.219 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.226 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.233 ssl_srv.c:3975: |2| => parse certificate verify
19.06.24 19:00:22.240 ssl_srv.c:3984: |2| <= skip parse certificate verify
19.06.24 19:00:22.247 ssl_srv.c:4219: |2| server state: 10
19.06.24 19:00:22.257 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.264 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.271 ssl_tls.c:4779: |2| => parse change cipher spec
19.06.24 19:00:22.278 ssl_tls.c:3809: |2| => read record
19.06.24 19:00:22.285 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:22.292 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 19:00:22.318 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 19:00:22.325 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 19:00:22.335 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:22.342 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:22.349 ssl_tls.c:2413: |2| in_left: 5, nb_want: 6
19.06.24 19:00:22.356 ssl_tls.c:2437: |2| in_left: 5, nb_want: 6
19.06.24 19:00:22.363 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 1 (-0xffffffff)
19.06.24 19:00:22.370 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:22.377 ssl_tls.c:3846: |2| <= read record
19.06.24 19:00:22.396 ssl_tls.c:4857: |2| <= parse change cipher spec
19.06.24 19:00:22.403 ssl_srv.c:4219: |2| server state: 11
19.06.24 19:00:22.410 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.417 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.424 ssl_tls.c:5415: |2| => parse finished
19.06.24 19:00:22.431 ssl_tls.c:5114: |2| => calc finished tls sha256
19.06.24 19:00:22.438 ssl_tls.c:5144: |2| <= calc finished
19.06.24 19:00:22.445 ssl_tls.c:3809: |2| => read record
19.06.24 19:00:22.455 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:22.462 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 19:00:22.469 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 19:00:22.475 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 19:00:22.482 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:22.489 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:22.496 ssl_tls.c:2413: |2| in_left: 5, nb_want: 45
19.06.24 19:00:22.503 ssl_tls.c:2437: |2| in_left: 5, nb_want: 45
19.06.24 19:00:22.513 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 40 (-0xffffffd8)
19.06.24 19:00:22.520 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:22.527 ssl_tls.c:1619: |2| => decrypt buf
19.06.24 19:00:22.534 ssl_tls.c:2092: |2| <= decrypt buf
19.06.24 19:00:22.542 ssl_tls.c:3846: |2| <= read record
19.06.24 19:00:22.548 ssl_tls.c:5483: |2| <= parse finished
19.06.24 19:00:22.555 ssl_srv.c:4219: |2| server state: 12
19.06.24 19:00:22.565 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.572 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.579 ssl_tls.c:4756: |2| => write change cipher spec
19.06.24 19:00:22.586 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:22.593 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.600 ssl_tls.c:2490: |2| message length: 6, out_left: 6
19.06.24 19:00:22.607 ssl_tls.c:2496: |2| ssl->f_send() returned 6 (-0xfffffffa)
19.06.24 19:00:22.614 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:22.624 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:22.631 ssl_tls.c:4770: |2| <= write change cipher spec
19.06.24 19:00:22.637 ssl_srv.c:4219: |2| server state: 13
19.06.24 19:00:22.644 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.651 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.657 ssl_tls.c:5289: |2| => write finished
19.06.24 19:00:22.664 ssl_tls.c:5114: |2| => calc finished tls sha256
19.06.24 19:00:22.671 ssl_tls.c:5144: |2| <= calc finished
19.06.24 19:00:22.681 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:22.687 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 19:00:22.694 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 19:00:22.701 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.707 ssl_tls.c:2490: |2| message length: 45, out_left: 45
19.06.24 19:00:22.733 ssl_tls.c:2496: |2| ssl->f_send() returned 45 (-0xffffffd3)
19.06.24 19:00:22.740 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:22.750 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:22.757 ssl_tls.c:5398: |2| <= write finished
19.06.24 19:00:22.764 ssl_srv.c:4219: |2| server state: 14
19.06.24 19:00:22.771 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.778 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.785 ssl_srv.c:4324: |2| handshake: done
19.06.24 19:00:22.792 ssl_srv.c:4219: |2| server state: 15
19.06.24 19:00:22.799 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:22.806 ssl_tls.c:2483: |2| <= flush output
19.06.24 19:00:22.816 ssl_tls.c:6764: |2| <= handshake
19.06.24 19:00:22.823 ssl_tls.c:6940: |2| => read
19.06.24 19:00:22.830 ssl_tls.c:3809: |2| => read record
19.06.24 19:00:22.837 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:22.844 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 19:00:22.851 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 19:00:22.858 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 19:00:22.865 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:22.876 ssl_tls.c:2252: |2| => fetch input
19.06.24 19:00:22.883 ssl_tls.c:2413: |2| in_left: 5, nb_want: 734
19.06.24 19:00:22.890 ssl_tls.c:2437: |2| in_left: 5, nb_want: 734
19.06.24 19:00:22.897 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 605 (-0xfffffda3)
19.06.24 19:00:22.904 ssl_tls.c:2437: |2| in_left: 610, nb_want: 734
19.06.24 19:00:22.911 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 124 (-0xffffff84)
19.06.24 19:00:22.921 ssl_tls.c:2458: |2| <= fetch input
19.06.24 19:00:22.928 ssl_tls.c:1619: |2| => decrypt buf
19.06.24 19:00:22.936 ssl_tls.c:2092: |2| <= decrypt buf
19.06.24 19:00:22.943 ssl_tls.c:3846: |2| <= read record
19.06.24 19:00:22.951 ssl_tls.c:7228: |2| <= read
19.06.24 19:00:23.958 ssl_tls.c:7330: |2| => write
19.06.24 19:00:23.966 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:23.973 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 19:00:23.980 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 19:00:23.990 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:23.997 ssl_tls.c:2490: |2| message length: 285, out_left: 285
19.06.24 19:00:23.004 ssl_tls.c:2496: |2| ssl->f_send() returned 285 (-0xfffffee3)
19.06.24 19:00:23.011 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:23.018 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:23.025 ssl_tls.c:7358: |2| <= write
19.06.24 19:00:23.032 ssl_tls.c:7330: |2| => write
19.06.24 19:00:23.039 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:23.049 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 19:00:23.056 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 19:00:23.063 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:23.070 ssl_tls.c:2490: |2| message length: 36, out_left: 36
19.06.24 19:00:23.078 ssl_tls.c:2496: |2| ssl->f_send() returned 36 (-0xffffffdc)
19.06.24 19:00:23.085 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:23.092 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:23.099 ssl_tls.c:7358: |2| <= write
19.06.24 19:00:23.109 ssl_tls.c:7330: |2| => write
19.06.24 19:00:23.116 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:23.123 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 19:00:23.149 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 19:00:23.156 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:23.163 ssl_tls.c:2490: |2| message length: 36, out_left: 36
19.06.24 19:00:23.170 ssl_tls.c:2496: |2| ssl->f_send() returned 36 (-0xffffffdc)
19.06.24 19:00:23.177 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:23.187 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:23.195 ssl_tls.c:7358: |2| <= write
19.06.24 19:00:23.202 ssl_tls.c:7373: |2| => write close notify
19.06.24 19:00:23.209 ssl_tls.c:4180: |2| => send alert message
19.06.24 19:00:23.216 ssl_tls.c:2764: |2| => write record
19.06.24 19:00:23.223 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 19:00:23.230 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 19:00:23.237 ssl_tls.c:2471: |2| => flush output
19.06.24 19:00:23.247 ssl_tls.c:2490: |2| message length: 31, out_left: 31
19.06.24 19:00:23.254 ssl_tls.c:2496: |2| ssl->f_send() returned 31 (-0xffffffe1)
19.06.24 19:00:23.261 ssl_tls.c:2523: |2| <= flush output
19.06.24 19:00:23.268 ssl_tls.c:2922: |2| <= write record
19.06.24 19:00:23.275 ssl_tls.c:4193: |2| <= send alert message
19.06.24 19:00:23.282 ssl_tls.c:7389: |2| <= write close notify
Here is a log when working with Google Chrome (this time it returns error -0x50), however the other time works well):
19.06.24 18:59:03.998 ssl_tls.c:6754: |2| => handshake
19.06.24 18:59:04.016 ssl_srv.c:4219: |2| server state: 0
19.06.24 18:59:04.023 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.030 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:04.038 ssl_srv.c:4219: |2| server state: 1
19.06.24 18:59:04.045 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.052 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:04.059 ssl_srv.c:1192: |2| => parse client hello
19.06.24 18:59:04.065 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:04.076 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 18:59:04.083 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 18:59:04.090 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 18:59:04.202 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:04.209 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:04.216 ssl_tls.c:2413: |2| in_left: 5, nb_want: 517
19.06.24 18:59:04.223 ssl_tls.c:2437: |2| in_left: 5, nb_want: 517
19.06.24 18:59:04.233 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 512 (-0xfffffe00)
19.06.24 18:59:04.240 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:04.248 ssl_srv.c:1974: |2| selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
19.06.24 18:59:04.255 ssl_srv.c:2008: |2| <= parse client hello
19.06.24 18:59:04.262 ssl_srv.c:4219: |2| server state: 2
19.06.24 18:59:04.278 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.285 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:04.295 ssl_srv.c:2383: |2| => write server hello
19.06.24 18:59:04.303 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:04.310 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.317 ssl_tls.c:2490: |2| message length: 92, out_left: 92
19.06.24 18:59:04.324 ssl_tls.c:2496: |2| ssl->f_send() returned 92 (-0xffffffa4)
19.06.24 18:59:04.331 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:04.338 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:04.345 ssl_srv.c:2600: |2| <= write server hello
19.06.24 18:59:04.354 ssl_srv.c:4219: |2| server state: 3
19.06.24 18:59:04.361 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.368 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:04.376 ssl_tls.c:4259: |2| => write certificate
19.06.24 18:59:04.383 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:04.392 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.399 ssl_tls.c:2490: |2| message length: 1163, out_left: 1163
19.06.24 18:59:04.406 ssl_tls.c:2496: |2| ssl->f_send() returned 1163 (-0xfffffb75)
19.06.24 18:59:04.416 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:04.422 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:04.430 ssl_tls.c:4363: |2| <= write certificate
19.06.24 18:59:04.436 ssl_srv.c:4219: |2| server state: 4
19.06.24 18:59:04.443 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:04.450 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:04.457 ssl_srv.c:3232: |2| => write server key exchange
19.06.24 18:59:04.467 ssl_srv.c:3011: |2| ECDHE curve: secp384r1
19.06.24 18:59:05.229 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:05.237 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.244 ssl_tls.c:2490: |2| message length: 185, out_left: 185
19.06.24 18:59:05.251 ssl_tls.c:2496: |2| ssl->f_send() returned 185 (-0xffffff47)
19.06.24 18:59:05.258 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:05.265 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:05.272 ssl_srv.c:3316: |2| <= write server key exchange
19.06.24 18:59:05.282 ssl_srv.c:4219: |2| server state: 5
19.06.24 18:59:05.288 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.296 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.303 ssl_srv.c:2645: |2| => write certificate request
19.06.24 18:59:05.309 ssl_srv.c:2663: |2| <= skip write certificate request
19.06.24 18:59:05.317 ssl_srv.c:4219: |2| server state: 6
19.06.24 18:59:05.324 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.330 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.340 ssl_srv.c:3324: |2| => write server hello done
19.06.24 18:59:05.348 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:05.355 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.362 ssl_tls.c:2490: |2| message length: 9, out_left: 9
19.06.24 18:59:05.369 ssl_tls.c:2496: |2| ssl->f_send() returned -80 (-0x0050)
19.06.24 18:59:05.376 ssl_tls.c:2918: |1| mbedtls_ssl_flush_output() returned -80 (-0x0050)
19.06.24 18:59:05.383 ssl_srv.c:3339: |1| mbedtls_ssl_write_record() returned -80 (-0x0050)
19.06.24 18:59:05.393 ssl_tls.c:6764: |2| <= handshake
19.06.24 18:59:05.410 ssl_tls.c:6754: |2| => handshake
19.06.24 18:59:05.415 ssl_srv.c:4219: |2| server state: 0
19.06.24 18:59:05.422 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.429 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.436 ssl_srv.c:4219: |2| server state: 1
19.06.24 18:59:05.443 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.450 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.460 ssl_srv.c:1192: |2| => parse client hello
19.06.24 18:59:05.467 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:05.474 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 18:59:05.481 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 18:59:05.488 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 18:59:05.495 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:05.502 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:05.512 ssl_tls.c:2413: |2| in_left: 5, nb_want: 517
19.06.24 18:59:05.519 ssl_tls.c:2437: |2| in_left: 5, nb_want: 517
19.06.24 18:59:05.526 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 512 (-0xfffffe00)
19.06.24 18:59:05.534 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:05.541 ssl_srv.c:1974: |2| selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
19.06.24 18:59:05.548 ssl_srv.c:2008: |2| <= parse client hello
19.06.24 18:59:05.555 ssl_srv.c:4219: |2| server state: 2
19.06.24 18:59:05.565 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.572 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.579 ssl_srv.c:2383: |2| => write server hello
19.06.24 18:59:05.587 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:05.594 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.600 ssl_tls.c:2490: |2| message length: 92, out_left: 92
19.06.24 18:59:05.608 ssl_tls.c:2496: |2| ssl->f_send() returned 92 (-0xffffffa4)
19.06.24 18:59:05.618 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:05.624 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:05.631 ssl_srv.c:2600: |2| <= write server hello
19.06.24 18:59:05.638 ssl_srv.c:4219: |2| server state: 3
