Re: [openssl-dev] A question DH parameter generation and usage
For DHE_RSA, you first need a pair of RSA certificate/key for signing. And you if want to use specific DH parameters, you can use the SSL_CTX_set_tmp_dh API, there is documentation describing how to use this function. DH parameter could be generated by OpenSSL in many ways, one of the common way is by using the openssl-dhparam command line tool. Check the -help option of that command. BTW: seems this email should be sent to openssl-users list only... > On 6 Dec 2017, at 14:02, Jayalakshmi bhatwrote: > > Hi, > > We are planning to use DHE_RSA TLS ciphers into our product. I have few > questions on using DH parameter. We would like to use DH-2048. > > our product includes both TLS client and server applications. Thus any time > there will be considerable number of active connectioons. > > I believe we can use same DH parameter for all the server connections. Is my > understanding correct? Is there any risk in using same parameter for all the > server connections. > > Another question is what is guidelines/document should be followed to derive > DH parameter. > > Any input is appreciated. > > Thanks and Regards > Jayalakshmi. > -- > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev signature.asc Description: Message signed with OpenPGP -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] ECC ciphers in OpenSSL and Citricom Patent/License terms
Hi, I have a question on ECC ciphers implementaion in OpenSSL. I do see README.ECC file in FIPS certfied OpenSSL crypto library. That says The OpenSSL Software Foundation has executed a sublicense agreement entitled "Elliptic Curve Cryptography Patent License Agreement" with the National Security Agency/ Central Security Service Commercial Solutions Center (NCSC) dated 2010-11-04. However OpenSSL library does not include this file. Does it mean to use ECC ciphers from OpenSSL does the end user needs to get the license from Citricom? Thanks and Regards Jayalakshmi -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] A question DH parameter generation and usage
Hi, We are planning to use DHE_RSA TLS ciphers into our product. I have few questions on using DH parameter. We would like to use DH-2048. our product includes both TLS client and server applications. Thus any time there will be considerable number of active connectioons. I believe we can use same DH parameter for all the server connections. Is my understanding correct? Is there any risk in using same parameter for all the server connections. Another question is what is guidelines/document should be followed to derive DH parameter. Any input is appreciated. Thanks and Regards Jayalakshmi. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] frequency and size of heartbeat requests
On Tue, 5 Dec 2017 19:14:41 + (UTC) Jitendra Lulla via openssl-devwrote: > Could the solution be a restricted count of HB requests along with a > timer? No, the solution is to disable TLS heartbeats. I actually wanted to bring this up when I recently noticed that OpenSSL still enables the heartbeat extension by default in every clienthello it sends. In the whole Heartbleed aftermath nobody was ever able to tell me where TLS Heartbeats are used. It's a feature in order to have a feature. -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] frequency and size of heartbeat requests
The purpose of the HEARTBEAT message is for DTLS applications to determine the maximum packet size and tune the application records accordingly. There is never any reason to use this in TCP-based TLS; that was an OpenSSL bug that enabled it there. The usefulness of HEARTBEAT even in DTLS is probably pretty small and it is probably safer to just turn it off. Spending time and code to “protect it” is probably not worth the effort. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] frequency and size of heartbeat requests
Hi, With an "intentionally corrupted" tls1_heartbeat() in Openssl 1.0.2l, heart beat requests with big payloads such as 16300 or slightly more can be repeatedly sent to the server. The server, religiously responds back with such big payloads after spending its cpu on encrypting/HMAC computing on the payload in the heartbeat response messages.. I confirmed the above with s_server/s_client. The RFC doesn't say anything about this possible exploit/DOS attack. The RFC also allows such big payloads. While such payloads might be meeting some requirement (PMTU computation ?),, the frequency of such big messages (continuous repeats) must certainly be controlled. I see that this extn is disabled in openssl-master but I could see that some servers (eg yahoo) do respond to heartbeat requests which means that they are running some ssl implementation (probably Openssl) which is vulnerable to continuous repeated big HB requests. Is the problem mentioned above a problem indeed or I am missing something ? Could the solution be a restricted count of HB requests along with a timer? Thanks Jitendra -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev