On 20.02.2014 04:06, Dr Stephen Henson wrote: > On 19/02/2014 17:30, Falco Schwarz wrote: >> The ECC certificate should in any way be skipped and not taken into account >> when setting DH params. >> > > I think that's a consequence of how SSL_get_certificate works. You get the > current certificate which is not necessarily the one the server actually uses.
When adapting the code in ssl_engine_kernel:ssl_callback_TmpDH(), I was indeed making the assumption that the latter is true. Seems like that was too implicit, as I realize that the exact behavior of SSL_get_privatekey isn't documented. > No ciphersuites exist using ephemeral DH and ECDSA. Which means that adjusting the DH parameters in ssl_callback_TmpDH() is harmless, currently (though it should be avoided, I agree). > We should probably have a way to set the current certificate in OpenSSL to the > one the server used. Could ssl_lib.c:ssl_get_server_send_pkey be adapted to ensure this? Kaspar
