[email protected] wrote: > Full_Name: Jan Bramkamp > Version: 2.4.35 > OS: FreeBSD 9.1 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (79.230.127.217) > > > OpenLDAP supports PFS TLS cipher suites using DHE with the > DH *tlso_tmp_dh_cb(SSL*,int,int) callback in libraries/libldap/tls_o.c. > DHE-RSA/DSS cipher suites are very CPU intensive and noticeably increase > latency > on low-power hardware. While OpenLDAP supports ECDH-ECDSA cipher suites these > lack the PFS offered by DHE-RSA/DSS cipher suites. > >>From my initial search it looks like the correct API to register such a >>callback > would be SSL_CTX_set_tmp_ecdh_callback(), but im not familiar the OpenLDAP > code > base so patching it my self could have unintended consequences. > > This how the CA was generated: > CURVE=secp384r1 > > openssl ecparam -out private/ca-key.pem -name $CURVE -genkey && > openssl req -new -x509 -days 365 -key private/ca-key.pem -out > certs/ca-cert.pem > > openssl ecparam -out private/auth1-key.pem -name $CURVE -genkey && > openssl req -new -key private/auth1-key.pem -out newcerts/auth1-csr.pem > && > openssl ca -config /usr/local/openssl/openssl.cnf -out > certs/auth1-cert.pem > -infiles newcerts/auth1-csr.pem > > The (EC)DH paramter file was generated with: > openssl ecparam -name $CURVE > > This was tested with slapd linked against OpenSSL 1.0.1e from ports on FreeBSD > 9.1/amd64.
It seems that current events have focused more attention on Perfect Forward Secrecy, now that news about NSA eavesdropping is everywhere. It's worth noting Bruce Schneier's recommendation to avoid Elliptic Curve algorithms, since their design has been heavily influenced by the NSA. http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance (Section 5.) -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
