RE: [EXTERNAL] RE: Can OpenSSL handle multiple authentication mechanisms on the same SSL context?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for the reply Michel! Looks like both SRP and PSK could co-exist on the same context.

 

I also just got this to work. The only quirk that made this work is that I had to set the maximum version of the TLS version to 1.2 from the client side via SSL_CTX_set_max_proto_version. This was a peculiar thing as if the binaries you’re using has TLS 1.3 support( I’m on 1.1.1k and knowing SRP doesn’t work anymore in 1.3) this might have messed something along the way.

 

Raffy

 

From: Michel <michel.sales@xxxxxxxxx>
Sent: Sunday, June 27, 2021 6:20 AM
To: openssl-users@xxxxxxxxxxx
Cc: Revestual, Raffy [AUTOSOL/PSS/MNL] <Raffy.Revestual@xxxxxxxxxxx>
Subject: [EXTERNAL] RE: Can OpenSSL handle multiple authentication mechanisms on the same SSL context?

 

> We are trying to support a server that would support PSK and SRP authentication mechanisms.
[…]
> Would multiple callbacks for different mechanisms work simultaneously on the same SSL context?

My quick answer is Yes.

In a recent past I did some [multi-threaded] servers using both SRP and PSK on the same context and I don’t recall having encountered any problem.

I believe it was OpenSSL  1.1.1f using TLS 1.2 under Windows 32bits.

 

Hope it helps,

 

Michel.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux