Arm Mbed and Pelion Device Management support forum

My own sample rootCA is failing on handshaking with aws

Hi All,
I have downloaded the AWS iot embedded C sdk and running the subscribe_publish_sample application
(1) When manually creating thing and creating certificates through AWS IOT console (Using Amazon_Root_CA_1.pem as Root CA), This is working fine !
(2) When creating my own rootCA, registering this rootCA to AWS, creating and registering the device certificate/ keys through CLI (as mentioned at: https://docs.aws.amazon.com/iot/latest/developerguide/device-certs-your-own.html), it is failing on handshaking during iot_tls_connect() function and throws following error:
===============================================
DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags
ERROR: iot_tls_connect L#232 failed
! mbedtls_ssl_handshake returned -0x2700
ERROR: iot_tls_connect L#239 Unable to verify the server’s certificate. Either it is invalid,
or you didn’t set ca_file or ca_path to an appropriate value.
Alternatively, you may want to use auth_mode=optional for testing purposes
===============================================
Info:
(1) using iot sdk from: git clone https://github.com/aws/aws-iot-device-sdk-embedded-c.git -b release
(2) using mbedTLS 2.16.3 from https://tls.mbed.org/download

Please let me know what is missing in above steps OR let me know if you want any further information to resolve this issue.

Hi @aws_iot_practice
There isn’t enough information in the logs to say why the server certificate verification failed.

If I had to guess, you have set your own device certificate, which is issued by your own rootCA using the following:

mbedtls_ssl_conf_own_cert( <your device certificate>)
mbedtls_ssl_conf_ca_chain( < Your rootCA>)

Am I right?
If so, this is probably the root cause, as the trusted CA should be the CA root certificate that you trust that was used to issue the server certificate. In your case, it should probably remain Amazon_Root_CA_1.pem

I would suggest you enable further Mbed TLS logs, to understand what is the server certificate that is being sent to your device, and why it fails, with the verification flags that is being returned.
Regards,
Mbed TLS Support
Ron

Thanks for quick reply. Please see my console prints and it helps you to analyse. I have also attached my rootCA file for your reference.

======================================================
AWS IoT SDK Version 3.0.1-

DEBUG: main L#161 rootCA /home/chirag/aws/aws-iot-device-sdk-embedded-c/samples/linux/subscribe_publish_sample/…/…/…/certs/rootCA.pem
DEBUG: main L#162 clientCRT /home/chirag/aws/aws-iot-device-sdk-embedded-c/samples/linux/subscribe_publish_sample/…/…/…/certs/deviceCert.pem
DEBUG: main L#163 clientKey /home/chirag/aws/aws-iot-device-sdk-embedded-c/samples/linux/subscribe_publish_sample/…/…/…/certs/deviceCert.key
Connecting…
DEBUG: iot_tls_connect L#130
. Seeding the random number generator…
DEBUG: iot_tls_connect L#138 . Loading the CA root certificate …
DEBUG: iot_tls_connect L#144 ok (0 skipped)

DEBUG: iot_tls_connect L#146 . Loading the client cert. and key…
DEBUG: iot_tls_connect L#159 ok

DEBUG: iot_tls_connect L#161 . Connecting to a2i2pjvgq3nia9-ats.iot.us-west-2.amazonaws.com/443
DEBUG: iot_tls_connect L#180 ok

DEBUG: iot_tls_connect L#182 . Setting up the SSL/TLS structure…
DEBUG: iot_tls_connect L#223

SSL state connect : 0
DEBUG: iot_tls_connect L#226 ok

DEBUG: iot_tls_connect L#228

SSL state connect : 0
DEBUG: iot_tls_connect L#229 . Performing the SSL/TLS handshake…
=> handshake
==== Calling client step
==== SSL state: 0
==== Calling client step
==== SSL state: 1
==== Calling client step
==== SSL state: 2
==== Calling client step
==== SSL state: 3
mbedtls_ssl_parse_certificate() : 2 is called
DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 3):

DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : A7:0E:4A:4C:34:82:B7:7F
issuer name : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
subject name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
issued on : 2009-09-02 00:00:00
expires on : 2034-06-28 17:39:16
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign

DEBUG: _iot_tls_verify_cert L#56 cert. version : 3
serial number : A7:0E:4A:4C:34:82:B7:7F
issuer name : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
subject name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
issued on : 2009-09-02 00:00:00
expires on : 2034-06-28 17:39:16
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign

DEBUG: _iot_tls_verify_cert L#57 cert. version : 3
serial number : A7:0E:4A:4C:34:82:B7:7F
issuer name : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
subject name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
issued on : 2009-09-02 00:00:00
expires on : 2034-06-28 17:39:16
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign

DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 2):

DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : 06:7F:94:4A:2A:27:CD:F3:FA:C2:AE:2B:01:F9:08:EE:B9:C4:C6
issuer name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
subject name : C=US, O=Amazon, CN=Amazon Root CA 1
issued on : 2015-05-25 12:00:00
expires on : 2037-12-31 01:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign

DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags

DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 1):

DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D
issuer name : C=US, O=Amazon, CN=Amazon Root CA 1
subject name : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
issued on : 2015-10-22 00:00:00
expires on : 2025-10-19 00:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true, max_pathlen=0
key usage : Digital Signature, Key Cert Sign, CRL Sign

DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags

DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 0):

DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : 0B:22:80:7E:73:1A:53:C4:E4:0B:DA:DF:DA:FE:70:B0
issuer name : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
subject name : CN=*.iot.us-west-2.amazonaws.com
issued on : 2019-05-07 00:00:00
expires on : 2020-04-29 12:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
subject alt name : iot.us-west-2.amazonaws.com, *.iot.us-west-2.amazonaws.com
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication, TLS Web Client Authentication

DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags

MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
*** mbedtls_x509_crt_verify_restartable() failed with : -9984
*** MBEDTLS_SSL_ALERT_LEVEL_FATAL : 48
***** mbedtls_ssl_handshake_step() failed
<= handshake
ERROR: iot_tls_connect L#232 failed
! mbedtls_ssl_handshake returned -0x2700

ERROR: iot_tls_connect L#239 Unable to verify the server’s certificate. Either it is invalid,
or you didn’t set ca_file or ca_path to an appropriate value.
Alternatively, you may want to use auth_mode=optional for testing purposes.

ERROR: main L#192 Error(-4rootCA rootCA ) connecting to a2i2pjvgq3nia9-ats.iot.us-west-2.amazonaws.com:443

let me know if you need anything further !

Also, to make the things clear, I am using the AWS CLI commands to (openssl and AWS CLI) to create and register CA/ device certificates (as mentioned at: https://docs.aws.amazon.com/iot/latest/developerguide/device-certs-your-own.html)

Hi @aws_iot_practice
If I am not mistaking, these instructions are to set your CA in the AWS server, so your device certificate will be accepted by the server. However, the issue here, is that the server’s certificate verification failed.

