I'm trying to use OpenVPN with GOST cryptoalgorithms, which are now available in the OpenSSL 0.9.9 (development version).
I've found some things which looks strange to me, and want to know why some design decisions are made : 1. CBC mode. Why CBC mode is so prefered over CFB or OFB? GOST 28147 doesn't define CBC mode at all, although CBC mode for GOST is defined in RFC 4357, it is considered "substandard" and current ccgost engine in OpenSSL doesn't implement it. I've always thought that CBC is least secure mode of cipher. But openvpn require rebuild with special define to use non-CBC ciphers. And error message mistakenly tells that CFB ciphers would be supported only in TLS mode, while they do work in shared-secret mode. 2. Assertion that EVP_CipherFinal would return buffer with size equal to cipher's iv length. Such assertion is found in file crypto.c line 168. (both 2.0.9 and 2.1_rc4 versions) But it is not always true. For CFB cipher with blocksize of 1 EVP_CipherFinal would always return 0 bytes. 3. --dh argument is required in TLS server mode. It is really needed only if ciphersuites with ephemeral DH key exchange are enabled. But there are lot of other ciphersuites which do not require DH parameters at all (or require some other parameters such as EECDH ciphersuites). Can somebody enlighten me - why these decisions were made? Regards, Victor Wagner.