Is there a known bug with ECDH_RSA key exchange cipher suites in
0.9.8r? For instance, using cipher suite ECDH-RSA-AES128-SHA in 0.9.8r
does not work. But it does work in 1.0.0d. This is tested using the
following command:
ssltest -tls1 -cert servercert.pem -key serverkey.pem -cipher
ECDH-RSA-AES128-SHA
The certificate is an ECC cert signed by an RSA root. Here's the output
from the cert:
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
a5:30:9a:82:45:80:65:61
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
Validity
Not Before: Aug 10 18:57:37 2011 GMT
Not After : Sep 9 18:57:37 2011 GMT
Subject: C=AU, ST=Some-State, L=ok, O=dd, OU=ee, CN=ff
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
EC Public Key:
pub:
04:a5:79:81:29:ba:0f:49:32:f2:e6:11:47:db:7b:
25:ed:4a:3f:b2:96:ad:93:a4:5a:3f:35:f4:c9:85:
f1:f3:eb:15:86:c8:01:b7:c0:11:92:5a:48:63:73:
1a:2a:30:e3
ASN1 OID: prime192v1
Signature Algorithm: sha1WithRSAEncryption
21:b2:20:f1:c6:c8:e5:e6:8e:66:ec:a3:3c:ac:25:eb:61:6f:
cd:7c:e7:e8:c1:c5:1a:7c:26:9b:2e:2d:22:f4:30:bc:97:23:
55:2a:eb:c6:d8:ee:14:36:55:55:24:19:32:17:10:13:e5:3a:
aa:1d:94:c6:37:80:e4:25:79:87:bb:ec:11:a4:8c:79:db:7f:
70:a9:e2:2b:38:38:c8:fa:36:b1:8f:06:fe:d0:ba:b4:05:82:
f4:c5:87:e7:ca:5a:a5:49:6c:2b:9b:8e:87:f8:c2:7e:d3:b0:
58:db:3c:f6:ff:06:04:f7:26:27:0f:18:86:af:cc:91:f7:f0:
f9:ff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
