[openssl-dev] rejecting elliptic_curves/supported_groups in ServerHello (new behavior in master/1.1.1 vs 1.1.0)
Dr. Stephen Henson
steve at openssl.org
Thu Oct 5 14:28:31 UTC 2017
On Wed, Oct 04, 2017, Mahesh Bhoothapuri wrote:
> Thanks for the hint. The problem is fixed.
>
> Server was setting:
>
> if (SSL_CTX_set1_groups_list(ctx, "X25519:P-256") == 0) {
> //
> }
>
> The call succeeds.
>
> But the old TLS 1.2 code was setting:
>
> int nid = NID_X9_62_prime256v1;
> EC_KEY* ecdh = EC_KEY_new_by_curve_name(nid);
> if (ecdh == NULL)
> {
> //error
> }
> SSL_CTX_set_tmp_ecdh(ctx, ecdh);
>
> After disabling this, the server responds with the right group - X25519.
>
Yes that's the problem. By doing that you're replacing the groups list with a
single curve.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-dev
mailing list