subject:"Re\: \[Openvpn\-users\] ECDH \/ ECDSA support\?"

Re: [Openvpn-users] ECDH / ECDSA support?

2016-07-08 Thread Jan Just Keijser

Hi,

On 08/07/16 11:10, David Sommerseth wrote:
> On 08/07/16 00:24, Jan Just Keijser wrote:
>> Hi,
>>
>> On 07/07/16 09:15, Steffan Karger wrote:
>>> Hi Scott,
>>>
>>> On Wed, Jul 6, 2016 at 9:18 PM, Scott Crooks  wrote:
 I saw this file in the OpenVPN codebase:
 https://github.com/OpenVPN/openvpn/blob/master/README.ec

 Which claims that support for elliptic curve certificates will be enabled 
 in
 OpenVPN 2.4.0. Just wanting to make sure there wasn't another way to enable
 it in version 2.3.10?
>>> Yes, use an mbed TLS build.  That will automatically support ECDSA and
>>> ECDH.  I *think* (can't test right now) that ECDSA also works fine
>>> with 2.3.10 + modern OpenSSL (1.0.1+, iirc).  ECDH might also work
>>> with OpenSSL 1.0.2+.
>>>
>>> But, by far the easiest way is to just use the master branch.  It is
>>> quite stable, and has full EC support, for both mbed TLS and OpenSSL.
>>>
>>>
>> I concur mostly with Steffan, with a few notes:
>>
>> - with mbed TLS ECDSA works "out of the box"
>> - with OpenSSL, you need a version that supports it; notably, RedHat
>> strips ALL elliptic curve support from their supplied versions of openssn
> Really?  I'm on Scientific Linux 7.2 (RHEL 7.2 clone) ... and I can do this:
>
> $ openssl speed ecdsap521
> Doing 521 bit sign ecdsa's for 10s: 27835 521 bit ECDSA signs in 10.01s
> Doing 521 bit verify ecdsa's for 10s: 5518 521 bit ECDSA verify in 10.00s
> OpenSSL 1.0.1e-fips 11 Feb 2013
> built on: Mon May  9 01:19:53 CDT 2016
> options:bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int)
> aes(partial) idea(int) blowfish(idx)
> compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT
> -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2
> -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches
>-m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2
> -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m
> -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM
> -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
>signverifysign/s verify/s
>   521 bit ecdsa (nistp521)   0.0004s   0.0018s   2780.7551.8
>
> [...]

> In addition 'openssl ec' and 'openssl ecparam' works too.  And 'openssl
> speed' also provides possibilities to test ecdsap256, ecdsap384, ecdsa,
> ecdhp256, ecdhp384, ecdhp521, ecdh in addition to ecdsap521 in the
> example above.
>
> Or have I misunderstood something?  With that said, I don't know how it
> is with EC support on EL6, and I doubt it is available on EL5 releases.
>
it seems to depend on the RH (or derived) distro:
on my fedora 22 box I see a difference in ciphers -V between the OS 
version of OpenSSL and a custom built version:

