> From: owner-openssl-us...@openssl.org On Behalf Of Michael D > Sent: Wednesday, 30 September, 2009 13:12 (superseding previous, I assume)
> Ok, I reran my tests again...This time I added the > -named_curve parameter...and do indeed get 50 byte key for > the prime192v1 curve. > > However, if I run the server with my certificate and key, the > client crashes processing the certificate. > s_client or something else? can you narrow it down? > One more question. If the public key is in the certificate, > why does the server send a server key exchange? > ECDHE = Elliptic Curve Diffie-Hellman EPHEMERAL Like DHE = Diffie-Hellman Ephemeral, both parties choose per-session(handshake) DH keypairs X,Y. Server sends Ys in ServerKeyExchange, client sends Yc in ClientKeyExchange. The only difference is DHE uses Z_p, ECDHE uses elliptic. The key in the cert is used only for authentication (signing). Static aka fixed ECDH (or DH) does use the certified key as the server part of keyagreement. Client similarly if client auth i.e. cert is used, which it usually isn't; but even though that gives a fixed (EC)DH result, SSL still makes the sessionkeys unique by adding per-session/handshake nonces. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