19.06.24 18:59:05.645 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.652 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.659 ssl_tls.c:4259: |2| => write certificate
19.06.24 18:59:05.666 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:05.675 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.685 ssl_tls.c:2490: |2| message length: 1163, out_left: 1163
19.06.24 18:59:05.693 ssl_tls.c:2496: |2| ssl->f_send() returned 1163 (-0xfffffb75)
19.06.24 18:59:05.700 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:05.707 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:05.713 ssl_tls.c:4363: |2| <= write certificate
19.06.24 18:59:05.720 ssl_srv.c:4219: |2| server state: 4
19.06.24 18:59:05.727 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:05.737 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:05.744 ssl_srv.c:3232: |2| => write server key exchange
19.06.24 18:59:05.751 ssl_srv.c:3011: |2| ECDHE curve: secp384r1
19.06.24 18:59:06.514 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:06.521 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:06.528 ssl_tls.c:2490: |2| message length: 185, out_left: 185
19.06.24 18:59:06.535 ssl_tls.c:2496: |2| ssl->f_send() returned 185 (-0xffffff47)
19.06.24 18:59:06.542 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:06.552 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:06.559 ssl_srv.c:3316: |2| <= write server key exchange
19.06.24 18:59:06.566 ssl_srv.c:4219: |2| server state: 5
19.06.24 18:59:06.573 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:06.580 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:06.598 ssl_srv.c:2645: |2| => write certificate request
19.06.24 18:59:06.605 ssl_srv.c:2663: |2| <= skip write certificate request
19.06.24 18:59:06.614 ssl_srv.c:4219: |2| server state: 6
19.06.24 18:59:06.621 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:06.628 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:06.635 ssl_srv.c:3324: |2| => write server hello done
19.06.24 18:59:06.642 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:06.649 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:06.656 ssl_tls.c:2490: |2| message length: 9, out_left: 9
19.06.24 18:59:06.663 ssl_tls.c:2496: |2| ssl->f_send() returned 9 (-0xfffffff7)
19.06.24 18:59:06.683 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:06.690 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:06.697 ssl_srv.c:3343: |2| <= write server hello done
19.06.24 18:59:06.704 ssl_srv.c:4219: |2| server state: 7
19.06.24 18:59:06.710 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:06.717 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:06.724 ssl_tls.c:4376: |2| => parse certificate
19.06.24 18:59:06.731 ssl_tls.c:4406: |2| <= skip parse certificate
19.06.24 18:59:06.741 ssl_srv.c:4219: |2| server state: 8
19.06.24 18:59:06.748 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:06.754 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:06.761 ssl_srv.c:3664: |2| => parse client key exchange
19.06.24 18:59:06.768 ssl_tls.c:3809: |2| => read record
19.06.24 18:59:06.774 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:06.781 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 18:59:06.788 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 18:59:06.797 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 18:59:06.804 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:06.810 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:06.817 ssl_tls.c:2413: |2| in_left: 5, nb_want: 107
19.06.24 18:59:06.824 ssl_tls.c:2437: |2| in_left: 5, nb_want: 107
19.06.24 18:59:06.830 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 102 (-0xffffff9a)
19.06.24 18:59:06.837 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:06.847 ssl_tls.c:3846: |2| <= read record
19.06.24 18:59:07.317 ssl_tls.c:0509: |2| => derive keys
19.06.24 18:59:07.327 ssl_tls.c:0983: |2| <= derive keys
19.06.24 18:59:07.334 ssl_srv.c:3928: |2| <= parse client key exchange
19.06.24 18:59:07.341 ssl_srv.c:4219: |2| server state: 9
19.06.24 18:59:07.348 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.355 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.362 ssl_srv.c:3975: |2| => parse certificate verify
19.06.24 18:59:07.372 ssl_srv.c:3984: |2| <= skip parse certificate verify
19.06.24 18:59:07.380 ssl_srv.c:4219: |2| server state: 10
19.06.24 18:59:07.387 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.394 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.401 ssl_tls.c:4779: |2| => parse change cipher spec
19.06.24 18:59:07.408 ssl_tls.c:3809: |2| => read record
19.06.24 18:59:07.415 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:07.422 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 18:59:07.432 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 18:59:07.439 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 18:59:07.446 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:07.453 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:07.460 ssl_tls.c:2413: |2| in_left: 5, nb_want: 6
19.06.24 18:59:07.467 ssl_tls.c:2437: |2| in_left: 5, nb_want: 6
19.06.24 18:59:07.474 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 1 (-0xffffffff)
19.06.24 18:59:07.496 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:07.503 ssl_tls.c:3846: |2| <= read record
19.06.24 18:59:07.510 ssl_tls.c:4857: |2| <= parse change cipher spec
19.06.24 18:59:07.517 ssl_srv.c:4219: |2| server state: 11
19.06.24 18:59:07.524 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.531 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.538 ssl_tls.c:5415: |2| => parse finished
19.06.24 18:59:07.545 ssl_tls.c:5114: |2| => calc finished tls sha256
19.06.24 18:59:07.555 ssl_tls.c:5144: |2| <= calc finished
19.06.24 18:59:07.562 ssl_tls.c:3809: |2| => read record
19.06.24 18:59:07.569 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:07.576 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 18:59:07.583 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 18:59:07.591 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 18:59:07.598 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:07.608 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:07.615 ssl_tls.c:2413: |2| in_left: 5, nb_want: 45
19.06.24 18:59:07.622 ssl_tls.c:2437: |2| in_left: 5, nb_want: 45
19.06.24 18:59:07.629 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 40 (-0xffffffd8)
19.06.24 18:59:07.636 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:07.643 ssl_tls.c:1619: |2| => decrypt buf
19.06.24 18:59:07.650 ssl_tls.c:2092: |2| <= decrypt buf
19.06.24 18:59:07.657 ssl_tls.c:3846: |2| <= read record
19.06.24 18:59:07.667 ssl_tls.c:5483: |2| <= parse finished
19.06.24 18:59:07.674 ssl_srv.c:4219: |2| server state: 12
19.06.24 18:59:07.681 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.688 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.695 ssl_tls.c:4756: |2| => write change cipher spec
19.06.24 18:59:07.702 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:07.709 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.716 ssl_tls.c:2490: |2| message length: 6, out_left: 6
19.06.24 18:59:07.726 ssl_tls.c:2496: |2| ssl->f_send() returned 6 (-0xfffffffa)
19.06.24 18:59:07.733 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:07.740 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:07.747 ssl_tls.c:4770: |2| <= write change cipher spec
19.06.24 18:59:07.754 ssl_srv.c:4219: |2| server state: 13
19.06.24 18:59:07.761 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.768 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.775 ssl_tls.c:5289: |2| => write finished
19.06.24 18:59:07.785 ssl_tls.c:5114: |2| => calc finished tls sha256
19.06.24 18:59:07.793 ssl_tls.c:5144: |2| <= calc finished
19.06.24 18:59:07.800 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:07.807 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 18:59:07.814 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 18:59:07.821 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.828 ssl_tls.c:2490: |2| message length: 45, out_left: 45
19.06.24 18:59:07.835 ssl_tls.c:2496: |2| ssl->f_send() returned 45 (-0xffffffd3)
19.06.24 18:59:07.845 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:07.852 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:07.859 ssl_tls.c:5398: |2| <= write finished
19.06.24 18:59:07.866 ssl_srv.c:4219: |2| server state: 14
19.06.24 18:59:07.873 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.880 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.887 ssl_srv.c:4324: |2| handshake: done
19.06.24 18:59:07.897 ssl_srv.c:4219: |2| server state: 15
19.06.24 18:59:07.904 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:07.911 ssl_tls.c:2483: |2| <= flush output
19.06.24 18:59:07.929 ssl_tls.c:6764: |2| <= handshake
19.06.24 18:59:07.937 ssl_tls.c:6940: |2| => read
19.06.24 18:59:07.943 ssl_tls.c:3809: |2| => read record
19.06.24 18:59:07.950 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:07.957 ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
19.06.24 18:59:07.965 ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
19.06.24 18:59:07.974 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
19.06.24 18:59:07.981 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:07.989 ssl_tls.c:2252: |2| => fetch input
19.06.24 18:59:07.995 ssl_tls.c:2413: |2| in_left: 5, nb_want: 807
19.06.24 18:59:08.003 ssl_tls.c:2437: |2| in_left: 5, nb_want: 807
19.06.24 18:59:08.010 ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 802 (-0xfffffcde)
19.06.24 18:59:08.017 ssl_tls.c:2458: |2| <= fetch input
19.06.24 18:59:08.036 ssl_tls.c:1619: |2| => decrypt buf
19.06.24 18:59:08.045 ssl_tls.c:2092: |2| <= decrypt buf
19.06.24 18:59:08.051 ssl_tls.c:3846: |2| <= read record
19.06.24 18:59:08.059 ssl_tls.c:7228: |2| <= read
19.06.24 18:59:08.066 ssl_tls.c:7330: |2| => write
19.06.24 18:59:08.073 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:08.080 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 18:59:08.088 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 18:59:08.094 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:08.104 ssl_tls.c:2490: |2| message length: 285, out_left: 285
19.06.24 18:59:08.112 ssl_tls.c:2496: |2| ssl->f_send() returned 285 (-0xfffffee3)
19.06.24 18:59:08.119 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:08.125 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:08.132 ssl_tls.c:7358: |2| <= write
19.06.24 18:59:08.140 ssl_tls.c:7330: |2| => write
19.06.24 18:59:08.147 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:08.156 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 18:59:08.164 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 18:59:08.171 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:08.177 ssl_tls.c:2490: |2| message length: 36, out_left: 36
19.06.24 18:59:08.185 ssl_tls.c:2496: |2| ssl->f_send() returned 36 (-0xffffffdc)
19.06.24 18:59:08.192 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:08.199 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:08.205 ssl_tls.c:7358: |2| <= write
19.06.24 18:59:08.215 ssl_tls.c:7330: |2| => write
19.06.24 18:59:08.222 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:08.229 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 18:59:08.236 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 18:59:08.243 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:08.250 ssl_tls.c:2490: |2| message length: 36, out_left: 36
19.06.24 18:59:08.258 ssl_tls.c:2496: |2| ssl->f_send() returned 36 (-0xffffffdc)
19.06.24 18:59:08.264 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:08.274 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:08.281 ssl_tls.c:7358: |2| <= write
19.06.24 18:59:08.288 ssl_tls.c:7373: |2| => write close notify
19.06.24 18:59:08.295 ssl_tls.c:4180: |2| => send alert message
19.06.24 18:59:08.302 ssl_tls.c:2764: |2| => write record
19.06.24 18:59:08.310 ssl_tls.c:1287: |2| => encrypt buf
19.06.24 18:59:08.317 ssl_tls.c:1605: |2| <= encrypt buf
19.06.24 18:59:08.323 ssl_tls.c:2471: |2| => flush output
19.06.24 18:59:08.330 ssl_tls.c:2490: |2| message length: 31, out_left: 31
19.06.24 18:59:08.341 ssl_tls.c:2496: |2| ssl->f_send() returned 31 (-0xffffffe1)
19.06.24 18:59:08.347 ssl_tls.c:2523: |2| <= flush output
19.06.24 18:59:08.366 ssl_tls.c:2922: |2| <= write record
19.06.24 18:59:08.373 ssl_tls.c:4193: |2| <= send alert message
19.06.24 18:59:08.379 ssl_tls.c:7389: |2| <= write close notify
What can be a reason for this with Google Chrome? Same situation I am facing with Microsoft Edge and IE.
Maybe I need to change something in mbedTLS configuration? I am using default configuration generated by STM32CubeMX and take https://github.com/ARMmbed/mbedtls/blob/development/programs/ssl/ssl_server.c as example.
Thank you.
HI @Evgeniy_Vasyliev
The log you show in the Google Chrome example doesn’t suggest a failed connection. However, error -0x50
is MBEDTLS_ERR_NET_CONN_RESET
, which means that the connection was reset by the peer.
Assuming Chrome uses Mbed TLS as well, the error -30592
is (as you mentioned):
programs/util/strerror -30592
Last error was: -0x7780 - SSL - A fatal alert message was received from our peer
Please look a the log of a failed connection with google chrome, to understand why and when your server sent a fatal alert. It is better to se a debug lievel higher than 2.
Regards
@roneld01, thank you, here is a more detailed log when using Google Chrome with debug level = 4 (the highest), at this please note that when I enable logging the error at handshake is -80 (-0x50), however when logging is disabled - then the error at handshake is -30592 (-0x7780) - perhaps due to the timeout cause I write the logs to SD flash disk, so it takes time (I have SD disk on board, to which I forward the logs):
At this please note that used version of mbedTLS is 2.11.0 working over LWIP 2.0.3, which is coming into the latest release of STM32CubeMx for STM32F4 MCU,
ssl_tls.c:6754: |2| => handshake
ssl_srv.c:4219: |2| server state: 0
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:4219: |2| server state: 1
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:1192: |2| => parse client hello
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2458: |2| <= fetch input
ssl_srv.c:1224: |4| dumping 'record header' (5 bytes)
ssl_srv.c:1224: |4| 0000: 16 03 01 02 00 .....
ssl_srv.c:1236: |3| client hello v3, message type: 22
ssl_srv.c:1245: |3| client hello v3, message len.: 512
ssl_srv.c:1248: |3| client hello v3, protocol version: [3:1]
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 5, nb_want: 517
ssl_tls.c:2437: |2| in_left: 5, nb_want: 517
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 512 (-0xfffffe00)
ssl_tls.c:2458: |2| <= fetch input
ssl_srv.c:1330: |4| dumping 'record contents' (512 bytes)
ssl_srv.c:1330: |4| 0000: 01 00 01 fc 03 03 30 6d 56 a1 d1 c2 82 5c 79 80 ......0mV....\y.
ssl_srv.c:1330: |4| 0010: ef e5 cd d4 c1 2c c8 8e 21 ea da 41 c3 0d bd 5e .....,..!..A...^
ssl_srv.c:1330: |4| 0020: 62 f4 84 e3 cc de 20 53 69 9a dd 81 0d e7 99 5f b..... Si......_
ssl_srv.c:1330: |4| 0030: 2f b1 c7 ec 9e e0 96 81 ad 9d 8e c3 db 40 50 91 /............@P.
ssl_srv.c:1330: |4| 0040: d0 f6 31 18 47 c0 c6 00 22 ea ea 13 01 13 02 13 ..1.G...".......
ssl_srv.c:1330: |4| 0050: 03 c0 2b c0 2f c0 2c c0 30 cc a9 cc a8 c0 13 c0 ..+./.,.0.......
ssl_srv.c:1330: |4| 0060: 14 00 9c 00 9d 00 2f 00 35 00 0a 01 00 01 91 aa ....../.5.......
ssl_srv.c:1330: |4| 0070: aa 00 00 00 17 00 00 ff 01 00 01 00 00 0a 00 0a ................
ssl_srv.c:1330: |4| 0080: 00 08 2a 2a 00 1d 00 17 00 18 00 0b 00 02 01 00 ..**............
ssl_srv.c:1330: |4| 0090: 00 23 00 00 00 10 00 0e 00 0c 02 68 32 08 68 74 .#.........h2.ht
ssl_srv.c:1330: |4| 00a0: 74 70 2f 31 2e 31 00 05 00 05 01 00 00 00 00 00 tp/1.1..........
ssl_srv.c:1330: |4| 00b0: 0d 00 14 00 12 04 03 08 04 04 01 05 03 08 05 05 ................
ssl_srv.c:1330: |4| 00c0: 01 08 06 06 01 02 01 00 12 00 00 00 33 00 2b 00 ............3.+.
ssl_srv.c:1330: |4| 00d0: 29 2a 2a 00 01 00 00 1d 00 20 ec c9 55 48 ab 96 )**...... ..UH..
ssl_srv.c:1330: |4| 00e0: d4 79 e3 3e 85 2e de ad e2 70 ca 0e 77 8c 33 c0 .y.>.....p..w.3.
ssl_srv.c:1330: |4| 00f0: 9f 74 d6 2f 85 43 68 57 2e 4c 00 2d 00 02 01 01 .t./.ChW.L.-....
ssl_srv.c:1330: |4| 0100: 00 2b 00 0b 0a 1a 1a 03 04 03 03 03 02 03 01 00 .+..............
ssl_srv.c:1330: |4| 0110: 1b 00 03 02 00 02 da da 00 01 00 00 15 00 e1 00 ................
ssl_srv.c:1330: |4| 0120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1348: |3| client hello v3, handshake type: 1
ssl_srv.c:1357: |3| client hello v3, handshake len.: 508
ssl_srv.c:1446: |3| dumping 'client hello, version' (2 bytes)
ssl_srv.c:1446: |3| 0000: 03 03 ..
ssl_srv.c:1477: |3| dumping 'client hello, random bytes' (32 bytes)
ssl_srv.c:1477: |3| 0000: 30 6d 56 a1 d1 c2 82 5c 79 80 ef e5 cd d4 c1 2c 0mV....\y......,
ssl_srv.c:1477: |3| 0010: c8 8e 21 ea da 41 c3 0d bd 5e 62 f4 84 e3 cc de ..!..A...^b.....
ssl_srv.c:1495: |3| dumping 'client hello, session id' (32 bytes)
ssl_srv.c:1495: |3| 0000: 53 69 9a dd 81 0d e7 99 5f 2f b1 c7 ec 9e e0 96 Si......_/......
ssl_srv.c:1495: |3| 0010: 81 ad 9d 8e c3 db 40 50 91 d0 f6 31 18 47 c0 c6 ......@P...1.G..
ssl_srv.c:1580: |3| dumping 'client hello, ciphersuitelist' (34 bytes)
ssl_srv.c:1580: |3| 0000: ea ea 13 01 13 02 13 03 c0 2b c0 2f c0 2c c0 30 .........+./.,.0
ssl_srv.c:1580: |3| 0010: cc a9 cc a8 c0 13 c0 14 00 9c 00 9d 00 2f 00 35 ............./.5
ssl_srv.c:1580: |3| 0020: 00 0a ..
ssl_srv.c:1600: |3| dumping 'client hello, compression' (1 bytes)
ssl_srv.c:1600: |3| 0000: 00 .
ssl_srv.c:1655: |3| dumping 'client hello extensions' (401 bytes)
ssl_srv.c:1655: |3| 0000: aa aa 00 00 00 17 00 00 ff 01 00 01 00 00 0a 00 ................
ssl_srv.c:1655: |3| 0010: 0a 00 08 2a 2a 00 1d 00 17 00 18 00 0b 00 02 01 ...**...........
ssl_srv.c:1655: |3| 0020: 00 00 23 00 00 00 10 00 0e 00 0c 02 68 32 08 68 ..#.........h2.h
ssl_srv.c:1655: |3| 0030: 74 74 70 2f 31 2e 31 00 05 00 05 01 00 00 00 00 ttp/1.1.........
ssl_srv.c:1655: |3| 0040: 00 0d 00 14 00 12 04 03 08 04 04 01 05 03 08 05 ................
ssl_srv.c:1655: |3| 0050: 05 01 08 06 06 01 02 01 00 12 00 00 00 33 00 2b .............3.+
ssl_srv.c:1655: |3| 0060: 00 29 2a 2a 00 01 00 00 1d 00 20 ec c9 55 48 ab .)**...... ..UH.
ssl_srv.c:1655: |3| 0070: 96 d4 79 e3 3e 85 2e de ad e2 70 ca 0e 77 8c 33 ..y.>.....p..w.3
ssl_srv.c:1655: |3| 0080: c0 9f 74 d6 2f 85 43 68 57 2e 4c 00 2d 00 02 01 ..t./.ChW.L.-...
ssl_srv.c:1655: |3| 0090: 01 00 2b 00 0b 0a 1a 1a 03 04 03 03 03 02 03 01 ..+.............
ssl_srv.c:1655: |3| 00a0: 00 1b 00 03 02 00 02 da da 00 01 00 00 15 00 e1 ................
ssl_srv.c:1655: |3| 00b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0190: 00 .
ssl_srv.c:1803: |3| unknown extension found: 43690 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 23 (ignoring)
ssl_srv.c:1686: |3| found renegotiation extension
ssl_srv.c:1713: |3| found supported elliptic curves extension
ssl_srv.c:1721: |3| found supported point formats extension
ssl_srv.c:0356: |4| point format selected: 0
ssl_srv.c:1803: |3| unknown extension found: 35 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 16 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 5 (ignoring)
ssl_srv.c:1699: |3| found signature_algorithms extension
ssl_srv.c:0252: |3| client hello v3, signature_algorithm ext: match sig 4 and hash 6
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 4
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:0252: |3| client hello v3, signature_algorithm ext: match sig 4 and hash 7
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 5
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 6
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:1803: |3| unknown extension found: 18 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 51 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 45 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 43 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 27 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 56026 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 21 (ignoring)
ssl_srv.c:0801: |3| trying ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_srv.c:0699: |3| ciphersuite requires certificate
ssl_srv.c:0710: |3| candidate certificate chain, certificate #1:
ssl_srv.c:0710: |3| cert. version : 3
ssl_srv.c:0710: |3| serial number : 09
ssl_srv.c:0710: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0710: |3| subject name : C=NL, O=PolarSSL, CN=localhost
ssl_srv.c:0710: |3| issued on : 2013-09-24 15:52:04
ssl_srv.c:0710: |3| expires on : 2023-09-22 15:52:04
ssl_srv.c:0710: |3| signed using : ECDSA with SHA256
ssl_srv.c:0710: |3| EC key size : 256 bits
ssl_srv.c:0710: |3| basic constraints : CA=false
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(X)' (254 bits) is:
ssl_srv.c:0710: |3| 37 cc 56 d9 76 09 1e 5a 72 3e c7 59 2d ff 20 6e
ssl_srv.c:0710: |3| ee 7c f9 06 91 74 d0 ad 14 b5 f7 68 22 59 62 92
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(Y)' (255 bits) is:
ssl_srv.c:0710: |3| 4e e5 00 d8 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a
ssl_srv.c:0710: |3| 88 c2 6b 77 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff
ssl_srv.c:0710: |3| candidate certificate chain, certificate #2:
ssl_srv.c:0710: |3| cert. version : 3
ssl_srv.c:0710: |3| serial number : C1:43:E2:7E:62:43:CC:E8
ssl_srv.c:0710: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0710: |3| subject name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0710: |3| issued on : 2013-09-24 15:49:48
ssl_srv.c:0710: |3| expires on : 2023-09-22 15:49:48
ssl_srv.c:0710: |3| signed using : ECDSA with SHA256
ssl_srv.c:0710: |3| EC key size : 384 bits
ssl_srv.c:0710: |3| basic constraints : CA=true
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(X)' (384 bits) is:
ssl_srv.c:0710: |3| c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43
ssl_srv.c:0710: |3| 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95
ssl_srv.c:0710: |3| 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(Y)' (384 bits) is:
ssl_srv.c:0710: |3| 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58
ssl_srv.c:0710: |3| b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47
ssl_srv.c:0710: |3| 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e
ssl_srv.c:0772: |3| selected certificate chain, certificate #1:
ssl_srv.c:0772: |3| cert. version : 3
ssl_srv.c:0772: |3| serial number : 09
ssl_srv.c:0772: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0772: |3| subject name : C=NL, O=PolarSSL, CN=localhost
ssl_srv.c:0772: |3| issued on : 2013-09-24 15:52:04
ssl_srv.c:0772: |3| expires on : 2023-09-22 15:52:04
ssl_srv.c:0772: |3| signed using : ECDSA with SHA256
ssl_srv.c:0772: |3| EC key size : 256 bits
ssl_srv.c:0772: |3| basic constraints : CA=false
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(X)' (254 bits) is:
ssl_srv.c:0772: |3| 37 cc 56 d9 76 09 1e 5a 72 3e c7 59 2d ff 20 6e
ssl_srv.c:0772: |3| ee 7c f9 06 91 74 d0 ad 14 b5 f7 68 22 59 62 92
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(Y)' (255 bits) is:
ssl_srv.c:0772: |3| 4e e5 00 d8 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a
ssl_srv.c:0772: |3| 88 c2 6b 77 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff
ssl_srv.c:0772: |3| selected certificate chain, certificate #2:
ssl_srv.c:0772: |3| cert. version : 3
ssl_srv.c:0772: |3| serial number : C1:43:E2:7E:62:43:CC:E8
ssl_srv.c:0772: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0772: |3| subject name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0772: |3| issued on : 2013-09-24 15:49:48
ssl_srv.c:0772: |3| expires on : 2023-09-22 15:49:48
ssl_srv.c:0772: |3| signed using : ECDSA with SHA256
ssl_srv.c:0772: |3| EC key size : 384 bits
ssl_srv.c:0772: |3| basic constraints : CA=true
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(X)' (384 bits) is:
ssl_srv.c:0772: |3| c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43
ssl_srv.c:0772: |3| 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95
ssl_srv.c:0772: |3| 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(Y)' (384 bits) is:
ssl_srv.c:0772: |3| 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58
ssl_srv.c:0772: |3| b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47
ssl_srv.c:0772: |3| 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e
ssl_srv.c:1974: |2| selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_srv.c:1998: |3| client hello v3, signature_algorithm ext: 4
ssl_srv.c:2008: |2| <= parse client hello
ssl_srv.c:4219: |2| server state: 2
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:2383: |2| => write server hello
ssl_srv.c:2417: |3| server hello, chosen version: [3:3]
ssl_srv.c:2426: |3| server hello, current time: 3
ssl_srv.c:2441: |3| dumping 'server hello, random bytes' (32 bytes)
ssl_srv.c:2441: |3| 0000: 00 00 00 00 80 ed f4 73 df 3e a6 01 48 19 e1 b5 .......s.>..H...
ssl_srv.c:2441: |3| 0010: 30 81 11 ce 8e a6 d0 0f 58 5e 5a 14 c8 65 4f ac 0.......X^Z..eO.
ssl_srv.c:2514: |3| server hello, session id len.: 32
ssl_srv.c:2515: |3| dumping 'server hello, session id' (32 bytes)
ssl_srv.c:2515: |3| 0000: 1a 66 0a cd 79 c1 49 54 47 53 2d d4 19 3b d6 39 .f..y.ITGS-..;.9
ssl_srv.c:2515: |3| 0010: 77 3d c7 41 d8 df 52 6e bf c1 b9 32 85 aa 97 f9 w=.A..Rn...2....
ssl_srv.c:2517: |3| no session has been resumed
ssl_srv.c:2524: |3| server hello, chosen ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_srv.c:2526: |3| server hello, compress alg.: 0x00
ssl_srv.c:2145: |3| server hello, secure renegotiation extension
ssl_srv.c:2216: |3| server hello, supported_point_formats extension
ssl_srv.c:2581: |3| server hello, total extension length: 11
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 87
ssl_tls.c:2913: |4| dumping 'output record sent to network' (92 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 00 57 02 00 00 53 03 03 00 00 00 00 80 ....W...S.......
ssl_tls.c:2913: |4| 0010: ed f4 73 df 3e a6 01 48 19 e1 b5 30 81 11 ce 8e ..s.>..H...0....
ssl_tls.c:2913: |4| 0020: a6 d0 0f 58 5e 5a 14 c8 65 4f ac 20 1a 66 0a cd ...X^Z..eO. .f..
ssl_tls.c:2913: |4| 0030: 79 c1 49 54 47 53 2d d4 19 3b d6 39 77 3d c7 41 y.ITGS-..;.9w=.A
ssl_tls.c:2913: |4| 0040: d8 df 52 6e bf c1 b9 32 85 aa 97 f9 c0 2b 00 00 ..Rn...2.....+..
ssl_tls.c:2913: |4| 0050: 0b ff 01 00 01 00 00 0b 00 02 01 00 ............
