On Tue, Mar 4, 2014 at 11:51 AM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Tue, Mar 04, 2014 at 05:46:45PM +0100, Dr. Stephen Henson wrote: > >> > NistCurveToNidByBits(256) returns NID_X9_62_prime256v1. I also tried >> > returning NID_secp256k1 with the same result. >> > >> > I'm setting up Wireshark now on another machine to get the trace. >> > >> >> Can you check to see if ECDH_callback is being called at all? I suspect it >> isn't. > > Perhaps the server's EC private key is not being set correctly, so it > can't use the certificate. Is there a way to test this?
> Also the callback does not appear to be caching the ECDHE key, > possibly leaking a key for every handshake (if it were ever called). OK, I have not gotten that far. Thanks for the heads up. Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
