[racket-dev] [patch] OpenSSL ECDH(E) + DHE support.

From: Edward Lee (e45lee at uwaterloo.ca)
Date: Tue Feb 11 10:34:53 EST 2014

Here's an updated patch that that:
  - Fixes a few typos.
  - Uses Racket's I/O system to read the Diffie-Hellman parameters.

Things that are not yet added in yet:
  - All the other elliptic curve names used in TLS.

On Mon, Feb 10, 2014 at 08:36:02PM -0500, Edward Lee wrote:
> On Mon, Feb 10, 2014 at 06:37:56PM -0500, Ryan Culpepper wrote:
> > On 02/08/2014 05:52 PM, Edward Lee wrote:
> > >Hi.
> > >
> > >Racket's OpenSSL bindings do not currently enable the ECDH(E) and the
> > >DHE ciphers, which are needed for perfect forward secrecy.
> > >
> > >I've attached a patch that:
> > >   - Embeds reasonable defaults for DHE mode.
> > >   - Adds two functions, ssl-server-context-enable-dhe! and
> > >     ssl-server-context-enable-ecdhe! that when given
> > >     DHE/ECDHE setup arguments (for DHE, a DH parameter file path,
> > >     for ECDHE, the name of one of the built-in OpenSSL elliptic curves
> > >     [currently, only secp521r1])
> > >   - (unrelated, but also useful) Adds bindings for TLS 1.1/1.2-only
> > >     server/client contexts.
> > >
> > >This patch is currently a work in progress (it currently only supports
> > >one elliptic curve name) that works well enough for what I am using it
> > >for, but I'm interested in getting this patch upstream.
> > 
> > Here are a few comments:
> > 
> > What is SSL_CTRL_SET_ECDH_AUTO? I couldn't find it in the openssl
> > headers, and I searched a few recent versions. It seems unused here,
> > anyway.
> It's not defined in OpenSSL 1.0.1, I think.  It can be used for enabling
> ECDH(E) in OpenSSL >= 1.0.2, with OpenSSL automatically selecting the
> curve - <https://www.openssl.org/news/changelog.html>, "Support for
> automatic EC temporary key parameter selection..."
> > 
> > I think it would be better to read the DH params file into memory
> > using Racket file operations and then use a memory BIO for
> > PEM_read_bio_DHparams. Two reasons: the file access will then
> > automatically go through Racket's security-guard checks, and the
> > file read will go through Racket's IO system, so if the read blocks
> > it won't block all Racket threads.
> I will investigate this, and time permitting, will change my patch to
> use Racket's IO system for loading the parameters.
> > 
> > In ...enable-ecdhe!, the 'case' form doesn't need 'quote'. It should
> > be this instead:
> > 
> >   (case name
> >     [(secp521r1) NID_secp521r1]
> >     [else ___])
> > 
> > As it is, the function will accept 'quote as the name of a curve.
> Thanks for pointing this out.
> > 
> > >What's the exact process for this?
> > 
> > If you have a github account, you can fork the repo there and submit
> > a pull request. But we can certainly handle patches like this too.
> > 
> > Ryan
> Great, thanks.
> 
> --Edward
> _________________________
>   Racket Developers list:
>   http://lists.racket-lang.org/dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: racket-ssl.patch
Type: text/x-diff
Size: 6890 bytes
Desc: not available
URL: <http://lists.racket-lang.org/dev/archive/attachments/20140211/6a2032e9/attachment-0001.bin>

Posted on the dev mailing list.