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2490: |2| message length: 92, out_left: 92
ssl_tls.c:2496: |2| ssl->f_send() returned 92 (-0xffffffa4)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_srv.c:2600: |2| <= write server hello
ssl_srv.c:4219: |2| server state: 3
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_tls.c:4259: |2| => write certificate
ssl_tls.c:4311: |3| own certificate #1:
ssl_tls.c:4311: |3| cert. version : 3
ssl_tls.c:4311: |3| serial number : 09
ssl_tls.c:4311: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_tls.c:4311: |3| subject name : C=NL, O=PolarSSL, CN=localhost
ssl_tls.c:4311: |3| issued on : 2013-09-24 15:52:04
ssl_tls.c:4311: |3| expires on : 2023-09-22 15:52:04
ssl_tls.c:4311: |3| signed using : ECDSA with SHA256
ssl_tls.c:4311: |3| EC key size : 256 bits
ssl_tls.c:4311: |3| basic constraints : CA=false
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(X)' (254 bits) is:
ssl_tls.c:4311: |3| 37 cc 56 d9 76 09 1e 5a 72 3e c7 59 2d ff 20 6e
ssl_tls.c:4311: |3| ee 7c f9 06 91 74 d0 ad 14 b5 f7 68 22 59 62 92
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(Y)' (255 bits) is:
ssl_tls.c:4311: |3| 4e e5 00 d8 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a
ssl_tls.c:4311: |3| 88 c2 6b 77 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff
ssl_tls.c:4311: |3| own certificate #2:
ssl_tls.c:4311: |3| cert. version : 3
ssl_tls.c:4311: |3| serial number : C1:43:E2:7E:62:43:CC:E8
ssl_tls.c:4311: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_tls.c:4311: |3| subject name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_tls.c:4311: |3| issued on : 2013-09-24 15:49:48
ssl_tls.c:4311: |3| expires on : 2023-09-22 15:49:48
ssl_tls.c:4311: |3| signed using : ECDSA with SHA256
ssl_tls.c:4311: |3| EC key size : 384 bits
ssl_tls.c:4311: |3| basic constraints : CA=true
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(X)' (384 bits) is:
ssl_tls.c:4311: |3| c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43
ssl_tls.c:4311: |3| 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95
ssl_tls.c:4311: |3| 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(Y)' (384 bits) is:
ssl_tls.c:4311: |3| 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58
ssl_tls.c:4311: |3| b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47
ssl_tls.c:4311: |3| 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 1158
ssl_tls.c:2913: |4| dumping 'output record sent to network' (1163 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 04 86 0b 00 04 82 00 04 7f 00 02 23 30 ..............#0
ssl_tls.c:2913: |4| 0010: 82 02 1f 30 82 01 a5 a0 03 02 01 02 02 01 09 30 ...0...........0
ssl_tls.c:2913: |4| 0020: 0a 06 08 2a 86 48 ce 3d 04 03 02 30 3e 31 0b 30 ...*.H.=...0>1.0
ssl_tls.c:2913: |4| 0030: 09 06 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 ...U....NL1.0...
ssl_tls.c:2913: |4| 0040: 55 04 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 U....PolarSSL1.0
ssl_tls.c:2913: |4| 0050: 1a 06 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c ...U....Polarssl
ssl_tls.c:2913: |4| 0060: 20 54 65 73 74 20 45 43 20 43 41 30 1e 17 0d 31 Test EC CA0...1
ssl_tls.c:2913: |4| 0070: 33 30 39 32 34 31 35 35 32 30 34 5a 17 0d 32 33 30924155204Z..23
ssl_tls.c:2913: |4| 0080: 30 39 32 32 31 35 35 32 30 34 5a 30 34 31 0b 30 0922155204Z041.0
ssl_tls.c:2913: |4| 0090: 09 06 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 ...U....NL1.0...
ssl_tls.c:2913: |4| 00a0: 55 04 0a 13 08 50 6f 6c 61 72 53 53 4c 31 12 30 U....PolarSSL1.0
ssl_tls.c:2913: |4| 00b0: 10 06 03 55 04 03 13 09 6c 6f 63 61 6c 68 6f 73 ...U....localhos
ssl_tls.c:2913: |4| 00c0: 74 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 t0Y0...*.H.=....
ssl_tls.c:2913: |4| 00d0: 2a 86 48 ce 3d 03 01 07 03 42 00 04 37 cc 56 d9 *.H.=....B..7.V.
ssl_tls.c:2913: |4| 00e0: 76 09 1e 5a 72 3e c7 59 2d ff 20 6e ee 7c f9 06 v..Zr>.Y-. n.|..
ssl_tls.c:2913: |4| 00f0: 91 74 d0 ad 14 b5 f7 68 22 59 62 92 4e e5 00 d8 .t.....h"Yb.N...
ssl_tls.c:2913: |4| 0100: 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a 88 c2 6b 77 #.../.4]].....kw
ssl_tls.c:2913: |4| 0110: 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff a3 81 9d 30 .U..*..........0
ssl_tls.c:2913: |4| 0120: 81 9a 30 09 06 03 55 1d 13 04 02 30 00 30 1d 06 ..0...U....0.0..
ssl_tls.c:2913: |4| 0130: 03 55 1d 0e 04 16 04 14 50 61 a5 8f d4 07 d9 d7 .U......Pa......
ssl_tls.c:2913: |4| 0140: 82 01 0c e5 65 7f 8c 63 46 a7 13 be 30 6e 06 03 ....e..cF...0n..
ssl_tls.c:2913: |4| 0150: 55 1d 23 04 67 30 65 80 14 9d 6d 20 24 49 01 3f U.#.g0e...m $I.?
ssl_tls.c:2913: |4| 0160: 2b cb 78 b5 19 bc 7e 24 c9 db fb 36 7c a1 42 a4 +.x...~$...6|.B.
ssl_tls.c:2913: |4| 0170: 40 30 3e 31 0b 30 09 06 03 55 04 06 13 02 4e 4c @0>1.0...U....NL
ssl_tls.c:2913: |4| 0180: 31 11 30 0f 06 03 55 04 0a 13 08 50 6f 6c 61 72 1.0...U....Polar
ssl_tls.c:2913: |4| 0190: 53 53 4c 31 1c 30 1a 06 03 55 04 03 13 13 50 6f SSL1.0...U....Po
ssl_tls.c:2913: |4| 01a0: 6c 61 72 73 73 6c 20 54 65 73 74 20 45 43 20 43 larssl Test EC C
ssl_tls.c:2913: |4| 01b0: 41 82 09 00 c1 43 e2 7e 62 43 cc e8 30 0a 06 08 A....C.~bC..0...
ssl_tls.c:2913: |4| 01c0: 2a 86 48 ce 3d 04 03 02 03 68 00 30 65 02 31 00 *.H.=....h.0e.1.
ssl_tls.c:2913: |4| 01d0: 9a 2c 5c d7 a6 db a2 e5 64 0d f0 b9 4e dd d7 61 .,\.....d...N..a
ssl_tls.c:2913: |4| 01e0: d6 13 31 c7 ab 73 80 bb d3 d3 73 13 54 ad 92 0b ..1..s....s.T...
ssl_tls.c:2913: |4| 01f0: 5d ab d0 bc f7 ae 2f e6 a1 21 29 35 95 aa 3e 39 ]...../..!)5..>9
ssl_tls.c:2913: |4| 0200: 02 30 21 36 7f 9d c6 5d c6 0b ab 27 f2 25 1d 3b .0!6...]...'..;
ssl_tls.c:2913: |4| 0210: f1 cf f1 35 25 14 e7 e5 f1 97 b5 59 e3 5e 15 7c ...5......Y.^.|
ssl_tls.c:2913: |4| 0220: 66 b9 90 7b c7 01 10 4f 73 c6 00 21 52 2a 0e f1 f..{...Os..!R*..
ssl_tls.c:2913: |4| 0230: c7 d5 00 02 56 30 82 02 52 30 82 01 d7 a0 03 02 ....V0..R0......
ssl_tls.c:2913: |4| 0240: 01 02 02 09 00 c1 43 e2 7e 62 43 cc e8 30 0a 06 ......C.~bC..0..
ssl_tls.c:2913: |4| 0250: 08 2a 86 48 ce 3d 04 03 02 30 3e 31 0b 30 09 06 .*.H.=...0>1.0..
ssl_tls.c:2913: |4| 0260: 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 55 04 .U....NL1.0...U.
ssl_tls.c:2913: |4| 0270: 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 1a 06 ...PolarSSL1.0..
ssl_tls.c:2913: |4| 0280: 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c 20 54 .U....Polarssl T
ssl_tls.c:2913: |4| 0290: 65 73 74 20 45 43 20 43 41 30 1e 17 0d 31 33 30 est EC CA0...130
ssl_tls.c:2913: |4| 02a0: 39 32 34 31 35 34 39 34 38 5a 17 0d 32 33 30 39 924154948Z..2309
ssl_tls.c:2913: |4| 02b0: 32 32 31 35 34 39 34 38 5a 30 3e 31 0b 30 09 06 22154948Z0>1.0..
ssl_tls.c:2913: |4| 02c0: 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 55 04 .U....NL1.0...U.
ssl_tls.c:2913: |4| 02d0: 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 1a 06 ...PolarSSL1.0..
ssl_tls.c:2913: |4| 02e0: 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c 20 54 .U....Polarssl T
ssl_tls.c:2913: |4| 02f0: 65 73 74 20 45 43 20 43 41 30 76 30 10 06 07 2a est EC CA0v0...*
ssl_tls.c:2913: |4| 0300: 86 48 ce 3d 02 01 06 05 2b 81 04 00 22 03 62 00 .H.=....+...".b.
ssl_tls.c:2913: |4| 0310: 04 c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 ...+4A7X/.V....)
ssl_tls.c:2913: |4| 0320: 43 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 CKN.n..WS39X.R..
ssl_tls.c:2913: |4| 0330: 95 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c .9.#._.$bH...).,
ssl_tls.c:2913: |4| 0340: 2d 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e -...R...j.!....n
ssl_tls.c:2913: |4| 0350: 58 b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 X....i..A.).._u.
ssl_tls.c:2913: |4| 0360: 47 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 Go..)Ui.S; .f.`3
ssl_tls.c:2913: |4| 0370: 1e a3 81 a0 30 81 9d 30 1d 06 03 55 1d 0e 04 16 ....0..0...U....
ssl_tls.c:2913: |4| 0380: 04 14 9d 6d 20 24 49 01 3f 2b cb 78 b5 19 bc 7e ...m $I.?+.x...~
ssl_tls.c:2913: |4| 0390: 24 c9 db fb 36 7c 30 6e 06 03 55 1d 23 04 67 30 $...6|0n..U.#.g0
ssl_tls.c:2913: |4| 03a0: 65 80 14 9d 6d 20 24 49 01 3f 2b cb 78 b5 19 bc e...m $I.?+.x...
ssl_tls.c:2913: |4| 03b0: 7e 24 c9 db fb 36 7c a1 42 a4 40 30 3e 31 0b 30 ~$...6|.B.@0>1.0
ssl_tls.c:2913: |4| 03c0: 09 06 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 ...U....NL1.0...
ssl_tls.c:2913: |4| 03d0: 55 04 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 U....PolarSSL1.0
ssl_tls.c:2913: |4| 03e0: 1a 06 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c ...U....Polarssl
ssl_tls.c:2913: |4| 03f0: 20 54 65 73 74 20 45 43 20 43 41 82 09 00 c1 43 Test EC CA....C
ssl_tls.c:2913: |4| 0400: e2 7e 62 43 cc e8 30 0c 06 03 55 1d 13 04 05 30 .~bC..0...U....0
ssl_tls.c:2913: |4| 0410: 03 01 01 ff 30 0a 06 08 2a 86 48 ce 3d 04 03 02 ....0...*.H.=...
ssl_tls.c:2913: |4| 0420: 03 69 00 30 66 02 31 00 c3 b4 62 73 56 28 95 00 .i.0f.1...bsV(..
ssl_tls.c:2913: |4| 0430: 7d 78 12 26 d2 71 7b 19 f8 8a 98 3e 92 fe 33 9e }x.&.q{....>..3.
ssl_tls.c:2913: |4| 0440: e4 79 d2 fe 7a b7 87 74 3c 2b b8 d7 69 94 0b a3 .y..z..t<+..i...
ssl_tls.c:2913: |4| 0450: 67 77 b8 b3 be d1 36 32 02 31 00 fd 67 9c 94 23 gw....62.1..g..#
ssl_tls.c:2913: |4| 0460: 67 c0 56 ba 4b 33 15 00 c6 e3 cc 31 08 2c 9c 8b g.V.K3.....1.,..
ssl_tls.c:2913: |4| 0470: da a9 75 23 2f b8 28 e7 f2 9c 14 3a 40 01 5c af ..u#/.(....:@.\.
ssl_tls.c:2913: |4| 0480: 0c b2 cf 74 7f 30 9f 08 43 ad 20 ...t.0..C.
ssl_tls.c:2471: |2| => flush output
Continuation:
ssl_tls.c:2490: |2| message length: 1163, out_left: 1163
ssl_tls.c:2496: |2| ssl->f_send() returned 1163 (-0xfffffb75)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_tls.c:4363: |2| <= write certificate
ssl_srv.c:4219: |2| server state: 4
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:3232: |2| => write server key exchange
ssl_srv.c:3011: |2| ECDHE curve: secp384r1
ssl_srv.c:3036: |3| value of 'ECDH: Q (X)' (384 bits) is:
ssl_srv.c:3036: |3| b8 aa c7 d3 18 07 42 8a 88 38 26 cf 2d 4b 75 37
ssl_srv.c:3036: |3| cd ca d5 aa 6c c6 2e 31 1b 7d 13 09 c7 d0 94 82
ssl_srv.c:3036: |3| d4 c5 9e f0 30 7c 04 1d 35 c0 4a 1a 80 ad fd 8e
ssl_srv.c:3036: |3| value of 'ECDH: Q (Y)' (384 bits) is:
ssl_srv.c:3036: |3| 9d a5 8d db 89 4f 33 ef 50 f2 1d b9 1b 20 08 9a
ssl_srv.c:3036: |3| d6 75 39 37 86 31 8f 83 4c 8a f2 92 b5 02 a8 1e
ssl_srv.c:3036: |3| 04 a4 a4 b3 f3 b7 37 1c 38 30 77 cb 0a 6a 80 d5
ssl_srv.c:3099: |3| pick hash algorithm 6 for signing
ssl_srv.c:3137: |3| dumping 'parameters hash' (32 bytes)
ssl_srv.c:3137: |3| 0000: e6 cc c8 f0 87 3b 5e 74 84 28 45 3c 6b 9e ff 43 .....;^t.(E<k..C
ssl_srv.c:3137: |3| 0010: 80 64 7d d2 f7 f3 96 29 c4 5f c2 98 ae 90 cd 4b .d}....)._.....K
ssl_srv.c:3297: |3| dumping 'my signature' (70 bytes)
ssl_srv.c:3297: |3| 0000: 30 44 02 20 7b a4 b3 4e f6 f1 6c 51 a9 1b b4 09 0D. {..N..lQ....
ssl_srv.c:3297: |3| 0010: 52 2f 64 43 de 98 3a 10 4f fe 0a bc 04 c8 5f 6c R/dC..:.O....._l
ssl_srv.c:3297: |3| 0020: 00 60 72 0b 02 20 39 3d ff c5 f8 1c b0 f5 1d a2 .`r.. 9=........
ssl_srv.c:3297: |3| 0030: 52 3e e4 1d c2 af 6d d4 b0 b7 f6 b8 ee 03 f9 b4 R>....m.........
ssl_srv.c:3297: |3| 0040: f6 c8 19 68 da f1 ...h..
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 179
ssl_tls.c:2913: |4| dumping 'output record sent to network' (184 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 00 b3 0c 00 00 af 03 00 18 61 04 b8 aa ............a...
ssl_tls.c:2913: |4| 0010: c7 d3 18 07 42 8a 88 38 26 cf 2d 4b 75 37 cd ca ....B..8&.-Ku7..
ssl_tls.c:2913: |4| 0020: d5 aa 6c c6 2e 31 1b 7d 13 09 c7 d0 94 82 d4 c5 ..l..1.}........
ssl_tls.c:2913: |4| 0030: 9e f0 30 7c 04 1d 35 c0 4a 1a 80 ad fd 8e 9d a5 ..0|..5.J.......
ssl_tls.c:2913: |4| 0040: 8d db 89 4f 33 ef 50 f2 1d b9 1b 20 08 9a d6 75 ...O3.P.... ...u
ssl_tls.c:2913: |4| 0050: 39 37 86 31 8f 83 4c 8a f2 92 b5 02 a8 1e 04 a4 97.1..L.........
ssl_tls.c:2913: |4| 0060: a4 b3 f3 b7 37 1c 38 30 77 cb 0a 6a 80 d5 04 03 ....7.80w..j....
ssl_tls.c:2913: |4| 0070: 00 46 30 44 02 20 7b a4 b3 4e f6 f1 6c 51 a9 1b .F0D. {..N..lQ..
ssl_tls.c:2913: |4| 0080: b4 09 52 2f 64 43 de 98 3a 10 4f fe 0a bc 04 c8 ..R/dC..:.O.....
ssl_tls.c:2913: |4| 0090: 5f 6c 00 60 72 0b 02 20 39 3d ff c5 f8 1c b0 f5 _l.`r.. 9=......
ssl_tls.c:2913: |4| 00a0: 1d a2 52 3e e4 1d c2 af 6d d4 b0 b7 f6 b8 ee 03 ..R>....m.......
ssl_tls.c:2913: |4| 00b0: f9 b4 f6 c8 19 68 da f1 .....h..
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2490: |2| message length: 184, out_left: 184
ssl_tls.c:2496: |2| ssl->f_send() returned 184 (-0xffffff48)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_srv.c:3316: |2| <= write server key exchange
ssl_srv.c:4219: |2| server state: 5
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:2645: |2| => write certificate request
ssl_srv.c:2663: |2| <= skip write certificate request
ssl_srv.c:4219: |2| server state: 6
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:3324: |2| => write server hello done
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 4
ssl_tls.c:2913: |4| dumping 'output record sent to network' (9 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 00 04 0e 00 00 00 .........
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2490: |2| message length: 9, out_left: 9
ssl_tls.c:2496: |2| ssl->f_send() returned -80 (-0x0050)
ssl_tls.c:2918: |1| mbedtls_ssl_flush_output() returned -80 (-0x0050)
ssl_srv.c:3339: |1| mbedtls_ssl_write_record() returned -80 (-0x0050)
ssl_tls.c:6764: |2| <= handshake
ssl_tls.c:6754: |2| => handshake
ssl_srv.c:4219: |2| server state: 0
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:4219: |2| server state: 1
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:1192: |2| => parse client hello
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2458: |2| <= fetch input
ssl_srv.c:1224: |4| dumping 'record header' (5 bytes)
ssl_srv.c:1224: |4| 0000: 16 03 01 02 00 .....
ssl_srv.c:1236: |3| client hello v3, message type: 22
ssl_srv.c:1245: |3| client hello v3, message len.: 512
ssl_srv.c:1248: |3| client hello v3, protocol version: [3:1]
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 5, nb_want: 517
ssl_tls.c:2437: |2| in_left: 5, nb_want: 517
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 512 (-0xfffffe00)
ssl_tls.c:2458: |2| <= fetch input
ssl_srv.c:1330: |4| dumping 'record contents' (512 bytes)
ssl_srv.c:1330: |4| 0000: 01 00 01 fc 03 03 92 d8 ad 10 0f 61 c8 87 d6 c3 ...........a....
ssl_srv.c:1330: |4| 0010: 22 19 dc 99 d7 66 8c d1 3d d3 6f f8 b8 b4 10 ac "....f..=.o.....
ssl_srv.c:1330: |4| 0020: ca 16 81 c6 02 24 20 53 69 9a dd 81 0d e7 99 5f .....$ Si......_
ssl_srv.c:1330: |4| 0030: 2f b1 c7 ec 9e e0 96 81 ad 9d 8e c3 db 40 50 91 /............@P.
ssl_srv.c:1330: |4| 0040: d0 f6 31 18 47 c0 c6 00 22 9a 9a 13 01 13 02 13 ..1.G...".......
ssl_srv.c:1330: |4| 0050: 03 c0 2b c0 2f c0 2c c0 30 cc a9 cc a8 c0 13 c0 ..+./.,.0.......
ssl_srv.c:1330: |4| 0060: 14 00 9c 00 9d 00 2f 00 35 00 0a 01 00 01 91 fa ....../.5.......
ssl_srv.c:1330: |4| 0070: fa 00 00 00 17 00 00 ff 01 00 01 00 00 0a 00 0a ................
ssl_srv.c:1330: |4| 0080: 00 08 3a 3a 00 1d 00 17 00 18 00 0b 00 02 01 00 ..::............
ssl_srv.c:1330: |4| 0090: 00 23 00 00 00 10 00 0e 00 0c 02 68 32 08 68 74 .#.........h2.ht
ssl_srv.c:1330: |4| 00a0: 74 70 2f 31 2e 31 00 05 00 05 01 00 00 00 00 00 tp/1.1..........
ssl_srv.c:1330: |4| 00b0: 0d 00 14 00 12 04 03 08 04 04 01 05 03 08 05 05 ................
ssl_srv.c:1330: |4| 00c0: 01 08 06 06 01 02 01 00 12 00 00 00 33 00 2b 00 ............3.+.
ssl_srv.c:1330: |4| 00d0: 29 3a 3a 00 01 00 00 1d 00 20 e3 a8 3e 80 c7 25 )::...... ..>..
ssl_srv.c:1330: |4| 00e0: 51 0d f5 d0 d4 e8 7e e2 5b f6 70 f0 12 b6 81 64 Q.....~.[.p....d
ssl_srv.c:1330: |4| 00f0: 25 26 da 37 4f ab 26 0e 26 36 00 2d 00 02 01 01 &.7O.&.&6.-....
ssl_srv.c:1330: |4| 0100: 00 2b 00 0b 0a aa aa 03 04 03 03 03 02 03 01 00 .+..............
ssl_srv.c:1330: |4| 0110: 1b 00 03 02 00 02 4a 4a 00 01 00 00 15 00 e1 00 ......JJ........
ssl_srv.c:1330: |4| 0120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1330: |4| 01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1348: |3| client hello v3, handshake type: 1
ssl_srv.c:1357: |3| client hello v3, handshake len.: 508
ssl_srv.c:1446: |3| dumping 'client hello, version' (2 bytes)
ssl_srv.c:1446: |3| 0000: 03 03 ..
ssl_srv.c:1477: |3| dumping 'client hello, random bytes' (32 bytes)
ssl_srv.c:1477: |3| 0000: 92 d8 ad 10 0f 61 c8 87 d6 c3 22 19 dc 99 d7 66 .....a...."....f
ssl_srv.c:1477: |3| 0010: 8c d1 3d d3 6f f8 b8 b4 10 ac ca 16 81 c6 02 24 ..=.o..........$
ssl_srv.c:1495: |3| dumping 'client hello, session id' (32 bytes)
ssl_srv.c:1495: |3| 0000: 53 69 9a dd 81 0d e7 99 5f 2f b1 c7 ec 9e e0 96 Si......_/......
ssl_srv.c:1495: |3| 0010: 81 ad 9d 8e c3 db 40 50 91 d0 f6 31 18 47 c0 c6 ......@P...1.G..
ssl_srv.c:1580: |3| dumping 'client hello, ciphersuitelist' (34 bytes)
ssl_srv.c:1580: |3| 0000: 9a 9a 13 01 13 02 13 03 c0 2b c0 2f c0 2c c0 30 .........+./.,.0
ssl_srv.c:1580: |3| 0010: cc a9 cc a8 c0 13 c0 14 00 9c 00 9d 00 2f 00 35 ............./.5
ssl_srv.c:1580: |3| 0020: 00 0a ..
ssl_srv.c:1600: |3| dumping 'client hello, compression' (1 bytes)
ssl_srv.c:1600: |3| 0000: 00 .
ssl_srv.c:1655: |3| dumping 'client hello extensions' (401 bytes)
ssl_srv.c:1655: |3| 0000: fa fa 00 00 00 17 00 00 ff 01 00 01 00 00 0a 00 ................
ssl_srv.c:1655: |3| 0010: 0a 00 08 3a 3a 00 1d 00 17 00 18 00 0b 00 02 01 ...::...........
ssl_srv.c:1655: |3| 0020: 00 00 23 00 00 00 10 00 0e 00 0c 02 68 32 08 68 ..#.........h2.h
ssl_srv.c:1655: |3| 0030: 74 74 70 2f 31 2e 31 00 05 00 05 01 00 00 00 00 ttp/1.1.........
ssl_srv.c:1655: |3| 0040: 00 0d 00 14 00 12 04 03 08 04 04 01 05 03 08 05 ................
ssl_srv.c:1655: |3| 0050: 05 01 08 06 06 01 02 01 00 12 00 00 00 33 00 2b .............3.+
ssl_srv.c:1655: |3| 0060: 00 29 3a 3a 00 01 00 00 1d 00 20 e3 a8 3e 80 c7 .)::...... ..>..
ssl_srv.c:1655: |3| 0070: 25 51 0d f5 d0 d4 e8 7e e2 5b f6 70 f0 12 b6 81 Q.....~.[.p....
ssl_srv.c:1655: |3| 0080: 64 25 26 da 37 4f ab 26 0e 26 36 00 2d 00 02 01 d&.7O.&.&6.-...
ssl_srv.c:1655: |3| 0090: 01 00 2b 00 0b 0a aa aa 03 04 03 03 03 02 03 01 ..+.............
ssl_srv.c:1655: |3| 00a0: 00 1b 00 03 02 00 02 4a 4a 00 01 00 00 15 00 e1 .......JJ.......
ssl_srv.c:1655: |3| 00b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 00f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ssl_srv.c:1655: |3| 0190: 00 .
ssl_srv.c:1803: |3| unknown extension found: 64250 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 23 (ignoring)
ssl_srv.c:1686: |3| found renegotiation extension
ssl_srv.c:1713: |3| found supported elliptic curves extension
ssl_srv.c:1721: |3| found supported point formats extension
ssl_srv.c:0356: |4| point format selected: 0
ssl_srv.c:1803: |3| unknown extension found: 35 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 16 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 5 (ignoring)
ssl_srv.c:1699: |3| found signature_algorithms extension
ssl_srv.c:0252: |3| client hello v3, signature_algorithm ext: match sig 4 and hash 6
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 4
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:0252: |3| client hello v3, signature_algorithm ext: match sig 4 and hash 7
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 5
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 6
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:0234: |3| client hello v3, signature_algorithm ext unknown sig alg encoding 1
ssl_srv.c:1803: |3| unknown extension found: 18 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 51 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 45 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 43 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 27 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 19018 (ignoring)
ssl_srv.c:1803: |3| unknown extension found: 21 (ignoring)
ssl_srv.c:0801: |3| trying ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_srv.c:0699: |3| ciphersuite requires certificate
ssl_srv.c:0710: |3| candidate certificate chain, certificate #1:
ssl_srv.c:0710: |3| cert. version : 3
ssl_srv.c:0710: |3| serial number : 09
ssl_srv.c:0710: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0710: |3| subject name : C=NL, O=PolarSSL, CN=localhost
ssl_srv.c:0710: |3| issued on : 2013-09-24 15:52:04
ssl_srv.c:0710: |3| expires on : 2023-09-22 15:52:04
ssl_srv.c:0710: |3| signed using : ECDSA with SHA256
ssl_srv.c:0710: |3| EC key size : 256 bits
ssl_srv.c:0710: |3| basic constraints : CA=false
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(X)' (254 bits) is:
ssl_srv.c:0710: |3| 37 cc 56 d9 76 09 1e 5a 72 3e c7 59 2d ff 20 6e
ssl_srv.c:0710: |3| ee 7c f9 06 91 74 d0 ad 14 b5 f7 68 22 59 62 92
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(Y)' (255 bits) is:
ssl_srv.c:0710: |3| 4e e5 00 d8 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a
ssl_srv.c:0710: |3| 88 c2 6b 77 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff
ssl_srv.c:0710: |3| candidate certificate chain, certificate #2:
ssl_srv.c:0710: |3| cert. version : 3
ssl_srv.c:0710: |3| serial number : C1:43:E2:7E:62:43:CC:E8
ssl_srv.c:0710: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0710: |3| subject name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0710: |3| issued on : 2013-09-24 15:49:48
ssl_srv.c:0710: |3| expires on : 2023-09-22 15:49:48
ssl_srv.c:0710: |3| signed using : ECDSA with SHA256
ssl_srv.c:0710: |3| EC key size : 384 bits
ssl_srv.c:0710: |3| basic constraints : CA=true
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(X)' (384 bits) is:
ssl_srv.c:0710: |3| c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43
ssl_srv.c:0710: |3| 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95
ssl_srv.c:0710: |3| 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d
ssl_srv.c:0710: |3| value of 'crt->eckey.Q(Y)' (384 bits) is:
ssl_srv.c:0710: |3| 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58
ssl_srv.c:0710: |3| b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47
ssl_srv.c:0710: |3| 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e
ssl_srv.c:0772: |3| selected certificate chain, certificate #1:
ssl_srv.c:0772: |3| cert. version : 3
ssl_srv.c:0772: |3| serial number : 09
ssl_srv.c:0772: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0772: |3| subject name : C=NL, O=PolarSSL, CN=localhost
ssl_srv.c:0772: |3| issued on : 2013-09-24 15:52:04
ssl_srv.c:0772: |3| expires on : 2023-09-22 15:52:04
ssl_srv.c:0772: |3| signed using : ECDSA with SHA256
ssl_srv.c:0772: |3| EC key size : 256 bits
ssl_srv.c:0772: |3| basic constraints : CA=false
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(X)' (254 bits) is:
ssl_srv.c:0772: |3| 37 cc 56 d9 76 09 1e 5a 72 3e c7 59 2d ff 20 6e
ssl_srv.c:0772: |3| ee 7c f9 06 91 74 d0 ad 14 b5 f7 68 22 59 62 92
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(Y)' (255 bits) is:
ssl_srv.c:0772: |3| 4e e5 00 d8 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a
ssl_srv.c:0772: |3| 88 c2 6b 77 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff
ssl_srv.c:0772: |3| selected certificate chain, certificate #2:
ssl_srv.c:0772: |3| cert. version : 3
ssl_srv.c:0772: |3| serial number : C1:43:E2:7E:62:43:CC:E8
ssl_srv.c:0772: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0772: |3| subject name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_srv.c:0772: |3| issued on : 2013-09-24 15:49:48
ssl_srv.c:0772: |3| expires on : 2023-09-22 15:49:48
ssl_srv.c:0772: |3| signed using : ECDSA with SHA256
ssl_srv.c:0772: |3| EC key size : 384 bits
ssl_srv.c:0772: |3| basic constraints : CA=true
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(X)' (384 bits) is:
ssl_srv.c:0772: |3| c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43
ssl_srv.c:0772: |3| 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95
ssl_srv.c:0772: |3| 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d
ssl_srv.c:0772: |3| value of 'crt->eckey.Q(Y)' (384 bits) is:
ssl_srv.c:0772: |3| 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58
ssl_srv.c:0772: |3| b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47
ssl_srv.c:0772: |3| 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e
ssl_srv.c:1974: |2| selected ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_srv.c:1998: |3| client hello v3, signature_algorithm ext: 4
ssl_srv.c:2008: |2| <= parse client hello
ssl_srv.c:4219: |2| server state: 2
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:2383: |2| => write server hello
ssl_srv.c:2417: |3| server hello, chosen version: [3:3]
ssl_srv.c:2426: |3| server hello, current time: 3
ssl_srv.c:2441: |3| dumping 'server hello, random bytes' (32 bytes)
ssl_srv.c:2441: |3| 0000: 00 00 00 00 54 ee 5b cf 6c 93 45 ef b4 67 23 e1 ....T.[.l.E..g#.
