PG Bug reporting form <noreply@postgresql.org> writes:
> It looks like the curves with the upper X are known, but not correct
> initialized.
BTW, as far as that goes, I looked into the source code and found
nid = OBJ_sn2nid(SSLECDHCurve);
if (!nid)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("ECDH: unrecognized curve name: %s", SSLECDHCurve)));
return false;
}
ecdh = EC_KEY_new_by_curve_name(nid);
if (!ecdh)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("ECDH: could not create key")));
return false;
}
So it would appear that "X448" and "X25519" are known as names for
*some* sort of thing known to OpenSSL, but they aren't ECDH curves.
regards, tom lane