echo_client sample -no logner works after generate new certificate.

[CreativeIndustryAg]

Hello

I'm using echo_client sample witch openssl server, DTLS1.2 TCP disabled.

And when i use included certificates, everything works.
I running openssl server by:
openssl s_server -key ssl_keys/echo-apps-key.der -cert ssl_keys/echo-apps-cert.der -accept 4242 -certform DER -dtls1_2

But when i regenerate new ones i get error: net_sock_tls: TLS handshake error: -2700

CA

openssl genrsa -out ca_privkey.pem 2048                                                     #generate an RSA private key
openssl req -new -x509 -days 36500 -key ca_privkey.pem -out ca.crt -subj "/CN=exampleCA"    #generate self signed root CA
Convert to DER format
openssl x509 -in ca.crt -outform DER -out ca.der

Client

openssl genrsa -out client_privkey.pem 2048                                             #generate an RSA private key
openssl req -new -key client_privkey.pem -out client.csr -subj "/CN=exampleClient"      #generate a certificate request
openssl x509 -req -CA ca.crt -CAkey ca_privkey.pem -days 36500 -in client.csr -CAcreateserial -out client.crt  #Convert a certificate request into a self signed certificate using extensions for a CA:
Convert to DER format
openssl x509 -in client.crt -outform DER -out client.der 

Server

openssl genrsa -out server_privkey.pem 2048                                              #generate an RSA private key
openssl req -new -key server_privkey.pem -out server.csr -subj "/CN=localhost"           #generate a certificate request
openssl x509 -req -CA ca.crt -CAkey ca_privkey.pem -days 36500 -in server.csr -CAcreateserial -out server.crt #Convert a certificate request into a self signed certificate using extensions for a CA:
openssl rsa -in server_privkey.pem -pubout > server_pubkey.pem  #generate Public key

Convert to DER format
openssl x509 -in server.crt -outform DER -out server.der 
openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in server_privkey.pem -out server_privkey.der
openssl pkey -in server_pubkey.pem -pubin -outform der -out server_pubkey.der

To make sure i tested credentials using openssl clinet -server:
openssl s_server -accept 4242 -key ssl_keys/server_privkey.pem -cert ssl_keys/server.crt -CAfile ssl_keys/ca.crt -no-CApath -dtls1_2 openssl s_client -connect localhost:4242 -dtls1_2 -CAfile ssl_keys/client.crt
And this works- so it seems certificates are ok.

Openssl server:
openssl s_server -key ssl_keys/echo-apps-key.der -cert ssl_keys/echo-apps-cert.der -accept 4242 -certform DER -dtls1_2
Do you know what i'm doing wrong?
Thanks for help.

[jukkar]

The .der file creation looks okeyish, I did not spot any obvious error. After creation of the der files, I am assuming you copied them to relevant places in the zephyr sources so that they are taken properly into use. Could it be that some of file were not copied to correct place or were not copied using correct filename, could you recheck?

cc: @rlubos

[rlubos]

To make sure i tested credentials using openssl clinet -server:
openssl s_server -accept 4242 -key ssl_keys/server_privkey.pem -cert ssl_keys/server.crt -CAfile ssl_keys/ca.crt -no-CApath -dtls1_2 openssl s_client -connect localhost:4242 -dtls1_2 -CAfile ssl_keys/client.crt
And this works- so it seems certificates are ok.

The certificates are ok, but there is some confusion on the actual key/certificate use I believe. Are you sure those commands actually succeedd for you? Because when I tried to reproduce your steps, the handshake indeed proceeds (because there's no -verify_return_error option in the client call), but the actual certificate verification failes, it can be seen in the logs:

Verify return code: 19 (self signed certificate in certificate chain)

The problems I see:

• Unless you want to authenticate mutually, there's no need for the server to register the CA certificate (it just needs to send it's own certificate).
• The client should register ca.crt not, client.crt as -CAfile. You need to use as a CA the actual certificate that signed the server certificate with its own private key.
• The client certificate should only be used if you want mutual authentication, but that's not supported by default in the echo_client sample.

I'm guessing you've provided client.der instead of ca.der to the echo_client sample?

[CreativeIndustryAg]

@rlubos
"I'm guessing you've provided client.der instead of ca.der to the echo_client sample?"
You are right, when i use ca.der except client.der everything starts work.

I don'n understand why i have to use ca.der without client.der.

[rlubos]

I don'n understand why i have to use ca.der without client.der.

the echo_client sample by default only verifies the server authentity. The server shall send its own certificate, signed by the CA that you trust.

Now as you trust the ca.der, in the echo_client sample you register it as a CA. In result, mbed TLS will accept any certificate, that was signed by the CA that you trust (provided the CN fields also match, localhost in this case). That's why you need to register a trusted CA certificate, to be able to determine whether the server cert is valid or not.

Now when it comes to client certificate, you'd need it in case mutual authentication was enabled. In such scenario, the client not only verifies the server certificate with a trusted CA you've registered but also sends out its own certificate to the server. Now depending on the server configuration, it may verfiy the client certificate or not. If it decides to do so (again, configuration), it would also need to regsiter root CA, that the client certificate was signed with (ca.der in this case).

Generally, I suggest reading any article covering PKI infrastructure, I bet it'd explain the concept better than me.

[CreativeIndustryAg]

Thanks for explanation.

Do you know is this possible to enable mutual authentication on zephyr?