On Thu, Jan 10, 2008 at 11:54:44PM -0500, Victor Duchovni wrote:
> On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
>
> > > Does 'openssl s_server' support this? Are there public ECC TLS
> > > implementations this is known to interoperate with?
> >
> > OpenSSL s_server is a test tool, not an application. In 0.9.9 snapshot
> > builds, s_server support ECDSA, just point your cert and key files
> > at an ECDSA cert and private key. I have not checked whether it has a
> > command-line option to select an EECDH curve, but this is not important.
>
> The command-line option is "-named_curve", and if no curve is specified
> "prime256v1" is used by default unless the "-no_ecdhe" option is supplied
> (in which case any name curve is also ignored).
>
> So, for what its worth, s_server and s_client fully support EECDH
> and ECDSA.
And as mentioned, using openssl-SNAP-20080110.tar.gz and as yet
unreleased, Postfix 2.6 code:
Jan 11 00:25:51 amnesiac postfix/smtpd[11499]:
Trusted TLS connection established from localhost[127.0.0.1]:
TLSv1 with cipher ECDHE-ECDSA-AES256-SHA (256/256 bits)
Jan 11 00:25:51 amnesiac postfix/smtp[11497]:
Verified TLS connection established to 127.0.0.1[127.0.0.1]:26:
TLSv1 with cipher ECDHE-ECDSA-AES256-SHA (256/256 bits)
Similar results with s_client and s_server:
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-SHA
Server public key is 256 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : ECDHE-ECDSA-AES256-SHA
Session-ID: ...
Session-ID-ctx:
Master-Key: ...
Key-Arg : None
PSK identity: None
PSK identity hint: None
Start Time: 1200030218
Timeout : 300 (sec)
Verify return code: 0 (ok)
What's missing:
- A stable (not dev snapshot) OpenSSL 0.9.9 release
- Officially released EC supporting applications (Apache, Firefox,
Postfix, ...)
- Public CAs signing ECDSA certificates, ideally via ECDSA roots!
The last may take some time, the market pressure for broad EC deployment
is not really there yet. Give it a few years...
Below, if you are curious, are the ECDSA CA and server certs (prime256v1):
-rw-r--r-- 1 luser grp 1086 Jan 11 00:32 eccacert.pem
-rw-r--r-- 1 luser grp 1188 Jan 11 00:32 ecdsacert.pem
RSA 2048 bit certs with otherwise identical features come to:
-rw-r--r-- 1 luser grp 4930 Jan 11 00:33 cacert.pem
-rw-r--r-- 1 luser grp 5252 Jan 11 00:33 rsacert.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e7:ed:11:3a:5f:51:0d:4d
Signature Algorithm: ecdsa-with-SHA1
Issuer: C=US, ST=New York, L=New York, O=Example Corp, CN=Insecure
CA/[EMAIL PROTECTED]
Validity
Not Before: Jan 11 05:17:59 2008 GMT
Not After : Jan 11 05:17:59 2018 GMT
Subject: C=US, ST=New York, L=New York, O=Example Corp, CN=Insecure
CA/[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:e6:0e:ec:fe:04:df:13:5d:78:f7:c4:52:a1:94:
ee:19:09:13:b4:59:7d:d0:a2:73:38:ef:42:b8:40:
a1:d5:03:5b:18:e2:2b:6c:05:87:22:bb:5a:af:6a:
82:b5:d5:03:0e:07:8c:40:cc:43:b8:1c:2d:09:cc:
97:a0:eb:e5:06
ASN1 OID: prime256v1
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
0E:D4:AA:B1:09:91:7C:36:60:EA:56:4E:9C:57:00:AF:9C:4D:02:00
X509v3 Authority Key Identifier:
keyid:0E:D4:AA:B1:09:91:7C:36:60:EA:56:4E:9C:57:00:AF:9C:4D:02:00
DirName:/C=US/ST=New York/L=New York/O=Example Corp/CN=Insecure
CA/[EMAIL PROTECTED]
serial:E7:ED:11:3A:5F:51:0D:4D
Signature Algorithm: ecdsa-with-SHA1
30:43:02:1f:7e:e3:7c:d8:de:56:fb:f1:dd:e2:1a:5a:fb:45:
24:f4:18:24:8a:a0:fa:fc:f5:6e:88:ce:25:20:89:4d:9d:02:
20:71:86:6c:eb:a7:58:00:b1:b7:d4:e6:0c:03:d2:27:73:cd:
e9:30:91:f7:7a:dc:9d:fd:a4:91:0c:91:05:a8:27
-----BEGIN CERTIFICATE-----
