On 20/0315 15:51, Matt Caswell wrote: >On 20/03/15 12:44, Linsell, StevenX wrote: >> On Thu, Mar 19, 2015, Steve Linsell wrote: >> > >> Following further testing I see identical failures in the master branch >> using the \ >> following cipher/protocol combinations: >> ECDH-ECDSA-AES128-SHA ssl3 >> ECDH-ECDSA-AES256-SHA ssl3 >> ECDH-ECDSA-DES-CBC3-SHA ssl3 >> ECDH-ECDSA-RC4-SHA ssl3 >> ECDH-RSA-AES128-SHA ssl3 >> ECDH-RSA-AES256-SHA ssl3 >> ECDH-RSA-DES-CBC3-SHA ssl3 >> ECDH-RSA-RC4-SHA ssl3 >> ECDHE-ECDSA-AES128-SHA ssl3 >> ECDHE-ECDSA-AES256-SHA ssl3 >> ECDHE-ECDSA-DES-CBC3-SHA ssl3 >> ECDHE-ECDSA-RC4-SHA ssl3 >>
>Hi Steve > >Looks like a bug. Try the attached patch. Let me know how you get on. > >Thanks > >Matt Thanks Matt that worked great. I've retested all the above cipher/protocol combinations and all now pass with the fix in place. Just to close out my understanding. Within the tls1_check_ec_key function: The first iteration round the loop is checking that the curve within the certificate matches one of the curves in the list of curves that this build of OpenSSL supports. The second iteration round the loop is checking the curve within the certificate matches one of the curves in the list of curves sent from the peer via TLS extensions. In the case of the cipher/protocol combinations above we are using ssl3 which does not support TLS extensions so the second list will always be empty. As Viktor states RFC 4492 says if the client sends no TLS extension containing the curves supported then the server can choose any supported curve. So your fix is to continue when we reach the second iteration if there are no curves in the second list rather than flag an error. Thanks again, Steve Linsell Intel Shannon DCG/CID Software Development Team stevenx.lins...@intel.com -------------------------------------------------------------- Intel Shannon Limited Registered in Ireland Registered Office: Collinstown Industrial Park, Leixlip, County Kildare Registered Number: 308263 Business address: Dromore House, East Park, Shannon, Co. Clare This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
