[issue32858] Improve OpenSSL ECDH support

[sruester]

sruester  added the comment:

I agree, we shouldn't support that confusion. I opened two separate issues 
https://bugs.python.org/issue32882 and https://bugs.python.org/issue32883 and 
will close this one now.

--
resolution:  -> wont fix
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[Christian Heimes]

Christian Heimes  added the comment:

Please split this issue into multiple issues, a bug report for the curve 
configuration bug and a feature request for kxinfo. The bug fix may land in 
2.7, 3.6 and 3.7 while the new feature can only land in 3.8.

Before you start coding, let's figure out an API first. For instance I don't 
like "kxinfo" as method name. It's a) a cryptic name and b) technically wrong 
for TLS 1.3 and PFS suites. Although people refer to DH as key exchange 
protocol, it's really a key agreement protocol. kRSA is a key exchange protocol.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[sruester]

sruester  added the comment:

AppVeyor build failed for pull request 5707. It looks like there was a problem 
with the build environment.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[sruester]

Change by sruester :


--
pull_requests: +5495

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[sruester]

sruester  added the comment:

I'd really love to see kxinfo() or a similar method in the standard. I chose to 
implement it similar to cipher() which seemed to be a good idea then. If there 
are any objections, please let's discuss how that information can be made 
available otherwise.
If that's ok, I will open another pull request which only contains kxinfo or 
similar. It is, however, not sufficient without set_ecdh_curve's support for 
X25519 in some cases (my case ^^).

Changing the implementation of set_ecdh_curve seems necessary anyway, as it 
does not support X25519 at all, and it does not allow defining multiple curves.

Maybe we can do both, update PEP 543 to address the needs and implement it (in 
an OpenSSL centric way) for the current version.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[Christian Heimes]

Christian Heimes  added the comment:

Thanks!

I rejected your initial PR. In the past we added some cruft or badly designed 
features to the SSL module. I'm in the process of cleaning the module up. Any 
new feature or revised method should be designed carefully and added to PEP 
543. The PEP defines a general TLS API that is less OpenSSL centric.

The ssl module is and will stay a thin wrapper around OpenSSL. But we are 
trying to implement new features in a general, abstract way that work with 
other TLS implementations like SecureTransport, SChannel, or NSS.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[sruester]

sruester  added the comment:

Attached script shows usage

--
Added file: https://bugs.python.org/file47449/ssl-host-check.py

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[sruester]

sruester  added the comment:

With OpenSSL 1.1.0g, the Code

 int nid = OBJ_sn2nid("X25519");
 EC_KEY *key = EC_KEY_new_by_curve_name(nid);
 printf("id:%i  key:%p\n", nid, key);

gives

 id:1034  key:(nil)

EC_KEY_new_by_curve_name is IMHO not the best option to define client side 
curves. It can only select a single curve to be offered to the server, and it 
does not (for whatever reason) support X25519 yet.
SSL_CTX_set1_curves_list() provides both, selection of multiple curves for the 
client's preference list and it supports X25519 out of the box.

Aside from this I am missing a method in SSLSocket to give me information about 
the key exchange (DH, ECDH, which curve was chosen, which bit size DH keys had, 
...).

I prepared a pull request which addresses both. Please review and be gentle, it 
is my first pull request here :-)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[sruester]

Change by sruester :


--
keywords: +patch
pull_requests: +5489
stage: needs patch -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[Christian Heimes]

Christian Heimes  added the comment:

When I replace the current implementation of SSLContext.set_ecdh_curve() with 
an implementation based on SSL_CTX_set1_curves_list(), then I'm able to 
configure X25519 curve for ECDH.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[Christian Heimes]

Christian Heimes  added the comment:

Please elaborate, how did you test that the curve is not support? Python calls 
SSL_CTX_set_ecdh_auto(self->ctx, 1) to auto configure curves.


>>> import ssl
>>> ssl = ssl.SSLContext()
>>> ssl.set_ecdh_curve('X25519')
Traceback (most recent call last):
  File "", line 1, in 
ssl.SSLError: unknown group (_ssl.c:3954)

The error message means that EC_KEY_new_by_curve_name() does not support 
X25519's group.

Some notes:
* OpenSSL 1.0.2+ supports SSL_CTX_set1_curves_list() besides 
SSL_CTX_set_tmp_ecdh()
* OpenSSL has no API to get configured curves from a context.
* I'm not sure how useful SSL_get1_curves() and SSL_get_shared_curve() would be 
for a general audience. To reduce our maintenance burden, we only wrap 
functions that are useful or required.

--
assignee:  -> christian.heimes
components: +SSL -Library (Lib)
nosy: +alex, christian.heimes, dstufft, janssen
stage:  -> needs patch

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32858] Improve OpenSSL ECDH support

[Stefan Rüster]

New submission from Stefan Rüster :

Tested with OpenSSL v1.1.0g, Python does not support selection of curve 
Curve25519 with _ssl.ctx.set_ecdh_curve("X25519").

Additionally the DH key exchange parameters (which curve has been chosen, what 
DH bit size was used) are not available through any SSL or Context method.

--
components: Library (Lib)
messages: 312237
nosy: Stefan Rüster
priority: normal
severity: normal
status: open
title: Improve OpenSSL ECDH support
type: enhancement
versions: Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com