Diffie-Hellman Questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I've tried both:

SSL_CTX_set_cipher_list("AECDH")

and:

SSL_CTX_set_cipher_list("AECDH-AES256-SHA")

on both the client and server side, both of which result in the dreaded 
"no shared cipher" error:

error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared 
cipher:s3_srvr.c:1417:

The following works but is not what I want:

SSL_CTX_set_cipher_list("ADH")


Any suggestions on how to proceed?

Norm Green


On 5/24/16 10:45, Salz, Rich wrote:
>>   >./openssl ciphers -v 'ALL:aNULL' |grep ECDH |grep "Au=None"
>> AECDH-AES256-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(256)  Mac=SHA1
>> AECDH-AES128-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(128)  Mac=SHA1
>> AECDH-RC4-SHA           SSLv3 Kx=ECDH     Au=None Enc=RC4(128)  Mac=SHA1
>> AECDH-DES-CBC3-SHA      SSLv3 Kx=ECDH     Au=None Enc=3DES(168)
>> Mac=SHA1
>> AECDH-NULL-SHA          SSLv3 Kx=ECDH     Au=None Enc=None      Mac=SHA1
>>
>> 1) What arg to SSL_CTX_set_cipher_list() to I need to use to get these?
>> I previously tried "kEECDH:kEDH" and that didn't work.
> Use one of the names in the first column.
>   
>> 2) These ciphers all report as SSLv3.
> That is the protocol version where they were first defined.
>
>



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux