I am trying to make sense of SSL_CTX_set_tmp_rsa_callback.
As I understand it, it is required in order to support "export" ciphers
like EXP-RC4-MD5, used by crippled "export" web browsers like Netscape
& MSIE, which can't handle RSA key sizes larger than 512 bits.
The prototype of the callback function used with SSL_CTX_set_tmp_rsa_callback:
RSA *tempRSACallback (SSL *callssl, int exportOn, int keyLength);
Can this function ever be called with "exportOn == 0" or "keyLength != 512"?
Testing it with various SSL clients would seem to indicate that exportOn is
always true, and keyLength is always 512. However apache_ssl.c provides
support for a keyLength of 512 and a keyLength of 1024 in its temp RSA
callback. (I suspect that Ben might have a good reason for this, but I do
not know why?)
In addition, one can generate a temporary RSA key with a large key size,
like 2048 bit, and return it in the callback, even when only a keyLength
of 512 was requested, and it will still work great. I assume that the
returned temporary RSA key is later truncated, since an error will occur
if one assigns the large key size directly with the SSL_CTX_set_tmp_rsa
function instead of using the callback.
Also I was wondering how the temp RSA keys work with the certificate?
If a cert is associated with a 1024 bit RSA private key, how does the
client validate the cert and use its public key to submit the session
key, when a random 512 bit key is used instead?
Thanks.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
