-
Notifications
You must be signed in to change notification settings - Fork 87
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HandshakeFailed (Error_Packet_unexpected "Alert [(AlertLevel_Fatal,DecryptError)]" " expected: change cipher") #111
Comments
What is the algorithm used for signing in your client certificate ? DSA, RSA, ECDSA ? |
Does this help?
|
@vincenthz Any news here? It still doesn't work with 1.3.3. |
I switched to HsOpenSSL and now everything is working fine. |
I have the similar issue. Is switching to HsOpenSSL the only way to fix the issue? |
Switched to HsOpenSSL. |
I'm getting following error with tls-1.3.9 while trying to connect to Apple Push Notification Service.
Is there any fix/workaround to resolve this issue? |
I have good news. I'm able to reproduce locally with an OpenSSL server, TLS 1.0 or 1.1, cipher RSA-AES128-SHA1, and a client certificate. I believe the bug occurs because certificateVerifyCreate performs SHA1_MD5 hashing twice: once in Will need more time to find where a fix is best located. |
Above all my comment was very late because @mageshb Did you configure a client certificate that this service requires? Can you capture a trace with tls-simpleclient from package tls-debug like above? |
Has anything been done to fix this? I have this error message:
I'm using tls-1.3.4. Should I upgrade? |
@ocheron Yes I did configure client certificate for this request. I forced the connection to use TLS 1.2 (by setting testAPNSHS :: APNsSetting -> IO ()
testAPNSHS apnsSetting = do
let host' = host apnsSetting -- gateway.sandbox.push.apple.com
PortNumber port' = port apnsSetting -- 2195
cred = credential apnsSetting
let clientParams = (defaultParamsClient host' "") {
clientShared = def {
sharedCredentials = Credentials [cred]
}
, clientSupported = def {
supportedCiphers = ciphersuite_all
, supportedVersions = [TLS12]
}
, clientHooks = def {
onServerCertificate = \_cstore _vcach _srvId _certChain -> do
pure []
}
}
ctx <- initConnectionContext
print "Before HS"
con <- NetCon.connectTo ctx $ ConnectionParams
{ connectionHostname = host'
, connectionPort = port'
, connectionUseSecure = Just $ TLSSettings clientParams
, connectionUseSocks = Nothing
}
print "DONE HS"
connectionClose con When I run tls-simpleclient,
But --tls10 is failing
Am I doing something wrong in the code? |
Sorry for confusion, for TLS 1.2 is working fine. |
@waern The @mageshb Thanks, it's good to know that TLS 1.2 works with an actual client I opened a PR to fix the behaviour with older protocol versions. |
The fix for |
I have similar error on tls-1.3.10 :( (InternalException (HandshakeFailed (Error_Packet_unexpected "Alert [(AlertLevel_Fatal,DecryptError)]" " expected: change cipher"))) My params are
I tried with supportedVersions and without it, no change. |
In server error log, I see
any ideas? |
Eh, nevermind. It seems that problem was in client certificate. Initially I had a client.p12 file, and generated client.pem with
but it is required to generate it with
(note: not -nokeys, but, -clcerts). Now it works fine. |
Thank you for documenting this. The reason is very well explained in pkcs12 man page:
That probably configured tls client with the CA as client certificate and end-entity key as private key. |
Hello,
I have an application that connects to the Apple Push Notification Service. Everything worked well in 1.2.17, but today I upgraded to 1.3.1 and the handshake fails.
Any ideas? Downgrade to 1.2.17 helps, but I want to use a newer nightlty Stackage for GHC 7.10.1.
