[2016-12-23 19:11] [email protected]:
In the meantime, I have downloaded and compiled OpenSSL 1.1.0c for my web
server. According to the following and many other articles, OpenSSL 1.1.x
should support ed25519 / x25519:
https://certsimple.com/blog/safe-curves-and-openssl
But if I do ./openssl ecparam -list_curves, I indeed get a long list of
supported curves, but no 25519 and no 448 among them. Did they remove it again
in the newest version for some reason?
The 1.1.0 branch of OpenSSL does support X25519, but it does not support
X448, and it does not support Ed25519 or Ed448 either (mainly because
EdDSA itself is not a finished standard/RFC yet, and there is no
finished RFC on the usage of that non-existent EdDSA standard in X.509
certificate keys).
Although OpenSSL 1.1.0 at least supports X25519 for ECDH(E), for some
reason unknown to me (although my guess would be that the reason is a
three-letter-work starting with a "B" and ending in a "G"), the "openssl
ecparam -list_curves" command doesn't list that curve. You can, however,
still use X25519 by using the "-name X25519" parameter (be careful about
the letter casing - you need to use a major X in "X25519"!).
regards
Pascal
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy