Hi Uri, On Wed, Jan 27, 2016 at 9:30 AM, Blumenthal, Uri - 0553 - MITLL < [email protected]> wrote:
> Let me know if you have any questions about these patches. > > > My only questions at this time (I briefly looked at your patches only, > haven’t looked at your engine at all) are: why you needed to add > ECDH\generate key() to crypto/ech/ecdh_key.c, > In the TLS-1.2 protocol (sl_srvr.c) the server generates an ephemeral key pair for ECDH and sends the public key in the server key exchange message (see ssl3_send_server_key_exchange(SSL *s) function). It does not use the private key until it gets the client public key in the "ssl3_send_server_key_exchange(SSL *s)". Just then it calls the "ECDH_compute_key()" with the client public key and the server private key generated much earlier. If I do not call this new function then the openssl sends a software-generated ephemeral key to the client. Adding this function was the simplest way to fix the problem. On client everything happens in the same function so it wasn't a problem. > and what’s the purpose of enabling (*init)(EC_KEY *eckey) and (*finish)(EC_KEY > *eckey) in crypto/ecdh/ech_locl.h. > I used "ecdh->meth->init(eckey)" in this new "ECDH_generate_key(EC_KEY *eckey)" function to actually generate the ephemeral pair. Probably should call it "generate_key()" instead but again was trying to minimize the impact. "finish()" was in the same package - didn't use it. Regards, Alex. Sorry for delay: take some time to go over the code to remember things :) > > Thanks! > > > On Wed, Jan 20, 2016 at 12:49 PM, Douglas E Engert <[email protected]> > wrote: > >> When I started to write the ECDSA code for engine_pkcs11 in 2011 the >> code to support the method hooks was not >> in the code. So I used internal OpenSSL header files to copy the >> ECDSA_METHOD and replace the function needed. >> Look for "BUILD_WITH_ECS_LOCL_H" in libp11. Not until 1.0.2 did OpenSSL >> support the needed calls to hook ECDSA. >> They did not add the hooks for ECDH. >> >> If you can't wait then you have to do it your self. *YOU* could do the >> same thing for ECDH. But your code would only >> be good for 1.0.2 because the whole way of doing EC methods changes in >> 1.1. >> >> I believe Alexander said he had changes to OpenSSL, which is another >> approach. >> He has said there were here: >> https://github.com/AtmelCSO/cryptoauth-openssl-engine/tree/master/patches >> >> You could also hire someone who could do more then: "test it and offer >> minor enhancements". >> (And not me. I am taking the 1.1 approach to getting ECDH. working in >> engine.) >> >> On 1/20/2016 2:19 PM, Blumenthal, Uri - 0553 - MITLL wrote: >> >> Very possible that I'm missing the point here. >> >> Still, since openssl-1_0_2 does ECDH, and it exposes ECDSA to external >> engine(s), how difficult would it be to add ECDH exposure? I suspect - a >> good deal easier than getting 1.1 replace 1.0.x as the de-facto deployment >> standard. >> >> Plus, by this time there already are (and reasonably common) tokens that >> support ECDH, other packages that do ECDH, and people (like myself :-) >> willing to test it and offer minor enhancements. >> >> Another point I seem to be missing - if what's necessary to implement >> ECDH in an external engine is missing from 1_0_2 - how could Alexander >> write a (presumably) working ECDH engine for 1_0_2? If he could do it, why >> can't engine_pkcs11 be extended to do the same? >> >> >> Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. >> *From: *Douglas E Engert >> *Sent: *Wednesday, January 20, 2016 14:59 >> *To: *[email protected] >> *Reply To: *[email protected] >> *Subject: *Re: [openssl-dev] ECDH engine >> >> You are missing the point. OpenSSL-1.0.2 only exposed ECDSA, not ECDH to >> external engines. It took years to even get ECDSA exposed. >> OpenSSL approach to support this is OpenSSL-1.1 that does a lot of other >> things. But that was there approach. Its their package. >> >From working package to distribution always takes several years... >> >> >> >> > > _______________________________________________ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > >
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
