[jaenicke - Wed Dec 11 09:15:59 2002]: > It's there, you just didn't note: > ljaenicke@lutz:~/newsoft/openssl-0.9.7-beta4/ssl$ grep > RSA_WITH_AES_128 * > s3_lib.c: TLS1_TXT_RSA_WITH_AES_128_SHA, > s3_lib.c: TLS1_CK_RSA_WITH_AES_128_SHA, > s3_lib.c: TLS1_TXT_DH_RSA_WITH_AES_128_SHA, > s3_lib.c: TLS1_CK_DH_RSA_WITH_AES_128_SHA, > s3_lib.c: TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, > s3_lib.c: TLS1_CK_DHE_RSA_WITH_AES_128_SHA, > tls1.h:#define TLS1_CK_RSA_WITH_AES_128_SHA > 0x0300002F > tls1.h:#define TLS1_CK_DH_RSA_WITH_AES_128_SHA > 0x03000031 > tls1.h:#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033 > tls1.h:#define TLS1_TXT_RSA_WITH_AES_128_SHA > "AES128-SHA" > tls1.h:#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA- > AES128-SHA" > tls1.h:#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE- > RSA-AES128-SHA" > > So the textual representation is "AES128-SHA", which does not state > the RSA > authentication. > > Which brings up the next question: is there any reason for this > inconsistency?
Not really, except the inconsistency exists in other parts as well: ssl3.h: [...] #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" #define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" #define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" #define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" #define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" #define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" #define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" #define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" [...] I believe we can trace that back to ssl2.h, and remember that in SSL v2, there was only RSA for authentication... Is this enough to resolve the ticket, or at least give it the milestone 0.9.8? -- Richard Levitte ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
