Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ERROR: Esys_Sign: tpm:parameter(1):structure is the wrong size
- SSL connection failure: PKCS #11 error.
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- GET https://testvpn.com
- Attempting to connect to server [2000:100:2000:1009::7]:443
- Connected to [2000:100:2000:1009::7]:443
- Initializing needed PKCS #11 modules
- p11: Initializing module: p11-kit-trust
- p11: No login requested.
- p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE
- p11 attrs: CKA_TRUSTED
- p11 attrs: CKA_CERTIFICATE_CATEGORY=CA
- p11: No login requested.
- p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE
- p11 attrs: CKA_TRUSTED
- p11 attrs: CKA_CERTIFICATE_CATEGORY=CA
- ASSERT: ../../lib/pkcs11.c[find_multi_objs_cb]:3105
- ASSERT: ../../lib/pkcs11.c[gnutls_pkcs11_obj_list_import_url3]:3416
- Using certificate file usercert.pem
- Initializing all PKCS #11 modules
- WARNING:fapi:src/tss2-fapi/api/Fapi_List.c:226:Fapi_List_Finish() Profile of path not provisioned: /HS/SRK
- ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List
- WARNING: Listing FAPI token objects failed: "fapi:Provisioning was not executed."
- Please see https://github.com/tpm2-software/tpm2-pkcs11/blob/1.9.0/docs/FAPI.md for more details
- WARNING: Getting tokens from fapi backend failed.
- p11: Initializing module: p11-kit-trust
- p11: module p11-kit-trust is already loaded.
- ASSERT: ../../lib/pkcs11.c[auto_load]:958
- Cannot load PKCS #11 module: p11-kit-trust
- p11: Initializing module: opensc
- p11: Initializing module: softhsm2
- p11: Initializing module: tpm2_pkcs11
- ASSERT: ../../lib/pkcs11.c[compat_load]:906
- p11: Using pin-value to retrieve PIN
- p11: Login result = ok (0)
- Using PKCS#11 key pkcs11:model=%01%01%04%00%02%01%02%00%00%00%00%00%00%00%00%00;manufacturer=STMicro;serial=0000000000000000;token=TL_ECC256;id=%36%66%62%66%33%66%30%61%36%32%39%31%35%65%39%00;object=KL_ECC256;type=private?pin-value=userpin
- Using client certificate 'Test User'
- ASSERT: ../../../lib/x509/x509.c[gnutls_x509_crt_get_authority_key_id]:1690
- Adding supporting CA 'ACME VPN Linux CA G2'
- ASSERT: ../../../lib/x509/x509_ext.c[gnutls_subject_alt_names_get]:111
- ASSERT: ../../../lib/x509/x509.c[get_alt_name]:2011
- cannot use privkey of EC/ECDSA with RSA-PSS-SHA256
- cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA256
- cannot use privkey of EC/ECDSA with RSA-PSS-SHA384
- cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA384
- cannot use privkey of EC/ECDSA with RSA-PSS-SHA512
- cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA512
- cannot use privkey of EC/ECDSA with EdDSA-Ed25519
- cannot use privkey of EC/ECDSA with EdDSA-Ed448
- REC[0x55fceb6c32d0]: Allocating epoch #0
- cfg: system priority /etc/crypto-policies/back-ends/gnutls.config has not changed
- cfg: finalized system-wide priority string
- resolved 'OPENCONNECT' to '', next 'SYSTEM'
- resolved 'SYSTEM' to 'NONE:+ECDHE-RSA:+ECDHE-ECDSA:+RSA:+DHE-RSA:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-X448:+GROUP-SECP521R1:+GROUP-SECP384R1:+GROUP-FFDHE2048:+GROUP-FFDHE3072:+GROUP-FFDHE4096:+GROUP-FFDHE6144:+GROUP-FFDHE8192:+AES-256-GCM:+AES-256-CCM:+CHACHA20-POLY1305:+AES-256-CBC:+AES-128-GCM:+AES-128-CCM:+AES-128-CBC:+AEAD:+SHA1:+SHA512:+SIGN-ECDSA-SHA3-256:+SIGN-ECDSA-SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+SIGN-ECDSA-SHA3-384:+SIGN-ECDSA-SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+SIGN-ECDSA-SHA3-512:+SIGN-ECDSA-SHA512:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-EdDSA-Ed25519:+SIGN-EdDSA-Ed448:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA3-256:+SIGN-RSA-SHA256:+SIGN-RSA-SHA3-384:+SIGN-RSA-SHA384:+SIGN-RSA-SHA3-512:+SIGN-RSA-SHA512:+SIGN-ECDSA-SHA224:+SIGN-RSA-SHA224:+SIGN-ECDSA-SHA3-224:+SIGN-RSA-SHA3-224:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2', next ''
