| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | frank(dot)buettner(at)mdc-berlin(dot)de |
| Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #16815: Unable to use the X448 an X25519 elliptic curves. |
| Date: | 2021-01-08 20:57:39 |
| Message-ID: | 339357.1610139459@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> It looks like the curves with the upper X are known, but not correct
> initialized.
BTW, as far as that goes, I looked into the source code and found
nid = OBJ_sn2nid(SSLECDHCurve);
if (!nid)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("ECDH: unrecognized curve name: %s", SSLECDHCurve)));
return false;
}
ecdh = EC_KEY_new_by_curve_name(nid);
if (!ecdh)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("ECDH: could not create key")));
return false;
}
So it would appear that "X448" and "X25519" are known as names for
*some* sort of thing known to OpenSSL, but they aren't ECDH curves.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mihir Pandya | 2021-01-09 05:12:52 | Re: BUG #16808: Postgres Windows installer fails with unknown error and terminates |
| Previous Message | Tom Lane | 2021-01-08 20:46:07 | Re: BUG #16815: Unable to use the X448 an X25519 elliptic curves. |