mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-11-27 11:43:51 +08:00
609e813142
This patch is based on Jan Just Keijser's patch from Feb 7, 2012. When OpenSSL 1.0.2+ or PolarSSL is used, lets the crypto library do the heavy lifting. For OpenSSL builds, if a user specifies a curve using --ecdh-curve, it first tries to override automatic selection using that curve. For older OpenSSL, tries the following things (in order of preference): * When supplied, use the ecdh curve specified by the user. * Try to extract the curve from the private key, use the same curve. * Fall back on secp384r1 curve. Note that although a curve lookup might succeed, OpenSSL 1.0.0 and older do *not* support TLSv1.1 or TLSv1.2, which means no that no EC-crypto can be used. Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <53597BEA.6080408@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/8625 Signed-off-by: Gert Doering <gert@greenie.muc.de>
36 lines
1.7 KiB
Plaintext
36 lines
1.7 KiB
Plaintext
Since 2.4.0, OpenVPN has official support for elliptic curve crypto. Elliptic
|
|
curves are an alternative to RSA for asymmetric encryption.
|
|
|
|
Elliptic curve crypto ('ECC') can be used for the ('TLS') control channel only
|
|
in OpenVPN; the data channel (encrypting the actual network traffic) uses
|
|
symmetric encryption. ECC can be used in TLS for authentication (ECDSA) and key
|
|
exchange (ECDH).
|
|
|
|
Key exchange (ECDH)
|
|
-------------------
|
|
OpenVPN 2.4.0 and newer automatically initialize ECDH parameters. When ECDSA is
|
|
used for authentication, the curve used for the server certificate will be used
|
|
for ECDH too. When autodetection fails (e.g. when using RSA certificates)
|
|
OpenVPN lets the crypto library decide if possible, or falls back to the
|
|
secp384r1 curve.
|
|
|
|
An administrator can force an OpenVPN/OpenSSL server to use a specific curve
|
|
using the --ecdh-curve <curvename> option with one of the curves listed as
|
|
available by the --show-curves option. Clients will use the same curve as
|
|
selected by the server.
|
|
|
|
Note that not all curves listed by --show-curves are available for use with TLS;
|
|
in that case connecting will fail with a 'no shared cipher' TLS error.
|
|
|
|
Authentication (ECDSA)
|
|
----------------------
|
|
Since OpenVPN 2.4.0, using ECDSA certificates works 'out of the box'. Which
|
|
specific curves and cipher suites are available depends on your version and
|
|
configuration of the crypto library. The crypto library will automatically
|
|
select a cipher suite for the TLS control channel.
|
|
|
|
Support for generating an ECDSA certificate chain is available in EasyRSA (in
|
|
spite of it's name) since EasyRSA 3.0. The parameters you're looking for are
|
|
'--use-algo=ec' and '--curve=<curve_name>'. See the EasyRSA documentation for
|
|
more details on generating ECDSA certificates.
|