Cannot connect to miTLS

[herbertschulz]

Hello! I cannot connect to miTLS, no matter what configuration (cipher suite, protocol version etc.) I choose with the client. I connect via: ./mitls.exe -s 127.0.0.1 4443 -v 1.2 ciphers ECDHE-RSA-AES256-GCM-SHA384

...and always get the error:

Fatal error: exception File "output/TestHandshake.ml", line 99, characters 14-19: Pattern matching failed

What could be done here? Thnx

[s-zanella]

I would need some additional information to debug this:

• I'm assuming you compiled mitls.exe from an up-to-date clone of the master branch using make -C src/tls mitls.exe.
• You gave us the exact command you use to start the server, but which client are you using to connect to this server? If you are also using mitls.exe, can you tell us the exact command you use?
• You're missing a dash before ciphers in the command for starting the server.
• By default, mitls.exe -s -v 1.2 will load an RSA key and a certificate chain from ../../data, but will offer all supported signature algorithms, including ECDSA algorithms. Try appending -sigalgs RSA+SHA256 to offer only an algorithm compatible with the default chain.

[herbertschulz]

Thank you for your reply. Point 1 is true.

Actually, my client is a Java application (TLS-Attacker). Usually the command... config.setConnect("127.0.0.1:" + Port); ...suffices to establish a normal handshake for other applications for Port (like OpenSSL etc.). But not for miTLS.

(I got the same error when running wolfSSL as a client and get the error: err = -308, error state on socket...)

[s-zanella]

Did you fix the missing dash in ciphers and append -sigalgs RSA+SHA256?

[herbertschulz]

Yes. Same results, even with other ciphers.