I set : cont.set_cipher_list('ECDHE-ECDSA-AES128-GCM-SHA256')
but i see the following error in the logs :
connected ('**.**.**.**', 443)
Traceback (most recent call last):
File "test_ex.py", line 83, in <module>
main()
File "test_ex.py", line 65, in main
cont, initial_session, ssl_conn, tcp_conn = create_ssl_connection()
File "test_ex.py", line 33, in create_ssl_connection
client_ssl.do_handshake()
File "build/bdist.linux-x86_64/egg/OpenSSL/SSL.py", line 1638, in
do_handshake
File "build/bdist.linux-x86_64/egg/OpenSSL/SSL.py", line 1378, in
_raise_ssl_error
File "build/bdist.linux-x86_64/egg/OpenSSL/_util.py", line 54, in
exception_from_error_queue
OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert
handshake failure')]
However when i see in the wireshark i do the following ciphers set in the
set client hello:
TLS_EMPTY_RENEGOTIATION_INFO_SCS and
'ECDHE-ECDSA-AES128-GCM-SHA256.
Im using TLS 1.2 not sure why its complaining about ssv3 protocol and using
and the TLS_EMPTY_RENEGOTIATION_INFO_SCS.
I'd appreciate if someone could help out on it.
Thanks,
Karan.
On Mon, Jul 3, 2017 at 6:18 AM, Karan karan <karan7...@gmail.com> wrote:
> Hi,
>
> I'm trying to set a specific cipher in the ('ECDHE-ECDSA-AES128-GCM-SHA256')
> the cipher list using the API: set_cipher_list but im getting the following
> error :
>
> kjoshi@ubuntu64dev:~/openssl_playground$ python test_ex.py
> -----------------------------------
> connected ('192.168.152.132', 443)
> Traceback (most recent call last):
> File "test_ex.py", line 83, in <module>
> main()
> File "test_ex.py", line 65, in main
> cont, initial_session, ssl_conn, tcp_conn = create_ssl_connection()
> File "test_ex.py", line 25, in create_ssl_connection
> cont.set_cipher_list('ECDHE+ECDSA+AES128+GCM+SHA256')
> File "build/bdist.linux-x86_64/egg/OpenSSL/SSL.py", line 975, in
> set_cipher_list
> File "build/bdist.linux-x86_64/egg/OpenSSL/_util.py", line 67, in
> openssl_assert
> File "build/bdist.linux-x86_64/egg/OpenSSL/_util.py", line 54, in
> exception_from_error_queue
> OpenSSL.SSL.Error: [('SSL routines', 'SSL_CTX_set_cipher_list', 'no cipher
> match')]
>
>
> Below is the code that i have:
>
> cont = Context(TLSv1_2_METHOD)
> #cont.set_cipher_list('0xc00e')
> #cont.set_cipher_list('ECDHE+ECDSA+AESGCM+SHA256')
> #cont.set_cipher_list('ECDHE-ECDSA-AES128-GCM-SHA256')
> cont.set_cipher_list('ECDHE+ECDSA+AES128+GCM+SHA256')
> client_ssl = Connection(cont, client)
> client_ssl.set_connect_state()
> client_ssl.do_handshake()
> session_ref = client_ssl.get_session()
>
>
> As seen above i tried numerous combination of word separators (_,-,+) but
> nothing seemed to have helped.
>
> I would appreciate if someone could please let me know on the usage of
> this.I'm sure there must be a way of sending a specific cipher.
> I'm performing a test on my local apache server.
>
> Thanks,
> Karan.
>
>
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev@python.org
https://mail.python.org/mailman/listinfo/cryptography-dev
