Hi, Using OpenSSL 1.0.1h 5 Jun 2014, a DTLS client can't negotiate ECC-based ciphersuites with a compliant DTLS server since it fails to send the relevant extensions mandated by RFC 4492.
% openssl s_client -dtls1 -debug CONNECTED(00000003) write to 0x1761c50 [0x176c160] (166 bytes => 166 (0xA6)) 0000 - 16 fe ff 00 00 00 00 00-00 00 00 00 99 01 00 00 ................ 0010 - 8d 00 00 00 00 00 00 00-8d fe ff 90 9f f3 19 de ................ 0020 - aa e2 15 b6 aa 45 13 0f-d3 ad e0 a5 46 a2 5f c8 .....E......F._. 0030 - f0 d4 9e 87 35 aa e1 e2-01 31 3d 00 00 00 5a c0 ....5....1=...Z. 0040 - 14 c0 0a c0 22 c0 21 00-39 00 38 00 88 00 87 c0 ....".!.9.8..... 0050 - 0f c0 05 00 35 00 84 c0-12 c0 08 c0 1c c0 1b 00 ....5........... 0060 - 16 00 13 c0 0d c0 03 00-0a c0 13 c0 09 c0 1f c0 ................ 0070 - 1e 00 33 00 32 00 9a 00-99 00 45 00 44 c0 0e c0 ..3.2.....E.D... 0080 - 04 00 2f 00 96 00 41 00-07 00 15 00 12 00 09 00 ../...A......... 0090 - 14 00 11 00 08 00 06 00-ff 01 00 00 09 00 23 00 ..............#. 00a0 - 00 00 0f 00 01 01 ...... read from 0x1761c50 [0x1767c03] (17741 bytes => 15 (0xF)) The "Supported Elliptic Curves" and "Supported Point Formats" required are not sent though ciphersuites based on ECC are offered, including for example ECDHE-ECDSA-AES256-SHA (0xc00a, bytes 0x41-0x42 above). In the above dump, TLS extensions start at offset 0x9b and include only Session Ticket (0x0023) and Heartbeet (0x000f) but not the ECC extension (0x000a and 0x000b). The problem remains if an ECC ciphersuite is forced. Everything works fine if -dtls1_1 is used instead of -dtls1. Server-side, there is a similar issue with "Supported Point Formats" not being sent (as it is with -tls1) but its impact is much less serious, as in this case the client just picks the uncompressed format which is the default and is mandatory to implement. Best regards, Manuel. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
