[openssl.org #3179] Feature Request: Set Preference List for EC Curves in Client

Sun, 24 Nov 2013 13:05:07 -0800 

ssl_prepare_clienthello_tlsext has the following in t1_lib.c around line 1690.

pref_list[] is hard coded and includes some weaker curves. For
example, pref_list[] include NID_secp160r2, which offers 80-bits of
security.

It would be nice to be able to replace the hard coded list with a list
that includes curves with 112-bits or 128-bits of security or higher.
For example, a user may want to use NID_secp224r1 or NID_secp256r1
(and above).

It looks like it would be fairly easy ot create the list by
copy/pasting and trimming exiting code:

static int my_pref_list[] =
    {
        NID_sect571r1, /* sect571r1 (14) */
        NID_sect571k1, /* sect571k1 (13) */
        NID_secp521r1, /* secp521r1 (25) */
        NID_sect409k1, /* sect409k1 (11) */
        NID_sect409r1, /* sect409r1 (12) */
        NID_secp384r1, /* secp384r1 (24) */
        NID_sect283k1, /* sect283k1 (9) */
        NID_sect283r1, /* sect283r1 (10) */
        NID_secp256k1, /* secp256k1 (22) */
        NID_X9_62_prime256v1, /* secp256r1 (23) */
        NID_sect239k1, /* sect239k1 (8) */
        NID_sect233k1, /* sect233k1 (6) */
        NID_sect233r1, /* sect233r1 (7) */
        NID_secp224k1, /* secp224k1 (20) */
        NID_secp224r1, /* secp224r1 (21) */
    };

Users would need a way to wire the modified list into
ssl_prepare_clienthello_tlsext, but OpenSSL appears to lack the the
ability.

**********

int ssl_prepare_clienthello_tlsext(SSL* ssl)
{
  ...
  /* Line 1690 */
  /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */
  if (s->tlsext_ellipticcurvelist != NULL)
OPENSSL_free(s->tlsext_ellipticcurvelist);
  s->tlsext_ellipticcurvelist_length =
sizeof(pref_list)/sizeof(pref_list[0]) * 2;
  if ((s->tlsext_ellipticcurvelist =
       OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
    {
      s->tlsext_ellipticcurvelist_length = 0;
      SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
      return -1;
    }
  for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
       sizeof(pref_list)/sizeof(pref_list[0]); i++)
    {
      int id = tls1_ec_nid2curve_id(pref_list[i]);
      s2n(id,j);
    }
    ...

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to