Hi Bernd and all,
the mentioned patch was for jdk8, I think. I attached a new one. It
simply adds the brainpool curves to NamedGroup - twice.
1. According to RFC 7027 for TLS <= 1.2
2. According to
* https://datatracker.ietf.org/doc/draft-bruckert-brainpool-for-tls13/ and
*
https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
This works for TLSv1.2 using https://testssl.sh - but I had no
opportunity to test this for TLSv1.3 and unfortunately little time to look in
to it now.
Cheers,
Tobias
Am 24.10.19 um 12:52 schrieb Bernd Eckenfels:
> Hello,
>
> Coming back to the message of Tobias, it looks* like even in 14 the
> Brainpool curves have not landed for JSSE, are there any plans for
> adding this? can you maybe share your incomplete patch, Tobias?
>
> * i don’t see them in ssl/NamesGroups:
> http://hg.openjdk.java.net/jdk/jdk/file/tip/src/java.base/share/classes/sun/security/ssl/NamedGroup.java
> Gruss
> Bernd
>
>
> --
> http://bernd.eckenfels.net
>
> ------------------------------------------------------------------------
> *Von:* security-dev <security-dev-boun...@openjdk.java.net> im Auftrag
> von Tobias Wagner <tobias.wag...@n-design.de>
> *Gesendet:* Mittwoch, Juni 27, 2018 7:49 PM
> *An:* security-dev@openjdk.java.net
> *Betreff:* AW: RFR [11] CSR for "Add Brainpool ECC support (RFC 5639)"
>
> Hi Valerie and Bernd,
> Valerie is right, I tested my JTREG Tests against SoftHSM2 in March:
> http://mail.openjdk.java.net/pipermail/security-dev/2018-March/016863.html
> I don't think there are more PKCS#11 related issues, as SunEC is not a
> PKCS#11 implementation. There are only shared tests.
>
> The JTREG known answer tests use the X9.62 key format as they are used
> in certificates as well. I assume, brainpool public keys would work in
> certificates as well.
>
> I actually implemented the support for brainpool curves in TLS as well,
> but I had no time to provide proper JTREG tests for that, and therefore
> no patch yet.
>
> Regards, Tobias
>
> --
> phone: +49 221 222896 17
> fax: +49 221 222896 11
> keybase: https://keybase.io/toebix
>
> n - d e s i g n G m b H
> https://n-design.de
> Alpenerstr. 16
> 50825 Köln
> Deutschland / Germany
>
> Amtsgericht Köln HRB 33766 B
> Geschäftsführer Andy Kohl
>
>> -----Ursprüngliche Nachricht-----
>> Von: security-dev <security-dev-boun...@openjdk.java.net> Im Auftrag von
>> Valerie Peng
>> Gesendet: Donnerstag, 21. Juni 2018 01:07
>> An: security-dev@openjdk.java.net
>> Betreff: Re: RFR [11] CSR for "Add Brainpool ECC support (RFC 5639)"
>>
>> Are you asking about CSR or existing bug for including Brainpool support
>> in TLS?
>>
>> I saw some bugs which mentions errors/exceptions which brainpool is
>> used, e.g. JSSE has https://bugs.openjdk.java.net/browse/JDK-7189107,
>> key tool has https://bugs.openjdk.java.net/browse/JDK-8201290. After
>> this brainpool support is integrated, it'll be easier to re-evaluate
>> these.
>>
>>
>> As for PKCS11, Tobias tested this against a 3rd party PKCS11 library and
>> the result is positive if I recall correctly.
>>
>>
>> Thanks,
>> Valerie
>>
>>
>> On 6/18/2018 1:26 PM, Bernd Eckenfels wrote:
>>
>>
>> Hello,
>>
>>
>>
>> not a Reviewer, but some Questions on the CSR:
>>
>>
>>
>> * Are there other CSRs for including in TLS?
>> * I also wonder if PKI (CA Signatures) will work out of the box
>> then (OID aliases?)
