Dear OpenSSL users,
OpenSSL 0.9.8a does not allow to properly select AES key length.
It selects both 128-bit and 256-bit AES no matter which one was specified:
[EMAIL PROTECTED]:~$ /usr/local/ssl/bin/openssl version
OpenSSL 0.9.8a 11 Oct 2005
[EMAIL PROTECTED]:~$ /usr/local/ssl/bin/openssl ciphers -v AES256-SHA
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
The old OpenSSL version works fine:
[EMAIL PROTECTED]:~$ /usr/bin/openssl version
OpenSSL 0.9.7e 25 Oct 2004
[EMAIL PROTECTED]:~$ /usr/bin/openssl ciphers -v AES256-SHA
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
Here is another example of the same problem:
[EMAIL PROTECTED]:~$ /usr/local/ssl/bin/openssl s_client -cipher AES128-SHA
CONNECTED(00000003)
[cut]
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
[cut]
Is there any known solution? Can you help?
Best regards,
Mike
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
