Hello,
We use openSSL in OFTP2 implementation. The OFTP2 working group decided
to strongly recommend to use preferably the cipher suites including PFS
(ephemeral Diffie Hellman).
So in our iplementation (linked against openssl 1.0.1g) I limited the
list of offered ciphers (client) and prefered ciphers (server) to :
"DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:"
using SSL_CTX_set_cipher_list.
On this "restricted" binary it looks fine : only these ciphers are
presented in the client hello:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
But on the legacy software side (linked against openSSL V0.9.8c), the
server rejects the connection with the "No shared cipher" error.
On this site, the command "openssl ciphers" says that DHE-RSA-AES128-SHA
and EDH-RSA-DES-CBC3-SHA are supported(among others).
So 2 ciphersuites are shared...
BTW: In this version of the software, the default list is in use
(SSL_CTX_set_cipher_list is not called).
It is the same when I reverse the roles : the legacy binary becomes the
client.In that case, wireshark shows TLS_DHE_RSA_WITH_AES_256_CBC_SHA
and TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHAin the offered list of cipher
suites (among others).
But the "restricted" binary rejects the connection with the same error.
On this side, the same list of ciphers (listed above) are specified
before accepting the connection (server)than before calling out (client).
So I'm lost !
Thank you in advance for help.
--
Francis
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
