[Help-gnutls] Windows GnuTLS problem in handshaking.
Rajeev Saini
rajeev.saini at tcs.com
Mon Oct 8 12:50:17 CEST 2007
Hi,
I have managed to make DER encoded certificate and named it SuplRootCert
and put it in the mobile(client).
My server uses cacert.pem, server-cert.pem and server-key.pem to run the
server. All these certificates were nade using openssl.
Now when both interacts and does handshaking, i am getting the following
error message.
|<2>| ASSERT: ../../../../src/gnutls-2.0.0/lib/x509/x509.c:219
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_cert.c:758
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/auth_cert.c:932
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_kx.c:612
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_handshake.c:2568
|<6>| BUF[HSK]: Cleared Data from buffer
Error in handshake
Error: ASN1 parser: Error in TAG.
|<4>| REC: Sending Alert[2|42] - Certificate is bad
Please help me as as per my understanding the certificates i generated are
fine.
Regards,
Rajeev Saini.
*****************************************************************************************************
The whole log follows below:-
C:\Program Files\GnuTLS-2.0.0\bin>gnutls-serv --http --port 7070 --debug
10 --x5
09cafile cacert.pem --x509keyfile server-key.pem --x509certfile
server-cert.pem
Set static Diffie Hellman parameters, consider --dhparams.
Processed 1 CA certificate(s).
HTTP Server ready. Listening to port '7070'.
|<7>| READ: Got 5 bytes from 376
|<7>| READ: read 5 bytes from 376
|<7>| 0000 - 16 03 01 00 2d
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[ac08a8]: Expected Packet[0] Handshake(22) with length: 1
|<4>| REC[ac08a8]: Received Packet[0] Handshake(22) with length: 45
|<7>| READ: Got 45 bytes from 376
|<7>| READ: read 45 bytes from 376
|<7>| 0000 - 01 00 00 29 03 01 78 25 a3 00 d8 89 5b 0f a5 cd
|<7>| 0001 - 9a 64 cd d3 f5 09 3e 6e 21 a1 77 3c 8c 37 d7 75
|<7>| 0002 - ec c4 37 bb 2e 8a 00 00 02 00 2f 01 00
|<7>| RB: Have 5 bytes into buffer. Adding 45 bytes.
|<7>| RB: Requested 50 bytes
|<4>| REC[ac08a8]: Decrypted Packet[0] Handshake(22) with length: 45
|<6>| BUF[HSK]: Inserted 45 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[ac08a8]: CLIENT HELLO was received [45 bytes]
|<6>| BUF[REC][HD]: Read 41 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 41 bytes of Data
|<3>| HSK[ac08a8]: Client's version: 3.1
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_db.c:327
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_db.c:247
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_algorithms.c:1628
|<3>| HSK[ac08a8]: Selected Compression Method: NULL
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_extensions.c:162
|<3>| HSK[ac08a8]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[ac08a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[ac08a8]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[ac08a8]: Selected cipher suite: RSA_AES_128_CBC_SHA1
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/ext_authz.c:180
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/ext_authz.c:237
|<3>| HSK[ac08a8]: SessionID:
e9ad956af10609d73b39f39a960f0eae0d4991ff0ab5b17b4b
4ebabf77612277
|<3>| HSK[ac08a8]: SERVER HELLO was send [74 bytes]
|<6>| BUF[HSK]: Peeked 45 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[ac08a8]: Sending Packet[0] Handshake(22) with length: 74
|<7>| WRITE: Will write 79 bytes to 376.
|<7>| WRITE: wrote 79 bytes to 376. Left 0 bytes. Total 79 bytes.
|<7>| 0000 - 16 03 01 00 4a 02 00 00 46 03 01 47 09 e3 c3 14
|<7>| 0001 - ce e2 9b 0c 6d fa f0 bd 49 ad aa e2 57 aa 15 63
|<7>| 0002 - 3b ad 3f c6 3a c4 c5 45 44 38 8f 20 e9 ad 95 6a
|<7>| 0003 - f1 06 09 d7 3b 39 f3 9a 96 0f 0e ae 0d 49 91 ff
|<7>| 0004 - 0a b5 b1 7b 4b 4e ba bf 77 61 22 77 00 2f 00
|<4>| REC[ac08a8]: Sent Packet[1] Handshake(22) with length: 79
|<3>| HSK[ac08a8]: CERTIFICATE was send [957 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[ac08a8]: Sending Packet[1] Handshake(22) with length: 957
|<7>| WRITE: Will write 962 bytes to 376.
|<7>| WRITE: wrote 962 bytes to 376. Left 0 bytes. Total 962 bytes.
|<7>| 0000 - 16 03 01 03 bd 0b 00 03 b9 00 03 b6 00 03 b3 30
|<7>| 0001 - 82 03 af 30 82 02 97 a0 03 02 01 02 02 03 10 00
|<7>| 0002 - 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00
|<7>| 0003 - 30 5a 31 0b 30 09 06 03 55 04 06 13 02 49 4e 31
|<7>| 0004 - 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53
|<7>| 0005 - 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49
|<7>| 0006 - 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20
|<7>| 0007 - 50 74 79 20 4c 74 64 31 13 30 11 06 03 55 04 03
|<7>| 0008 - 13 0a 41 65 72 6f 66 6c 65 78 43 41 30 1e 17 0d
|<7>| 0009 - 30 37 31 30 30 38 30 36 30 34 35 39 5a 17 0d 30
|<7>| 000a - 38 31 30 30 37 30 36 30 34 35 39 5a 30 5d 31 0b
|<7>| 000b - 30 09 06 03 55 04 06 13 02 49 4e 31 13 30 11 06
|<7>| 000c - 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65
|<7>| 000d - 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72
|<7>| 000e - 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20
|<7>| 000f - 4c 74 64 31 16 30 14 06 03 55 04 03 13 0d 31 37
|<7>| 0010 - 32 2e 32 31 2e 31 31 31 2e 37 30 30 82 01 22 30
|<7>| 0011 - 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82
|<7>| 0012 - 01 0f 00 30 82 01 0a 02 82 01 01 00 c9 2f 29 c4
|<7>| 0013 - 88 0b 28 dd 7d 29 ec e9 2f e2 14 a0 49 aa e3 c2
|<7>| 0014 - a6 b5 63 57 f6 76 71 10 f8 8f ab 49 63 64 1c 50
|<7>| 0015 - 70 3a e6 9a 87 47 5f 75 77 1b 2c 43 76 a1 db f4
|<7>| 0016 - 05 89 61 d7 d0 8b 23 4e d0 9f 43 36 83 4c 3e 0f
|<7>| 0017 - 5c 82 a6 eb 5e a3 90 3e 7c e1 29 4c 7b 4e 72 36
|<7>| 0018 - ad 27 0e 98 8a 2c cc 69 76 63 d6 00 75 03 95 01
|<7>| 0019 - 83 b9 56 0b 89 a0 fc d1 ac 86 74 52 8f 84 58 a8
|<7>| 001a - 54 b2 b4 2b 24 65 8f d0 5a 78 4b c1 e2 f8 c3 0e
|<7>| 001b - 7e ed 2e ed aa cd 3a b5 ec 5e c0 86 0d f8 d6 7d
|<7>| 001c - da e7 93 73 25 aa da 8b c0 6d 36 7e cc fb 35 01
|<7>| 001d - 27 9a ff 55 23 b9 70 83 83 af 44 af a6 63 cc 2b
|<7>| 001e - 47 d4 9c 71 92 ad f1 32 b4 a8 bc 91 b2 9d d4 2e
|<7>| 001f - ac 91 c4 82 39 83 79 6f 28 a5 fc 8a 7f 8e 44 2d
|<7>| 0020 - 7b f9 c7 9c 31 0a 5d 72 01 e9 fa 69 fc f6 47 0e
|<7>| 0021 - f7 9c 67 de 39 71 37 28 8d 7e fd 61 c4 6c c5 12
|<7>| 0022 - ed ce 38 0c dc b6 35 d3 43 12 54 ab 02 03 01 00
|<7>| 0023 - 01 a3 7b 30 79 30 09 06 03 55 1d 13 04 02 30 00
|<7>| 0024 - 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04 1f 16
|<7>| 0025 - 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 74
|<7>| 0026 - 65 64 20 43 65 72 74 69 66 69 63 61 74 65 30 1d
|<7>| 0027 - 06 03 55 1d 0e 04 16 04 14 ff df 1e b5 a2 2a 12
|<7>| 0028 - 78 d2 81 93 b1 1e a6 dd 3d 45 00 e3 31 30 1f 06
|<7>| 0029 - 03 55 1d 23 04 18 30 16 80 14 e6 06 b5 ed c8 09
|<7>| 002a - 7e 47 e2 b0 07 b0 46 f7 f2 5a ec 75 aa 7a 30 0d
|<7>| 002b - 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01
|<7>| 002c - 01 00 8b 22 70 d4 c2 b5 3d 5d 7c f3 b6 c5 69 6a
|<7>| 002d - 09 fd 2f ee 1a 7c 43 0e b6 37 df c0 98 e0 2c 5b
|<7>| 002e - 26 58 be 19 33 35 47 45 81 68 cc 61 be 8f 15 aa
|<7>| 002f - af fa f2 1d 5e 6a 05 83 0b 5a 2a e6 82 c1 22 8f
|<7>| 0030 - ba c0 c1 b5 ea f4 30 14 de 3a 8c d6 bd 00 fb 68
|<7>| 0031 - c5 49 9a e6 30 86 ad 69 e0 21 74 06 1e 35 06 a7
|<7>| 0032 - e9 56 a1 ea 53 da c0 4b dc 52 13 02 1a 32 8f 44
|<7>| 0033 - 43 8c 9b d2 01 98 93 40 f9 64 4d 33 39 51 32 3c
|<7>| 0034 - 53 ba 44 05 2e c6 d0 6f 61 a1 22 0b 07 f2 5e 4e
|<7>| 0035 - bb 25 4f b7 d1 3f b1 81 f1 8b ce 27 6a 8f cc 44
|<7>| 0036 - 5b 4d aa 0c de cf e2 6d d4 d7 8d a7 e7 1d 89 f4
|<7>| 0037 - f7 1c a8 b0 62 3a ca 89 b4 57 5d 10 4a 77 8e c1
|<7>| 0038 - 95 42 ed 35 7a 60 e5 28 76 80 b0 41 c6 c7 9e 3f
|<7>| 0039 - 93 bc 1c 29 f1 e1 77 b7 0c 98 39 18 97 54 7b f1
|<7>| 003a - 18 cf bb bc 71 05 12 3f 6b 14 03 21 b5 37 2d 86
|<7>| 003b - ff 68 c2 eb 24 76 0c 5a a5 1d b0 f1 ea ca 78 63
|<7>| 003c - bd 01
|<4>| REC[ac08a8]: Sent Packet[2] Handshake(22) with length: 962
|<3>| HSK[ac08a8]: CERTIFICATE REQUEST was send [103 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[ac08a8]: Sending Packet[2] Handshake(22) with length: 103
|<7>| WRITE: Will write 108 bytes to 376.
