Thread Info
  • State Suggested Answer
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 11171 views
  • Users 0 members are here
Options
Suggested

Sophos Connect with Digital Certificates failing to load Private Key/RSA or even Connect

Emile Belcourt

Hi Team,

Further testing on the Sophos Connect Client and have found issues when attempting to use Digital Certificates. The first is that if you export a connection config with the digitial certificates and try connecting you get an error stating "Failed to load private key into StrongSwan, parsing RSA private key failed" as you can see in the image below:

If you edit the config and re-save it (i did to change from IP target to DNS target), you get the same error.

The first set of certificates I used, I generated CSRs from the XG (being very lazy this evening) and signed them from our PKI and both were using key encryption checkbox enabled and I believe that is why the error above occurs.

Thinking along these lines I generated a new self signed with no key encryption enabled and I got a new error: Failed to establish CHILD_SA

This time the "authentication required" phase of the Sophos Connect application functionality passed the checks.

I had to switch firewalls so I am no longer using the PKI signed certificates so am instead using two self signed certs on my home system and I have found some very odd data (bolded) in the strongswan logs below (sensitive data obfuscated):

2018-11-19 19:27:27 03[NET] received packet: from 94.197.120.166[36245] to <TARGET_IP>[500] on Port2
2018-11-19 19:27:27 03[NET] waiting for data on sockets
2018-11-19 19:27:27 16[NET] <18> received packet: from 94.197.120.166[36245] to <TARGET_IP>[500] (204 bytes)
2018-11-19 19:27:27 16[ENC] <18> parsed ID_PROT request 0 [ SA V V V V V ]
2018-11-19 19:27:27 16[CFG] <18> looking for an ike config for <TARGET_IP>...94.197.120.166
2018-11-19 19:27:27 16[CFG] <18> candidate: <TARGET_IP>...%any, prio 1052
2018-11-19 19:27:27 16[CFG] <18> found matching ike config: <TARGET_IP>...%any with prio 1052
2018-11-19 19:27:27 16[IKE] <18> received XAuth vendor ID
2018-11-19 19:27:27 16[IKE] <18> received DPD vendor ID
2018-11-19 19:27:27 16[IKE] <18> received FRAGMENTATION vendor ID
2018-11-19 19:27:27 16[IKE] <18> received NAT-T (RFC 3947) vendor ID
2018-11-19 19:27:27 16[IKE] <18> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
2018-11-19 19:27:27 16[IKE] <18> 94.197.120.166 is initiating a Main Mode IKE_SA
2018-11-19 19:27:27 16[IKE] <18> IKE_SA (unnamed)[18] state change: CREATED => CONNECTING
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable PSEUDO_RANDOM_FUNCTION found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> no acceptable ENCRYPTION_ALGORITHM found
2018-11-19 19:27:27 16[CFG] <18> selecting proposal:
2018-11-19 19:27:27 16[CFG] <18> proposal matches
2018-11-19 19:27:27 16[CFG] <18> received proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:ECP_256
2018-11-19 19:27:27 16[CFG] <18> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/CURVE_25519, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/CURVE_25519, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_192, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_192, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_192, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_521, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_521, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_521, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_4096, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_4096, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_4096, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/MODP_3072/MODP_4096/MODP_8192/MODP_2048, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/MODP_3072/MODP_4096/MODP_8192/MODP_2048
2018-11-19 19:27:27 16[CFG] <18> selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256
2018-11-19 19:27:27 16[IKE] <18> sending XAuth vendor ID
2018-11-19 19:27:27 16[IKE] <18> sending DPD vendor ID
2018-11-19 19:27:27 16[IKE] <18> sending Cisco Unity vendor ID
2018-11-19 19:27:27 16[IKE] <18> sending FRAGMENTATION vendor ID
2018-11-19 19:27:27 16[IKE] <18> sending NAT-T (RFC 3947) vendor ID
2018-11-19 19:27:27 16[ENC] <18> generating ID_PROT response 0 [ SA V V V V V ]
2018-11-19 19:27:27 16[NET] <18> sending packet: from <TARGET_IP>[500] to 94.197.120.166[36245] (180 bytes)
2018-11-19 19:27:27 04[NET] sending packet: from <TARGET_IP>[500] to 94.197.120.166[36245]
2018-11-19 19:27:27 03[NET] received packet: from 94.197.120.166[36245] to <TARGET_IP>[500] on Port2
2018-11-19 19:27:27 03[NET] waiting for data on sockets
2018-11-19 19:27:27 22[NET] <18> received packet: from 94.197.120.166[36245] to <TARGET_IP>[500] (204 bytes)
2018-11-19 19:27:27 22[ENC] <18> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
2018-11-19 19:27:27 22[IKE] <18> remote host is behind NAT
2018-11-19 19:27:27 22[ENC] <18> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
2018-11-19 19:27:27 22[NET] <18> sending packet: from <TARGET_IP>[500] to 94.197.120.166[36245] (204 bytes)
2018-11-19 19:27:27 04[NET] sending packet: from <TARGET_IP>[500] to 94.197.120.166[36245]
2018-11-19 19:27:27 03[NET] received packet: from 94.197.120.166[56054] to <TARGET_IP>[4500] on Port2
2018-11-19 19:27:27 03[NET] waiting for data on sockets
2018-11-19 19:27:27 05[NET] <18> received packet: from 94.197.120.166[56054] to <TARGET_IP>[4500] (668 bytes)
2018-11-19 19:27:27 05[ENC] <18> parsed ID_PROT request 0 [ ID SIG CERTREQ CERTREQ N(INITIAL_CONTACT) ]
2018-11-19 19:27:27 05[IKE] <18> received cert request for 'C=GB, ST=NA, L=NA, O=Emile Home, OU=OU, CN=Sophos_CA_C0100...Serial,'
2018-11-19 19:27:27 05[IKE] <18> received cert request for unknown ca 'C=GB, ST=Surrey, L=New Malden, O=Globelink, OU=OU, CN=Sophos_CA_C0100...Serial, E=eb@globelinkuk.co.uk'
2018-11-19 19:27:27 05[CFG] <18> looking for XAuthInitRSA peer configs matching <TARGET_IP>...94.197.120.166[client.shepard.co.uk]
2018-11-19 19:27:27 05[IKE] <18> no peer config found
2018-11-19 19:27:27 05[IKE] <18> queueing INFORMATIONAL task
2018-11-19 19:27:27 05[IKE] <18> activating new tasks
2018-11-19 19:27:27 05[IKE] <18> activating INFORMATIONAL task
2018-11-19 19:27:27 05[ENC] <18> generating INFORMATIONAL_V1 request 477123985 [ HASH N(AUTH_FAILED) ]
2018-11-19 19:27:27 05[NET] <18> sending packet: from <TARGET_IP>[4500] to 94.197.120.166[56054] (108 bytes)
2018-11-19 19:27:27 05[IKE] <18> IKE_SA (unnamed)[18] state change: CONNECTING => DESTROYING
2018-11-19 19:27:27 04[NET] sending packet: from <TARGET_IP>[4500] to 94.197.120.166[56054]

The first bold is the selected Proposal, it's quite odd because the config file explicitly states AES256 so how and why is it negotiating AES128?

The second bold is the Appliance Certificate which is definitely not the intended certificate for use in this connection, why is that showing? It looks like it is the client looking for the server to provide a certificate with an expected CA of which both client and server cert are signed with this. This behaviour is synonymous with L2TP Certificate connections.

The third bold is our head office signing CA on the XG there, this must be being pushed by my client, probably a red herring.

But what I cannot see is the client itself sending the "client.shepard.co.uk" certificate (configured client) and can only see the client requesting certs from the server. The server then doesn't seem to be actually sending the certs back to the connecting client as far as I can see so therefore it seems it gets into a catch 22 with itself: "I can't trust the client because they don't have my cert and the client can't trust me because I'm not sending it to them".

Right now, I've boiled this system to it's most basic and as far as I can tell, it is broken. I have so far attempted with self signed (with no key encryption) and PKI signed (both with and without key encryption).

The summary of the issues I've found are:

  1. Using Certificates that utilise key encryption causes the client to fail to initialise the certificates to be ready for use in the connection
  2. The client and server are either not, or failing to negotiate each others certificate with one another. I cannot seem to tell whether it is the client failing to receive server or the server failing to receive the clients cert. But either way the "XAuthInitRSA" system cannot reconcile and fails to find a peer config. Looking at the fact the server is expecting the client cert, I would expect the client delivery of its cert to be at fault.

Would appreciate someone casting their eye over this.

Emile

Unfiltered HTML