pyopenssl icon indicating copy to clipboard operation
pyopenssl copied to clipboard

Published 20 hours ago verified publisher icon pyca

sect163k1 is not appearing in the ClientHello message

Open hamma96 opened this issue 1 year ago • 0 comments

While attempting to set the elliptic curve to sect163k1, I noticed that the "supported groups" extension was not included in the ClientHello message. However, when I set the curve to sect409r1, the extension was correctly included and sent in the ClientHello message.

`

Specify the curve

curve_name = 'sect163k1' curve = crypto.get_elliptic_curve(curve_name)

Configure the context to use the specified curve

context.set_cipher_list(b'ECDHE-RSA-AES256-GCM-SHA384') context.set_tmp_ecdh(curve) ` Expected Behavior:

The "supported groups" extension should be included in the ClientHello message for all supported curves, including sect163k1.

Questions:

Why is the "supported groups" extension not included for sect163k1? Is there a way to ensure that this extension is added for all curves? Are there any known limitations or additional configurations required for specific curves in pyOpenSSL? Any guidance or suggestions would be greatly appreciated!

hamma96 avatar Jul 24 '24 09:07 hamma96