[openssl-dev] OpenSSL Security Advisory
Matt Caswell
matt at openssl.org
Tue Feb 2 23:00:51 UTC 2016
On 02/02/16 21:34, Rainer Jung wrote:
> Hi there,
>
> reading the last advisory again, I noticed, that there's one logical
> inconsistency.
>
> First:
>
> OpenSSL before 1.0.2f will reuse the key if:
> ...
> - Static DH ciphersuites are used. The key is part of the certificate
> and so it will always reuse it. This is only supported in 1.0.2.
>
>
> and then:
>
> It will not reuse the key for DHE ciphers suites if:
> - SSL_OP_SINGLE_DH_USE is set
> ...
>
> So what's the situation if both situations apply, static DH ciphersuites
> are used and SSL_OP_SINGLE_DH_USE is set is set. Which of these is
> stronger? Will the key be reused? Or is that combination impossible? It
> doesn't seem to be clear to me from the wording in the advisory.
DH ciphersuites come in two forms: static DH and ephemeral DH (aka DHE).
You can't have both at the same time. SSL_OP_SINGLE_DH_USE does not
apply to static DH ciphersuites.
Matt
More information about the openssl-dev
mailing list