Difficulty in understanding TLS1.3 APIs in OpenSSL 1.1.1
hkario at redhat.com
Mon May 27 12:53:42 UTC 2019
On Monday, 27 May 2019 12:11:44 CEST Matt Caswell wrote:
> On 27/05/2019 10:26, Raja Ashok wrote:
> > *2) Configuring supported groups and temp ECDHE:* Configuring temp ECDHE
> > using /SSL_set_tmp_ECDH()/ configures the corresponding curve ID as
> > supported groups. So calling first /SSL_set1_groups()/ and then
> > calling/SSL_set_tmp_ECDH()/ resets the configured groups using
> > /SSL_set1_groups()/.
> SSL_set_tmp_ECDH() is the old way of doing things (we should probably
> deprecate this). You shouldn't need to call this at all. Just use
filed https://github.com/openssl/openssl/issues/9014 to track this
probably "good first issue"?
Senior Quality Engineer, QE BaseOS Security team
Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the openssl-users