EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSL/TLS connect to OpenSSL fail.

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#37181
Posted: 07/07/2016 08:39:54
by Carsten Nielsen (Standard support level)
Joined: 07/07/2016
Posts: 2

Hi,

We plan to use Secure Black box .NET library (c #) to make a SSL / TLS to connect to a WinCE device.

Therefore, I have downloaded an SBB version 15.0.294, as I have installed to Visual Studio 2008.


I am now testing the the example SSLClientDemo up against a server running node.js version 4.2.1 and OpenSSL version 1.0.2d.
Using self-signed certificates and keys, and this seems to work.

Then I update the server to node.js version 4.4.7 and OpenSSL version 1.0.2h, and then then SSLClientDemo program crashes with the following error in Visual Studio:

"An unhandled exception of type 'SBSimpleSSL.EElSSLClientConnectionLostError' occurred in SecureBlackbox.SSLClient.dll
Additional information: Connection lost (error code is 10058)"


If I single step in the program, it seems that I receive certificates from the server which then try to validate, and then goes wrong.
If I sniffer on the network with Wireshark, its the same I see here.

I need it to work on the PC before I try to port it to a WinCE device that is running CF 3.5.

Do you know if there is a problem with this setup, or can you suggest other things that I can try to get it to work.

Best Regards
Carsten
#37182
Posted: 07/07/2016 08:44:01
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Please read next article for possible solutions of your problem: https://www.eldos.com/security/articles/8021.php
#37246
Posted: 07/14/2016 07:39:59
by Carsten Nielsen (Standard support level)
Joined: 07/07/2016
Posts: 2

Problem solved.

It turned out, that it was an unfortunate setup between the two servers, that made this strange problem.

For information : It was in the 'node.js', which was not setup correctly.
It was 'newSession' that was the problem:
https://nodejs.org/dist/latest-v4.x/docs/api/tls.html#tls_event_newsession
Event: 'newSession'

I have now added the code to an existing program to a WinCE machine, where it seems to work OK.
The connection is validated with a password protected certificate, and we can now send and receive data without problems.
(the connection i made with TLS 1.2)

We just need to do some more testing on the evaluation version, before we make a purchase of SBB.

Best Regards
Carsten

Reply

Statistics

Topic viewed 341 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!