>> * Does PKCS11 require additional changes? (especially for the
>> Government use mentioned in the justification HSMs are often mandatory)
>>
>>
>>
>> Gruss
>>
>> Bernd
>>
>> --
>> http://bernd.eckenfels.net
>>
>>
>>
>
>
--
phone: +49 221 222896 17
fax: +49 221 222896 11
keybase: https://keybase.io/toebix
n - d e s i g n G m b H
https://n-design.de
Alpenerstr. 16
50825 Köln
Deutschland / Germany
Amtsgericht Köln HRB 33766 B
Geschäftsführer: Andy Kohl, Dr. Tino Großmann
# HG changeset patch
# User Tobias Wagner <tobias.wag...@n-design.de>
# Date 1572260405 -3600
# Mon Oct 28 12:00:05 2019 +0100
# Node ID 63afc014108891da2b2b4bb9c3cc6fab92023aad
# Parent 9261ad32cba9b6202debf87c6c1f82428fb43959
Brainpool curves for TLS
diff --git a/src/java.base/share/classes/sun/security/ssl/NamedGroup.java b/src/java.base/share/classes/sun/security/ssl/NamedGroup.java
--- a/src/java.base/share/classes/sun/security/ssl/NamedGroup.java
+++ b/src/java.base/share/classes/sun/security/ssl/NamedGroup.java
@@ -180,6 +180,20 @@
ProtocolVersion.PROTOCOLS_TO_13,
CurveDB.lookup("secp521r1")),
+ // brainpool curves (RFC 7027)
+ BRAINPOOL_P256_R1(0x001A, "brainpoolP256r1",
+ NamedGroupSpec.NAMED_GROUP_ECDHE,
+ ProtocolVersion.PROTOCOLS_TO_12,
+ CurveDB.lookup("brainpoolP256r1")),
+ BRAINPOOL_P384_R1(0x001B, "brainpoolP384r1",
+ NamedGroupSpec.NAMED_GROUP_ECDHE,
+ ProtocolVersion.PROTOCOLS_TO_12,
+ CurveDB.lookup("brainpoolP384r1")),
+ BRAINPOOL_P512_R1(0x001C, "brainpoolP512r1",
+ NamedGroupSpec.NAMED_GROUP_ECDHE,
+ ProtocolVersion.PROTOCOLS_TO_12,
+ CurveDB.lookup("brainpoolP512r1")),
+
// x25519 and x448 (RFC 8422/8446)
X25519(0x001D, "x25519",
NamedGroupSpec.NAMED_GROUP_XDH,
@@ -190,6 +204,20 @@
ProtocolVersion.PROTOCOLS_TO_13,
NamedParameterSpec.X448),
+ // brainpool curves for TLS 1.3 (RFC draft-bruckert-brainpool-for-tls13)
+ BRAINPOOL_P256_R1_TLS13(0x001F, "brainpoolP256r1tls13",
+ NamedGroupSpec.NAMED_GROUP_ECDHE,
+ ProtocolVersion.PROTOCOLS_OF_13,
+ CurveDB.lookup("brainpoolP256r1")),
+ BRAINPOOL_P384_R1_TLS13(0x0020, "brainpoolP384r1tls13",
+ NamedGroupSpec.NAMED_GROUP_ECDHE,
+ ProtocolVersion.PROTOCOLS_OF_13,
+ CurveDB.lookup("brainpoolP384r1")),
+ BRAINPOOL_P512_R1_TLS13(0x0021, "brainpoolP512r1tls13",
+ NamedGroupSpec.NAMED_GROUP_ECDHE,
+ ProtocolVersion.PROTOCOLS_OF_13,
+ CurveDB.lookup("brainpoolP512r1")),
+
// Finite Field Diffie-Hellman Ephemeral Parameters (RFC 7919)
FFDHE_2048(0x0100, "ffdhe2048",
NamedGroupSpec.NAMED_GROUP_FFDHE,
