Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
Hi Vincent,
I got it to work :) But there seems to be some bugs in the Haskell
server certificate handling. It seems that TLS do not transfer the ST
(state, as in California) parameter in the X509 subject field. It also
seems that the Haskell server do not send the email-address.
The reason for my suspicion is that when I connect my Java client to the
Haskell server, the client sees this certificate:
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: OU=Head office, O=Mads Inc., C=DK, CN=192.168.1.6
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 747914719126678758768988 (the modulus is longer, but I cut it
down).
public exponent: 65537
Validity: [From: Tue Dec 14 11:07:05 CET 2010,
To: Fri Dec 13 11:07:05 CET 2013]
Issuer: OU=Head office, O=Mads Inc., C=DK, CN=192.168.1.6
SerialNumber: [e11f077d a534af39]
]
Whereas, if I connect the Java client to the Java server I get this
certificate:
chain [0] = [
[
Version: V3
Subject: emailaddress=mads.lindstr...@gmail.com, CN=192.168.1.6, OU=Head
office, O=Mads Inc., L=Copenhagen, ST=Denmark, C=DK
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 747914719126678758768988 (the modulus is longer, but I cut it
down)
public exponent: 65537
Validity: [From: Tue Dec 14 11:07:05 CET 2010,
To: Fri Dec 13 11:07:05 CET 2013]
Issuer: emailaddress=mads.lindstr...@gmail.com, CN=192.168.1.6, OU=Head
office, O=Mads Inc., L=Copenhagen, ST=Denmark, C=DK
SerialNumber: [e11f077d a534af39]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
: B3 F9 87 37 7D 80 53 2C F4 B1 B2 05 43 24 21 51 ...7..S,C$!Q
0010: FD 37 4C C8.7L.
]
]
And without ST and/or email-address the Java client will not recognize
the certificate.
To avoid these problems I created a new certificate, using:
openssl req -new -x509 -key privkey.pem -subj /OU=Head office, O=Mads Inc.,
C=DK, CN=192.168.1.6 -out cacert.pem -days 1095
That is, without email and without ST parameter. I then recreated the
Java keystore. And now it works. Woohooo!
I have attached the modified Java client, if anybody is interested in
how to force SSL3 from Java.
/Mads
On Mon, 2010-12-13 at 08:51 +, Vincent Hanquez wrote:
On Sun, Dec 12, 2010 at 08:13:59PM +0100, Mads Lindstrøm wrote:
Hi Haskellers,
I am trying to connect a Java client to a Haskell server using the
Haskell tls package, and things are not working out for me. There is a
lot of steps involved and I do not know what I am doing wrong, so this
is a long message. But first I create a private/public key-pair:
On Mon, Dec 13, 2010 at 01:22:17AM +0100, Mads Lindstrøm wrote:
Hi again,
I found a simpler way to test the server connection, but it is still not
working. Namely,
openssl s_client -connect 192.168.1.6:8000
Hi Mads,
This one has to do with the fact that openssl try to send a SSLv2 hello
message, which is not yet supported by TLS (and not in the supported Version
list in the params if it was).
unfortunately lots of clients still do that for compatibility; even though
that doesn't buy much since nobody should connect to a pure SSLv2 server.
For the openssl cmdline, you can add a simple -ssl3 flag or -tls1 flag to
start
negociating at the right version straight away.
[snip]
main, WRITE: SSLv2 client hello message, length = 101
[snip]
This lines appears suspicious; I think that's exactly the same problem. I
suppose there's a way to instanciate your java SSL connection to SSL3 or TLS1
It would be nice to add support to the SSLv2 hello message directly though,
but I don't have any timeline for that to happens.
import javax.net.*;
import java.net.*;
import javax.net.ssl.*;
import java.io.*;
class Client {
public static void main(String[] args) {
try {
int port = 8000;
String hostname = 192.168.1.6; // Insert your localhost ip
SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
//SSLContext ctx = SSLContext.getInstance(SSL);
//ctx.init(null, null, null);
//SocketFactory socketFactory = ctx.getSocketFactory();
SSLSocket socket = (SSLSocket) socketFactory.createSocket(hostname, port);
socket.setEnabledProtocols(new String[] {SSLv3, TLSv1});
System.out.println(Need client auth: + socket.getNeedClientAuth());
System.out.println(Want client auth: + socket.getWantClientAuth());
socket.startHandshake();
// Create streams to securely send and receive data to the server
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
PrintWriter writer = new PrintWriter(out);
writer.println(Hello world);
// Read from in and write
Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
* Mads Lindstrøm: I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also seems that the Haskell server do not send the email-address. And in reality, DER encoding isn't reversible, so you better serve the exact certificate blob which was passed to the server. Decoding and reencoding does not work reliably because sometimes, a non-DER version of the certificate has been signed. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
On Tue, Dec 14, 2010 at 11:41:29AM +0100, Mads Lindstrøm wrote: Hi Vincent, I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also seems that the Haskell server do not send the email-address. The reason for my suspicion is that when I connect my Java client to the Haskell server, the client sees this certificate: Hi Mads, That's great you got it to work. The certificate fields missing is indeed a bug in the certificate package, which I just fixed in certificate-0.4 (mainly I forgot to write all the others fields in the Distinguish Name structure). I reuploaded a new tls 0.3.2 as well for convenience, and couple of others minor fixes. -- Vincent ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
