On 14/02/18 19:39, Hubert Kario wrote: > How to start current master branch OpenSSL so that it will support static PSK > key exchange in TLS1.3? > > with client running as: > openssl s_client -psk > aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa > > I've tried: > openssl s_server -psk > aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -nocert > > that produces > 139823110240000:error:14201076:SSL routines:tls_choose_sigalg:no suitable > signature algorithm:ssl/t1_lib.c:2433: > and a handshake_failure alert sent to client > > and I've also tried > openssl s_server -psk > aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -cert > cert.pem -key key.pem > (where cert and key pem are just self signed RSA cert and key) For a PSK to be used in needs to be the correct length for the selected ciphersuite. The ciphersuite is selected *first*. Next the available PSKs are checked to see if they are usable with that ciphersuite. By default s_client talking to s_server will select TLS13-AES-256-GCM-SHA384. Because this is based on SHA384 we need a key which is 48 bytes long (96 hex digits). Your key is 32 bytes long (64 hex digits) so the PSK is ignored. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
