Sorry for the FW subject here. I am finally on my main machine and not trying to send this email from my cellphone.
I am looking at the source for OpenSSL 0.9.8b. Line 1207 of ./ssl/s3_srvr.c shows a call to the SSL_C_EXPORT_PKEYLENGTH macro, which is defined on line 359 of ./ssl/ssl_locl.h. This macro decomposes through a series of macro calls to the macro defined on line 356 of that file. The SSL_EXPORT_PKEYLENGTH macro checks to see if an export flag is set, if so it returns 512 bits, otherwise it returns 1024 bits. So from this, it looks like the Diffie-Hellman parameter size passed to a dh callback function will always be 1024 bits per my description below. I was using some test keys of 2048 bits and noticed that when my callback function was called it was called with a parameter size of 1024 bits. So all this is from my curiosity as to why this value was being passed to my dh callback function. So am I wrong about this? What should define the DH param (prime number) size? Cheers, --Domingo On Wed, Jun 17, 2009 at 9:08 PM, Kiser, Domingo-P63246 < domingo.ki...@gdc4s.com> wrote: > > -----Original Message----- > From: owner-openssl-us...@openssl.org [mailto: > owner-openssl-us...@openssl.org] On Behalf Of Kyle Hamilton > Sent: Wednesday, June 17, 2009 11:06 AM > To: openssl-users@openssl.org > Subject: Re: DH prime over 1024 bits capped by OpenSSL? > > Which source version are you looking at? 1.0.0-beta2 does not use this as > any argument to any function (in fact, the only place it appears in the > source tree is ./ssl/ssl_locl.h). > > -Kyle H > > On Mon, Jun 15, 2009 at 4:00 PM, Domingo Kiser<domingo.ki...@gmail.com> > wrote: > > Hello, > > > > Does the "SSL_EXPORT_PKEYLENGTH" macro defined in "ssl_locl.h" force > > non-export ciphers to always use a diffie-hellman prime parameter of > > 1024 bits? This seems to be the case and I've noticed this behavior > > in a callback function registered with "SSL_CTX_set_tmp_dh_callback". > > The "s3_srr.vc" file uses this macro for the third argument to a > > callback function if its registered and dh params are not part of the > > certificate stored in the ssl structure. If this is the case, when > > would the "dh2048.pem" provided in the distribution ever be used? > > > > Is there a general rule of thumb on matching dh param sizes with key > > sizes? I assumed matching the key size would work. I am using DHE-RSA > > 2048 bit keys with a 2048 bit dh prime. I am failing due to a missing > > dh parameter, which is the correct behavior in my case due to OpenSSL > > asking for a 1024 bit parameter rather than a 2048 bit one. > > > > I will be perusing rfc2246 (TLS 1.0 spec) and rfc2631 (diffie-hellman > > key agreement) in the meantime for more information on why OpenSSL > > returns 1024 in the aforementioned macro. Could it be as simple as > > 1024 is could enough so don't bother? > > > > Any ideas or links to steer me in the right direction would be much > appreciated. > > > > Cheers, > > > > --Domingo > > > > -- > > Sent from my mobile device > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager majord...@openssl.org > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