On Tue, Dec 14, 2010 at 10:24:29PM +0100, Florian Weimer wrote: * Mads Lindstrøm: I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also seems that the Haskell server do not send the email-address. And in reality, DER encoding isn't reversible, so you better serve the exact certificate blob which was passed to the server. Decoding and reencoding does not work reliably because sometimes, a non-DER version of the certificate has been signed. DER encoding IS fully reversible. However you're right about some certificate, that have been improperly signed when they were not valid DER. Hopefully this is a thing of the past, and I do intent to keep re-encoding the certificate instead of passing a binary blob (as i used to do at first, with some vestigial code still present). It gives a good workout to the certificate and asn1 DER modules as well, which isn't all that bad. -- Vincent ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
On Sun, Dec 12, 2010 at 08:13:59PM +0100, Mads Lindstrøm wrote: Hi Haskellers, I am trying to connect a Java client to a Haskell server using the Haskell tls package, and things are not working out for me. There is a lot of steps involved and I do not know what I am doing wrong, so this is a long message. But first I create a private/public key-pair: On Mon, Dec 13, 2010 at 01:22:17AM +0100, Mads Lindstrøm wrote: Hi again, I found a simpler way to test the server connection, but it is still not working. Namely, openssl s_client -connect 192.168.1.6:8000 Hi Mads, This one has to do with the fact that openssl try to send a SSLv2 hello message, which is not yet supported by TLS (and not in the supported Version list in the params if it was). unfortunately lots of clients still do that for compatibility; even though that doesn't buy much since nobody should connect to a pure SSLv2 server. For the openssl cmdline, you can add a simple -ssl3 flag or -tls1 flag to start negociating at the right version straight away. [snip] main, WRITE: SSLv2 client hello message, length = 101 [snip] This lines appears suspicious; I think that's exactly the same problem. I suppose there's a way to instanciate your java SSL connection to SSL3 or TLS1 It would be nice to add support to the SSLv2 hello message directly though, but I don't have any timeline for that to happens. -- Vincent ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
Hi Vincent, On Mon, 2010-12-13 at 08:51 +, Vincent Hanquez wrote: that doesn't buy much since nobody should connect to a pure SSLv2 server. For the openssl cmdline, you can add a simple -ssl3 flag or -tls1 flag to start negociating at the right version straight away. Yes, that worked :) [snip] main, WRITE: SSLv2 client hello message, length = 101 [snip] This lines appears suspicious; I think that's exactly the same problem. I suppose there's a way to instanciate your java SSL connection to SSL3 or TLS1 I have tried a little, and it is not easy at least. But I will try some more. Thank you for answering, Mads ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing
Hi again, I found a simpler way to test the server connection, but it is still not working. Namely, penssl s_client -connect 192.168.1.6:8000 CONNECTED(0003) 18683:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Regards, Mads Lindstrøm On Sun, 2010-12-12 at 20:14 +0100, Mads Lindstrøm wrote: Hi Haskellers, I am trying to connect a Java client to a Haskell server using the Haskell tls package, and things are not working out for me. There is a lot of steps involved and I do not know what I am doing wrong, so this is a long message. But first I create a private/public key-pair: openssl genrsa -out privkey.pem 2048 then I make a self-signed certificate: openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:192.168.1.6 Email Address []: then I convert the certificate to DER format and stuff it into a Java keystore: openssl x509 -in cacert.pem -out cert.der -outform DER keytool -keystore myKeystore.store -importcert -storepass foobar -keypass foobar -file cert.der now I start the Haskell server: ghc -hide-package monads-tf Server.hs -e main and then the Java client: javac Client.java java -Djavax.net.debug=all -Djavax.net.ssl.trustStore=myKeystore.store -Djavax.net.ssl.trustStorePassword=foobar Client JavaClientOutput.txt 21 The server output is: interactive: user error (unexpected type received. expecting handshake ++ Left (Error_Packet invalid type)) and not Hello world as expected. The client output is very long, but the most interesting part is properly: main, received EOFException: error main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake main, SEND TLSv1 ALERT: fatal, description = handshake_failure I have attached the Haskell server, the Java client and the full java output. Hope somebody can help figure out what I do wrong. I am using the Haskell tsl package version 0.3.1. And I run Debian Linux. I also tried connecting a Java client to a Java server. First create server keystore: openssl pkcs8 -topk8 -nocrypt -in privkey.pem -inform PEM -out privkey.der -outform DER java -Dkeystore=myServerKeystore.store ImportKey privkey.der cert.der ImportKey.java can be found here http://www.agentbob.info/agentbob/79-AB.html . then start Java server: javac JavaServer.java java -Djavax.net.ssl.keyStore=myServerKeystore.store -Djavax.net.ssl.keyStorePassword=importkey JavaServer and run the client again: java -Djavax.net.debug=all -Djavax.net.ssl.trustStore=myKeystore.store -Djavax.net.ssl.trustStorePassword=foobar Client and the server outputs: Hello world as expected. Thus I think the certificates are fine, and the Java client is fine. But what am I doing wrong in the Haskell server? I have attached JavaServer.java. Regards, Mads Lindstrøm ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
