Legacy X25519 PKEY fails in SSL handshake for parameter "group" #533
Comments
|
I plan to include the patch in 8.4-stable before 8.4.0 is released. |
|
Check this: #534 |
|
Thanks for the update. With 8.4-stable branch tls1.2 ciphers are working. But tls1.3 ciphers are failing. Client command: Error message: File name: crypto/evp/ctrl_params_translate.c |
|
Looks good to me. Addressed via #563 By the way, I suggest you open a pull request directly next time instead of publishing a patch here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Babassl branch:8.4-stable
Server command:./openssl s_server -engine qatengine -key server-rsa3k.key.pem -cert server-rsa3k.cert.pem -accept 443 -www -nbio -tls1_2
Client command:./openssl s_time -connect 127.0.0.1:443 -new -cipher ECDHE-RSA-AES256-GCM-SHA384 -www 50x.html -time 5.
When we run s_server for our engine code , we get:
4083F8C9467F0000:error:03000093:digital envelope routines:default_check:command not supported:crypto/evp/ctrl_params_translate.c:329:
There is a openssl ticket for similar issue.
openssl/openssl#19313
We need similar kind of fix in babassl to avoid this issue. Please let us know the timeline when this fix will be added in babassl.
The text was updated successfully, but these errors were encountered: