[pfx] Re: How to verify that DH key generation parameters from RFC 7919 are used?

Wed, 12 Jul 2023 01:17:31 -0700 

You can copy from here:
*https://github.com/internetstandards/dhe_groups/blob/main/ffdhe4096.pem <https://github.com/internetstandards/dhe_groups/blob/main/ffdhe4096.pem> 
*
or you can create it
*openssl genpkey -genparam -algorithm DH -pkeyopt dh_param:ffdhe4096 -out /etc/postfix/ffdhe4096.dh.param* 

**

*Cheers,*
*Ivan*
On 12.7.2023 г. 11:09, Paul Menzel via Postfix-users wrote:

Dear Postfix folks,


The Internet.nl email test, reports for molgen.mpg.de [1]:


Key exchange parameters

Verdict: At least one of your mail servers supports insufficiently
secure parameters for Diffie-Hellman key exchange.

Technical details:

c1241.mx.srv.dfn.de.     DH-2048     insufficient
b1241.mx.srv.dfn.de.     DH-2048     insufficient
a1241.mx.srv.dfn.de.     DH-2048     insufficient

DHE: The security of Diffie-Hellman Ephemeral (DHE) key exchange
depends on the lengths of the public and secret keys used within the
chosen finite field group. We test if your DHE public key material
uses one of the predefined finite field groups that are specified in
RFC 7919. Self-generated groups are 'Insufficient'.


The test seems to follow Dutch recommendations:


See 'IT Security Guidelines for Transport Layer Security (TLS) v2.1'
from NCSC-NL [2], guideline B5-1 and table 9 for ECDHE, and guideline
B6-1 and table 10 for DHE (in English).
How can I check myself, what “DHE public key material“ is used to compare it with the ones specified in RFC 7919 [3]? 

Postfix’ *TLS Forward Secrecy in Postfix* [4] says:


Postfix ≥ 3.1 supports 2048-bit-prime FFDHE out of the box, with no
additional configuration.
Where in the code would I find the key material? `tlsproxy/tlsproxy.c` calls `TLS_SERVER_INIT()`, and `tls_server_init()` in `tls/tls_server.c` contains: 

        if (*props->dh1024_param_file != 0)
            tls_set_dh_from_file(props->dh1024_param_file);
        tls_tmp_dh(server_ctx, 1);

That then seems to use the OpenSSL function d2i_DHparams?

    tls/tls_dh.c:    if (d2i_DHparams(&tmp, &endp, sizeof(builtin_der))


Kind regards,

Paul


PS: Is the “preferred” in the comment in `tls/tls_server.c` outdated?
         * Diffie-Hellman key generation parameters can either be loaded from          * files (preferred) or taken from compiled in values. First, set the 

[1]: https://www.internet.nl/mail/molgen.mpg.de/968847/
[2]: https://english.ncsc.nl/publications/publications/2021/january/19/it-security-guidelines-for-transport-layer-security-2.1 
[3]: https://www.rfc-editor.org/rfc/rfc7919.html
[4]: https://www.postfix.org/FORWARD_SECRECY_README.html
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to