- selected priority string: NONE:+ECDHE-RSA:+ECDHE-ECDSA:+RSA:+DHE-RSA:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-X448:+GROUP-SECP521R1:+GROUP-SECP384R1:+GROUP-FFDHE2048:+GROUP-FFDHE3072:+GROUP-FFDHE4096:+GROUP-FFDHE6144:+GROUP-FFDHE8192:+AES-256-GCM:+AES-256-CCM:+CHACHA20-POLY1305:+AES-256-CBC:+AES-128-GCM:+AES-128-CCM:+AES-128-CBC:+AEAD:+SHA1:+SHA512:+SIGN-ECDSA-SHA3-256:+SIGN-ECDSA-SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+SIGN-ECDSA-SHA3-384:+SIGN-ECDSA-SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+SIGN-ECDSA-SHA3-512:+SIGN-ECDSA-SHA512:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-EdDSA-Ed25519:+SIGN-EdDSA-Ed448:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA3-256:+SIGN-RSA-SHA256:+SIGN-RSA-SHA3-384:+SIGN-RSA-SHA384:+SIGN-RSA-SHA3-512:+SIGN-RSA-SHA512:+SIGN-ECDSA-SHA224:+SIGN-RSA-SHA224:+SIGN-ECDSA-SHA3-224:+SIGN-RSA-SHA3-224:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%COMPAT:-3DES-CBC:-ARCFOUR-128
- added 3 protocols, 29 ciphersuites, 17 sig algos and 10 groups into priority list
- SSL negotiation with testvpn.com
- REC[0x55fceb6c32d0]: Allocating epoch #1
- HSK[0x55fceb6c32d0]: Adv. version: 3.3
- Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
- Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
- Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
- Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
- Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
- Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
- Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
- Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
- Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
- Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
- Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
- Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
- Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
- Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
- Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
- Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
- Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
- Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
- Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
- Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
- Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
- Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
- Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
- Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
- Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
- Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
- Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
- Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
- Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
- EXT[0x55fceb6c32d0]: Preparing extension (Server Certificate Type/20) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Early Data/42) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Maximum Record Size/1) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Session Ticket/35) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension Session Ticket/35 (0 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Supported Versions/43) for 'client hello'
- Advertizing version 3.4
- Advertizing version 3.3
- EXT[0x55fceb6c32d0]: Sending extension Supported Versions/43 (5 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Key Share/51) for 'client hello'
- EXT[0x55fceb6c32d0]: sending key share for X25519
- EXT[0x55fceb6c32d0]: sending key share for SECP256R1
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- EXT[0x55fceb6c32d0]: Sending extension Key Share/51 (107 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Server Name Indication/0) for 'client hello'
- HSK[0x55fceb6c32d0]: sent server name: 'testvpn.com'
- EXT[0x55fceb6c32d0]: Sending extension Server Name Indication/0 (30 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Supported Groups/10) for 'client hello'
- EXT[0x55fceb6c32d0]: Sent group X25519 (0x1d)
- EXT[0x55fceb6c32d0]: Sent group SECP256R1 (0x17)
- EXT[0x55fceb6c32d0]: Sent group X448 (0x1e)
- EXT[0x55fceb6c32d0]: Sent group SECP521R1 (0x19)
- EXT[0x55fceb6c32d0]: Sent group SECP384R1 (0x18)
- EXT[0x55fceb6c32d0]: Sent group FFDHE2048 (0x100)
- EXT[0x55fceb6c32d0]: Sent group FFDHE3072 (0x101)
- EXT[0x55fceb6c32d0]: Sent group FFDHE4096 (0x102)
- EXT[0x55fceb6c32d0]: Sent group FFDHE6144 (0x103)
- EXT[0x55fceb6c32d0]: Sent group FFDHE8192 (0x104)
- EXT[0x55fceb6c32d0]: Sending extension Supported Groups/10 (22 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension Supported EC Point Formats/11 (2 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Client Certificate Type/19) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (OCSP Status Request/5) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension OCSP Status Request/5 (5 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Signature Algorithms/13) for 'client hello'
