How to start current master branch OpenSSL so that it will support static PSK 
key exchange in TLS1.3?

with client running as:
openssl s_client -psk 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

I've tried:
openssl s_server -psk 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -nocert

that produces
139823110240000:error:14201076:SSL routines:tls_choose_sigalg:no suitable 
signature algorithm:ssl/t1_lib.c:2433:
and a handshake_failure alert sent to client

and I've also tried
openssl s_server -psk 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -cert 
cert.pem -key key.pem
(where cert and key pem are just self signed RSA cert and key)

that establishes a TLS1.3 connection, but the ServerHello does not include 
pre_shared_key extension, just 43 (selected version) and 51 (key share), so 
the PSK mode was not used

connecting with s_client -tls1_2 a PSK cipher is selected (DHE-PSK-AES256-GCM-
SHA384) and in TLS1.3 I see both the pre_shared_key extension and the 
psk_key_exchange_modes extension in client hello, so I'm really confused why 
it doesn't work.

-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky┼łova 115, 612 00  Brno, Czech Republic

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to