> Von: Stephen Henson via RT [mailto:[email protected]] > Gesendet: Samstag, 5. März 2016 17:53 > An: Dr. Matthias St. Pierre > Cc: [email protected] > Betreff: [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH > groups > > ... > > The fact we don't export the DHparameters item I'd regard as a bug which > should > be fixed. > > The EC one I'm less sure about. This ends up exposing what were previously > internal functions. I'll see if there is an alternative way to achieve the > same > result. >
These functions, although internal, appear to me to be the natural way to serialize and deserialize private ECDH groups. They are well tested and reusable and the only reason why they are not public is probably because OpenSSL is focused on supplying standardized named curves for TLS. Using private ECDH curves might not make much sense for TLS, but in my case it did: I used it for a VPN client/server where the customer requested the ability to use private ECDH groups in the IKEv2 protocol, in addition to the official IANA groups. With the proposed change it was easy for me to serialize the entire set of all public and private [EC]DH-Groups in single file by creating a few ASN1 rules based on the existing ASN1 structures (DHparameters resp. EC[PK]PARAMETERS). So instead of reinventing the wheel, I let OpenSSL do the main part of the serialization. There is a thread that predates the creation of my ticket, where I discussed my motivation with Daniel Kahn Gillmor, see below. I hope my arguments convince you that it is a good idea to add these ASN1 structures and the related functions to the public api. Best Regards, Matthias St. Pierre http://thread.gmane.org/gmane.comp.encryption.openssl.devel/28272: >>> On Tue 2015-01-27 11:15:37 -0500, Dr. Matthias St. Pierre wrote: >>>> Add missing forward declarations and export declarations for DHparams >>>> and EC[PK]PARAMETERS. >>>> >>>> Add public functions to convert between EC_GROUP objects and >>>> EC[PK]PARAMETERS >>>> objects: EC_GROUP_new_from_ec[pk]parameters(), >>>> EC_GROUP_get_ec[pk]parameters(). >>> >>> fwiw, the IETF TLS WG is moving away from the possibility of arbitrary >>> EC groups, and toward the requirement of specified and vetted EC >>> groups. I'm not sure how much extra work should be done to maintain >>> that as a public-facing interface. >> >> As for TLS, you maybe right. However, the use of Diffie-Hellman is not >> limited >> to TLS (in my case, it's IKEv2). The proposed changes are not for libssl, >> but for >> the 'low level' libcrypto library, which is in my opinion a general purpose >> crypto >> library. As such, it should not make assumptions on or impose restrictions >> to possible >> use cases of the library. Neither should it enforce standards, but provide >> algorithms. >> >> My patch does not introduce new features or change existing ones. It just >> makes >> functionality available for reuse. I needed this particular functionality >> and I >> had the choice between 1) copy & paste the code 2) patch OpenSSL privately, >> or >> 3) submit a patch. So I chose the latter. > >Your choice of action makes sense to me, thanks! > > --dkg -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