As you can see, the certificate that it’s verification fails is the certificate with subject “CN=*.iot.us-west-2.amazonaws.com” and is issued by “C=US, O=Amazon, OU=Server CA 1B, CN=Amazon”

Have you set its Root CA ( Amazon_Root_CA_1.pem) as a trusted CA in your TLS client?
Regards

Have you set its Root CA ( Amazon_Root_CA_1.pem ) as a trusted CA in your TLS client?

To be more specific,
Have you set Amazon_Root_CA_1.pem as pRootCALocation parameter for iot_tls_init?

Hi
We run test apps ssl_client2.c and ssl_server2.c with chain of certs, root ca,intermediate and device cert.
The certs are generated using openssl and hardcoded in certs.c.
We observe below issues when run on ubuntu
1)Most of the time getting error as
mbedtls_ssl_handshake returned -0x4380
Last error was: -17280 - RSA - The PKCS#1 verification failed
2)mbedtls_ssl_handshake returned -0x4284
Last error was: -17028 - RSA - The public key operation failed : BIGNUM - Bad input parameters to function
The peer certs are getting exchanged however verification is failing in mbedtls_rsa_pkcs1_verify.

Request to please share feedback to resolve the errors.
Thanks

SERVER SIDE LOGS CLIPPED TO MAX PERMITTED
ssl_tls.c:4536: |4| 00f0: 45 43 20 43 41 EC CA
ssl_tls.c:3830: |2| => flush output
ssl_tls.c:3849: |2| message length: 245, out_left: 245
ssl_tls.c:3854: |2| ssl->f_send() returned 245 (-0xffffff0b)
ssl_tls.c:3882: |2| <= flush output
ssl_tls.c:4586: |2| <= write record
ssl_tls.c:4395: |2| <= write handshake message
ssl_srv.c:3001: |2| <= write certificate request
ssl_srv.c:4457: |2| server state: 6
ssl_tls.c:3830: |2| => flush output
ssl_tls.c:3842: |2| <= flush output
ssl_srv.c:3527: |2| => write server hello done
ssl_tls.c:4259: |2| => write handshake message
ssl_tls.c:4418: |2| => write record
ssl_tls.c:4533: |3| output record: msgtype = 22, version = [3:3], msglen = 4
ssl_tls.c:4536: |4| dumping ‘output record sent to network’ (9 bytes)
ssl_tls.c:4536: |4| 0000: 16 03 03 00 04 0e 00 00 00 …
ssl_tls.c:3830: |2| => flush output
ssl_tls.c:3849: |2| message length: 9, out_left: 9
ssl_tls.c:3854: |2| ssl->f_send() returned 9 (-0xfffffff7)
ssl_tls.c:3882: |2| <= flush output
ssl_tls.c:4586: |2| <= write record
ssl_tls.c:4395: |2| <= write handshake message
ssl_srv.c:3555: |2| <= write server hello done
ssl_srv.c:4457: |2| server state: 7
ssl_tls.c:3830: |2| => flush output
ssl_tls.c:3842: |2| <= flush output
ssl_tls.c:7356: |2| => parse certificate
ssl_tls.c:5625: |2| => read record
ssl_tls.c:3611: |2| => fetch input
ssl_tls.c:3772: |2| in_left: 0, nb_want: 5
ssl_tls.c:3796: |2| in_left: 0, nb_want: 5
ssl_tls.c:3797: |2| ssl->f_recv(timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:3817: |2| <= fetch input
ssl_tls.c:5345: |4| dumping ‘input record header’ (5 bytes)
ssl_tls.c:5345: |4| 0000: 16 03 03 06 ae …
ssl_tls.c:5350: |3| input record: msgtype = 22, version = [3:3], msglen = 1710
ssl_tls.c:3611: |2| => fetch input
ssl_tls.c:3772: |2| in_left: 5, nb_want: 1715
ssl_tls.c:3796: |2| in_left: 5, nb_want: 1715
ssl_tls.c:3797: |2| ssl->f_recv(timeout)() returned 1710 (-0xfffff952)
ssl_tls.c:3817: |2| <= fetch input
ssl_tls.c:5457: |4| dumping ‘input record from network’ (1715 bytes)
ssl_tls.c:5457: |4| 0000: 16 03 03 06 ae 0b 00 06 aa 00 06 a7 00 03 14 30 …0
ssl_tls.c:5457: |4| 0010: 82 03 10 30 82 01 f8 a0 03 02 01 02 02 01 01 30 …0…0
ssl_tls.c:5457: |4| 0020: 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 15 ….H…0.
ssl_tls.c:5457: |4| 0030: 31 13 30 11 06 03 55 04 03 0c 0a 6d 79 72 6f 6f 1.0…U…myroo
ssl_tls.c:5457: |4| 0040: 74 63 65 72 74 30 1e 17 0d 32 30 30 31 30 38 30 tcert0…2001080
ssl_tls.c:5457: |4| 0050: 34 30 38 31 31 5a 17 0d 32 31 30 31 31 37 30 34 40811Z…21011704
ssl_tls.c:5457: |4| 0060: 30 38 31 31 5a 30 1d 31 1b 30 19 06 03 55 04 03 0811Z0.1.0…U…
ssl_tls.c:5457: |4| 0070: 0c 12 6d 79 69 6e 74 65 72 6d 65 64 69 61 74 65 …myintermediate
ssl_tls.c:5457: |4| 0080: 63 65 72 74 30 82 01 22 30 0d 06 09 2a 86 48 86 cert0…"0…
.H.
ssl_tls.c:5457: |4| 0090: f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a …0…
ssl_tls.c:5457: |4| 00a0: 02 82 01 01 00 c9 8f 68 9c c8 ef 94 a5 69 9c a2 …h…i…
ssl_tls.c:5457: |4| 00b0: a8 9c 4a 14 14 ba 86 27 2a 69 37 65 a2 a8 cb c7 …J…'i7e…
ssl_tls.c:5457: |4| 00c0: fb f2 55 52 aa 07 b2 37 de 97 48 4c 60 2b 2c 07 …UR…7…HL+,. ssl_tls.c:5457: |4| 00d0: 6e d4 94 16 94 65 2a 21 07 55 43 77 37 62 ac ce n....e*!.UCw7b.. ssl_tls.c:5457: |4| 00e0: 95 18 47 b2 4e 17 3b d5 66 2e b3 5a ae e7 65 c3 ..G.N.;.f..Z..e. ssl_tls.c:5457: |4| 00f0: 57 73 48 6c b7 d3 eb 33 8b 39 82 ab 4a 3f 06 dd WsHl...3.9..J?.. ssl_tls.c:5457: |4| 0100: b7 d4 57 d7 78 c2 7a 2a 6e cf ef 12 9e f9 43 b0 ..W.x.z*n.....C. ssl_tls.c:5457: |4| 0110: 22 87 98 cb 6c e8 53 ac 43 3f d1 ee b0 29 0c cc "...l.S.C?...).. ssl_tls.c:5457: |4| 0120: b0 db f4 35 40 4b 52 91 0f 79 c4 b8 be 7f b8 c7 ...5@KR..y...... ssl_tls.c:5457: |4| 0130: 3d 21 d6 6c 99 71 21 87 c5 d8 ef 43 c7 c3 1d 8c =!.l.q!....C.... ssl_tls.c:5457: |4| 0140: 4d f8 fa 56 8b f2 49 c6 58 ce 4c 83 14 c2 12 bf M..V..I.X.L..... ssl_tls.c:5457: |4| 0150: 99 7b d6 0c eb e5 36 8b 3a d6 31 b2 b6 d6 8e 4e .{....6.:.1....N ssl_tls.c:5457: |4| 0160: 5e c4 2a fd 4f 10 83 ad 90 fc ca 14 d1 34 84 c2 ^.*.O........4.. ssl_tls.c:5457: |4| 0170: 56 5a 51 3e 3b 7a ef b7 31 ae d5 e5 dc 55 dc de VZQ>;z..1....U.. ssl_tls.c:5457: |4| 0180: 2c 02 78 82 c5 d4 c9 f3 92 72 03 0d 99 16 f7 e8 ,.x......r...... ssl_tls.c:5457: |4| 0190: f0 38 77 c8 72 8d a7 34 ea b7 ef c3 22 bd fc 33 .8w.r..4...."..3 ssl_tls.c:5457: |4| 01a0: f4 9d 9c 05 2d 02 03 01 00 01 a3 63 30 61 30 1d ....-......c0a0. ssl_tls.c:5457: |4| 01b0: 06 03 55 1d 0e 04 16 04 14 20 8e 7b 4f 75 75 a4 ..U...... .{Ouu. ssl_tls.c:5457: |4| 01c0: f4 73 42 34 ca 86 69 a8 e5 3b 47 8d 33 30 1f 06 .sB4..i..;G.30.. ssl_tls.c:5457: |4| 01d0: 03 55 1d 23 04 18 30 16 80 14 8a 8b 93 07 d0 1d .U.#..0......... ssl_tls.c:5457: |4| 01e0: 5c 68 b0 fc 47 5c 98 8e a1 60 e8 27 a4 7b 30 0f \h..G\....’.{0.
ssl_tls.c:5457: |4| 01f0: 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 …U…0…0
ssl_tls.c:5457: |4| 0200: 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 86 30 …U…0
ssl_tls.c:5457: |4| 0210: 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 …
.H…
ssl_tls.c:5457: |4| 0220: 01 01 00 a8 f7 96 9c 14 d2 5a ed 7e 4d d1 a7 ad …Z.~M…
ssl_tls.c:5457: |4| 0230: 96 5e e1 ca 62 b7 fd 0b 54 93 84 4f b9 bf ff 76 .^…b…T…O…v
ssl_tls.c:5457: |4| 0240: 44 bf 1c a3 89 6d 70 30 e2 33 b4 c6 69 0c 42 90 D…mp0.3…i.B.
ssl_tls.c:5457: |4| 0250: 4a 0e 8c d9 d2 f5 5c a1 27 6b 43 ce e6 a3 e9 96 J…‘kC…
ssl_tls.c:5457: |4| 0260: 75 fc 2b 7a 2b 91 5d 49 89 9c ec 90 55 31 b6 f6 u.+z+.]I…U1…
ssl_tls.c:5457: |4| 0270: 47 d2 a5 75 80 5d ff 37 49 76 41 9f a4 1a 88 6d G…u.].7IvA…m
ssl_tls.c:5457: |4| 0280: a7 9e 75 34 40 2b c9 ff 25 d8 e1 66 b7 67 a1 bd …u4@+…%…f.g…
ssl_tls.c:5457: |4| 0290: f1 22 8e ac eb e8 99 49 30 96 98 57 7b 2f d0 ba ."…I0…W{/…
ssl_tls.c:5457: |4| 02a0: 70 44 67 59 e8 49 d4 83 3e 90 42 ba 3d ef 08 11 pDgY.I…>.B.=…
ssl_tls.c:5457: |4| 02b0: f3 90 12 f5 1b 5b 6b eb 1b 73 5b a8 9e 07 34 cd …[k…s[…4.
ssl_tls.c:5457: |4| 02c0: 7f 7f 2e c4 1c ec 5f 45 f2 89 00 05 29 1c c6 a5 …E…)…
ssl_tls.c:5457: |4| 02d0: 9a 73 bb d8 9d 96 40 09 c7 0b da 54 da dc 2f c7 .s…@…T…/.
ssl_tls.c:5457: |4| 02e0: 66 3f dd f9 f8 ac 2a 03 1b 12 97 49 8e 1d 6f 8d f?..*…I…o.
ssl_tls.c:5457: |4| 02f0: a0 7e 85 aa db d6 39 ac 35 02 58 95 2a 67 7a c1 .~…9.5.X.*gz.
ssl_tls.c:5457: |4| 0300: 7d 5e 24 2b 82 7f 99 ac 7a 8c 90 c2 da 1d bb 01 }^+....z....... ssl_tls.c:5457: |4| 0310: 5b 9c d3 53 36 e0 a0 3d 87 42 27 d3 ef 74 59 8b [..S6..=.B'..tY. ssl_tls.c:5457: |4| 0320: 70 52 85 00 03 8d 30 82 03 89 30 82 02 71 a0 03 pR....0...0..q.. ssl_tls.c:5457: |4| 0330: 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86 f7 0d ......0...*.H... ssl_tls.c:5457: |4| 0340: 01 01 0b 05 00 30 1d 31 1b 30 19 06 03 55 04 03 .....0.1.0...U.. ssl_tls.c:5457: |4| 0350: 0c 12 6d 79 69 6e 74 65 72 6d 65 64 69 61 74 65 ..myintermediate ssl_tls.c:5457: |4| 0360: 63 65 72 74 30 1e 17 0d 32 30 30 31 30 38 30 34 cert0...20010804 ssl_tls.c:5457: |4| 0370: 31 31 32 32 5a 17 0d 32 31 30 31 31 37 30 34 31 1122Z..210117041 ssl_tls.c:5457: |4| 0380: 31 32 32 5a 30 17 31 15 30 13 06 03 55 04 03 0c 122Z0.1.0...U... ssl_tls.c:5457: |4| 0390: 0c 6d 79 64 65 76 69 63 65 63 65 72 74 30 82 01 .mydevicecert0.. ssl_tls.c:5457: |4| 03a0: 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 "0...*.H........ ssl_tls.c:5457: |4| 03b0: 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 c2 00 .....0.......... ssl_tls.c:5457: |4| 03c0: 6f ec be 0c b4 ac 82 2a b5 14 9c 5d 4f 2b 7e e0 o......*...]O+~. ssl_tls.c:5457: |4| 03d0: f1 f2 82 5f d3 db 7e 05 52 e2 69 a4 b9 ac c4 e4 ..._..~.R.i..... ssl_tls.c:5457: |4| 03e0: aa 63 97 ec 90 45 36 68 29 93 3d 5e 5e 61 2d 3c .c...E6h).=^^a-< ssl_tls.c:5457: |4| 03f0: 82 c9 d2 c9 81 86 ff b4 60 19 92 ed 1e c5 79 88 ........`.....y. ssl_tls.c:5457: |4| 0400: b7 b9 21 44 bc d6 39 31 95 56 da d3 88 58 16 06 ..!D..91.V...X.. ssl_tls.c:5457: |4| 0410: b1 b0 aa 6d 1a 15 39 22 d0 44 4e ed 05 3a 0a d1 ...m..9".DN..:.. ssl_tls.c:5457: |4| 0420: 01 3e 87 94 2f 65 52 75 dd e0 a2 9c 87 8f c9 68 .>../eRu.......h ssl_tls.c:5457: |4| 0430: db a3 27 f5 3c aa 03 ea 6a 52 f9 53 84 d1 73 18 ..'.<...jR.S..s. ssl_tls.c:5457: |4| 0440: 3e 59 14 6c 02 b7 00 90 f1 41 e9 2f ef 9e 13 1a >Y.l.....A./.... ssl_tls.c:5457: |4| 0450: ed 1c e2 bf de bb d5 5f 36 0b 8d c8 94 a7 3d b3 ......._6.....=. ssl_tls.c:5457: |4| 0460: 02 f5 9f 6a ff bf c4 3f 3a 46 56 61 4f 4a 86 b3 ...j...?:FVaOJ.. ssl_tls.c:5457: |4| 0470: da 3e 4b bf 59 e8 c5 13 4c f6 dc 69 24 89 74 aa .>K.Y...L..i.t.
ssl_tls.c:5457: |4| 0480: 73 59 16 90 d3 f6 11 a9 d4 38 c4 83 f1 69 1c 9b sY…8…i…
ssl_tls.c:5457: |4| 0490: c1 4e cf d9 7d f1 63 61 bb ea 11 94 7d 3a 00 73 .N…}.ca…}:.s
ssl_tls.c:5457: |4| 04a0: 94 d0 5f b1 76 45 34 8f f6 a5 fd 53 46 80 2d c5 …
.vE4…SF.-.
ssl_tls.c:5457: |4| 04b0: 40 c3 70 78 05 a8 d6 13 ba b8 1b 0b 74 7d 02 03 @.px…t}…
ssl_tls.c:5457: |4| 04c0: 01 00 01 a3 81 d9 30 81 d6 30 09 06 03 55 1d 13 …0…0…U…
ssl_tls.c:5457: |4| 04d0: 04 02 30 00 30 11 06 09 60 86 48 01 86 f8 42 01 …0.0….H...B. ssl_tls.c:5457: |4| 04e0: 01 04 04 03 02 06 40 30 33 06 09 60 86 48 01 86 ......@03...H…
ssl_tls.c:5457: |4| 04f0: f8 42 01 0d 04 26 16 24 4f 70 65 6e 53 53 4c 20 .B…&.OpenSSL ssl_tls.c:5457: |4| 0500: 47 65 6e 65 72 61 74 65 64 20 53 65 72 76 65 72 Generated Server ssl_tls.c:5457: |4| 0510: 20 43 65 72 74 69 66 69 63 61 74 65 30 1d 06 03 Certificate0... ssl_tls.c:5457: |4| 0520: 55 1d 0e 04 16 04 14 d6 ae 81 25 98 1e 54 3e 8c U.........%..T>. ssl_tls.c:5457: |4| 0530: ba 74 56 d3 2a 86 4b ae b8 76 fc 30 3d 06 03 55 .tV.*.K..v.0=..U ssl_tls.c:5457: |4| 0540: 1d 23 04 36 30 34 80 14 20 8e 7b 4f 75 75 a4 f4 .#.604.. .{Ouu.. ssl_tls.c:5457: |4| 0550: 73 42 34 ca 86 69 a8 e5 3b 47 8d 33 a1 19 a4 17 sB4..i..;G.3.... ssl_tls.c:5457: |4| 0560: 30 15 31 13 30 11 06 03 55 04 03 0c 0a 6d 79 72 0.1.0...U....myr ssl_tls.c:5457: |4| 0570: 6f 6f 74 63 65 72 74 82 01 01 30 0e 06 03 55 1d ootcert...0...U. ssl_tls.c:5457: |4| 0580: 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d ..........0...U. ssl_tls.c:5457: |4| 0590: 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 %..0...+.......0 ssl_tls.c:5457: |4| 05a0: 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 ...*.H.......... ssl_tls.c:5457: |4| 05b0: 01 01 00 24 c6 8c 79 c9 f6 0c 63 ad cb a8 f9 2f ...…y…c…/
ssl_tls.c:5457: |4| 05c0: 18 54 f6 d6 9c 4c bc 3e 41 df f8 93 7d 7e 2d fc .T…L.>A…}~-.
ssl_tls.c:5457: |4| 05d0: 56 27 05 9f 39 42 8c d7 a9 bb 11 c4 1e e6 9b b3 V’…9B…
ssl_tls.c:5457: |4| 05e0: b6 dc a6 05 68 3f 4f 68 55 4d 20 be ab 50 e6 c5 …h?OhUM …P…
ssl_tls.c:5457: |4| 05f0: 91 78 c6 23 97 3e de bd 73 6c cb 45 a1 f9 3d fa .x.#.>…sl.E…=.
ssl_tls.c:5457: |4| 0600: 9c 08 21 26 62 1d 28 3d 44 22 6b 1e 76 dd 31 f7 …!&b.(=D"k.v.1.
ssl_tls.c:5457: |4| 0610: 76 ae f5 e8 3e f9 93 34 d5 03 58 9c 66 e3 61 0e v…>…4…X.f.a.
ssl_tls.c:5457: |4| 0620: 65 7d b8 b9 f5 33 2d a3 bb e6 3e 92 53 85 e6 9e e}…3-…>.S…
ssl_tls.c:5457: |4| 0630: 34 85 ef bb 34 43 c9 d1 be bd 9d af 5b f4 95 3d 4…4C…[…=
ssl_tls.c:5457: |4| 0640: b0 9c 5f 79 07 91 33 57 0f 99 e0 f3 b8 cd aa 55 …y…3W…U
ssl_tls.c:5457: |4| 0650: a0 bb 95 42 ac 0d d0 67 53 10 a5 40 21 0d 11 77 …B…gS…@!..w
ssl_tls.c:5457: |4| 0660: 83 1f 4c 73 55 ac d3 7a e2 c0 5a 0c fb f5 97 49 …LsU…z…Z…I
ssl_tls.c:5457: |4| 0670: 7f 9d 1e ea 8c f0 29 8f 41 96 aa 49 25 d0 27 cf …).A…I%.’.
ssl_tls.c:5457: |4| 0680: 08 5a 1c 0a 1c 4f 4c 5f 2c 5f 2a 54 20 f1 4b 2c .Z…OL
,
*T .K,
ssl_tls.c:5457: |4| 0690: f7 67 07 2e ee 97 a1 64 b7 9e 7d 1b 0e ed be fe .g…d…}…
ssl_tls.c:5457: |4| 06a0: d9 90 9c 13 df 80 8c a8 fa d4 a1 35 16 6a 5f 3a …5.j
:
ssl_tls.c:5457: |4| 06b0: 72 c4 da r…
ssl_tls.c:4736: |3| handshake message: msglen = 1710, type = 11, hslen = 1710
ssl_tls.c:5699: |2| <= read record
ssl_tls.c:7020: |3| peer certificate #1:
ssl_tls.c:7020: |3| cert. version : 3
ssl_tls.c:7020: |3| serial number : 01
ssl_tls.c:7020: |3| issuer name : CN=myrootcert
ssl_tls.c:7020: |3| subject name : CN=myintermediatecert
ssl_tls.c:7020: |3| issued on : 2020-01-08 04:08:11
ssl_tls.c:7020: |3| expires on : 2021-01-17 04:08:11
ssl_tls.c:7020: |3| signed using : RSA with SHA-256
ssl_tls.c:7020: |3| RSA key size : 2048 bits
ssl_tls.c:7020: |3| basic constraints : CA=true
ssl_tls.c:7020: |3| key usage : Digital Signature, Key Cert Sign, CRL Sign
ssl_tls.c:7020: |3| value of ‘crt->rsa.N’ (2048 bits) is:
ssl_tls.c:7020: |3| c9 8f 68 9c c8 ef 94 a5 69 9c a2 a8 9c 4a 14 14
ssl_tls.c:7020: |3| ba 86 27 2a 69 37 65 a2 a8 cb c7 fb f2 55 52 aa
ssl_tls.c:7020: |3| 07 b2 37 de 97 48 4c 60 2b 2c 07 6e d4 94 16 94
ssl_tls.c:7020: |3| 65 2a 21 07 55 43 77 37 62 ac ce 95 18 47 b2 4e
ssl_tls.c:7020: |3| 17 3b d5 66 2e b3 5a ae e7 65 c3 57 73 48 6c b7
ssl_tls.c:7020: |3| d3 eb 33 8b 39 82 ab 4a 3f 06 dd b7 d4 57 d7 78
ssl_tls.c:7020: |3| c2 7a 2a 6e cf ef 12 9e f9 43 b0 22 87 98 cb 6c
ssl_tls.c:7020: |3| e8 53 ac 43 3f d1 ee b0 29 0c cc b0 db f4 35 40
ssl_tls.c:7020: |3| 4b 52 91 0f 79 c4 b8 be 7f b8 c7 3d 21 d6 6c 99
ssl_tls.c:7020: |3| 71 21 87 c5 d8 ef 43 c7 c3 1d 8c 4d f8 fa 56 8b
ssl_tls.c:7020: |3| f2 49 c6 58 ce 4c 83 14 c2 12 bf 99 7b d6 0c eb
ssl_tls.c:7020: |3| e5 36 8b 3a d6 31 b2 b6 d6 8e 4e 5e c4 2a fd 4f
ssl_tls.c:7020: |3| 10 83 ad 90 fc ca 14 d1 34 84 c2 56 5a 51 3e 3b
ssl_tls.c:7020: |3| 7a ef b7 31 ae d5 e5 dc 55 dc de 2c 02 78 82 c5
ssl_tls.c:7020: |3| d4 c9 f3 92 72 03 0d 99 16 f7 e8 f0 38 77 c8 72
ssl_tls.c:7020: |3| 8d a7 34 ea b7 ef c3 22 bd fc 33 f4 9d 9c 05 2d
ssl_tls.c:7020: |3| value of ‘crt->rsa.E’ (17 bits) is:
ssl_tls.c:7020: |3| 01 00 01
ssl_tls.c:7020: |3| peer certificate #2:
ssl_tls.c:7020: |3| cert. version : 3
ssl_tls.c:7020: |3| serial number : 02
ssl_tls.c:7020: |3| issuer name : CN=myintermediatecert
ssl_tls.c:7020: |3| subject name : CN=mydevicecert
ssl_tls.c:7020: |3| issued on : 2020-01-08 04:11:22
ssl_tls.c:7020: |3| expires on : 2021-01-17 04:11:22
ssl_tls.c:7020: |3| signed using : RSA with SHA-256
ssl_tls.c:7020: |3| RSA key size : 2048 bits
ssl_tls.c:7020: |3| basic constraints : CA=false
ssl_tls.c:7020: |3| cert. type : SSL Server
ssl_tls.c:7020: |3| key usage : Digital Signature, Key Encipherment
ssl_tls.c:7020: |3| ext key usage : TLS Web Server Authentication
ssl_tls.c:7020: |3| value of ‘crt->rsa.N’ (2048 bits) is:
ssl_tls.c:7020: |3| c2 00 6f ec be 0c b4 ac 82 2a b5 14 9c 5d 4f 2b
ssl_tls.c:7020: |3| 7e e0 f1 f2 82 5f d3 db 7e 05 52 e2 69 a4 b9 ac
ssl_tls.c:7020: |3| c4 e4 aa 63 97 ec 90 45 36 68 29 93 3d 5e 5e 61
ssl_tls.c:7020: |3| 2d 3c 82 c9 d2 c9 81 86 ff b4 60 19 92 ed 1e c5
ssl_tls.c:7020: |3| 79 88 b7 b9 21 44 bc d6 39 31 95 56 da d3 88 58
ssl_tls.c:7020: |3| 16 06 b1 b0 aa 6d 1a 15 39 22 d0 44 4e ed 05 3a
ssl_tls.c:7020: |3| 0a d1 01 3e 87 94 2f 65 52 75 dd e0 a2 9c 87 8f
ssl_tls.c:7020: |3| c9 68 db a3 27 f5 3c aa 03 ea 6a 52 f9 53 84 d1
ssl_tls.c:7020: |3| 73 18 3e 59 14 6c 02 b7 00 90 f1 41 e9 2f ef 9e
ssl_tls.c:7020: |3| 13 1a ed 1c e2 bf de bb d5 5f 36 0b 8d c8 94 a7
ssl_tls.c:7020: |3| 3d b3 02 f5 9f 6a ff bf c4 3f 3a 46 56 61 4f 4a
ssl_tls.c:7020: |3| 86 b3 da 3e 4b bf 59 e8 c5 13 4c f6 dc 69 24 89
ssl_tls.c:7020: |3| 74 aa 73 59 16 90 d3 f6 11 a9 d4 38 c4 83 f1 69
ssl_tls.c:7020: |3| 1c 9b c1 4e cf d9 7d f1 63 61 bb ea 11 94 7d 3a
ssl_tls.c:7020: |3| 00 73 94 d0 5f b1 76 45 34 8f f6 a5 fd 53 46 80
ssl_tls.c:7020: |3| 2d c5 40 c3 70 78 05 a8 d6 13 ba b8 1b 0b 74 7d
ssl_tls.c:7020: |3| value of ‘crt->rsa.E’ (17 bits) is:
ssl_tls.c:7020: |3| 01 00 01
ssl_tls.c:7127: |3| Use configuration-specific verification callback
rsa_verify_wrap md_alg=6 rsa_len=256Before calling mbedtls_rsa_pkcs1_Verify at line=100
Start of func mbedtls_rsa_pkcs1_verify line=2441
Start of func mbedtls_rsa_pkcs1_verify line=2443
Start of func mbedtls_rsa_pkcs1_verify line=2446
Start of func mbedtls_rsa_pkcs1_verify line=2448
Start of func mbedtls_rsa_pkcs1_verify ctx->padding=0
rsa.c at line=2377
ssl_tls.c:7283: |3| Certificate verification flags clear
ssl_tls.c:7469: |2| <= parse certificate
ssl_srv.c:4457: |2| server state: 8
ssl_tls.c:3830: |2| => flush output
ssl_tls.c:3842: |2| <= flush output
ssl_srv.c:3878: |2| => parse client key exchange
ssl_tls.c:5625: |2| => read record
ssl_tls.c:3611: |2| => fetch input
ssl_tls.c:3772: |2| in_left: 0, nb_want: 5
ssl_tls.c:3796: |2| in_left: 0, nb_want: 5
ssl_tls.c:3797: |2| ssl->f_recv(timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:3817: |2| <= fetch input
ssl_tls.c:5345: |4| dumping ‘input record header’ (5 bytes)
ssl_tls.c:5345: |4| 0000: 16 03 03 00 8a …
ssl_tls.c:5350: |3| input record: msgtype = 22, version = [3:3], msglen = 138
ssl_tls.c:3611: |2| => fetch input
ssl_tls.c:3772: |2| in_left: 5, nb_want: 143
ssl_tls.c:3796: |2| in_left: 5, nb_want: 143
ssl_tls.c:3797: |2| ssl->f_recv(timeout)() returned 138 (-0xffffff76)
ssl_tls.c:3817: |2| <= fetch input
ssl_tls.c:5457: |4| dumping ‘input record from network’ (143 bytes)
ssl_tls.c:5457: |4| 0000: 16 03 03 00 8a 10 00 00 86 85 04 00 44 e6 d1 7a …D…z
ssl_tls.c:5457: |4| 0010: e9 a5 7b 14 ed 5f 20 ed 95 26 ee 7b 37 82 25 6a …{…
…&.{7.%j
ssl_tls.c:5457: |4| 0020: e5 76 6c 22 c8 ae 62 22 1a aa 91 3f 78 7d ae f1 .vl"…b"…?x}…
ssl_tls.c:5457: |4| 0030: b7 53 20 1b b6 77 c9 ef de ca 59 5e 41 ff 5e f7 .S …w…Y^A.^.
ssl_tls.c:5457: |4| 0040: 99 e3 fe 95 7c 0f 83 0e a6 f5 55 c2 2b 01 d9 4c …|…U.+…L
ssl_tls.c:5457: |4| 0050: c2 ec e7 bd ca 54 49 ad 62 b5 b9 f1 06 b7 28 01 …TI.b…(.
ssl_tls.c:5457: |4| 0060: bd b7 01 01 34 7d 46 46 26 b4 51 86 cf be eb fc …4}FF&.Q…
ssl_tls.c:5457: |4| 0070: b1 ca c1 91 3d 31 81 b1 ba 41 be 5c 9c 5c 3a c2 …=1…A…:.
ssl_tls.c:5457: |4| 0080: d6 39 3d 58 96 bd fe 69 9a 1c 0e 69 ff 7a 26 .9=X…i…i.z&
ssl_tls.c:4736: |3| handshake message: msglen = 138, type = 16, hslen = 138
ssl_tls.c:5699: |2| <= read record
ssl_srv.c:3961: |3| value of ‘ECDH: Qp(X)’ (519 bits) is:
ssl_srv.c:3961: |3| 44 e6 d1 7a e9 a5 7b 14 ed 5f 20 ed 95 26 ee 7b
ssl_srv.c:3961: |3| 37 82 25 6a e5 76 6c 22 c8 ae 62 22 1a aa 91 3f
ssl_srv.c:3961: |3| 78 7d ae f1 b7 53 20 1b b6 77 c9 ef de ca 59 5e
ssl_srv.c:3961: |3| 41 ff 5e f7 99 e3 fe 95 7c 0f 83 0e a6 f5 55 c2
ssl_srv.c:3961: |3| 2b
ssl_srv.c:3961: |3| value of ‘ECDH: Qp(Y)’ (521 bits) is:
ssl_srv.c:3961: |3| 01 d9 4c c2 ec e7 bd ca 54 49 ad 62 b5 b9 f1 06
ssl_srv.c:3961: |3| b7 28 01 bd b7 01 01 34 7d 46 46 26 b4 51 86 cf
ssl_srv.c:3961: |3| be eb fc b1 ca c1 91 3d 31 81 b1 ba 41 be 5c 9c
ssl_srv.c:3961: |3| 5c 3a c2 d6 39 3d 58 96 bd fe 69 9a 1c 0e 69 ff
ssl_srv.c:3961: |3| 7a 26
ssl_srv.c:3974: |3| value of ‘ECDH: z’ (521 bits) is:
ssl_srv.c:3974: |3| 01 f6 3f 80 6e f1 f2 64 8c be 56 02 b2 55 77 04
ssl_srv.c:3974: |3| 0d 32 06 97 e7 f4 82 97 3d 46 c2 8a 68 aa c2 2c
ssl_srv.c:3974: |3| c8 ba ad c1 74 73 83 b8 68 25 f0 21 09 11 c3 e8
ssl_srv.c:3974: |3| a2 0c 3f 8b b9 5a d0 36 d6 1b c7 e5 2f d5 7c 14
ssl_srv.c:3974: |3| b0 ee
ssl_tls.c:1818: |2| => derive keys
ssl_tls.c:2020: |2| => calc verify sha256
ssl_tls.c:2027: |3| dumping ‘calculated verify result’ (32 bytes)
ssl_tls.c:2027: |3| 0000: e9 32 13 bf b5 cd 28 82 6a c2 4b e0 8d 35 b9 32 .2…(.j.K…5.2
ssl_tls.c:2027: |3| 0010: 89 55 5b 65 44 3e 70 03 9e d0 82 46 ec 11 9c 91 .U[eD>p…F…
ssl_tls.c:2028: |2| <= calc verify
ssl_tls.c:1735: |3| dumping ‘session hash for extended master secret’ (32 bytes)
ssl_tls.c:1735: |3| 0000: e9 32 13 bf b5 cd 28 82 6a c2 4b e0 8d 35 b9 32 .2…(.j.K…5.2
ssl_tls.c:1735: |3| 0010: 89 55 5b 65 44 3e 70 03 9e d0 82 46 ec 11 9c 91 .U[eD>p…F…
ssl_tls.c:1803: |3| dumping ‘premaster secret’ (66 bytes)
ssl_tls.c:1803: |3| 0000: 01 f6 3f 80 6e f1 f2 64 8c be 56 02 b2 55 77 04 …?.n…d…V…Uw.
ssl_tls.c:1803: |3| 0010: 0d 32 06 97 e7 f4 82 97 3d 46 c2 8a 68 aa c2 2c .2…=F…h…,
ssl_tls.c:1803: |3| 0020: c8 ba ad c1 74 73 83 b8 68 25 f0 21 09 11 c3 e8 …ts…h%.!..
ssl_tls.c:1803: |3| 0030: a2 0c 3f 8b b9 5a d0 36 d6 1b c7 e5 2f d5 7c 14 …?..Z.6…/.|.
ssl_tls.c:1803: |3| 0040: b0 ee …
ssl_tls.c:1189: |3| ciphersuite = TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
ssl_tls.c:1190: |3| dumping ‘master secret’ (48 bytes)
ssl_tls.c:1190: |3| 0000: d4 ed 58 67 ef 10 4c f0 73 d6 5b c0 e3 0e b0 6b …Xg…L.s.[…k
ssl_tls.c:1190: |3| 0010: d9 ca 60 d0 67 78 9b c2 de 29 55 3c 9a 92 6e 1d ….gx...)U<..n. ssl_tls.c:1190: |3| 0020: 83 08 d2 6e 0f d4 09 90 47 18 08 2f 68 94 7e 50 ...n....G../h.~P ssl_tls.c:1191: |4| dumping 'random bytes' (64 bytes) ssl_tls.c:1191: |4| 0000: 5e 1c 42 c3 58 bf b4 28 65 ae 67 77 16 fe 8e 23 ^.B.X..(e.gw...# ssl_tls.c:1191: |4| 0010: ca e8 11 ae 8f 14 e0 cc 66 fc 9d a1 89 4e 61 74 ........f....Nat ssl_tls.c:1191: |4| 0020: 5e 1c 42 c3 ca 44 85 d1 64 3c ee 35 6d 35 fc 30 ^.B..D..d<.5m5.0 ssl_tls.c:1191: |4| 0030: 63 ae b4 8d 40 71 d7 54 98 6b 44 2a 83 12 cc e9 c...@q.T.kD*.... ssl_tls.c:1192: |4| dumping 'key block' (256 bytes) ssl_tls.c:1192: |4| 0000: 0f 3d af 88 5f ab e5 6f 3e d3 69 90 9e ee 12 67 .=.._..o>.i....g ssl_tls.c:1192: |4| 0010: 2b cb a7 98 1a ef 9c 88 da 93 fe 14 ef 1c 59 bd +.............Y. ssl_tls.c:1192: |4| 0020: 20 e9 26 a5 cb 4d da b8 50 04 98 91 ed 2d 32 4c .&..M..P....-2L ssl_tls.c:1192: |4| 0030: 54 b8 35 49 c7 84 90 d6 65 18 09 20 e0 40 47 f2 T.5I....e.. .@G. ssl_tls.c:1192: |4| 0040: 21 f0 f5 56 b2 f6 54 f3 5b 42 4b 02 aa 0b 9d c5 !..V..T.[BK..... ssl_tls.c:1192: |4| 0050: 68 45 93 17 0e d6 99 f2 5f 67 2a ec 30 ad b7 74 hE......_g*.0..t ssl_tls.c:1192: |4| 0060: 86 8f dc 62 5a ef 27 ff db 08 c1 75 60 af a1 b1 ...bZ.'....u
ssl_tls.c:1192: |4| 0070: 4c fb 55 0d 25 3b e1 25 93 d7 96 f3 df 8f b3 16 L.U.%;.%…
ssl_tls.c:1192: |4| 0080: 05 34 ac 76 cd d9 82 64 80 c5 2f 61 de cb b9 d5 .4.v…d…/a…
ssl_tls.c:1192: |4| 0090: 81 70 a8 9b aa 8e cb 4b 62 77 e2 87 2d 4a cf b1 .p…Kbw…-J…
ssl_tls.c:1192: |4| 00a0: 40 f3 e3 9a e6 2e 1a b1 aa 34 e7 97 c7 08 c6 be @…4…
ssl_tls.c:1192: |4| 00b0: 9b 2c 6f 6b b6 63 5d 8b 2b 85 15 8f 93 b3 1f 8c .,ok.c].+…
ssl_tls.c:1192: |4| 00c0: 94 36 48 ca 2f a5 df f7 0e 36 9f c1 d8 7b 7f a2 .6H./…6…{…
ssl_tls.c:1192: |4| 00d0: 98 25 bd 89 1c 79 2d d4 f1 d1 22 6b 92 c7 07 d5 .%…y-…"k…
ssl_tls.c:1192: |4| 00e0: 11 cd 7c 98 6f 59 c4 75 93 5f 7e ae d0 a5 fc 5c …|.oY.u.
~…
ssl_tls.c:1192: |4| 00f0: fe c9 06 cf 76 d8 14 bd 2a 79 52 dd c1 24 f1 06 …v…*yR…$…
ssl_tls.c:1325: |3| keylen: 32, minlen: 16, ivlen: 12, maclen: 0
ssl_tls.c:1897: |2| <= derive keys
ssl_srv.c:4170: |2| <= parse client key exchange
ssl_srv.c:4457: |2| server state: 9
ssl_tls.c:3830: |2| => flush output
ssl_tls.c:3842: |2| <= flush output
ssl_srv.c:4209: |2| => parse certificate verify
ssl_tls.c:5625: |2| => read record
ssl_tls.c:3611: |2| => fetch input
ssl_tls.c:3772: |2| in_left: 0, nb_want: 5
ssl_tls.c:3796: |2| in_left: 0, nb_want: 5
ssl_tls.c:3797: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:3817: |2| <= fetch input
ssl_tls.c:5345: |4| dumping ‘input record header’ (5 bytes)
ssl_tls.c:5345: |4| 0000: 16 03 03 01 08 …
ssl_tls.c:5350: |3| input record: msgtype = 22, version = [3:3], msglen = 264
ssl_tls.c:3611: |2| => fetch input
ssl_tls.c:3772: |2| in_left: 5, nb_want: 269
ssl_tls.c:3796: |2| in_left: 5, nb_want: 269
ssl_tls.c:3797: |2| ssl->f_recv(timeout)() returned 264 (-0xfffffef8)
ssl_tls.c:3817: |2| <= fetch input
ssl_tls.c:5457: |4| dumping ‘input record from network’ (269 bytes)
ssl_tls.c:5457: |4| 0000: 16 03 03 01 08 0f 00 01 04 04 01 01 00 a3 7e e1 …~.
ssl_tls.c:5457: |4| 0010: a9 fc 2b c1 a3 ea 1e e2 2b 7d 72 d8 20 93 71 86 …+…+}r. .q.
ssl_tls.c:5457: |4| 0020: 6d 6e 4d 5d e7 d9 70 a0 1f c2 86 36 fd 37 a7 9b mnM]…p…6.7…
ssl_tls.c:5457: |4| 0030: ea 9b cd b3 da 6c a7 03 f4 d2 45 b7 b6 a6 76 f9 …l…E…v.
ssl_tls.c:5457: |4| 0040: fa b4 9f 66 cd db 40 46 f1 85 3c af 49 35 3f af …f…@F…<.I5?.
ssl_tls.c:5457: |4| 0050: 3c 6e 87 ea 1b a7 86 3e a0 fd f6 49 ed 0d 1c 01 <n…>…I…
ssl_tls.c:5457: |4| 0060: e1 c2 ec e1 dd 25 e5 b3 6b c4 80 9a f8 92 0a 60 …%…k… ssl_tls.c:5457: |4| 0070: 0f 42 a2 85 48 44 46 3f 3a ab 55 7c 6d 91 40 ce .B..HDF?:.U|m.@. ssl_tls.c:5457: |4| 0080: ea bd 90 f6 02 97 cc 4b 9e 5f 0a c2 3d 60 d0 d0 .......K._..=
ssl_tls.c:5457: |4| 0090: 5b 8b 4a ba f3 28 45 34 db 63 08 b5 15 98 a2 5f [.J…(E4.c…

