During SSL handshake, error coming as "tpm2::cannot sign: 722 tpm:parameter(2):unsupported or incompatible scheme"

[ssonnagi]

I am using
openssl 3.0.2
TPM2-OPENSSL
ibmtpm -1682
tpm2-abrmd

i have also posted same question in tpm2-tss, as i don't know where to put it exactly, as error belongs to tpm2-tss.

i am trying integrate tpm2 with librdkafka, trying to use tpm2 generated private keys and certificate for mTLS of kafka on the client side.
steps i followed :

1. tpm2_createek -G rsa -c ek_rsa.ctx
2. tpm2_createak -C ek_rsa.ctx -G rsa -g sha256 -s rsassa -c ak_rsa.ctx
3. tpm2_evictcontrol -c ak_rsa.ctx | cut -d ' ' -f 2 | head -n 1

• 0x81000001

4. openssl req -provider tpm2 -new -config requestCert.conf -key handle:0x81000001 -out clientKafka.csr
5. openssl x509 -req -days 365 -in clientKafka.csr -CA rootCA.pem -CAkey rootCA.key -CAserial rootCA.srl -out clientKafka.pem
6. tpm2_nvdefine -C o -s 1196 -a "authwrite|ownerwrite|authread|ownerread|no_da" 2
7. tpm2_nvwrite -C o -i /home/tss/certTest/clientKafka.pem 2
8. tpm2_getcap handles-nv-index

• 0x1000002

brief code of SSLHandShake.cpp

int main()
{
    OSSL_LIB_CTX *tpm2_libctx = NULL;
    tpm2_libctx = OSSL_LIB_CTX_new();

    OSSL_PROVIDER *prov = NULL;
    prov = OSSL_PROVIDER_load(tpm2_libctx, "tpm2");
    prov = OSSL_PROVIDER_load(tpm2_libctx, "default");
	
   X509 *TPMCert = NULL;
   EVP_PKEY *TPMpkey = NULL;
	
   OSSL_STORE_CTX *storeCtx = NULL;
   storeCtx = OSSL_STORE_open_ex("handle:0x81000001", tpm2_libctx,"?provider=tpm2","handle", NULL, NULL,NULL, NULL);
   while (!OSSL_STORE_eof(storeCtx)) {
	OSSL_STORE_INFO *info = OSSL_STORE_load(storeCtx);
	switch (OSSL_STORE_INFO_get_type(info)) {
	case OSSL_STORE_INFO_PKEY:
		 TPMpkey = OSSL_STORE_INFO_get1_PKEY(info);
		break;
	}
    }
    OSSL_STORE_close(storeCtx);
		
    storeCtx = OSSL_STORE_open_ex("handle:0x1000002", tpm2_libctx,"?provider=tpm2","handle", NULL, NULL,NULL, NULL);
    while (!OSSL_STORE_eof(storeCtx)) {
        OSSL_STORE_INFO *info = OSSL_STORE_load(storeCtx);
        switch (OSSL_STORE_INFO_get_type(info)) {
            case OSSL_STORE_INFO_CERT:
            {
                TPMCert = OSSL_STORE_INFO_get1_CERT(info);
                break;
            }
        }
    }
    OSSL_STORE_close(storeCtx);
	
	SSL_CTX *ctx = NULL;
	ctx = SSL_CTX_new_ex(tpm2_libctx, NULL, TLS_client_method());
	
	r = int SSL_CTX_load_verify_file(ctx, "rootCA.pem");
	
	r = SSL_CTX_use_certificate(ctx, TPMCert);
	
	r = SSL_CTX_use_PrivateKey(ctx, TPMpkey);
	
	r = SSL_CTX_check_private_key(ctx);
	
	r = SSL_do_handshake(trans_ssl);
}

While running the above compiled code, gets the error "tpm2::cannot sign: 722 tpm:parameter(2):unsupported or incompatible scheme"

Am i following correct steps? is anything wrong? please help me to overcome this error.

[ssonnagi]

when ever the error comes, i see this error on tpm-abrmd
** (tpm2-abrmd:1343509): DEBUG: 22:09:32.565: tpm2_context_save: handle 0x80000000
** (tpm2-abrmd:1343509): DEBUG: 22:09:32.566: 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00
** (tpm2-abrmd:1343509): DEBUG: 22:09:32.566: 01 00 00
** (tpm2-abrmd:1343509): DEBUG: 22:09:32.566: write_all: writing 19 bytes to ostream
** (tpm2-abrmd:1343509): WARNING **: 22:09:32.566: write_all: failed to write to ostream: Error sending data: Broken pipe
** (tpm2-abrmd:1343509): DEBUG: 22:09:32.566: tpm2_response_finalize

and here is the bt of it
#0 0x00007ffff74c1d7f in __GI___poll (fds=0x7fffefffa150, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007ffff683337d in tcti_tabrmd_poll () at /lib/libtss2-tcti-tabrmd.so.0
#2 0x00007ffff68334df in tcti_tabrmd_read () at /lib/libtss2-tcti-tabrmd.so.0
#3 0x00007ffff683382e in tss2_tcti_tabrmd_receive () at /lib/libtss2-tcti-tabrmd.so.0
#4 0x00007ffff68b42a7 in Tss2_Sys_ExecuteFinish () at /lib/x86_64-linux-gnu/libtss2-sys.so.1
#5 0x00007ffff693089f in Esys_SequenceUpdate_Finish () at /lib/x86_64-linux-gnu/libtss2-esys.so.0
#6 0x00007ffff6930c6a in Esys_SequenceUpdate () at /lib/x86_64-linux-gnu/libtss2-esys.so.0
#7 0x00007ffff698815e in tpm2_hash_sequence_update (seq=0x7fffe401afd0, data=0x7fffe40132b0 "\003U\035#\004\030\060\026\200\024\037_X\241\235\025\062~\271\374\317#\247!}$\313.kC0\017\006\003U\035\023\001\001\377\004\005\060\003\001\001\377\060\r\006\t*\206H\206\367\r\001\001\v\005", datalen=2736) at src/tpm2-provider-digest.c:97
#8 0x00007ffff6988438 in tpm2_hash_sequence_hash (seq=0x7fffe401afd0, data=0x7fffe4012ab0 "\001", datalen=4784, digest=0x7fffefffa390, validation=0x7fffefffa398) at src/tpm2-provider-digest.c:159
#9 0x00007ffff698a2ce in tpm2_signature_digest_sign (ctx=0x7fffe401afd0, sig=0x7fffe4000b70 "\360\062\374\033\370\177", siglen=0x7fffefffa440, sigsize=256, data=0x7fffe4012ab0 "\001", datalen=4784) at src/tpm2-provider-signature.c:491
#10 0x00007ffff7c01d04 in EVP_DigestSign (ctx=0x7fffe4032ac0, sigret=0x7fffe4000b70 "\360\062\374\033\370\177", siglen=0x7fffefffa440, tbs=0x7fffe4012ab0 "\001", tbslen=4784) at crypto/evp/m_sigver.c:577
#11 0x00007ffff7f67063 in tls_construct_cert_verify (s=0x7fffe4003580, pkt=0x7fffefffa590) at ssl/statem/statem_lib.c:360
#12 0x00007ffff7f57869 in write_state_machine (s=0x7fffe4003580) at ssl/statem/statem.c:852
#13 0x00007ffff7f56aa4 in state_machine (s=0x7fffe4003580, server=0) at ssl/statem/statem.c:451
#14 0x00007ffff7f564c8 in ossl_statem_connect (s=0x7fffe4003580) at ssl/statem/statem.c:265
#15 0x00007ffff7f16520 in SSL_do_handshake (s=0x7fffe4003580) at ssl/ssl_lib.c:3921

[gotthardp]

I would be interested to know what digest is being requested. Please build the tpm2 provider with --enable-debug. When running your code you should see a logs with messages like SIGN SIGN_INIT rsa. Please post this log here.

Also, as described in https://github.com/tpm2-software/tpm2-openssl/blob/master/docs/certificates.md#tls-handshake you may need to use SSL_CTX_set1_sigalgs to limit the SSL algorithms to those supported by the key.

[ssonnagi]

I would be interested to know what digest is being requested. Please build the tpm2 provider with --enable-debug. When running your code you should see a logs with messages like SIGN SIGN_INIT rsa. Please post this log here.

Also, as described in https://github.com/tpm2-software/tpm2-openssl/blob/master/docs/certificates.md#tls-handshake you may need to use SSL_CTX_set1_sigalgs to limit the SSL algorithms to those supported by the key.

Thanks for early reply, here the logs :

cert path: handle:0x1000002
cert key: handle:0x81000002
ca cert path: /home/tss/certTest/rootCA.pem
PROVIDER INIT
build info : 1.1.1-9-g01d8f8b, key: buildinfo, provider : tpm2
build info : 3.0.3, key: buildinfo, provider : default
ssl_ctx_load_providers is success
calling load_ossl_handle
openssl: load_ossl_private_key_handle called: handle:0x81000001
STORE/OBJECT OPEN handle:0x81000001
openssl: open handle private key success
STORE/OBJECT LOAD
STORE/OBJECT LOAD pkey
STORE/OBJECT LOAD found RSA
RSA LOAD
RSA GET_PARAMS [ bits security-bits max-size ]
RSA HAS 1
openssl: OSSL_STORE_load pkey success
openssl: OSSL_STORE_INFO_PKEY is detected
openssl: load_ossl_private_key_handle end
STORE/OBJECT CLOSE
openssl: load_ossl_client_cert_handle called handle:0x1000002
STORE/OBJECT OPEN handle:0x1000002
openssl: open client cert success
STORE/OBJECT LOAD
STORE/OBJECT LOAD index 1196 bytes (buffer 1024 bytes)
STORE/OBJECT LOAD(PEM) CERTIFICATE 841 bytes
openssl: OSSL_STORE_load cert success:openssl: OSSL_STORE_INFO_CLIENT_CERT is detected
openssl: OSSL_STORE_eof while end
openssl: load_ossl_client_cert_handle end
STORE/OBJECT CLOSE
SSL_CTX_new_ex calling
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER AES-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-ECB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CBC GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-OFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CFB GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-128-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-192-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
CIPHER CAMELLIA-256-CTR GET_PARAMS [ blocksize ivlen keylen mode aead custom-iv cts tls-multi has-randkey ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA1 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA256 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA384 GET_PARAMS [ blocksize size xof algid-absent ]
DIGEST SHA512 GET_PARAMS [ blocksize size xof algid-absent ]
RAND NEW
RAND NEW
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
RAND NEW
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
openssl : ctx is success
openssl : SSL_CTX_new successful
openssl : SSL_CTX_load_verify_locations for CA success
openssl : rk_conf.ssl.cert_location calling
openssl : SSL_CTX_use_certificate calling
openssl : Cert subject name : /C=in/CN=client.abc.local
openssl : issuer name : /C=in/ST=kar/L=blr/O=abc/OU=abc-blr/CN=abc_root_ca/emailAddress=[email protected]
openssl : X509_get_pubkey success
openssl : 2048 bit RSA Key
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
openssl : SSL_CTX_use_certificate success
openssl : key_location loading
openssl : SSL_CTX_use_PrivateKey calling
RSA NEW
RSA IMPORT [ n e ]
RSA MATCH 0x7
openssl : SSL_CTX_use_PrivateKey_file success
RSA MATCH 0x7
openssl :SSL_CTX_check_private_key success
RAND NEW
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
RAND NEW
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
openssl: Calling SSL_do_handshake
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
RSA NEW
RSA IMPORT [ n e ]
SIGN DIGEST_INIT rsa MD=SHA256
SIGN DIGEST_START
SIGN DIGEST_UPDATE
SIGN DIGEST_VERIFY_FINAL
RSA NEW
RSA IMPORT [ n e ]
SIGN DIGEST_INIT rsa MD=SHA2-256
SIGN SET_CTX_PARAMS rsa [ pad-mode ]
SIGN SET_CTX_PARAMS rsa [ saltlen ]
SIGN DIGEST_START
SIGN DIGEST_UPDATE
SIGN DIGEST_VERIFY_FINAL
SIGN DIGEST_INIT rsa MD=SHA256
SIGN DIGEST_INIT rsa MD=SHA256
SIGN DIGEST_START
SIGN DIGEST_UPDATE
SIGN DIGEST_VERIFY_FINAL
RAND GET_CTX_PARAMS [ max_request ]
RAND GENERATE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST DUP
DIGEST FINAL
DIGEST FREE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST DUP
DIGEST DUP
DIGEST DUP
DIGEST DUP
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
DIGEST DUP
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
DIGEST FREE
DIGEST FREE
DIGEST DUP
DIGEST DUP
DIGEST DUP
DIGEST UPDATE
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
DIGEST DUP
DIGEST UPDATE
DIGEST FINAL
DIGEST FREE
DIGEST FREE
DIGEST FREE
DIGEST FREE
DIGEST FREE
DIGEST FREE
SIGN DIGEST_INIT rsa MD=SHA2-256
SIGN SET_CTX_PARAMS rsa [ pad-mode ]
SIGN SET_CTX_PARAMS rsa [ saltlen ]
SIGN DIGEST_SIGN estimate
SIGN DIGEST_SIGN
WARNING:esys:src/tss2-esys/api/Esys_Sign.c:311:Esys_Sign_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_Sign.c:105:Esys_Sign() Esys Finish ErrorCode (0x000002d2)
error:4000000F:tpm2::cannot sign: 722 tpm:parameter(2):unsupported or incompatible scheme
RSA FREE
DIGEST FREE

[ssonnagi]

SSL_CTX_set1_sigalgs
Also tried setting sigalgs

if (!SSL_CTX_set1_sigalgs_list(ctx,"rsa_pkcs1_sha1:rsa_pkcs1_sha256:rsa_pss_rsae_sha256:rsa_pss_pss_sha256")) 
	printf("SSL_CTX_set1_sigalgs_list failure \n");
else
    printf("SSL_CTX_set1_sigalgs_list success \n");

Even after setting this , it is still same error.

Also tried SSL_CTX_set1_client_sigalgs_list.

[gotthardp]

Hi again, I made some updates. If the problem persists, could you try building the latest master, configured without op-cipher and op-digest disabled? You may get better results.