ssl_prepare_clienthello_tlsext has the following in t1_lib.c around line 1690.
pref_list[] is hard coded and includes some weaker curves. For
example, pref_list[] include NID_secp160r2, which offers 80-bits of
security.
It would be nice to be able to replace the hard coded list with a list
that includes curves with 112-bits or 128-bits of security or higher.
For example, a user may want to use NID_secp224r1 or NID_secp256r1
(and above).
It looks like it would be fairly easy ot create the list by
copy/pasting and trimming exiting code:
static int my_pref_list[] =
{
NID_sect571r1, /* sect571r1 (14) */
NID_sect571k1, /* sect571k1 (13) */
NID_secp521r1, /* secp521r1 (25) */
NID_sect409k1, /* sect409k1 (11) */
NID_sect409r1, /* sect409r1 (12) */
NID_secp384r1, /* secp384r1 (24) */
NID_sect283k1, /* sect283k1 (9) */
NID_sect283r1, /* sect283r1 (10) */
NID_secp256k1, /* secp256k1 (22) */
NID_X9_62_prime256v1, /* secp256r1 (23) */
NID_sect239k1, /* sect239k1 (8) */
NID_sect233k1, /* sect233k1 (6) */
NID_sect233r1, /* sect233r1 (7) */
NID_secp224k1, /* secp224k1 (20) */
NID_secp224r1, /* secp224r1 (21) */
};
Users would need a way to wire the modified list into
ssl_prepare_clienthello_tlsext, but OpenSSL appears to lack the the
ability.
**
int ssl_prepare_clienthello_tlsext(SSL* ssl)
{
...
/* Line 1690 */
/* we support all named elliptic curves in draft-ietf-tls-ecc-12 */
if (s->tlsext_ellipticcurvelist != NULL)
OPENSSL_free(s->tlsext_ellipticcurvelist);
s->tlsext_ellipticcurvelist_length =
sizeof(pref_list)/sizeof(pref_list[0]) * 2;
if ((s->tlsext_ellipticcurvelist =
OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
{
s->tlsext_ellipticcurvelist_length = 0;
SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
return -1;
}
for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
sizeof(pref_list)/sizeof(pref_list[0]); i++)
{
int id = tls1_ec_nid2curve_id(pref_list[i]);
s2n(id,j);
}
...
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org