ssl_srv.c:2441: |3| 0010: d1 29 92 1a ba e4 29 c4 c9 d3 ad 47 c9 12 fd e5 .)....)....G....
ssl_srv.c:2514: |3| server hello, session id len.: 32
ssl_srv.c:2515: |3| dumping 'server hello, session id' (32 bytes)
ssl_srv.c:2515: |3| 0000: 54 ab b6 05 3b 0f fd 21 06 c4 b9 25 4c 5c d2 35 T...;..!...\.5
ssl_srv.c:2515: |3| 0010: ca 94 ec bf e1 38 00 dc 5a 40 44 d7 25 a1 6e 5b .....8..Z@D..n[
ssl_srv.c:2517: |3| no session has been resumed
ssl_srv.c:2524: |3| server hello, chosen ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_srv.c:2526: |3| server hello, compress alg.: 0x00
ssl_srv.c:2145: |3| server hello, secure renegotiation extension
ssl_srv.c:2216: |3| server hello, supported_point_formats extension
ssl_srv.c:2581: |3| server hello, total extension length: 11
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 87
ssl_tls.c:2913: |4| dumping 'output record sent to network' (92 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 00 57 02 00 00 53 03 03 00 00 00 00 54 ....W...S......T
ssl_tls.c:2913: |4| 0010: ee 5b cf 6c 93 45 ef b4 67 23 e1 d1 29 92 1a ba .[.l.E..g#..)...
ssl_tls.c:2913: |4| 0020: e4 29 c4 c9 d3 ad 47 c9 12 fd e5 20 54 ab b6 05 .)....G.... T...
ssl_tls.c:2913: |4| 0030: 3b 0f fd 21 06 c4 b9 25 4c 5c d2 35 ca 94 ec bf ;..!...\.5....
ssl_tls.c:2913: |4| 0040: e1 38 00 dc 5a 40 44 d7 25 a1 6e 5b c0 2b 00 00 .8..Z@D..n[.+..
ssl_tls.c:2913: |4| 0050: 0b ff 01 00 01 00 00 0b 00 02 01 00 ............
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2490: |2| message length: 92, out_left: 92
ssl_tls.c:2496: |2| ssl->f_send() returned 92 (-0xffffffa4)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_srv.c:2600: |2| <= write server hello
ssl_srv.c:4219: |2| server state: 3
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_tls.c:4259: |2| => write certificate
ssl_tls.c:4311: |3| own certificate #1:
ssl_tls.c:4311: |3| cert. version : 3
ssl_tls.c:4311: |3| serial number : 09
ssl_tls.c:4311: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_tls.c:4311: |3| subject name : C=NL, O=PolarSSL, CN=localhost
ssl_tls.c:4311: |3| issued on : 2013-09-24 15:52:04
ssl_tls.c:4311: |3| expires on : 2023-09-22 15:52:04
ssl_tls.c:4311: |3| signed using : ECDSA with SHA256
ssl_tls.c:4311: |3| EC key size : 256 bits
ssl_tls.c:4311: |3| basic constraints : CA=false
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(X)' (254 bits) is:
ssl_tls.c:4311: |3| 37 cc 56 d9 76 09 1e 5a 72 3e c7 59 2d ff 20 6e
ssl_tls.c:4311: |3| ee 7c f9 06 91 74 d0 ad 14 b5 f7 68 22 59 62 92
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(Y)' (255 bits) is:
ssl_tls.c:4311: |3| 4e e5 00 d8 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a
ssl_tls.c:4311: |3| 88 c2 6b 77 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff
ssl_tls.c:4311: |3| own certificate #2:
ssl_tls.c:4311: |3| cert. version : 3
ssl_tls.c:4311: |3| serial number : C1:43:E2:7E:62:43:CC:E8
ssl_tls.c:4311: |3| issuer name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_tls.c:4311: |3| subject name : C=NL, O=PolarSSL, CN=Polarssl Test EC CA
ssl_tls.c:4311: |3| issued on : 2013-09-24 15:49:48
ssl_tls.c:4311: |3| expires on : 2023-09-22 15:49:48
ssl_tls.c:4311: |3| signed using : ECDSA with SHA256
ssl_tls.c:4311: |3| EC key size : 384 bits
ssl_tls.c:4311: |3| basic constraints : CA=true
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(X)' (384 bits) is:
ssl_tls.c:4311: |3| c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43
ssl_tls.c:4311: |3| 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95
ssl_tls.c:4311: |3| 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d
ssl_tls.c:4311: |3| value of 'crt->eckey.Q(Y)' (384 bits) is:
ssl_tls.c:4311: |3| 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58
ssl_tls.c:4311: |3| b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47
ssl_tls.c:4311: |3| 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 1158
ssl_tls.c:2913: |4| dumping 'output record sent to network' (1163 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 04 86 0b 00 04 82 00 04 7f 00 02 23 30 ..............#0
ssl_tls.c:2913: |4| 0010: 82 02 1f 30 82 01 a5 a0 03 02 01 02 02 01 09 30 ...0...........0
ssl_tls.c:2913: |4| 0020: 0a 06 08 2a 86 48 ce 3d 04 03 02 30 3e 31 0b 30 ...*.H.=...0>1.0
ssl_tls.c:2913: |4| 0030: 09 06 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 ...U....NL1.0...
ssl_tls.c:2913: |4| 0040: 55 04 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 U....PolarSSL1.0
ssl_tls.c:2913: |4| 0050: 1a 06 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c ...U....Polarssl
ssl_tls.c:2913: |4| 0060: 20 54 65 73 74 20 45 43 20 43 41 30 1e 17 0d 31 Test EC CA0...1
ssl_tls.c:2913: |4| 0070: 33 30 39 32 34 31 35 35 32 30 34 5a 17 0d 32 33 30924155204Z..23
ssl_tls.c:2913: |4| 0080: 30 39 32 32 31 35 35 32 30 34 5a 30 34 31 0b 30 0922155204Z041.0
ssl_tls.c:2913: |4| 0090: 09 06 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 ...U....NL1.0...
ssl_tls.c:2913: |4| 00a0: 55 04 0a 13 08 50 6f 6c 61 72 53 53 4c 31 12 30 U....PolarSSL1.0
ssl_tls.c:2913: |4| 00b0: 10 06 03 55 04 03 13 09 6c 6f 63 61 6c 68 6f 73 ...U....localhos
ssl_tls.c:2913: |4| 00c0: 74 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 t0Y0...*.H.=....
ssl_tls.c:2913: |4| 00d0: 2a 86 48 ce 3d 03 01 07 03 42 00 04 37 cc 56 d9 *.H.=....B..7.V.
ssl_tls.c:2913: |4| 00e0: 76 09 1e 5a 72 3e c7 59 2d ff 20 6e ee 7c f9 06 v..Zr>.Y-. n.|..
ssl_tls.c:2913: |4| 00f0: 91 74 d0 ad 14 b5 f7 68 22 59 62 92 4e e5 00 d8 .t.....h"Yb.N...
ssl_tls.c:2913: |4| 0100: 23 11 ff ea 2f d2 34 5d 5d 16 bd 8a 88 c2 6b 77 #.../.4]].....kw
ssl_tls.c:2913: |4| 0110: 0d 55 cd 8a 2a 0e fa 01 c8 b4 ed ff a3 81 9d 30 .U..*..........0
ssl_tls.c:2913: |4| 0120: 81 9a 30 09 06 03 55 1d 13 04 02 30 00 30 1d 06 ..0...U....0.0..
ssl_tls.c:2913: |4| 0130: 03 55 1d 0e 04 16 04 14 50 61 a5 8f d4 07 d9 d7 .U......Pa......
ssl_tls.c:2913: |4| 0140: 82 01 0c e5 65 7f 8c 63 46 a7 13 be 30 6e 06 03 ....e..cF...0n..
ssl_tls.c:2913: |4| 0150: 55 1d 23 04 67 30 65 80 14 9d 6d 20 24 49 01 3f U.#.g0e...m $I.?
ssl_tls.c:2913: |4| 0160: 2b cb 78 b5 19 bc 7e 24 c9 db fb 36 7c a1 42 a4 +.x...~$...6|.B.
ssl_tls.c:2913: |4| 0170: 40 30 3e 31 0b 30 09 06 03 55 04 06 13 02 4e 4c @0>1.0...U....NL
ssl_tls.c:2913: |4| 0180: 31 11 30 0f 06 03 55 04 0a 13 08 50 6f 6c 61 72 1.0...U....Polar
ssl_tls.c:2913: |4| 0190: 53 53 4c 31 1c 30 1a 06 03 55 04 03 13 13 50 6f SSL1.0...U....Po
ssl_tls.c:2913: |4| 01a0: 6c 61 72 73 73 6c 20 54 65 73 74 20 45 43 20 43 larssl Test EC C
ssl_tls.c:2913: |4| 01b0: 41 82 09 00 c1 43 e2 7e 62 43 cc e8 30 0a 06 08 A....C.~bC..0...
ssl_tls.c:2913: |4| 01c0: 2a 86 48 ce 3d 04 03 02 03 68 00 30 65 02 31 00 *.H.=....h.0e.1.
ssl_tls.c:2913: |4| 01d0: 9a 2c 5c d7 a6 db a2 e5 64 0d f0 b9 4e dd d7 61 .,\.....d...N..a
ssl_tls.c:2913: |4| 01e0: d6 13 31 c7 ab 73 80 bb d3 d3 73 13 54 ad 92 0b ..1..s....s.T...
ssl_tls.c:2913: |4| 01f0: 5d ab d0 bc f7 ae 2f e6 a1 21 29 35 95 aa 3e 39 ]...../..!)5..>9
ssl_tls.c:2913: |4| 0200: 02 30 21 36 7f 9d c6 5d c6 0b ab 27 f2 25 1d 3b .0!6...]...'..;
ssl_tls.c:2913: |4| 0210: f1 cf f1 35 25 14 e7 e5 f1 97 b5 59 e3 5e 15 7c ...5......Y.^.|
ssl_tls.c:2913: |4| 0220: 66 b9 90 7b c7 01 10 4f 73 c6 00 21 52 2a 0e f1 f..{...Os..!R*..
ssl_tls.c:2913: |4| 0230: c7 d5 00 02 56 30 82 02 52 30 82 01 d7 a0 03 02 ....V0..R0......
ssl_tls.c:2913: |4| 0240: 01 02 02 09 00 c1 43 e2 7e 62 43 cc e8 30 0a 06 ......C.~bC..0..
ssl_tls.c:2913: |4| 0250: 08 2a 86 48 ce 3d 04 03 02 30 3e 31 0b 30 09 06 .*.H.=...0>1.0..
ssl_tls.c:2913: |4| 0260: 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 55 04 .U....NL1.0...U.
ssl_tls.c:2913: |4| 0270: 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 1a 06 ...PolarSSL1.0..
ssl_tls.c:2913: |4| 0280: 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c 20 54 .U....Polarssl T
ssl_tls.c:2913: |4| 0290: 65 73 74 20 45 43 20 43 41 30 1e 17 0d 31 33 30 est EC CA0...130
ssl_tls.c:2913: |4| 02a0: 39 32 34 31 35 34 39 34 38 5a 17 0d 32 33 30 39 924154948Z..2309
ssl_tls.c:2913: |4| 02b0: 32 32 31 35 34 39 34 38 5a 30 3e 31 0b 30 09 06 22154948Z0>1.0..