- EXT[0x55fceb6c32d0]: sent signature algo (4.3) ECDSA-SHA256
- EXT[0x55fceb6c32d0]: sent signature algo (5.3) ECDSA-SHA384
- EXT[0x55fceb6c32d0]: sent signature algo (6.3) ECDSA-SHA512
- EXT[0x55fceb6c32d0]: sent signature algo (8.7) EdDSA-Ed25519
- EXT[0x55fceb6c32d0]: sent signature algo (8.8) EdDSA-Ed448
- EXT[0x55fceb6c32d0]: sent signature algo (8.9) RSA-PSS-SHA256
- EXT[0x55fceb6c32d0]: sent signature algo (8.10) RSA-PSS-SHA384
- EXT[0x55fceb6c32d0]: sent signature algo (8.11) RSA-PSS-SHA512
- EXT[0x55fceb6c32d0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
- EXT[0x55fceb6c32d0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
- EXT[0x55fceb6c32d0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
- EXT[0x55fceb6c32d0]: sent signature algo (4.1) RSA-SHA256
- EXT[0x55fceb6c32d0]: sent signature algo (5.1) RSA-SHA384
- EXT[0x55fceb6c32d0]: sent signature algo (6.1) RSA-SHA512
- EXT[0x55fceb6c32d0]: Sending extension Signature Algorithms/13 (30 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Record Size Limit/28) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension Record Size Limit/28 (2 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Post Handshake Auth/49) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Cookie/44) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Extended Master Secret/23) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (SRTP/14) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension Safe Renegotiation/65281 (1 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Compress Certificate/27) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (ALPN/16) for 'client hello'
- EXT[0x55fceb6c32d0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (ClientHello Padding/21) for 'client hello'
- EXT[0x55fceb6c32d0]: Sending extension ClientHello Padding/21 (122 bytes)
- EXT[0x55fceb6c32d0]: Preparing extension (Pre Shared Key/41) for 'client hello'
- HSK[0x55fceb6c32d0]: CLIENT HELLO was queued [512 bytes]
- HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
- HWRITE FLUSH: 512 bytes in buffer.
- REC[0x55fceb6c32d0]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
- ENC[0x55fceb6c32d0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
- WRITE: enqueued 517 bytes for 0x6. Total 517 bytes.
- REC[0x55fceb6c32d0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
- HWRITE: wrote 1 bytes, 0 bytes left.
- WRITE FLUSH: 517 bytes in buffer.
- WRITE: wrote 517 bytes, 0 bytes left.
- ASSERT: ../../lib/buffers.c[get_last_packet]:1138
- READ: Got 5 bytes from 0x6
- READ: read 5 bytes from 0x6
- RB: Have 0 bytes into buffer. Adding 5 bytes.
- RB: Requested 5 bytes
- REC[0x55fceb6c32d0]: SSL 3.3 Handshake packet received. Epoch 0, length: 93
- REC[0x55fceb6c32d0]: Expected Packet Handshake(22)
- REC[0x55fceb6c32d0]: Received Packet Handshake(22) with length: 93
- READ: Got 93 bytes from 0x6
- READ: read 93 bytes from 0x6
- RB: Have 5 bytes into buffer. Adding 93 bytes.
- RB: Requested 98 bytes
- REC[0x55fceb6c32d0]: Decrypted Packet[0] Handshake(22) with length: 93
- BUF[REC]: Inserted 93 bytes of Data(22)
- HSK[0x55fceb6c32d0]: SERVER HELLO (2) was received. Length 89[89], frag offset 0, frag length: 89, sequence: 0
- ASSERT: ../../lib/buffers.c[get_last_packet]:1130
- ASSERT: ../../lib/buffers.c[_gnutls_handshake_io_recv_int]:1374
- HSK[0x55fceb6c32d0]: Server's version: 3.3
- HSK[0x55fceb6c32d0]: SessionID length: 32
- HSK[0x55fceb6c32d0]: SessionID: 08ddb4758ec18dd9bab36b42b8c68aea2e841cb2cd662885fe3d71875d459502
- HSK[0x55fceb6c32d0]: Selected cipher suite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384
- EXT[0x55fceb6c32d0]: Parsing extension 'Server Name Indication/0' (0 bytes)
- EXT[0x55fceb6c32d0]: Parsing extension 'Safe Renegotiation/65281' (1 bytes)
- EXT[0x55fceb6c32d0]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
- HSK[0x55fceb6c32d0]: Safe renegotiation succeeded
- ASSERT: ../../lib/buffers.c[get_last_packet]:1138
- READ: Got 5 bytes from 0x6
- READ: read 5 bytes from 0x6
- RB: Have 0 bytes into buffer. Adding 5 bytes.
- RB: Requested 5 bytes
- REC[0x55fceb6c32d0]: SSL 3.3 Handshake packet received. Epoch 0, length: 4318
- REC[0x55fceb6c32d0]: Expected Packet Handshake(22)
- REC[0x55fceb6c32d0]: Received Packet Handshake(22) with length: 4318
- READ: Got 1231 bytes from 0x6
- READ: Got 2668 bytes from 0x6
- READ: Got 419 bytes from 0x6
- READ: read 4318 bytes from 0x6
- RB: Have 5 bytes into buffer. Adding 4318 bytes.
- RB: Requested 4323 bytes
- REC[0x55fceb6c32d0]: Decrypted Packet[1] Handshake(22) with length: 4318
- BUF[REC]: Inserted 4318 bytes of Data(22)
- HSK[0x55fceb6c32d0]: CERTIFICATE (11) was received. Length 4314[4314], frag offset 0, frag length: 4314, sequence: 0
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_get2]:96
- ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_get2]:96
- ASSERT: ../../lib/ocsp-api.c[gnutls_ocsp_status_request_get2]:96
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- self-signed cert found: subject `CN=ACME Internal Root CA,O=ACME,C=US', issuer `CN=ACME Internal Root CA,O=ACME,C=US', serial 0x14, RSA key 2048 bits, signed using RSA-SHA256, activated `2016-02-24 05:00:00 UTC', expires `2039-01-03 04:59:59 UTC', pin-sha256="oXpPRib46YcSyAAk="
- p11: No login requested.
- ASSERT: ../../../lib/x509/verify.c[verify_crt]:702
- ASSERT: ../../../lib/x509/verify.c[verify_crt]:880
- ASSERT: ../../../lib/x509/verify.c[_gnutls_verify_crt_status]:1065
- issuer in verification was not found or insecure; trying against trust list
- ASSERT: ../../../lib/x509/verify.c[verify_crt]:702
- ASSERT: ../../../lib/x509/verify.c[verify_crt]:880
- ASSERT: ../../../lib/x509/verify.c[_gnutls_verify_crt_status]:1065
- ASSERT: ../../../lib/x509/verify-high.c[gnutls_x509_trust_list_verify_crt2]:1564
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4083
- crt_is_known: did not find cert, using issuer DN + serial, using DN only
- ASSERT: ../../lib/pkcs11.c[_gnutls_pkcs11_crt_is_known]:4627
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4083
- ASSERT: ../../lib/pkcs11.c[_gnutls_pkcs11_crt_is_known]:4649
- crt_is_known: did not find any cert
- p11: No login requested.
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4083
- crt_is_known: did not find cert, using issuer DN + serial, using DN only
- ASSERT: ../../lib/pkcs11.c[_gnutls_pkcs11_crt_is_known]:4627
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4083
- ASSERT: ../../lib/pkcs11.c[_gnutls_pkcs11_crt_is_known]:4649
- crt_is_known: did not find any cert
- p11: No login requested.
- p11: No login requested.
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4083
- crt_is_known: did not find cert, using issuer DN + serial, using DN only
- ASSERT: ../../lib/pkcs11.c[_gnutls_pkcs11_crt_is_known]:4627
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- p11: No login requested.
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4272
- ASSERT: ../../lib/pkcs11.c[find_cert_cb]:4083
- ASSERT: ../../lib/pkcs11.c[_gnutls_pkcs11_crt_is_known]:4649
- crt_is_known: did not find any cert
- ASSERT: ../../../lib/x509/name_constraints.c[gnutls_x509_crt_get_name_constraints]:508
- ASSERT: ../../lib/buffers.c[get_last_packet]:1138
- READ: Got 5 bytes from 0x6
- READ: read 5 bytes from 0x6
- RB: Have 0 bytes into buffer. Adding 5 bytes.
- RB: Requested 5 bytes
- REC[0x55fceb6c32d0]: SSL 3.3 Handshake packet received. Epoch 0, length: 333
- REC[0x55fceb6c32d0]: Expected Packet Handshake(22)
- REC[0x55fceb6c32d0]: Received Packet Handshake(22) with length: 333
- READ: Got 333 bytes from 0x6
- READ: read 333 bytes from 0x6
- RB: Have 5 bytes into buffer. Adding 333 bytes.
