Victor Duchovni wrote:
To enable EECDH on a TLSv1 server:SSL_CTX *server_ctx int nid; EC_KEY *ecdh; const char *curve; /* * Elliptic-Curve Diffie-Hellman parameters are either "named curves" * from RFC 4492 section 5.1.1, or explicitly described curves over * binary fields. OpenSSL only supports the "named curves", which provide * maximum interoperability. The recommended curve for 128-bit work-factor * key exchange is "prime256v1" a.k.a. "secp256r1" from Section 2.7 of * http://www.secg.org/download/aid-386/sec2_final.pdf */ if ((nid = OBJ_sn2nid(curve)) == NID_undef) { /* unknown curve */ return (0); } ERR_clear_error(); if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0 || SSL_CTX_set_tmp_ecdh(server_ctx, ecdh) == 0) { tls_print_errors(); return (0); } return (1); To enable ECDSA certs, just configure an additional cert/key pair in the server. You can configure up to 3 certficates, one RSA cert, one DSA cert and one ECDSA cert. The code for adding more certs is the same for RSA and DSA. Which cipher-suite will actually be used by the client and server depends on the client's and server's cipherlist, and whether the server takes the client's preferences or asserts its own. Clearly both the client and server need to support EC ciphers.
Does 'openssl s_server' support this? Are there public ECC TLS implementations this is known to interoperate with?
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