<   0xC0,0x02 - ECDH-ECDSA-RC4-SHA  SSLv3 Kx=ECDH/ECDSA 
Au=ECDH Enc=RC4(128)  Mac=SHA1
<   0xC0,0x03 - ECDH-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH/ECDSA 
Au=ECDH Enc=3DES(168) Mac=SHA1
<   0xC0,0x04 - ECDH-ECDSA-AES128-SHA   SSLv3 Kx=ECDH/ECDSA 
Au=ECDH Enc=AES(128)  Mac=SHA1
<   0xC0,0x05 - ECDH-ECDSA-AES256-SHA   SSLv3 Kx=ECDH/ECDSA 
Au=ECDH Enc=AES(256)  Mac=SHA1
54,57d36
<   0xC0,0x0C - ECDH-RSA-RC4-SHASSLv3 Kx=ECDH/RSA 
Au=ECDH Enc=RC4(128)  Mac=SHA1
<   0xC0,0x0D - ECDH-RSA-DES-CBC3-SHA   SSLv3 Kx=ECDH/RSA 
Au=ECDH Enc=3DES(168) Mac=SHA1
<   0xC0,0x0E - ECDH-RSA-AES128-SHA SSLv3 Kx=ECDH/RSA 
Au=ECDH Enc=AES(128)  Mac=SHA1
<   0xC0,0x0F - ECDH-RSA-AES256-SHA SSLv3 Kx=ECDH/RSA 
Au=ECDH Enc=AES(256)  Mac=SHA1
70,71d42
<   0xC0,0x25 - ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA 
Au=ECDH Enc=AES(128)  Mac=SHA256
<   0xC0,0x26 - ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA 
Au=ECDH Enc=AES(256)  Mac=SHA384
74,75d44
<   0xC0,0x29 - ECDH-RSA-AES128-SHA256  TLSv1.2 Kx=ECDH/RSA 
Au=ECDH Enc=AES(128)  Mac=SHA256
<   0xC0,0x2A - ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/RSA 
Au=ECDH Enc=AES(256)  Mac=SHA384
78,79d46
<   0xC0,0x2D - ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 
Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
<   0xC0,0x2E - ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 
Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
82,83d48
<   0xC0,0x31 - ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA 
Au=ECDH Enc=AESGCM(128) Mac=AEAD
<   0xC0,0x32 - ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA 
Au=ECDH Enc=AESGCM(256) Mac=AEAD


but those ciphers *are* present on a CentOS 7.2 box.
My advice remains: check whether your openssl version supports the type 
of EC crypto that you desire.

cheers,

JJK


--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family

Re: [Openvpn-users] ECDH / ECDSA support?

2016-07-07 Thread Jan Just Keijser

Hi,

On 07/07/16 09:15, Steffan Karger wrote:
> Hi Scott,
>
> On Wed, Jul 6, 2016 at 9:18 PM, Scott Crooks  wrote:
>> I saw this file in the OpenVPN codebase:
>> https://github.com/OpenVPN/openvpn/blob/master/README.ec
>>
>> Which claims that support for elliptic curve certificates will be enabled in
>> OpenVPN 2.4.0. Just wanting to make sure there wasn't another way to enable
>> it in version 2.3.10?
> Yes, use an mbed TLS build.  That will automatically support ECDSA and
> ECDH.  I *think* (can't test right now) that ECDSA also works fine
> with 2.3.10 + modern OpenSSL (1.0.1+, iirc).  ECDH might also work
> with OpenSSL 1.0.2+.
>
> But, by far the easiest way is to just use the master branch.  It is
> quite stable, and has full EC support, for both mbed TLS and OpenSSL.
>
>
I concur mostly with Steffan, with a few notes:

- with mbed TLS ECDSA works "out of the box"
- with OpenSSL, you need a version that supports it; notably, RedHat 
strips ALL elliptic curve support from their supplied versions of openssn
- then, in order to use ECDSA certs it is best to run the master branch 
on the server, as you will need to specify a ecdh-curve parameter in 
order to use SHA2+ECDSA.
- for the *client* you can stick with 2.3.10+ as long as the OpenSSL lib 
supports EC.

HTH,

JJK


--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] ECDH / ECDSA support?

2016-07-07 Thread Steffan Karger

Hi Scott,

On Wed, Jul 6, 2016 at 9:18 PM, Scott Crooks  wrote:
> I saw this file in the OpenVPN codebase:
> https://github.com/OpenVPN/openvpn/blob/master/README.ec
>
> Which claims that support for elliptic curve certificates will be enabled in
> OpenVPN 2.4.0. Just wanting to make sure there wasn't another way to enable
> it in version 2.3.10?

Yes, use an mbed TLS build.  That will automatically support ECDSA and
ECDH.  I *think* (can't test right now) that ECDSA also works fine
with 2.3.10 + modern OpenSSL (1.0.1+, iirc).  ECDH might also work
with OpenSSL 1.0.2+.

But, by far the easiest way is to just use the master branch.  It is
quite stable, and has full EC support, for both mbed TLS and OpenSSL.

-Steffan

--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] ECDH / ECDSA support?

Re: [Openvpn-users] ECDH / ECDSA support?

Re: [Openvpn-users] ECDH / ECDSA support?

3 matches

Site Navigation

Mail list logo

Footer information