ssl_tls.c:5457: |4| 00a0: 2a 3d bf e0 09 e7 47 11 18 9e ea 92 9b a6 aa 43 *=…G…C
ssl_tls.c:5457: |4| 00b0: 45 e0 53 b6 18 07 a7 bf 8f 04 b1 cc 71 0b 86 20 E.S…q…
ssl_tls.c:5457: |4| 00c0: 2a 76 22 1a 61 df 7c 7d 38 6e 32 cc 9d e2 75 3c *v".a.|}8n2…u<
ssl_tls.c:5457: |4| 00d0: b4 61 f4 0d a9 ed 32 c6 95 30 98 e3 08 74 99 01 .a…2…0…t…
ssl_tls.c:5457: |4| 00e0: ae e0 76 c9 19 a9 0c ac 46 2b 71 47 3f c5 0c 4a …v…F+qG?..J
ssl_tls.c:5457: |4| 00f0: e1 c1 fd b2 4b 96 d3 fb 63 6d b4 ac 2d dc f9 3f …K…cm…-…?
ssl_tls.c:5457: |4| 0100: 9b df 24 4f 5c 96 04 a7 91 79 47 38 40 …$O…yG8@
ssl_tls.c:4736: |3| handshake message: msglen = 264, type = 15, hslen = 264
ssl_tls.c:5699: |2| <= read record
ssl_tls.c:2020: |2| => calc verify sha256
ssl_tls.c:2027: |3| dumping ‘calculated verify result’ (32 bytes)
ssl_tls.c:2027: |3| 0000: e9 32 13 bf b5 cd 28 82 6a c2 4b e0 8d 35 b9 32 .2…(.j.K…5.2
ssl_tls.c:2027: |3| 0010: 89 55 5b 65 44 3e 70 03 9e d0 82 46 ec 11 9c 91 .U[eD>p…F…
ssl_tls.c:2028: |2| <= calc verify
rsa_verify_wrap md_alg=6 rsa_len=256Before calling mbedtls_rsa_pkcs1_Verify at line=100
Start of func mbedtls_rsa_pkcs1_verify line=2441
Start of func mbedtls_rsa_pkcs1_verify line=2443
Start of func mbedtls_rsa_pkcs1_verify line=2446
Start of func mbedtls_rsa_pkcs1_verify line=2448
Start of func mbedtls_rsa_pkcs1_verify ctx->padding=0
rsa.c at line=2377
rsa.c ret!=0 goto cleanup at line=2405
mbedtls_rsa_pkcs1_Verify failed at line=104
ssl_srv.c:4374: |1| mbedtls_pk_verify() returned -17280 (-0x4380)
ssl_tls.c:10541: |2| <= handshake
failed
! mbedtls_ssl_handshake returned -0x4380

Last error was: -17280 - RSA - The PKCS#1 verification failed

ssl_tls.c:0088: |3| set_timer to 0 ms
. Waiting for a remote connection …

HI @manish_arm
Thank you for your query.

It seems that this issue is not related to the original post, so it merits a new topic.
May I know what is the Mbed TLS version you are using?

Usually, RSA verification fails when the key that was used to sin the message is not the keypair of hte public key that is used to verify the message.

Hi Mr Ron

Thank you so much for your feedback.

Yes we can report new topic as suggested.

We pulled latest code from git and MBEDTLS version is 2.19.1 as per version.h file.

The observation is same on version 2.16.3 we have.

We have hardcoded the certs and keys for rootca,intermediate(for server side) and

device side(client which is signed by intermediate) in certs.c file.

As shared earlier it’s a cert chain rootca,intermediate and device cert.

As per suggestions we will check public key uses for message encryption.

Please let us know if any additional information is required.

Thanks

Manish

Hi @manish_arm
The failure is in your server, trying to verify the client’s certificate_verify message. This message is signed by the client’s own key.
The server is trying to verify this message using the client’s publioc key from its certificate (subject name : CN=mydevicecert)

What is the “own key” You have set in the client side?
Regards

Hi Mr Ron

Thanks for your valuable feedback.

We will check this and may take some time to revert.

Thanks

Manish