[2016-12-23 19:11] [email protected]:
In the meantime, I have downloaded and compiled OpenSSL 1.1.0c for my web 
server. According to the following and many other articles, OpenSSL 1.1.x 
should support ed25519 / x25519:

https://certsimple.com/blog/safe-curves-and-openssl

But if I do ./openssl ecparam -list_curves, I indeed get a long list of 
supported curves, but no 25519 and no 448 among them. Did they remove it again 
in the newest version for some reason?


The 1.1.0 branch of OpenSSL does support X25519, but it does not support X448, and it does not support Ed25519 or Ed448 either (mainly because EdDSA itself is not a finished standard/RFC yet, and there is no finished RFC on the usage of that non-existent EdDSA standard in X.509 certificate keys).

Although OpenSSL 1.1.0 at least supports X25519 for ECDH(E), for some reason unknown to me (although my guess would be that the reason is a three-letter-work starting with a "B" and ending in a "G"), the "openssl ecparam -list_curves" command doesn't list that curve. You can, however, still use X25519 by using the "-name X25519" parameter (be careful about the letter casing - you need to use a major X in "X25519"!).


regards
Pascal
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to