Describe the bug
When using the MQTT5 client with PKCS11 and ECC certificates, the client seems to offer only TLS 1.2. If the same certificate is used without PKCS11, the client offers TLS 1.2 and TLS 1.3. If the IotSecurityPolicy TLS13_1_3_2022_10 is configured in IoT Core, the server rejects the connection directly after the Client Hello.
Expected Behavior
The offered TLS versions should be the same independent of whether PKCS11 is used or not.
Current Behavior
The server rejects the Client Hello when TLS 1.3 is enforced.
Reproduction Steps
- Configure IoT Core with Security Policy TLS13_1_3_2022_10
- Register custom Root CA with ECC certificates
- Create Thing, register ECC client certificate
- Run example https://github.com/aws/aws-iot-device-sdk-cpp-v2/blob/main/samples/mqtt/mqtt5_pkcs11/README.md with SoftHSM
- Server rejects Client Hello with
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Protocol Version)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message
Level: Fatal (2)
Description: Protocol Version (70)
- change policy to TLS13_1_2_2022_10
- Server accepts Client Hello
Possible Solution
No response
Additional Information/Context
Client Hello with PKCS11:
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 217
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 213
Version: TLS 1.2 (0x0303)
Random: xxx
Session ID Length: 0
Cipher Suites Length: 38
Cipher Suites (19 suites)
Compression Methods Length: 1
Compression Methods (1 method)
Extensions Length: 134
Extension: supported_groups (len=6)
Type: supported_groups (10)
Length: 6
Supported Groups List Length: 4
Supported Groups (2 groups)
Supported Group: secp256r1 (0x0017)
Supported Group: secp384r1 (0x0018)
Extension: signature_algorithms (len=22)
Type: signature_algorithms (13)
Length: 22
Signature Hash Algorithms Length: 20
Signature Hash Algorithms (10 algorithms)
Extension: server_name (len=54) name=xxxx-ats.iot.eu-central-1.amazonaws.com
Type: server_name (0)
Length: 54
Server Name Indication extension
Extension: application_layer_protocol_negotiation (len=17)
Type: application_layer_protocol_negotiation (16)
Length: 17
ALPN Extension Length: 15
ALPN Protocol
ALPN string length: 14
ALPN Next Protocol: x-amzn-mqtt-ca
Extension: status_request (len=5)
Type: status_request (5)
Length: 5
Certificate Status Type: OCSP (1)
Responder ID list Length: 0
Request Extensions Length: 0
Extension: ec_point_formats (len=2)
Type: ec_point_formats (11)
Length: 2
EC point formats Length: 1
Elliptic curves point formats (1)
Extension: extended_master_secret (len=0)
Type: extended_master_secret (23)
Length: 0
...
Client Hello without PKCS11 (same client certificate, same version, same settings):
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 361
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 357
Version: TLS 1.2 (0x0303)
Random: xxxx
Session ID Length: 32
Session ID: xxxx
Cipher Suites Length: 48
Cipher Suites (24 suites)
Compression Methods Length: 1
Compression Methods (1 method)
Extensions Length: 236
Extension: supported_versions (len=9) TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0
Type: supported_versions (43)
Length: 9
Supported Versions length: 8
Supported Version: TLS 1.3 (0x0304)
Supported Version: TLS 1.2 (0x0303)
Supported Version: TLS 1.1 (0x0302)
Supported Version: TLS 1.0 (0x0301)
Extension: supported_groups (len=8)
Type: supported_groups (10)
Length: 8
Supported Groups List Length: 6
Supported Groups (3 groups)
Supported Group: secp256r1 (0x0017)
Supported Group: x25519 (0x001d)
Supported Group: secp384r1 (0x0018)
Extension: key_share (len=71) secp256r1
Type: key_share (51)
Length: 71
Key Share extension
Extension: signature_algorithms (len=34)
Type: signature_algorithms (13)
Length: 34
Signature Hash Algorithms Length: 32
Signature Hash Algorithms (16 algorithms)
Extension: server_name (len=54) name=xxxx-ats.iot.eu-central-1.amazonaws.com
Type: server_name (0)
Length: 54
Server Name Indication extension
Extension: application_layer_protocol_negotiation (len=17)
Type: application_layer_protocol_negotiation (16)
Length: 17
ALPN Extension Length: 15
ALPN Protocol
ALPN string length: 14
ALPN Next Protocol: x-amzn-mqtt-ca
Extension: status_request (len=5)
Type: status_request (5)
Length: 5
Certificate Status Type: OCSP (1)
Responder ID list Length: 0
Request Extensions Length: 0
Extension: ec_point_formats (len=2)
Type: ec_point_formats (11)
Length: 2
EC point formats Length: 1
Elliptic curves point formats (1)
Extension: extended_master_secret (len=0)
Type: extended_master_secret (23)
Length: 0
...
SDK version used
Latest main branch b8b7bc3
Environment details (OS name and version, etc.)
Ubuntu 22 LTS
Describe the bug
When using the MQTT5 client with PKCS11 and ECC certificates, the client seems to offer only TLS 1.2. If the same certificate is used without PKCS11, the client offers TLS 1.2 and TLS 1.3. If the IotSecurityPolicy TLS13_1_3_2022_10 is configured in IoT Core, the server rejects the connection directly after the Client Hello.
Expected Behavior
The offered TLS versions should be the same independent of whether PKCS11 is used or not.
Current Behavior
The server rejects the Client Hello when TLS 1.3 is enforced.
Reproduction Steps
Possible Solution
No response
Additional Information/Context
Client Hello with PKCS11:
Client Hello without PKCS11 (same client certificate, same version, same settings):
SDK version used
Latest main branch b8b7bc3
Environment details (OS name and version, etc.)
Ubuntu 22 LTS