- RB: Requested 338 bytes
- REC[0x55fceb6c32d0]: Decrypted Packet[2] Handshake(22) with length: 333
- BUF[REC]: Inserted 333 bytes of Data(22)
- HSK[0x55fceb6c32d0]: SERVER KEY EXCHANGE (12) was received. Length 329[329], frag offset 0, frag length: 329, sequence: 0
- received curve SECP256R1
- HSK[0x55fceb6c32d0]: Selected group SECP256R1 (2)
- HSK[0x55fceb6c32d0]: verify TLS 1.2 handshake data: using RSA-SHA512
- ASSERT: ../../lib/buffers.c[get_last_packet]:1138
- READ: Got 5 bytes from 0x6
- READ: read 5 bytes from 0x6
- RB: Have 0 bytes into buffer. Adding 5 bytes.
- RB: Requested 5 bytes
- REC[0x55fceb6c32d0]: SSL 3.3 Handshake packet received. Epoch 0, length: 1615
- REC[0x55fceb6c32d0]: Expected Packet Handshake(22)
- REC[0x55fceb6c32d0]: Received Packet Handshake(22) with length: 1615
- READ: Got 1615 bytes from 0x6
- READ: read 1615 bytes from 0x6
- RB: Have 5 bytes into buffer. Adding 1615 bytes.
- RB: Requested 1620 bytes
- REC[0x55fceb6c32d0]: Decrypted Packet[3] Handshake(22) with length: 1615
- BUF[REC]: Inserted 1615 bytes of Data(22)
- HSK[0x55fceb6c32d0]: CERTIFICATE REQUEST (13) was received. Length 1607[1611], frag offset 0, frag length: 1607, sequence: 0
- EXT[0x55fceb6c32d0]: rcvd signature algo (6.1) RSA-SHA512
- EXT[0x55fceb6c32d0]: rcvd signature algo (6.3) ECDSA-SHA512
- EXT[0x55fceb6c32d0]: rcvd signature algo (5.1) RSA-SHA384
- EXT[0x55fceb6c32d0]: rcvd signature algo (5.3) ECDSA-SHA384
- EXT[0x55fceb6c32d0]: rcvd signature algo (4.1) RSA-SHA256
- EXT[0x55fceb6c32d0]: rcvd signature algo (4.3) ECDSA-SHA256
- EXT[0x55fceb6c32d0]: rcvd signature algo (2.1) RSA-SHA1
- ASSERT: ../../lib/buffers.c[get_last_packet]:1138
- HSK[0x55fceb6c32d0]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 0, sequence: 0
- ASSERT: ../../lib/buffers.c[_gnutls_handshake_io_recv_int]:1392
- HSK[0x55fceb6c32d0]: CERTIFICATE was queued [2444 bytes]
- HWRITE: enqueued [CERTIFICATE] 2444. Total 2444 bytes.
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:59
- HSK[0x55fceb6c32d0]: CLIENT KEY EXCHANGE was queued [70 bytes]
- HWRITE: enqueued [CLIENT KEY EXCHANGE] 70. Total 2514 bytes.
- checking cert compat with RSA-SHA512
- cannot use privkey of EC/ECDSA with RSA-SHA512
- checking cert compat with ECDSA-SHA512
- sign handshake cert vrfy: picked ECDSA-SHA512
- WARNING:esys:src/tss2-esys/api/Esys_Sign.c:311:Esys_Sign_Finish() Received TPM Error
- ERROR:esys:src/tss2-esys/api/Esys_Sign.c:105:Esys_Sign() Esys Finish ErrorCode (0x000001d5)
- ERROR: Esys_Sign: tpm:parameter(1):structure is the wrong size
- ASSERT: ../../lib/pkcs11_privkey.c[_gnutls_pkcs11_privkey_sign]:409
- ASSERT: ../../lib/privkey.c[privkey_sign_and_hash_data]:1343
- ASSERT: ../../lib/tls-sig.c[_gnutls_handshake_sign_crt_vrfy12]:647
- ASSERT: ../../../lib/auth/cert.c[_gnutls_gen_cert_client_crt_vrfy]:1159
- ASSERT: ../../lib/kx.c[_gnutls_send_client_certificate_verify]:428
- ASSERT: ../../lib/handshake.c[handshake_client]:3191
- BUF[HSK]: Emptied buffer
- SSL connection failure: PKCS #11 error.
- BUF[HSK]: Emptied buffer
- REC[0x55fceb6c32d0]: Start of epoch cleanup
- REC[0x55fceb6c32d0]: End of epoch cleanup
- REC[0x55fceb6c32d0]: Epoch #0 freed
- REC[0x55fceb6c32d0]: Epoch #1 freed
- Failed to open HTTPS connection to testvpn.com
- Failed to complete authentication
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement