From: Franziskus Kiefer Update keybits in H2 https://bugzilla.mozilla.org/show_bug.cgi?id=1290037 diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp --- a/netwerk/protocol/http/Http2Session.cpp +++ b/netwerk/protocol/http/Http2Session.cpp @@ -3516,18 +3516,18 @@ Http2Session::ConfirmTLSProfile() RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY); } uint32_t keybits = ssl->GetKEAKeyBits(); if (kea == ssl_kea_dh && keybits < 2048) { LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n", this, keybits)); RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY); - } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128 - LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n", + } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1. + LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n", this, keybits)); RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY); } int16_t macAlgorithm = ssl->GetMACAlgorithmUsed(); LOG3(("Http2Session::ConfirmTLSProfile %p MAC Algortihm (aead==6) %d\n", this, macAlgorithm)); if (macAlgorithm != nsISSLSocketControl::SSL_MAC_AEAD) {