Hi,
On 08/07/16 11:10, David Sommerseth wrote:
> On 08/07/16 00:24, Jan Just Keijser wrote:
>> Hi,
>>
>> On 07/07/16 09:15, Steffan Karger wrote:
>>> Hi Scott,
>>>
>>> On Wed, Jul 6, 2016 at 9:18 PM, Scott Crooks wrote:
I saw this file in the OpenVPN codebase:
https://github.com/OpenVPN/openvpn/blob/master/README.ec
Which claims that support for elliptic curve certificates will be enabled
in
OpenVPN 2.4.0. Just wanting to make sure there wasn't another way to enable
it in version 2.3.10?
>>> Yes, use an mbed TLS build. That will automatically support ECDSA and
>>> ECDH. I *think* (can't test right now) that ECDSA also works fine
>>> with 2.3.10 + modern OpenSSL (1.0.1+, iirc). ECDH might also work
>>> with OpenSSL 1.0.2+.
>>>
>>> But, by far the easiest way is to just use the master branch. It is
>>> quite stable, and has full EC support, for both mbed TLS and OpenSSL.
>>>
>>>
>> I concur mostly with Steffan, with a few notes:
>>
>> - with mbed TLS ECDSA works "out of the box"
>> - with OpenSSL, you need a version that supports it; notably, RedHat
>> strips ALL elliptic curve support from their supplied versions of openssn
> Really? I'm on Scientific Linux 7.2 (RHEL 7.2 clone) ... and I can do this:
>
> $ openssl speed ecdsap521
> Doing 521 bit sign ecdsa's for 10s: 27835 521 bit ECDSA signs in 10.01s
> Doing 521 bit verify ecdsa's for 10s: 5518 521 bit ECDSA verify in 10.00s
> OpenSSL 1.0.1e-fips 11 Feb 2013
> built on: Mon May 9 01:19:53 CDT 2016
> options:bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int)
> aes(partial) idea(int) blowfish(idx)
> compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT
> -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2
> -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches
>-m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2
> -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m
> -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM
> -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
>signverifysign/s verify/s
> 521 bit ecdsa (nistp521) 0.0004s 0.0018s 2780.7551.8
>
> [...]
> In addition 'openssl ec' and 'openssl ecparam' works too. And 'openssl
> speed' also provides possibilities to test ecdsap256, ecdsap384, ecdsa,
> ecdhp256, ecdhp384, ecdhp521, ecdh in addition to ecdsap521 in the
> example above.
>
> Or have I misunderstood something? With that said, I don't know how it
> is with EC support on EL6, and I doubt it is available on EL5 releases.
>
it seems to depend on the RH (or derived) distro:
on my fedora 22 box I see a difference in ciphers -V between the OS
version of OpenSSL and a custom built version:
< 0xC0,0x02 - ECDH-ECDSA-RC4-SHA SSLv3 Kx=ECDH/ECDSA
Au=ECDH Enc=RC4(128) Mac=SHA1
< 0xC0,0x03 - ECDH-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH/ECDSA
Au=ECDH Enc=3DES(168) Mac=SHA1
< 0xC0,0x04 - ECDH-ECDSA-AES128-SHA SSLv3 Kx=ECDH/ECDSA
Au=ECDH Enc=AES(128) Mac=SHA1
< 0xC0,0x05 - ECDH-ECDSA-AES256-SHA SSLv3 Kx=ECDH/ECDSA
Au=ECDH Enc=AES(256) Mac=SHA1
54,57d36
< 0xC0,0x0C - ECDH-RSA-RC4-SHASSLv3 Kx=ECDH/RSA
Au=ECDH Enc=RC4(128) Mac=SHA1
< 0xC0,0x0D - ECDH-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH/RSA
Au=ECDH Enc=3DES(168) Mac=SHA1
< 0xC0,0x0E - ECDH-RSA-AES128-SHA SSLv3 Kx=ECDH/RSA
Au=ECDH Enc=AES(128) Mac=SHA1
< 0xC0,0x0F - ECDH-RSA-AES256-SHA SSLv3 Kx=ECDH/RSA
Au=ECDH Enc=AES(256) Mac=SHA1
70,71d42
< 0xC0,0x25 - ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA
Au=ECDH Enc=AES(128) Mac=SHA256
< 0xC0,0x26 - ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA
Au=ECDH Enc=AES(256) Mac=SHA384
74,75d44
< 0xC0,0x29 - ECDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/RSA
Au=ECDH Enc=AES(128) Mac=SHA256
< 0xC0,0x2A - ECDH-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH/RSA
Au=ECDH Enc=AES(256) Mac=SHA384
78,79d46
< 0xC0,0x2D - ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2
Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
< 0xC0,0x2E - ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2
Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
82,83d48
< 0xC0,0x31 - ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA
Au=ECDH Enc=AESGCM(128) Mac=AEAD
< 0xC0,0x32 - ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA
Au=ECDH Enc=AESGCM(256) Mac=AEAD
but those ciphers *are* present on a CentOS 7.2 box.
My advice remains: check whether your openssl version supports the type
of EC crypto that you desire.
cheers,
JJK
--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family