handshake_failure

[kasserater]

continuing thread from tlslite, issue 113

call to handshakeClientAnonymous fails with handshake_failure

code used and error backtrace

import socket
from tlslite import TLSConnection
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(5)
sock.connect((<ip>,<port>))
c = TLSConnection(socket)
c.handshakeClientAnonymous()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/<python-path>/tlslite/tlsconnection.py", line 243, in handshakeClientAnonymous
    for result in handshaker:
  File "/<python-path>/tlslite/tlsconnection.py", line 439, in _handshakeClientAsync
    for result in self._handshakeWrapperAsync(handshaker, checker):
  File "/<python-path>/tlslite/tlsconnection.py", line 2060, in _handshakeWrapperAsync
    for result in handshaker:
  File "/<python-path>/tlslite/tlsconnection.py", line 533, in _handshakeClientAsyncHelper
    for result in self._clientGetServerHello(settings, clientHello):
  File "/<python-path>/tlslite/tlsconnection.py", line 687, in _clientGetServerHello
    HandshakeType.server_hello):
  File "/<python-path>/tlslite/tlsrecordlayer.py", line 681, in _getMsg
    raise TLSRemoteAlert(alert)
tlslite.errors.TLSRemoteAlert: handshake_failure

• using tlslite-ng 0.5.2, not installed but using source python included in larger python project by adding the source code files to python include path
• python 2.7.5
• linux 64bit machine using IBM MCP linux flavor
• kernel 3.10.0-123.20.1
• no tlslite installed
• no virtual env in use

[sanderux]

moved comment to new issue #128

[kasserater]

thanks @sanderux

[tomato42]

I'm on vacation now, I'll get to your problems first thing next week.

[kasserater]

@tomato42 do you need any more info from me to resolve this issue?

[tomato42]

Sorry for the delay, it doesn't look like I need any more information.

In your example code:

import socket
from tlslite import TLSConnection
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(5)
sock.connect((<ip>,<port>))
c = TLSConnection(socket)

it should be sock not socket

c.handshakeClientAnonymous()

---

But note that handshakeClientAnonymous() is for negotiating anonymous cipher suites, that is ADH or (in current beta) AECDH. To configure openssl server to use them, you have to start it like this:

openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
openssl s_server -cipher aNULL -cert localhost.crt -key localhost.key

To perform regular handshake you will need to use the handshakeClientCert() method.

[kasserater]

i tried with handshakeClientSRP, but received error

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/xiv/python/tlslite/TLSConnection.py", line 213, in handshakeClientSRP
    for result in handshaker:
  File "/xiv/python/tlslite/TLSConnection.py", line 324, in _handshakeClientAsync
    for result in self._handshakeWrapperAsync(handshaker, checker):
  File "/xiv/python/tlslite/TLSConnection.py", line 1777, in _handshakeWrapperAsync
    for result in handshaker:
  File "/xiv/python/tlslite/TLSConnection.py", line 418, in _handshakeClientAsyncHelper
    for result in self._clientGetServerHello(settings, clientHello):
  File "/xiv/python/tlslite/TLSConnection.py", line 559, in _clientGetServerHello
    HandshakeType.server_hello):
  File "/xiv/python/tlslite/TLSRecordLayer.py", line 674, in _getMsg
    for result in self._getNextRecord():
  File "/xiv/python/tlslite/TLSRecordLayer.py", line 849, in _getNextRecord
    raise TLSAbruptCloseError()

i thought maybe because i was missing call to handshakeClientCert, but also fails

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/xiv/python/tlslite/TLSConnection.py", line 308, in handshakeClientCert
    for result in handshaker:
  File "/xiv/python/tlslite/TLSConnection.py", line 324, in _handshakeClientAsync
    for result in self._handshakeWrapperAsync(handshaker, checker):
  File "/xiv/python/tlslite/TLSConnection.py", line 1777, in _handshakeWrapperAsync
    for result in handshaker:
  File "/xiv/python/tlslite/TLSConnection.py", line 418, in _handshakeClientAsyncHelper
    for result in self._clientGetServerHello(settings, clientHello):
  File "/xiv/python/tlslite/TLSConnection.py", line 559, in _clientGetServerHello
    HandshakeType.server_hello):
  File "/xiv/python/tlslite/TLSRecordLayer.py", line 722, in _getMsg
    raise TLSRemoteAlert(alert)
tlslite.errors.TLSRemoteAlert: handshake_failure

[tomato42]

both handshakeClientSRP and handshakeClientAnonymous require uncommon server configurations

for the handshakeClientCert the line tlslite.errors.TLSRemoteAlert: handshake_failure indicates that the server have sent you a "handshake failure" alert message, so the server rejected the connection

How is the server you are trying to connect to configured? What cipher and protocol version is negotiated by openssl s_client? Can you connect to it with openssl s_client -cipher DEFAULT:-ECDSA?

[kasserater]

when trying your suggest s_client command i receive

WARNING: can't open config file: /etc/pki/tls/openssl.cnf
socket: Connection refused
connect:errno=111

[tomato42]

did you provide to s_client where to connect to?

