[openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

[openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

Rich Salz via RT
Steve, what do you thnk?
--
Rich Salz, OpenSSL dev team; [hidden email]

--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676
Please log in as guest with password guest if prompted

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

Rich Salz via RT
Is there any chance that this change will find it's way into OpenSSL 1.1 ?

Regards,
Matthias St. Pierre


-----Ursprüngliche Nachricht-----
Von: Rich Salz via RT [mailto:[hidden email]]
Gesendet: Mittwoch, 2. März 2016 15:28
An: Dr. Matthias St. Pierre
Cc: [hidden email]
Betreff: [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

Steve, what do you thnk?
--
Rich Salz, OpenSSL dev team; [hidden email]

--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676
Please log in as guest with password guest if prompted


--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676
Please log in as guest with password guest if prompted


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

[openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

Rich Salz via RT
In reply to this post by Rich Salz via RT
On Sat Mar 05 09:01:48 2016, [hidden email] wrote:
> Is there any chance that this change will find it's way into OpenSSL
> 1.1 ?
>

The fact we don't export the DHparameters item I'd regard as a bug which should
be fixed.

The EC one I'm less sure about. This ends up exposing what were previously
internal functions. I'll see if there is an alternative way to achieve the same
result.

Steve/
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676
Please log in as guest with password guest if prompted

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

Rich Salz via RT
> Von: Stephen Henson via RT [mailto:[hidden email]]
> Gesendet: Samstag, 5. März 2016 17:53
> An: Dr. Matthias St. Pierre
> Cc: [hidden email]
> Betreff: [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups
>
> ...
>
> The fact we don't export the DHparameters item I'd regard as a bug which should
> be fixed.
>
> The EC one I'm less sure about. This ends up exposing what were previously
> internal functions. I'll see if there is an alternative way to achieve the same
> result.
>

These functions, although internal, appear to me to be the natural way to serialize
and deserialize private ECDH groups. They are well tested and reusable and the only
reason why they are not public is probably because OpenSSL is focused on supplying
standardized named curves for TLS. Using private ECDH curves might not make much sense
for TLS, but in my case it did: I used it for a VPN client/server where the customer
requested the ability to use private ECDH groups in the IKEv2 protocol, in addition
to the official IANA groups.

With the proposed change it was easy for me to serialize the entire set of all public
and private [EC]DH-Groups in single file by creating a few ASN1 rules based on the
existing ASN1  structures (DHparameters  resp. EC[PK]PARAMETERS). So instead of
reinventing the wheel, I let OpenSSL do the main part of the serialization.

There is a thread that predates the creation of my ticket, where I discussed my motivation
with Daniel Kahn Gillmor, see below. I hope my arguments convince you that it is a good
idea to add these ASN1 structures and the related functions to the public api.

Best Regards,

Matthias St. Pierre


http://thread.gmane.org/gmane.comp.encryption.openssl.devel/28272:

>>> On Tue 2015-01-27 11:15:37 -0500, Dr. Matthias St. Pierre wrote:
>>>> Add missing forward declarations and export declarations for DHparams
>>>> and EC[PK]PARAMETERS.
>>>>
>>>> Add public functions to convert between EC_GROUP objects and EC[PK]PARAMETERS
>>>> objects: EC_GROUP_new_from_ec[pk]parameters(), EC_GROUP_get_ec[pk]parameters().
>>>
>>> fwiw, the IETF TLS WG is moving away from the possibility of arbitrary
>>> EC groups, and toward the requirement of specified and vetted EC
>>> groups.  I'm not sure how much extra work should be done to maintain
>>> that as a public-facing interface.
>>
>> As for TLS, you maybe right. However, the use of Diffie-Hellman is not limited
>> to TLS (in my case, it's IKEv2). The proposed changes are not for libssl, but for
>> the 'low level' libcrypto library, which is in my opinion a general purpose crypto
>> library. As such, it should not make assumptions on or impose restrictions to possible
>> use cases of the library. Neither should it enforce standards, but provide algorithms.
>>
>> My patch does not introduce new features or change existing ones. It just makes
>> functionality available for reuse. I needed this particular functionality and I
>> had the choice between 1) copy & paste the code 2) patch OpenSSL privately, or
>> 3) submit a patch. So I chose the latter.
>
>Your choice of action makes sense to me, thanks!
>
>     --dkg



--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676
Please log in as guest with password guest if prompted

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

[openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

Rich Salz via RT
In reply to this post by Rich Salz via RT
On Sat Mar 05 19:58:57 2016, [hidden email] wrote:

>
> These functions, although internal, appear to me to be the natural way
> to serialize
> and deserialize private ECDH groups. They are well tested and reusable
> and the only
> reason why they are not public is probably because OpenSSL is focused
> on supplying
> standardized named curves for TLS. Using private ECDH curves might not
> make much sense
> for TLS, but in my case it did: I used it for a VPN client/server
> where the customer
> requested the ability to use private ECDH groups in the IKEv2
> protocol, in addition
> to the official IANA groups.
>
> With the proposed change it was easy for me to serialize the entire
> set of all public
> and private [EC]DH-Groups in single file by creating a few ASN1 rules
> based on the
> existing ASN1 structures (DHparameters resp. EC[PK]PARAMETERS). So
> instead of
> reinventing the wheel, I let OpenSSL do the main part of the
> serialization.
>
> There is a thread that predates the creation of my ticket, where I
> discussed my motivation
> with Daniel Kahn Gillmor, see below. I hope my arguments convince you
> that it is a good
> idea to add these ASN1 structures and the related functions to the
> public api.
>

Well I agree that that ASN.1 structure is a natural way to encode/decode EC
parameters I'm just wondering what alternatives there are. We'd be exposing
internal structures with no accessors whose sole purpose would be to convert
between EC_GROUP and back.

The ideal situation would be an ASN.1 item which handle an EC_GROUP structure
directly instead of the internal form. We don't currently have one though,

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676
Please log in as guest with password guest if prompted

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev