RFC 5114 support

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

RFC 5114 support

Dominik Oepen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi there,

I need to use the MODP groups defined in RFC 5114 for a project using
OpenSSL. It is easy enough to initialise a DH structure with the
parameters from the RFC within my application. Nevertheless I was asking
myself if it wouldn't make sense to add a way of generating standardised
DH groups to OpenSSL. I was thinking of something along the lines of
EC_GROUP_new_by_curve_name from ec_curve.c. On the other hand bn_const.c
already includes functions to generate the MODP prime numbers from RFC
2409 and 3526, so maybe it would be more appropriate to add the RFC 5114
parameters here as well.

It would be nice if you could comment on the preferable place to put
standardised group parameters for DH and on whether or not a patch
including this functionality would be appreciated by the OpenSSL Devs.

Best regards,
Dominik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkz/UaMACgkQ8RP9uQqpDVSAKwCfYiOLILoQWPMli/92lML4YAQL
pP0An3mSNg1CJHNHD9bSCUgPAGyG6vco
=Bky6
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]