How to force openssl/s_client to send a keyshare for the specific elliptic curve (secp256r1)?

LUN

6/7/24, 8:27 PM

I want to test my server application (TLS 1.3) using s_client program from the openssl library and I need to get from the s_client a keyshare in the 1st ClientHello for secp256r1 (it proposes x25519 now).
Could you tell me, which command line options in s_client should I use ?

1 + 0

Score:1

Crypto

dave_thompson_085

6/8/24, 3:26 AM

Use -curves or (synonym) -groups to specify all 'supported' groups, with the one you want offered in key_share FIRST, e.g. -curves secp256r1:secp384r1:X25519.

+ 2

LUN

6/8/24, 6:52 PM

@dave_thomson_085, thank you very much - it helped! By the way, could you tell me - is server certificate sending a mandatory step in TLS 1.3 handshaking ? Or it can be skipped ?

dave_thompson_085

6/9/24, 7:16 AM

LUN: that's a different question, and not really crypto, but yes server cert is mandatory in 1.3 except when using PSK which in practice means except for 'resumption'; see 2nd para of [rfc8446 4.4.2](https://www.rfc-editor.org/rfc/rfc8446.html#section-4.4.2)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to force openssl/s_client to send a keyshare for the specific elliptic curve (secp256r1)?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.