OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Does iOS app support any ciphers w/Elliptic Curve?

https://forums.openvpn.net/viewtopic.php?t=22993

Page 1 of 1

Does iOS app support any ciphers w/Elliptic Curve?

Posted: Tue Dec 13, 2016 1:53 am
by locusofself
I have a requirement to set up an OpenVPN server that serves iOS clients, with the highest level or crypto possible regardless of performance.

Looks like Elliptic Curve stuff was merged into the 2.4 branch of the OpenVPN *community* software if I am not mistaken,

What about the iOS OpenVPN app - if no EC/ECDHE - what is the strongest cipher the iOS app support?

Thanks !

Re: Does iOS app support any ciphers w/Elliptic Curve?

Posted: Mon Dec 11, 2017 5:08 pm
by markhorrocks
I have the same question. I'm getting the following error when I try to use ecdh-curve secp521r1.

Mon Dec 11 08:58:25 2017 us=127229 110.54.131.60:43279 OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
Mon Dec 11 08:58:25 2017 us=127240 110.54.131.60:43279 TLS_ERROR: BIO read tls_read_plaintext error
Mon Dec 11 08:58:25 2017 us=127248 110.54.131.60:43279 TLS Error: TLS object -> incoming plaintext read error
Mon Dec 11 08:58:25 2017 us=127256 110.54.131.60:43279 TLS Error: TLS handshake failed

Re: Does iOS app support any ciphers w/Elliptic Curve?

Posted: Tue Dec 12, 2017 8:07 pm
by ordex
soon a new release for iOS will be released. It will ship mbedTLS 2.6.0 and therefore will support several new ciphers, including EC*
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/