Hi ,
Dr. Stephen Henson wrote:
On Tue, May 08, 2012, Jan Just Keijser wrote:
hello list,
we're trying to add ECDH/ECDSA support to OpenVPN and we have run
into a question we cannot easily answer ourselves:
we're using SSL_CTX_set_tmp_ecdh to add an ECDH curve to your
server-side SSL CTX object; this is very similar to the DH
parameters which are added using SSL_CTX_set_tmp_dh. We do *not* add
a 'set_tmp_dh_callback' to the server SSL CTX , as the DH parameter
file is static.
The question is: does the same apply to the
SSL_CTX_set_tmp_ecdh/SSL_CTX_set_tmp_ecdh_callback function?
Or do we need to add callbacks , similar to the way RSA callbacks
are added, as done in the s_server.c code?
A more general question is where we can read up on all this :) ?
many thanks in advance,
ECDH parameters aren't exactly the same as DH.
For DH generating parameters is a time consuming process and so servers allow
an external file to load DH parameters from.
With ECDH the parameters are normally form a set of hard coded names curves so
"parameter generation" just involves looking them up. It is practical for a
server to just load and use them as required but that isn't supported in
OpenSSL before 1.0.2.
So what you could do is provide an option to set ECDH parameters from a file
and have a fallback for a common set, P-256 is a good choice for example. That
can be done very simply with something like this:
EC_KEY *ecdh;
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if (ecdh == NULL) /* error */
SSL_CTX_set_tmp_ecdh(ctx,ecdh);
thank you for the quick reply. The code we currently use is very similar:
254 nid = OBJ_sn2nid(curve_name);
255
256 if (nid == 0)
257 msg(M_SSLERR, "unknown curve name (%s)", curve_name);
258 else
259 {
260 ecdh = EC_KEY_new_by_curve_name(nid);
261 if (ecdh == NULL)
262 msg (M_SSLERR, "Unable to create curve (%s)", curve_name);
263 else
264 {
265 const char *sname;
266
267 if (!SSL_CTX_set_tmp_ecdh(ctx->ctx, ecdh))
268 msg (M_SSLERR, "SSL_CTX_set_tmp_ecdh: cannot add curve");
269
this is for the OpenVPN server (listening) process; what we are not sure
about is whether this is sufficient for a client-server architecture:
would it be necessary to add different 'ecdh' objects for each client
(e.g. using the set_tmp_ecdh_callback function)? Or is a single 'ecdh'
object for the server sufficient?
many thanks,
JJK / Jan Just Keijser
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