ssl_tls.c:2913: |4| 02c0: 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 55 04 .U....NL1.0...U.
ssl_tls.c:2913: |4| 02d0: 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 1a 06 ...PolarSSL1.0..
ssl_tls.c:2913: |4| 02e0: 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c 20 54 .U....Polarssl T
ssl_tls.c:2913: |4| 02f0: 65 73 74 20 45 43 20 43 41 30 76 30 10 06 07 2a est EC CA0v0...*
ssl_tls.c:2913: |4| 0300: 86 48 ce 3d 02 01 06 05 2b 81 04 00 22 03 62 00 .H.=....+...".b.
ssl_tls.c:2913: |4| 0310: 04 c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 ...+4A7X/.V....)
ssl_tls.c:2913: |4| 0320: 43 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 CKN.n..WS39X.R..
ssl_tls.c:2913: |4| 0330: 95 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c .9.#._.$bH...).,
ssl_tls.c:2913: |4| 0340: 2d 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e -...R...j.!....n
ssl_tls.c:2913: |4| 0350: 58 b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 X....i..A.).._u.
ssl_tls.c:2913: |4| 0360: 47 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 Go..)Ui.S; .f.`3
ssl_tls.c:2913: |4| 0370: 1e a3 81 a0 30 81 9d 30 1d 06 03 55 1d 0e 04 16 ....0..0...U....
ssl_tls.c:2913: |4| 0380: 04 14 9d 6d 20 24 49 01 3f 2b cb 78 b5 19 bc 7e ...m $I.?+.x...~
ssl_tls.c:2913: |4| 0390: 24 c9 db fb 36 7c 30 6e 06 03 55 1d 23 04 67 30 $...6|0n..U.#.g0
ssl_tls.c:2913: |4| 03a0: 65 80 14 9d 6d 20 24 49 01 3f 2b cb 78 b5 19 bc e...m $I.?+.x...
ssl_tls.c:2913: |4| 03b0: 7e 24 c9 db fb 36 7c a1 42 a4 40 30 3e 31 0b 30 ~$...6|.B.@0>1.0
ssl_tls.c:2913: |4| 03c0: 09 06 03 55 04 06 13 02 4e 4c 31 11 30 0f 06 03 ...U....NL1.0...
ssl_tls.c:2913: |4| 03d0: 55 04 0a 13 08 50 6f 6c 61 72 53 53 4c 31 1c 30 U....PolarSSL1.0
ssl_tls.c:2913: |4| 03e0: 1a 06 03 55 04 03 13 13 50 6f 6c 61 72 73 73 6c ...U....Polarssl
ssl_tls.c:2913: |4| 03f0: 20 54 65 73 74 20 45 43 20 43 41 82 09 00 c1 43 Test EC CA....C
ssl_tls.c:2913: |4| 0400: e2 7e 62 43 cc e8 30 0c 06 03 55 1d 13 04 05 30 .~bC..0...U....0
ssl_tls.c:2913: |4| 0410: 03 01 01 ff 30 0a 06 08 2a 86 48 ce 3d 04 03 02 ....0...*.H.=...
ssl_tls.c:2913: |4| 0420: 03 69 00 30 66 02 31 00 c3 b4 62 73 56 28 95 00 .i.0f.1...bsV(..
ssl_tls.c:2913: |4| 0430: 7d 78 12 26 d2 71 7b 19 f8 8a 98 3e 92 fe 33 9e }x.&.q{....>..3.
ssl_tls.c:2913: |4| 0440: e4 79 d2 fe 7a b7 87 74 3c 2b b8 d7 69 94 0b a3 .y..z..t<+..i...
ssl_tls.c:2913: |4| 0450: 67 77 b8 b3 be d1 36 32 02 31 00 fd 67 9c 94 23 gw....62.1..g..#
ssl_tls.c:2913: |4| 0460: 67 c0 56 ba 4b 33 15 00 c6 e3 cc 31 08 2c 9c 8b g.V.K3.....1.,..
ssl_tls.c:2913: |4| 0470: da a9 75 23 2f b8 28 e7 f2 9c 14 3a 40 01 5c af ..u#/.(....:@.\.
ssl_tls.c:2913: |4| 0480: 0c b2 cf 74 7f 30 9f 08 43 ad 20 ...t.0..C.
ssl_tls.c:2471: |2| => flush output
Continuation (last part):
ssl_tls.c:2490: |2| message length: 1163, out_left: 1163
ssl_tls.c:2496: |2| ssl->f_send() returned 1163 (-0xfffffb75)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_tls.c:4363: |2| <= write certificate
ssl_srv.c:4219: |2| server state: 4
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:3232: |2| => write server key exchange
ssl_srv.c:3011: |2| ECDHE curve: secp384r1
ssl_srv.c:3036: |3| value of 'ECDH: Q (X)' (381 bits) is:
ssl_srv.c:3036: |3| 14 9f 5e 09 45 67 fd 65 e9 fd 91 10 1a 15 13 e5
ssl_srv.c:3036: |3| 5a 95 70 0e 9a b1 67 7a bd 67 75 de e7 5d 0b 6c
ssl_srv.c:3036: |3| a4 ee 4d d6 92 76 2a f4 c1 c8 a9 ba e4 74 45 5b
ssl_srv.c:3036: |3| value of 'ECDH: Q (Y)' (384 bits) is:
ssl_srv.c:3036: |3| 90 98 98 6c 9b 85 26 6c 21 70 36 32 17 4b ad 29
ssl_srv.c:3036: |3| 8b 64 a9 7a 57 a2 cc 25 7f e5 46 82 bc 07 1c c1
ssl_srv.c:3036: |3| 38 05 45 47 12 a7 66 9f d3 89 b7 d4 2f 27 9e ce
ssl_srv.c:3099: |3| pick hash algorithm 6 for signing
ssl_srv.c:3137: |3| dumping 'parameters hash' (32 bytes)
ssl_srv.c:3137: |3| 0000: de 1a a1 9c 53 03 29 58 a9 36 a7 11 32 c0 2d 56 ....S.)X.6..2.-V
ssl_srv.c:3137: |3| 0010: c8 e3 80 d1 82 9f 51 4c 86 18 97 b8 f0 6f 35 0b ......QL.....o5.
ssl_srv.c:3297: |3| dumping 'my signature' (71 bytes)
ssl_srv.c:3297: |3| 0000: 30 45 02 21 00 d1 7e a8 dc 27 fe 0d a3 01 3e 93 0E.!..~..'....>.
ssl_srv.c:3297: |3| 0010: ae e5 a5 ef 03 92 f1 67 f6 b9 d0 f4 7e 4a 2e 44 .......g....~J.D
ssl_srv.c:3297: |3| 0020: 30 75 a1 60 37 02 20 15 e2 20 9c ed 05 b1 a9 b8 0u.`7. .. ......
ssl_srv.c:3297: |3| 0030: 45 e2 d2 d2 53 24 98 32 fd cb 70 2e e5 a8 b9 48 E...S$.2..p....H
ssl_srv.c:3297: |3| 0040: 72 c3 c0 1f f7 cd 3d r.....=
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 180
ssl_tls.c:2913: |4| dumping 'output record sent to network' (185 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 00 b4 0c 00 00 b0 03 00 18 61 04 14 9f ............a...
ssl_tls.c:2913: |4| 0010: 5e 09 45 67 fd 65 e9 fd 91 10 1a 15 13 e5 5a 95 ^.Eg.e........Z.
ssl_tls.c:2913: |4| 0020: 70 0e 9a b1 67 7a bd 67 75 de e7 5d 0b 6c a4 ee p...gz.gu..].l..
ssl_tls.c:2913: |4| 0030: 4d d6 92 76 2a f4 c1 c8 a9 ba e4 74 45 5b 90 98 M..v*......tE[..
ssl_tls.c:2913: |4| 0040: 98 6c 9b 85 26 6c 21 70 36 32 17 4b ad 29 8b 64 .l..&l!p62.K.).d
ssl_tls.c:2913: |4| 0050: a9 7a 57 a2 cc 25 7f e5 46 82 bc 07 1c c1 38 05 .zW....F.....8.
ssl_tls.c:2913: |4| 0060: 45 47 12 a7 66 9f d3 89 b7 d4 2f 27 9e ce 04 03 EG..f...../'....
ssl_tls.c:2913: |4| 0070: 00 47 30 45 02 21 00 d1 7e a8 dc 27 fe 0d a3 01 .G0E.!..~..'....
ssl_tls.c:2913: |4| 0080: 3e 93 ae e5 a5 ef 03 92 f1 67 f6 b9 d0 f4 7e 4a >........g....~J
ssl_tls.c:2913: |4| 0090: 2e 44 30 75 a1 60 37 02 20 15 e2 20 9c ed 05 b1 .D0u.`7. .. ....
ssl_tls.c:2913: |4| 00a0: a9 b8 45 e2 d2 d2 53 24 98 32 fd cb 70 2e e5 a8 ..E...S$.2..p...
ssl_tls.c:2913: |4| 00b0: b9 48 72 c3 c0 1f f7 cd 3d .Hr.....=
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2490: |2| message length: 185, out_left: 185
ssl_tls.c:2496: |2| ssl->f_send() returned 185 (-0xffffff47)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_srv.c:3316: |2| <= write server key exchange
ssl_srv.c:4219: |2| server state: 5
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:2645: |2| => write certificate request
ssl_srv.c:2663: |2| <= skip write certificate request
ssl_srv.c:4219: |2| server state: 6
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:3324: |2| => write server hello done
ssl_tls.c:2764: |2| => write record
ssl_tls.c:2910: |3| output record: msgtype = 22, version = [3:3], msglen = 4
ssl_tls.c:2913: |4| dumping 'output record sent to network' (9 bytes)
ssl_tls.c:2913: |4| 0000: 16 03 03 00 04 0e 00 00 00 .........
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2490: |2| message length: 9, out_left: 9
ssl_tls.c:2496: |2| ssl->f_send() returned 9 (-0xfffffff7)
ssl_tls.c:2523: |2| <= flush output
ssl_tls.c:2922: |2| <= write record
ssl_srv.c:3343: |2| <= write server hello done
ssl_srv.c:4219: |2| server state: 7
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_tls.c:4376: |2| => parse certificate
ssl_tls.c:4406: |2| <= skip parse certificate
ssl_srv.c:4219: |2| server state: 8
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:3664: |2| => parse client key exchange
ssl_tls.c:3809: |2| => read record
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2458: |2| <= fetch input
ssl_tls.c:3552: |4| dumping 'input record header' (5 bytes)
ssl_tls.c:3552: |4| 0000: 16 03 03 00 66 ....f
ssl_tls.c:3561: |3| input record: msgtype = 22, version = [3:3], msglen = 102
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 5, nb_want: 107
ssl_tls.c:2437: |2| in_left: 5, nb_want: 107
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 102 (-0xffffff9a)
ssl_tls.c:2458: |2| <= fetch input
ssl_tls.c:3738: |4| dumping 'input record from network' (107 bytes)
ssl_tls.c:3738: |4| 0000: 16 03 03 00 66 10 00 00 62 61 04 47 7b d0 ce 57 ....f...ba.G{..W
ssl_tls.c:3738: |4| 0010: f4 05 6b 41 80 60 5c 1e ec 66 1b d2 d7 78 c3 ab ..kA.`\..f...x..
ssl_tls.c:3738: |4| 0020: 07 a8 58 2c 79 e2 fe dc 7d ea 5a 26 65 ae e4 41 ..X,y...}.Z&e..A
ssl_tls.c:3738: |4| 0030: db ec e8 78 8c 2c 30 e4 b3 56 55 13 fb e5 8a 72 ...x.,0..VU....r
ssl_tls.c:3738: |4| 0040: 12 3e 28 c4 7b d1 13 d2 1e e8 90 ab bc 70 3a 04 .>(.{........p:.
ssl_tls.c:3738: |4| 0050: 34 c0 52 0f 8b ba 92 6f eb c9 ff 3a 33 d1 71 80 4.R....o...:3.q.
ssl_tls.c:3738: |4| 0060: cf 4c 96 4e 70 fe 13 9f 1b 90 34 .L.Np.....4
ssl_tls.c:3161: |3| handshake message: msglen = 102, type = 16, hslen = 102
ssl_tls.c:3846: |2| <= read record
ssl_srv.c:3746: |3| value of 'ECDH: Qp (X)' (383 bits) is:
ssl_srv.c:3746: |3| 47 7b d0 ce 57 f4 05 6b 41 80 60 5c 1e ec 66 1b
ssl_srv.c:3746: |3| d2 d7 78 c3 ab 07 a8 58 2c 79 e2 fe dc 7d ea 5a
ssl_srv.c:3746: |3| 26 65 ae e4 41 db ec e8 78 8c 2c 30 e4 b3 56 55
ssl_srv.c:3746: |3| value of 'ECDH: Qp (Y)' (381 bits) is:
ssl_srv.c:3746: |3| 13 fb e5 8a 72 12 3e 28 c4 7b d1 13 d2 1e e8 90
ssl_srv.c:3746: |3| ab bc 70 3a 04 34 c0 52 0f 8b ba 92 6f eb c9 ff
ssl_srv.c:3746: |3| 3a 33 d1 71 80 cf 4c 96 4e 70 fe 13 9f 1b 90 34
ssl_srv.c:3758: |3| value of 'ECDH: z ' (381 bits) is:
ssl_srv.c:3758: |3| 1b ae a1 dc a7 a4 36 02 8d dc e2 18 ba 2a 15 23
ssl_srv.c:3758: |3| 87 c8 91 1a c5 0f b0 3d 45 3c f2 0d 73 79 e3 51
ssl_srv.c:3758: |3| 5d 0e f5 ad 75 04 40 66 a5 d3 6c 60 eb d3 6e e1
ssl_tls.c:0509: |2| => derive keys
ssl_tls.c:0587: |3| dumping 'premaster secret' (48 bytes)
ssl_tls.c:0587: |3| 0000: 1b ae a1 dc a7 a4 36 02 8d dc e2 18 ba 2a 15 23 ......6......*.#
ssl_tls.c:0587: |3| 0010: 87 c8 91 1a c5 0f b0 3d 45 3c f2 0d 73 79 e3 51 .......=E<..sy.Q
ssl_tls.c:0587: |3| 0020: 5d 0e f5 ad 75 04 40 66 a5 d3 6c 60 eb d3 6e e1 ]...u.@f..l`..n.
ssl_tls.c:0676: |3| ciphersuite = TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ssl_tls.c:0677: |3| dumping 'master secret' (48 bytes)
ssl_tls.c:0677: |3| 0000: e0 9c c8 14 de 37 e0 d7 6a 4b f7 67 ef 1f 46 04 .....7..jK.g..F.
ssl_tls.c:0677: |3| 0010: 28 a7 97 2d 14 79 55 bf 61 a9 be 4d 33 d0 93 40 (..-.yU.a..M3..@
ssl_tls.c:0677: |3| 0020: 7e ee 03 6e f8 6e b9 75 21 d7 d1 6b 62 5c e1 45 ~..n.n.u!..kb\.E
ssl_tls.c:0678: |4| dumping 'random bytes' (64 bytes)
ssl_tls.c:0678: |4| 0000: 00 00 00 00 54 ee 5b cf 6c 93 45 ef b4 67 23 e1 ....T.[.l.E..g#.
ssl_tls.c:0678: |4| 0010: d1 29 92 1a ba e4 29 c4 c9 d3 ad 47 c9 12 fd e5 .)....)....G....
ssl_tls.c:0678: |4| 0020: 92 d8 ad 10 0f 61 c8 87 d6 c3 22 19 dc 99 d7 66 .....a...."....f
ssl_tls.c:0678: |4| 0030: 8c d1 3d d3 6f f8 b8 b4 10 ac ca 16 81 c6 02 24 ..=.o..........$
ssl_tls.c:0679: |4| dumping 'key block' (256 bytes)
ssl_tls.c:0679: |4| 0000: 09 ba 2b 8a 09 77 7d 98 1c 43 18 a5 ac 1d 0e c4 ..+..w}..C......
ssl_tls.c:0679: |4| 0010: 66 25 c4 3b 07 4f 82 ca 45 60 51 37 df 35 3f bd f.;.O..E`Q7.5?.
ssl_tls.c:0679: |4| 0020: a6 8d 9c ea e7 b4 89 d3 5f bf 03 e8 2e e8 97 de ........_.......
ssl_tls.c:0679: |4| 0030: 0a e9 69 06 24 cd ed d9 ff e0 33 c8 3b ff 09 a5 ..i.$.....3.;...
ssl_tls.c:0679: |4| 0040: 71 99 1f bc 9c f5 80 e5 33 57 cc e2 c4 5c 67 e6 q.......3W...\g.
ssl_tls.c:0679: |4| 0050: b5 36 c9 a5 51 70 e0 28 fc 1a 5a e7 61 df ae 9e .6..Qp.(..Z.a...
ssl_tls.c:0679: |4| 0060: 76 06 5c 01 11 99 2a b2 ca eb b6 c1 1a 13 c7 8a v.\...*.........
ssl_tls.c:0679: |4| 0070: be 17 53 e4 b1 27 01 4e 62 66 73 13 56 f7 00 63 ..S..'.Nbfs.V..c
ssl_tls.c:0679: |4| 0080: c8 51 b8 7d 1e 7b 7b f0 de 7d 98 c3 9f 42 c7 18 .Q.}.{{..}...B..
ssl_tls.c:0679: |4| 0090: 28 93 a4 25 de 9c 82 f2 52 54 2d d6 5f fc a5 b4 (......RT-._...
ssl_tls.c:0679: |4| 00a0: 8c 74 f3 5c 89 3e 7a 52 55 19 ab e4 88 e6 ba a6 .t.\.>zRU.......
ssl_tls.c:0679: |4| 00b0: b4 25 23 06 18 0f ed 79 76 4c 92 3a 2a 34 e4 a4 .#....yvL.:*4..
ssl_tls.c:0679: |4| 00c0: 8f 47 23 26 df cf 91 75 91 18 d9 77 fd 5e 79 d5 .G#&...u...w.^y.
ssl_tls.c:0679: |4| 00d0: d3 6d 06 0c 16 30 a0 45 6c 67 5e ab 26 5a 74 e1 .m...0.Elg^.&Zt.
ssl_tls.c:0679: |4| 00e0: dd ac 2c 98 96 2d 88 95 e8 c6 34 52 cf 4b 94 bd ..,..-....4R.K..
ssl_tls.c:0679: |4| 00f0: 51 57 ac cb 43 e5 a3 53 27 3a d2 99 70 6d d5 cf QW..C..S':..pm..
ssl_tls.c:0788: |3| keylen: 16, minlen: 24, ivlen: 12, maclen: 0
ssl_tls.c:0983: |2| <= derive keys
ssl_srv.c:3928: |2| <= parse client key exchange
ssl_srv.c:4219: |2| server state: 9
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_srv.c:3975: |2| => parse certificate verify
ssl_srv.c:3984: |2| <= skip parse certificate verify
ssl_srv.c:4219: |2| server state: 10
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_tls.c:4779: |2| => parse change cipher spec
ssl_tls.c:3809: |2| => read record
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 0, nb_want: 5
ssl_tls.c:2437: |2| in_left: 0, nb_want: 5
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2458: |2| <= fetch input
ssl_tls.c:3552: |4| dumping 'input record header' (5 bytes)
ssl_tls.c:3552: |4| 0000: 14 03 03 00 01 .....
ssl_tls.c:3561: |3| input record: msgtype = 20, version = [3:3], msglen = 1
ssl_tls.c:2252: |2| => fetch input
ssl_tls.c:2413: |2| in_left: 5, nb_want: 6
ssl_tls.c:2437: |2| in_left: 5, nb_want: 6
ssl_tls.c:2438: |2| ssl->f_recv(_timeout)() returned 1 (-0xffffffff)
ssl_tls.c:2458: |2| <= fetch input
ssl_tls.c:3738: |4| dumping 'input record from network' (6 bytes)
ssl_tls.c:3738: |4| 0000: 14 03 03 00 01 01 ......
ssl_tls.c:3846: |2| <= read record
ssl_tls.c:4807: |3| switching to new transform spec for inbound data
ssl_tls.c:4857: |2| <= parse change cipher spec
ssl_srv.c:4219: |2| server state: 11
ssl_tls.c:2471: |2| => flush output
ssl_tls.c:2483: |2| <= flush output
ssl_tls.c:5415: |2| => parse finished
ssl_tls.c:5114: |2| => calc finished tls sha256
ssl_tls.c:5126: |4| dumping 'finished sha2 state' (32 bytes)
ssl_tls.c:5126: |4| 0000: 19 85 1c 71 83 2a 35 b0 27 1f c9 05 a6 47 64 5b ...q.*5.'....Gd[
ssl_tls.c:5126: |4| 0010: c5 9c 67 2e 8c 04 be e2 6d d5 ea 8a cf 6a aa 3e ..g.....m....j.>
ssl_tls.c:5138: |3| dumping 'calc finished result' (12 bytes)
ssl_tls.c:5138: |3| 0000: 93 18 25 63 2d 78 64 c3 9e 77 b3 3c ..
Hi @Evgeniy_Vasyliev
Since the error is different, prob ably because of timeout, I am guessing that the original error is related to the fact you are using the Mbed TLS test certificate, which are not trusted by the Browser.
Have you set test-ca2.crt
as a trusted CA root certificate in your Browser’s certificate store?
This actually puzzles me why the connection works some of the times…
Regards
Well, test-ca2.crt
from certs.c
is the one using RSA, I can not use it cause there is not enough memory in my MCU for RSA. So, I am using the one generated using curves (mbedtls_test_srv_crt_ec
).
I already set everywhere possible this certificate as trusted, but still same effect…
@roneld01, just by chance maybe you see something useful from the above logs? Cause I am stuck and actually do now know where to watch, I think I tried everything possible about this problem, which came into my mind during last 5 days… Any advise what to change or some mbedTLS settings to play with?
Hi @Evgeniy_Vasyliev
test-ca2.crt
uses EC keys:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13926223505202072808 (0xc143e27e6243cce8)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=NL, O=PolarSSL, CN=Polarssl Test EC CA
Validity
Not Before: Sep 24 15:49:48 2013 GMT
Not After : Sep 22 15:49:48 2023 GMT
Subject: C=NL, O=PolarSSL, CN=Polarssl Test EC CA
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:c3:da:2b:34:41:37:58:2f:87:56:fe:fc:89:ba:
29:43:4b:4e:e0:6e:c3:0e:57:53:33:39:58:d4:52:
b4:91:95:39:0b:23:df:5f:17:24:62:48:fc:1a:95:
29:ce:2c:2d:87:c2:88:52:80:af:d6:6a:ab:21:dd:
b8:d3:1c:6e:58:b8:ca:e8:b2:69:8e:f3:41:ad:29:
c3:b4:5f:75:a7:47:6f:d5:19:29:55:69:9a:53:3b:
20:b4:66:16:60:33:1e
ASN1 OID: secp384r1
NIST CURVE: P-384
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6D:20:24:49:01:3F:2B:CB:78:B5:19:BC:7E:24:C9:DB:FB:36:7C
X509v3 Authority Key Identifier:
keyid:9D:6D:20:24:49:01:3F:2B:CB:78:B5:19:BC:7E:24:C9:DB:FB:36:7C
DirName:/C=NL/O=PolarSSL/CN=Polarssl Test EC CA
serial:C1:43:E2:7E:62:43:CC:E8
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: ecdsa-with-SHA256
30:66:02:31:00:c3:b4:62:73:56:28:95:00:7d:78:12:26:d2:
71:7b:19:f8:8a:98:3e:92:fe:33:9e:e4:79:d2:fe:7a:b7:87:
74:3c:2b:b8:d7:69:94:0b:a3:67:77:b8:b3:be:d1:36:32:02:
31:00:fd:67:9c:94:23:67:c0:56:ba:4b:33:15:00:c6:e3:cc:
31:08:2c:9c:8b:da:a9:75:23:2f:b8:28:e7:f2:9c:14:3a:40:
01:5c:af:0c:b2:cf:74:7f:30:9f:08:43:ad:20
I already set everywhere possible this certificate as trusted, but still same effect…
Which certificate? The CA root certificate?
Any advise what to change or some mbedTLS settings to play with?
Without the correct log that shows the failure on the server side, there is no indication on why handshake failed. There are two logs: One indicates that the client closed the connection, another indicates that the server closed the connection.
Is it possible to store the logs in RAM, and perhaps store to flash after failure?
@roneld01,
thank you for your help. Yes, you are right, I missed. I am exactly using test-ca2.crt
, I pasted it as a trusted CA root certificate in Google Chrome and Windows OS and it gave no result.
I tried getting the logs, however anyway I make it each time I receive -80 (-0x50) error, however once I stop logs - the error -30592 (-0x7780) is caught. I do not have any external RAM for storing the logs, so currently I am puzzled what to do…
Current situation with browsers:
Hi @Evgeniy_Vasyliev
Please indicate which peer returns the error every time.
My understanding is the the client ( Google Chrome for example) returns -0x7780, and adding logs, the server returns -0x50.
Each error indicate an issue on the remote peer, which makes it difficult to debug…
Can you indicate what is the ciphersuite use with Mozilla and Microsoft Edge?
Can you capture with wireshark or other network sniffer to at least understand when the fatal alert is being sent by server? I mean, after what client message. Better yet, if the fatal alert is being sent in the initial handshake, it may not be encrypted, and you can see the full fatal alert message. Please check what it is.
Regards,
Mbed TLS Team member
Ron
@roneld01, thank you for your kind support.
I see that in Google Chrome there is an exception regarding self-signed certificate:
Certificate - Subject Alternative Name missing
The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address.
I thought that maybe due to this the handshake error is present.
Can you please tell me if it is possible to generate SSL certificate using cert_write
tool with Subject Alternative Name specifying? I can see the following options in it:
usage: cert_write param=<>...
acceptable parameters:
request_file=%s default: (empty)
If request_file is specified, subject_key,
subject_pwd and subject_name are ignored!
subject_key=%s default: subject.key
subject_pwd=%s default: (empty)
subject_name=%s default: CN=Cert,O=mbed TLS,C=UK
issuer_crt=%s default: (empty)
If issuer_crt is specified, issuer_name is
ignored!
issuer_name=%s default: CN=CA,O=mbed TLS,C=UK
selfsign=%d default: 0 (false)
If selfsign is enabled, issuer_name and
issuer_key are required (issuer_crt and
subject_* are ignored
issuer_key=%s default: ca.key
issuer_pwd=%s default: (empty)
output_file=%s default: cert.crt
serial=%s default: 1
not_before=%s default: 20010101000000
not_after=%s default: 20301231235959
is_ca=%d default: 0 (disabled)
max_pathlen=%d default: -1 (none)
md=%s default: SHA256
Supported values:
MD5, SHA1, SHA256, SHA512
version=%d default: 3
Possible values: 1, 2, 3
subject_identifier=%s default: 1
Possible values: 0, 1
(Considered for v3 only)
authority_identifier=%s default: 1
Possible values: 0, 1
(Considered for v3 only)
basic_constraints=%d default: 1
Possible values: 0, 1
(Considered for v3 only)
key_usage=%s default: (empty)
Comma-separated-list of values:
digital_signature
non_repudiation
key_encipherment
data_encipherment
key_agreement
key_cert_sign
crl_sign
(Considered for v3 only)
ns_cert_type=%s default: (empty)
Comma-separated-list of values:
ssl_client
ssl_server
email
object_signing
ssl_ca
email_ca
object_signing_ca
However, I can not find anything about alternative subject name…
As always, thank you!
Hi @Evgeniy_Vasyliev
Unfortunately, Mbed TLS does not have an API for writing subject Alternative names.
It does have mbedtls_x509write_crt_set_extension()
which you can use for writing your extension, but you will need to set the value as expected in the subject alternative name extension, according to the standard.
I would recommend you use a different tool for writing your certificate, such as openssl
Regards