Browse Source

As usual, ECDSA/ECDHE is nightmare. Need to use at least the ECDSA curve

aeris 1 year ago
parent
commit
d4850e4a26
1 changed files with 2 additions and 1 deletions
  1. 2
    1
      lib/cryptcheck/tls/engine.rb

+ 2
- 1
lib/cryptcheck/tls/engine.rb View File

@@ -149,10 +149,11 @@ module CryptCheck
149 149
 				@supported_ciphers.each do |method, ciphers|
150 150
 					ecdsa = ciphers.keys.detect &:ecdsa?
151 151
 					next unless ecdsa
152
+					ecdsa_curve = Curve.new ciphers[ecdsa].tmp_key.curve
152 153
 
153 154
 					@ecdsa_certs = Curve.collect do |curve|
154 155
 						begin
155
-							connection = ssl_client method, ecdsa, curves: curve
156
+							connection = ssl_client method, ecdsa, curves: [curve, ecdsa_curve]
156 157
 							[curve, connection]
157 158
 						rescue TLSException
158 159
 							nil

Loading…
Cancel
Save