On Tue, Mar 04, 2014 at 06:35:13AM -0500, Jeffrey Walton wrote:
> I've got a server that can't negotiate a cipher suite with a client
> when using ECDSA certificates. When using ECDSA, the server reports
> 0x1408a0c1 (no shared cipher).
Did you configure an EECDH (aka ECDHE) curve? With OpenSSL 1.0.[01],
the more common ECDSA cipher-suites use kEECDH key agreement.
> When testing under RSA, the ECDH callback is successfully inovked.
> When testing under ECDSA, the ECDH callback is never invoked.
What is in the (non-extended) keyUsage extension of the certificate?
IIRC with EC, if the keyUsage extension is present, the certificate
needs to be marked usable for keyAgreement. From ssl/ssl_lib.c:
ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
(x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
and right below that:
ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
(x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
so you need at least both of digitalSignature and keyAgreement:
https://www.openssl.org/docs/apps/x509v3_config.html#Key_Usage_
or don't include the extension at all.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
