Topic: TLSv1.2 with #define NO_DH
Hi,
I am using wolfssl ver 3.1.3 and wolfMQTT 1.1.0 with TLSv1.2 on microchip.
Can TLS1.2 run with #define NO_DH being used?
Thanks,
Gil
You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfSSL → TLSv1.2 with #define NO_DH
Hi,
I am using wolfssl ver 3.1.3 and wolfMQTT 1.1.0 with TLSv1.2 on microchip.
Can TLS1.2 run with #define NO_DH being used?
Thanks,
Gil
Hi Gil,
Yes you can disable DH if you are using ECC or a static cipher suite.
Thanks,
David Garske, wolfSSL
Hi,
Whats is application level difference in using DH and ECC? What is the effect of disabling DH? and in which file should we do #define NO_DH?
Hi rahila_shams,
The difference between DH and ECC is the asymmetric algorithm used for securely deriving a shared secret. If DH is disabled only ECDH(E) cipher suites are available.
For setting the build option I recommend using our user_settings.h and WOLFSSL_USER_SETTINGS to define NO_DH. See our first FAQ item here: https://www.wolfssl.com/docs/frequently … r_wolfSSL?
Thanks,
David Garske, wolfSSL
wolfSSL - Embedded SSL Library → wolfSSL → TLSv1.2 with #define NO_DH
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.016 seconds (90% PHP - 10% DB) with 9 queries