On 19/06/2018 15:40, John Jiang wrote:
Using OpenSSL 1.1.1-pre7
Please consider the following cases and handshaking results:
1. rsa_pss_pss_256 certificate + TLS_RSA_WITH_AES_256_GCM_SHA384
cipher suite
Handshaking failed with no suitable cipher
2. rsa_pss_pss_256 certificate + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
cipher suite
Handshaking succeeded.
3. rsa_pss_rsae_256 certificate + TLS_RSA_WITH_AES_256_GCM_SHA384
cipher suite
Handshaking succeeded.
4. rsa_pss_rsae_256 certificate +
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher suite
Handshaking succeeded.
Why did case 1 fail?
The TLS_RSA_ cipher suites require that the premaster secret
is encrypted with the RSA key in the servers certificate.
But an rsa_pss_pss_256 certificate (have not seen that notation
before) is probably a signing-only certificate, that says not
to encrypt anything with its RSA key.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users