[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl] SSL_RSA_WITH_NULL_MD5 iSaSiLk v3.0 beta2



I got it,
the NULL cipher suites weren't in the CipherSuiteList(L_DEFAULT).
As well as the update of the cipher suites in the server context eliminates
them, if the temp RSA key is not set.

Thanks,
Stephan Rein

> -----Original Message-----
> From: Andreas Sterbenz [mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at]
> Sent: Friday, October 15, 1999 14:03
> To: Stephan Rein; iaik-ssl@iaik.tu-graz.ac.at
> Subject: Re: [iaik-ssl] SSL_RSA_WITH_NULL_MD5 iSaSiLk v3.0 beta2
> 
> 
> I do not have any problems with that, see the debug trace below.
> 
> If the server prints an empty list of client supported cipher 
> suites,the
> client does not seem to have sent any. You should check if there is a
> problem in your client context setup code.
> 
> Regards,
> 
>  Andreas Sterbenz              
> mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at
> 
> 
> listening on port 4433...
> ssl_debug(1): Starting handshake...
> ssl_debug(1): Received v3 client_hello handshake message.
> ssl_debug(1): Client requested SSL version 3.1, selecting version 3.1.
> ssl_debug(1): Creating new session...
> ssl_debug(1): CipherSuites supported by the client:
> ssl_debug(1): SSL_RSA_WITH_NULL_MD5
> ssl_debug(1): SSL_RSA_WITH_NULL_SHA
> ssl_debug(1): CompressionMethods supported by the client:
> ssl_debug(1): NULL
> ssl_debug(1): Sending server_hello handshake message.
> ssl_debug(1): Selecting CipherSuite: SSL_RSA_WITH_NULL_MD5
> ssl_debug(1): Selecting CompressionMethod: NULL
> ssl_debug(1): Sending certificate handshake message with server
> certificate...
> [...]
> 
> -----Ursprüngliche Nachricht-----
> Von: Stephan Rein <stephan.rein@ixos.de>
> An: 'Andreas Sterbenz' <Andreas.Sterbenz@iaik.tu-graz.ac.at>;
> <iaik-ssl@iaik.tu-graz.ac.at>
> Gesendet: Mittwoch, 13. Oktober 1999 16:35
> Betreff: RE: [iaik-ssl] SSL_RSA_WITH_NULL_MD5 iSaSiLk v3.0 beta2
> 
> 
> Sorry, there was a mistake from copy and paste:
> the cipher suites I have problems with are SSL_RSA_WITH_NULL_MD5 and
> SSL_RSA_WITH_NULL_SHA. It seems that SSL don't know this two, as the
> effect
> is the same as with a wrong written cipher siute. The cipher 
> suites with
> RC4
> and IDEA work well in the same environment.
> 
> Here is the log file of server side, if the cipher suite string is
> "SSL_RSA_WITH_NULL_MD5":
> 
> ssl_debug(1): Starting handshake...
> ssl_debug(1): Received v3 client_hello handshake message.
> ssl_debug(1): Client requested SSL version 3.0, selecting version 3.0.
> ssl_debug(1): Creating new session...
> ssl_debug(1): CipherSuites supported by the client:
> ssl_debug(1): CompressionMethods supported by the client:
> ssl_debug(1): NULL
> ssl_debug(1): Sending server_hello handshake message.
> ssl_debug(1): Sending alert: Alert Fatal: handshake failure
> ssl_debug(1): Shutting down SSL...
> ssl_debug(1): Exception while handshaking:
> iaik.security.ssl.SSLException:
> No common cipher suites.
> ssl_debug(1): Shutting down SSL...
> 
> Regards,
> Stephan Rein
> 
> > -----Original Message-----
> > From: Andreas Sterbenz [mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at]
> > Sent: Wednesday, October 13, 1999 13:32
> > To: Stephan Rein; iaik-ssl@iaik.tu-graz.ac.at
> > Subject: Re: [iaik-ssl] SSL_RSA_WITH_NULL_MD5 iSaSiLk v3.0 beta2
> >
> >
> > Both SSL_RSA_WITH_NULL_MD5 and SSL_RSA_WITH_RC4_SHA work 
> fine for me,
> > what kind of problem do you have? Note that the ciphersuite
> > of course has
> > to be enabled on both the client and the server to be useable.
> >
> > Regards,
> >
> >  Andreas Sterbenz
> > mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at
> >
> >
> >
> > -----Ursprüngliche Nachricht-----
> > Von: Stephan Rein <stephan.rein@ixos.de>
> > An: <iaik-ssl@iaik.tu-graz.ac.at>
> > Gesendet: Montag, 11. Oktober 1999 16:10
> > Betreff: [iaik-ssl] SSL_RSA_WITH_NULL_MD5 iSaSiLk v3.0 beta2
> >
> >
> > > Hi,
> > >
> > > I tried to use the cipher suite SSL_RSA_WITH_RC4_SHA but I
> > cannot set
> > it,
> > > is it not useable in iSaSiLk v3.0 beta2?
> > >
> > > Regards,
> > >
> > > Stephan Rein
> 
> 
> 
> 
> 
--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl