[openssl-users] Integrating New Cipher Suite

Schmicker, Robert rschm2 at unh.newhaven.edu
Sat Apr 8 17:56:54 UTC 2017


Hello,

I'm attempting to integrate a customized cipher suite for TLS 1.2,
however no matter what I try I always seem to end up with this error
(client side):

SSL routines:ssl_cipher_list_to_bytes:no ciphers
available:ssl/statem/statem_clnt.c:3567

Can anyone give some further explanation on this?

Here's some snippets from the client and server setup.

client:

SSL_CTX* InitCTX(void)
{   const SSL_METHOD *method;
    SSL_CTX *ctx;

    OpenSSL_add_all_algorithms();  /* Load cryptos, et.al. */
    SSL_load_error_strings();   /* Bring in and register error messages */
    method = SSLv23_client_method();  /* Create new client-method
instance */
    ctx = SSL_CTX_new(method);   /* Create new context */

    /* Set cipher to use */
    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
        printf("Error setting the cipher list.\n");
        exit(0);
    }


    if ( ctx == NULL )
    {
        ERR_print_errors_fp(stderr);
        abort();
    }
    return ctx;
}

server:

SSL_CTX* InitServerCTX(void)
{   const SSL_METHOD *method;
    SSL_CTX *ctx;

    OpenSSL_add_all_algorithms();  /* load & register all cryptos, etc. */
    SSL_load_error_strings();   /* load all error messages */
    method = SSLv23_server_method();  /* create new server-method
instance */
    ctx = SSL_CTX_new(method);   /* create new context from method */
   
    /* Set cipher to use */
    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
        printf("Error setting the cipher list.\n");
        exit(0);
    }

    if ( ctx == NULL )
    {
        ERR_print_errors_fp(stderr);
        abort();
    }
    return ctx;
}

Thank you,
Rob



More information about the openssl-users mailing list