Full command line for youtube.com looks like this:

openssl s_client -connect youtube.com:443 -servername youtube.com -cipher DEFAULT:-ECDSA

[kasserater]

ok, added the missing params and get the following

CONNECTED(00000003)
140651128158112:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:744:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 248 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

[kasserater]

the ciphers allowed by the server are
aes256 - 0x0056
aes128 - 0x0053
3des - 0x0050

[tomato42]

Those are not standard ciphers, they come from a draft while tlslite-ng and OpenSSL implements the published RFC 5054

[kasserater]

understandable
thing is - my application works with tlslite version 0.3.8...
i want to upgrade the package to gain more secure TLS1.2 implementation - so far to no avail

[tomato42]

it may be because 0.3.8 implements the draft not the final version.

I would strongly suggest to update the server, since it looks like it implements only the draft, it would indicate it was't updated since 2002... Lack of TLSv1.2 in such situation is rather minor issue...

[kasserater]

i mixed things up
my old code, that works, uses the draft values.

when using tlslite/tlslite-ng updated versions, which comply with RFC 5054, connection fails due to handshake_failure

additionally, both the python code above for the client and my server application use the same constants.py file from tlslite directory, so even if the values are updated, they are updated for both

[tomato42]

so if you update both server and client, it still works?

then I guess we can close this issue, can't we?

[kasserater]

no, i update both, but it doesn't work after the update

[tomato42]

then what's the problem now? does make test-local pass?

what's the server and client configuration?

[kasserater]

i do not install the library, rather use the source code in my project
what info do you mean by server/client configuration?

[tomato42]

i do not install the library, rather use the source code in my project

I know, that's why I'm asking for make test-local it doesn't require installation to run

what info do you mean by server/client configuration?

preferably, full minimal reproducer - with the way to generate server certificate (if any), server verify db configuration, exact commands or code to run the server and the same for client

There already are SRP test cases in the tests run through make test or make test-local, so if SRP doesn't work for You, it's a non obvious issue

[kasserater]

as this is sensitive company info, i will look into the test and test-local examples to try and figure out what is wrong with my implementation.

i will close for now, until i find an exact issue or need more help

[kasserater]

Hi @tomato42

i tried again with latest 0.6.0 master (hash e6182d5), connecting with handshakeClientSRP
this fails with error traceback

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/xiv/python/tlslite/tlsconnection.py", line 257, in handshakeClientSRP
    for result in handshaker:
  File "/xiv/python/tlslite/tlsconnection.py", line 371, in _handshakeClientAsync
    for result in self._handshakeWrapperAsync(handshaker, checker):
  File "/xiv/python/tlslite/tlsconnection.py", line 1903, in _handshakeWrapperAsync
    for result in handshaker:
  File "/xiv/python/tlslite/tlsconnection.py", line 550, in _handshakeClientAsyncHelper
    nextProto):
  File "/xiv/python/tlslite/tlsconnection.py", line 957, in _clientFinished
    self._handshake_hash)
  File "/xiv/python/tlslite/mathtls.py", line 97, in calcExtendedMasterSecret
    48)
  File "/xiv/python/tlslite/mathtls.py", line 58, in PRF_1_2
    return P_hash(HMAC_SHA256, secret, label + seed, length)
  File "/xiv/python/tlslite/mathtls.py", line 32, in P_hash
    A = macFunc(secret, A)
  File "/xiv/python/tlslite/utils/cryptomath.py", line 107, in HMAC_SHA256
    return secureHMAC(k, b, 'sha256')
  File "/xiv/python/tlslite/utils/cryptomath.py", line 98, in secureHMAC
    return bytearray(hmac.new(k, b, getattr(hashlib, algorithm)).digest())
  File "/xiv/python/tlslite/utils/hmac.py", line 104, in new
    return HMAC(key, msg, digestmod)
  File "/xiv/python/tlslite/utils/hmac.py", line 39, in __init__
    self.outer = digestmod.new()
AttributeError: 'builtin_function_or_method' object has no attribute 'new'

[tomato42]

tlslite/utils/hmac.py - there is no such file in tlslite-ng at this revision and it was removed from tlslite "ages" ago (in 2012: d6af9b9)

please try to reproduce in clean environment

[kasserater]

make sense as i just copied tlslite-ng over tlslite (which was version 0.3.8)
cleaned and tested, still getting TLSAbruptCloseError

will have to check make test-local

[tomato42]

Both TLSAbruptCloseError and tlslite.errors.TLSRemoteAlert: handshake_failure mean that the other side of the connection rejected or closed connection. It's not a bug in code, it just reports what the other side did. To say anything else I need to know why the other side of connection does that.

[tomato42]

FYI: I plan to release current master as version 0.6.0 in the next few days to a week (unless we identify that it's a bug in tlslite-ng code that causes your problems)

[kasserater]

i made a minimal server and successfully connected using handshakeClientSRP, so this seems to be an issue with my server implementation

closing

[kasserater]

@tomato42 any update when version 0.6.0 will be released?

[tomato42]

as soon as I find an hour of time to prepare packages and push them to pypi

[tomato42]

aaand done. Have fun! :)

[kasserater]

thanks!