rsa_pss_pss_/rsa_pss_rsae_ and TLS_RSA_/TLS_ECDHE_RSA_

John Jiang <john.sha.jiang@xxxxxxxxx> · Tue, 19 Jun 2018 21:40:19 +0800

Using OpenSSL 1.1.1-pre7

Please consider the following cases and handshaking results:
1. rsa_pss_pss_256 certificate + TLS_RSA_WITH_AES_256_GCM_SHA384 cipher suite
Handshaking failed with no suitable cipher

2. rsa_pss_pss_256 certificate + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher suite
Handshaking succeeded.

3. rsa_pss_rsae_256 certificate + TLS_RSA_WITH_AES_256_GCM_SHA384 cipher suite
Handshaking succeeded.

4. rsa_pss_rsae_256 certificate + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher suite
Handshaking succeeded.

Why did case 1 fail?

Thanks!

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

rsa_pss_pss_*/rsa_pss_rsae_* and TLS_RSA_*/TLS_ECDHE_RSA_*

rsa_pss_pss_/rsa_pss_rsae_ and TLS_RSA_/TLS_ECDHE_RSA_