|<7>| WRITE: wrote 108 bytes to 376. Left 0 bytes. Total 108 bytes.
|<7>| 0000 - 16 03 01 00 67 0d 00 00 63 02 01 02 00 5e 00 5c
|<7>| 0001 - 30 5a 31 0b 30 09 06 03 55 04 06 13 02 49 4e 31
|<7>| 0002 - 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53
|<7>| 0003 - 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49
|<7>| 0004 - 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20
|<7>| 0005 - 50 74 79 20 4c 74 64 31 13 30 11 06 03 55 04 03
|<7>| 0006 - 13 0a 41 65 72 6f 66 6c 65 78 43 41
|<4>| REC[ac08a8]: Sent Packet[3] Handshake(22) with length: 108
|<3>| HSK[ac08a8]: SERVER HELLO DONE was send [4 bytes]
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<4>| REC[ac08a8]: Sending Packet[3] Handshake(22) with length: 4
|<7>| WRITE: Will write 9 bytes to 376.
|<7>| WRITE: wrote 9 bytes to 376. Left 0 bytes. Total 9 bytes.
|<7>| 0000 - 16 03 01 00 04 0e 00 00 00
|<4>| REC[ac08a8]: Sent Packet[4] Handshake(22) with length: 9
|<7>| READ: Got 5 bytes from 376
|<7>| READ: read 5 bytes from 376
|<7>| 0000 - 16 03 01 00 0a
|<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
|<7>| RB: Requested 5 bytes
|<4>| REC[ac08a8]: Expected Packet[1] Handshake(22) with length: 1
|<4>| REC[ac08a8]: Received Packet[1] Handshake(22) with length: 10
|<7>| READ: Got 10 bytes from 376
|<7>| READ: read 10 bytes from 376
|<7>| 0000 - 0b 00 00 06 00 00 03 00 00 00
|<7>| RB: Have 5 bytes into buffer. Adding 10 bytes.
|<7>| RB: Requested 15 bytes
|<4>| REC[ac08a8]: Decrypted Packet[1] Handshake(22) with length: 10
|<6>| BUF[HSK]: Inserted 10 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
|<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
|<3>| HSK[ac08a8]: CERTIFICATE was received [10 bytes]
|<6>| BUF[REC][HD]: Read 6 bytes of Data(22)
|<6>| BUF[HSK]: Peeked 0 bytes of Data
|<6>| BUF[HSK]: Emptied buffer
|<6>| BUF[HSK]: Inserted 4 bytes of Data
|<6>| BUF[HSK]: Inserted 6 bytes of Data
|<2>| ASSERT: ../../../../src/gnutls-2.0.0/lib/x509/x509.c:219
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_cert.c:758
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/auth_cert.c:932
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_kx.c:612
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_handshake.c:2568
|<6>| BUF[HSK]: Cleared Data from buffer
Error in handshake
Error: ASN1 parser: Error in TAG.
|<4>| REC: Sending Alert[2|42] - Certificate is bad
|<4>| REC[ac08a8]: Sending Packet[4] Alert(21) with length: 2
|<7>| WRITE: Will write 7 bytes to 376.
|<7>| WRITE: wrote 7 bytes to 376. Left 0 bytes. Total 7 bytes.
|<7>| 0000 - 15 03 01 00 02 02 2a
|<4>| REC[ac08a8]: Sent Packet[5] Alert(21) with length: 7
|<2>| ASSERT: ../../../src/gnutls-2.0.0/lib/gnutls_record.c:241
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20071008/449235a8/attachment.htm>
More information about the Gnutls-help
mailing list