As usual, ECDSA/ECDHE is nightmare. Need to use at least the ECDSA curve

new-scoring
aeris 2017-11-11 19:32:51 +01:00
parent f37e6fd2f1
commit d4850e4a26
1 changed files with 2 additions and 1 deletions

View File

@ -149,10 +149,11 @@ module CryptCheck
@supported_ciphers.each do |method, ciphers|
ecdsa = ciphers.keys.detect &:ecdsa?
next unless ecdsa
ecdsa_curve = Curve.new ciphers[ecdsa].tmp_key.curve
@ecdsa_certs = Curve.collect do |curve|
begin
connection = ssl_client method, ecdsa, curves: curve
connection = ssl_client method, ecdsa, curves: [curve, ecdsa_curve]
[curve, connection]
rescue TLSException
nil