[openssl-users] Failure using ECDH-RSA-AES256-SHA with ssl3 on Master Branch

Matt Caswell matt at openssl.org
Fri Mar 20 15:51:17 UTC 2015

On 20/03/15 12:44, Linsell, StevenX wrote:
> On Thu, Mar 19, 2015, Steve Linsell wrote:
>> I am trying to use ECDH-RSA-AES256-SHA with ssl3 with s_client and s_server on
>> the master branch. (cloned at commit
>> f7683aaf36341dc65672ac2ccdbfd4a232e3626d) and then retested  with a more
>> recent clone: (commit da27006df06853a33b132133699a7aa9d4277920).
> Following further testing I see identical failures in the master branch using the following cipher/protocol combinations:
> ECDH-ECDSA-AES128-SHA      ssl3 
> ECDH-ECDSA-AES256-SHA      ssl3            
> ECDH-ECDSA-DES-CBC3-SHA    ssl3          
> ECDH-ECDSA-RC4-SHA         ssl3               
> ECDH-RSA-AES128-SHA        ssl3                    
> ECDH-RSA-AES256-SHA        ssl3         
> ECDH-RSA-DES-CBC3-SHA      ssl3          
> ECDH-RSA-RC4-SHA           ssl3                
> ECDHE-ECDSA-AES128-SHA     ssl3         
> ECDHE-ECDSA-AES256-SHA     ssl3          
> ECDHE-ECDSA-DES-CBC3-SHA   ssl3                
> ECDHE-ECDSA-RC4-SHA        ssl3             

Hi Steve

Looks like a bug. Try the attached patch. Let me know how you get on.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: curves-check.patch
Type: text/x-patch
Size: 1034 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150320/1f4d3664/attachment.bin>

More information about the openssl-users mailing list