MIIC9jCCAp+gAwIBAgIJAOftETpfUQ1NMAkGByqGSM49BAEwgYcxCzAJBgNVBAYT
AlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFTATBgNV
BAoTDEV4YW1wbGUgQ29ycDEUMBIGA1UEAxMLSW5zZWN1cmUgQ0ExJTAjBgkqhkiG
9w0BCQEWFnBvc3RtYXN0ZXJAZXhhbXBsZS5jb20wHhcNMDgwMTExMDUxNzU5WhcN
MTgwMTExMDUxNzU5WjCBhzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3Jr
MREwDwYDVQQHEwhOZXcgWW9yazEVMBMGA1UEChMMRXhhbXBsZSBDb3JwMRQwEgYD
VQQDEwtJbnNlY3VyZSBDQTElMCMGCSqGSIb3DQEJARYWcG9zdG1hc3RlckBleGFt
cGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOYO7P4E3xNdePfEUqGU
7hkJE7RZfdCiczjvQrhAodUDWxjiK2wFhyK7Wq9qgrXVAw4HjEDMQ7gcLQnMl6Dr
5QajgfIwge8wDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUDtSqsQmRfDZg6lZO
nFcAr5xNAgAwgbwGA1UdIwSBtDCBsYAUDtSqsQmRfDZg6lZOnFcAr5xNAgChgY2k
gYowgYcxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMI
TmV3IFlvcmsxFTATBgNVBAoTDEV4YW1wbGUgQ29ycDEUMBIGA1UEAxMLSW5zZWN1
cmUgQ0ExJTAjBgkqhkiG9w0BCQEWFnBvc3RtYXN0ZXJAZXhhbXBsZS5jb22CCQDn
7RE6X1ENTTAJBgcqhkjOPQQBA0YAMEMCH37jfNjeVvvx3eIaWvtFJPQYJIqg+vz1
bojOJSCJTZ0CIHGGbOunWACxt9TmDAPSJ3PN6TCR93rcnf2kkQyRBagn
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e7:ed:11:3a:5f:51:0d:4e
Signature Algorithm: ecdsa-with-SHA1
Issuer: C=US, ST=New York, L=New York, O=Example Corp, CN=Insecure
CA/[EMAIL PROTECTED]
Validity
Not Before: Jan 11 05:18:20 2008 GMT
Not After : Jan 10 05:18:20 2009 GMT
Subject: C=US, ST=New York, L=New York, O=Example Corp, OU=Marketing
Department, CN=mktg.example.com/[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:40:c7:8a:54:c1:24:82:59:dc:17:32:59:36:d6:
a3:69:95:39:83:17:11:55:c8:45:6c:24:52:a6:3f:
e6:11:6f:1d:5c:19:31:b4:23:16:62:31:fd:1c:68:
4f:b6:b7:13:85:c4:53:aa:60:be:92:38:93:7a:4d:
31:be:ff:50:58
ASN1 OID: prime256v1
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Key Identifier:
BC:44:11:0B:15:40:E2:15:6F:EA:F4:55:B9:1A:87:EA:55:B6:B9:98
X509v3 Authority Key Identifier:
keyid:0E:D4:AA:B1:09:91:7C:36:60:EA:56:4E:9C:57:00:AF:9C:4D:02:00
DirName:/C=US/ST=New York/L=New York/O=Example Corp/CN=Insecure
CA/[EMAIL PROTECTED]
serial:E7:ED:11:3A:5F:51:0D:4D
Signature Algorithm: ecdsa-with-SHA1
30:45:02:20:67:ea:d0:80:8c:d3:bd:ee:db:bf:9b:db:c8:a9:
f0:6b:b2:b5:ff:7e:93:20:8b:64:7c:1b:bb:26:25:1f:39:6b:
02:21:00:db:18:00:03:ee:b0:8d:a3:42:35:db:83:26:0b:95:
6d:c8:b2:9f:48:7d:1c:55:c3:6b:3b:18:09:8c:49:d2:a5
-----BEGIN CERTIFICATE-----
MIIDQTCCAuigAwIBAgIJAOftETpfUQ1OMAkGByqGSM49BAEwgYcxCzAJBgNVBAYT
AlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFTATBgNV
BAoTDEV4YW1wbGUgQ29ycDEUMBIGA1UEAxMLSW5zZWN1cmUgQ0ExJTAjBgkqhkiG
9w0BCQEWFnBvc3RtYXN0ZXJAZXhhbXBsZS5jb20wHhcNMDgwMTExMDUxODIwWhcN
MDkwMTEwMDUxODIwWjCBpTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3Jr
MREwDwYDVQQHEwhOZXcgWW9yazEVMBMGA1UEChMMRXhhbXBsZSBDb3JwMR0wGwYD
VQQLExRNYXJrZXRpbmcgRGVwYXJ0bWVudDEZMBcGA1UEAxMQbWt0Zy5leGFtcGxl
LmNvbTEfMB0GCSqGSIb3DQEJARYQbWt0Z0BleGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABEDHilTBJIJZ3BcyWTbWo2mVOYMXEVXIRWwkUqY/5hFv
HVwZMbQjFmIx/RxoT7a3E4XEU6pgvpI4k3pNMb7/UFijggEcMIIBGDAMBgNVHRMB
Af8EAjAAMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwHQYDVR0OBBYEFLxEEQsVQOIVb+r0Vbkah+pVtrmYMIG8BgNVHSMEgbQwgbGA
FA7UqrEJkXw2YOpWTpxXAK+cTQIAoYGNpIGKMIGHMQswCQYDVQQGEwJVUzERMA8G
A1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRUwEwYDVQQKEwxFeGFt
cGxlIENvcnAxFDASBgNVBAMTC0luc2VjdXJlIENBMSUwIwYJKoZIhvcNAQkBFhZw
b3N0bWFzdGVyQGV4YW1wbGUuY29tggkA5+0ROl9RDU0wCQYHKoZIzj0EAQNIADBF
AiBn6tCAjNO97tu/m9vIqfBrsrX/fpMgi2R8G7smJR85awIhANsYAAPusI2jQjXb
gyYLlW3Isp9IfRxVw2s7GAmMSdKl
-----END CERTIFICATE-----
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