My
ClientSettings
are:debug: S Handshake [ClientHello TLS12 (ClientRandom "%\FS\196\200\ETX\255\185?e@)\181;&\fp\237\233\142V\176\EM\134\201_,5\133\172&8A\213") (Session Nothing) [107,103,57,51,56,50,60,61,47,53,102,5,4,10,158] [0] [(0,"\NUL\EM\NUL\NUL\SYNgateway.push.apple.com"),(65281,"\NUL"),(13,"\NUL\f\ACK\SOH\ENQ\SOH\EOT\SOH\ETX\SOH\STX\SOH\STX\STX")] Nothing]
debug: R Handshake [ServerHello TLS11 (ServerRandom "\235)mI
G(\212\140\&3w\183\224\221\135r\162\222\150Pm\DC4\DC3\f2J\202\142i\177\233\168") (Session Nothing) 47 0 [(65281,"\NUL")]] debug: R Handshake [Certificates (CertificateChain ....... debug: R Handshake [CertRequest [CertificateType_RSA_Sign,CertificateType_DSS_Sign,CertificateType_Unknown 64] Nothing []] debug: R Handshake [ServerHelloDone] debug: S Handshake [Certificates (CertificateChain ................... debug: S Handshake [ClientKeyXchg (CKX_RSA "\SOH\NUL\177\CANOm<@A\181\184\138.H\232\217\143\137NU\133*\164\215\248\160\DC3\221+\255\ENQ\132Q((\168\169\EOTQ\204\ra\180\217,\ETBE\171\FS#\150\SUB\135\RS\174U\SYN\216y\189L)\202y\224\167\v\176\162\EOTj;\DC4\162\GS\191i1\204\154\234\217\218\174\224\157\147\143\161\170\200\251\181\246\164=\244\218r\217\"j\252\246\bYw\133\&6R#g/\SYN\243\195/8\v\ACKf{\158\NUL\ETX\155\177\249;om\168e\v\225\129]I\EM.'\133\214\199<\206\DC3\RS\171\152}\213J\SUB(\SOy'\129J9\237\157\232\254\161L\169t\199k\136\235\242J\r\224\CANi\161\181\146y\217U\219\158\134\209\EM\192b]\194\149\ETB\DC3'\EOT1_C\227\142\178\183\vv[m5\240i\148\189E\142\209\STX(.\EM*MM\138\142FS^4\129\225\239^\128q)
\173\v\FSO\188g\203_RsJ@\179\228\176\160{f")]debug: S Handshake [CertVerify (DigitallySigned Nothing "\DC3\220y\241Rhf\237\207x\239\208[\132\171\254`\208snO\DC4\218\199uW\184\168\FSI@C\233C{\144Z3\FS\195&8u\245\149\t\ETX\185\229P\NUL \169h\219{6\165\195\140{\246\138fS\154\198&1B\SI#i\t\205\179GYi\131\251FK\201F\156<9\211tN\164W\138\v|H\ESC<JN\249\254\NUL)\SUB\SUB{\172\SOy\214\162\238\254C\137.\197]\b\229\245\132\241\162\217\DEL\164\165\183+\171\134\140B\240\175\221G\212OMD\153\140c_a\151\201\151\146\225\r\158\205\EOT\220\254\NAK\226\128\tt\ENQ\ETB\221t\197d\242\219\145\172&9_s\212\213\DC2sn\161\164\CAN\169\156\178\153e\207\140\190\b\241\180\141\245I\176\161\175\240&9=C_\191\SI.U\194/\b\166\197dtl\245f6\NAK\155\142S[\182\140\207v\ESC\232\222\255B~\149\216\b\180X\147\237\ACK\151\214\228\139\DC1Lq\ETX\162Q\207")]
debug: S ChangeCipherSpec
debug: S Handshake [Finished "zw}U\168\rXA\207\254a5"]
debug: R Alert [(AlertLevel_Fatal,DecryptError)]
debug: S Alert [(AlertLevel_Fatal,InternalError)]
debug: S Alert [(AlertLevel_Fatal,InternalError)]
*_* Exception: HandshakeFailed (Error_Packet_unexpected "Alert [(AlertLevel_Fatal,DecryptError)]" " expected: change cipher")
The text was updated successfully, but these errors were encountered: