Reputation: 139
Could someone please explain about the usage of "ecdh_tmp_cb" callback?
I am looking for information about the usage of "ecdh_tmp_cb" callback and how it is used? I have searched enough but did not get any info.
Upvotes: 1
Views: 1292
Answers (1)
Reputation: 102376
could someone please help in providing the information about the usage of "ecdhe_tmp_cb" callback and how it is used?
I believe some of the functions were added at 1.0.2 and removed at 1.1.0. They were added at 1.0.2 as a band-aide because the regular callbacks were a bad fit due to a predication on modulus sizes (IIRC). They were removed at 1.1.0 because the library's interfaces could change enough to provide what was needed.
I seem to recall these two functions (from ssl.h) would send in bogus values for keylength:
#ifndef OPENSSL_NO_ECDH
void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
EC_KEY *(*ecdh)(SSL *ssl,int is_export,
int keylength));
void SSL_set_tmp_ecdh_callback(SSL *ssl,
EC_KEY *(*ecdh)(SSL *ssl,int is_export,
int keylength));
#endif
keylength is kind of what would be needed to determine the field (kind of). But there was no way to differentiate between, say, prime or binary curves.
What you really needed in the callback was the agreed upon curve. Or you needed to hook the process before the curve was selected at the server so you could influence the selection. As far as I know, that process flow and information was never available.
What people used to do in 1.0.1 was simply use secp256r1 because it was nearly ubiquitous. Ambitious folks who were more security conscious would use secp521r1. secp384r1 was a slightly odder curve choice that would show up on occasion. Also see Which elliptic curve should I use? on InfoSec.SE.
Once you selected your curve, like secp256r1, the temp value you were generating was for an ephemeral key pair in that field. You could generate a new value on each connection; you could generate the value once an hour; you could generate the value once a day; etc. If you used the same value all the time, it was effectively a static key.
The Change Log states similar around line 515. If you scroll up, you will see it applies to 1.1.0 and above. (The statement "Changes between 1.0.2h and 1.1.0" means it applies to 1.1.0, not 1.0.2i and above).
SSL_{CTX_}set_ecdh_auto() has been removed and ECDH is support is always enabled now. If you want to disable the support you should exclude it using the list of supported ciphers. This also means that the "-no_ecdhe" option has been removed from s_server.
[Kurt Roeckx]SSL_{CTX}_set_tmp_ecdh() which can set 1 EC curve now internally calls
SSL_{CTX_}set1_curves() which can set a list.
[Kurt Roeckx]Remove support for SSL_{CTX_}set_tmp_ecdh_callback(). You should set the curve you want to support using SSL_{CTX_}set1_curves().
[Kurt Roeckx]
The Change Log also states 1.1.0 uses:
- Change the ECC default curve list to be this, in order: x25519, secp256r1, secp521r1, secp384r1.
[Rich Salz]
I have searched enough but did not get any info.
Usually you want to look at the OpenSSL sources when you find something that's under-documented. The sources to look at are s_client and s_server. You can find them in the <openssl src>/apps/ directory. The source files are [unsurprisingly] named s_client.c and s_server.c.
From the search below, ssl/ssl_conf.c also looks like an interesting hit. The *.pod files below are the sources for the man pages. If there's a hit on a *.pod file,then you know you can type, say man SSL_CTX_set_tmp_dh_callback and get the manual page for the function.
$ grep -IR _set_tmp_ *
CHANGES: *) SSL_{CTX}_set_tmp_ecdh() which can set 1 EC curve now internally calls
CHANGES: 'default key' from SSL_CTX_set_tmp_dh would always be lost, meaning
CHANGES: are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
CHANGES: SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback. Additionally a new
CHANGES: SSL_CTX_set_tmp_{rsa,dh}_callback().
apps/s_server.c: else if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
apps/s_server.c: else if (!SSL_CTX_set_tmp_dh(ctx2, dh)) {
doc/ssl/ssl.pod:=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh);
doc/ssl/ssl.pod:=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
doc/ssl/ssl.pod:L<SSL_CTX_set_tmp_dh_callback(3)>,
doc/ssl/SSL_CTX_set_cipher_list.pod:(see L<SSL_CTX_set_tmp_dh_callback(3)>).
doc/ssl/SSL_CTX_set_cipher_list.pod:(see L<SSL_CTX_set_tmp_dh_callback(3)>).
doc/ssl/SSL_CTX_set_cipher_list.pod:L<SSL_CTX_set_tmp_dh_callback(3)>,
doc/ssl/SSL_CTX_set_options.pod:(see L<SSL_CTX_set_tmp_dh_callback(3)>).
doc/ssl/SSL_CTX_set_options.pod:L<SSL_CTX_set_tmp_dh_callback(3)>,
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod: void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod: long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod: void SSL_set_tmp_dh_callback(SSL *ctx,
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod: long SSL_set_tmp_dh(SSL *ssl, DH *dh)
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_CTX_set_tmp_dh() sets DH parameters to be used to be B<dh>.
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_set_tmp_dh_callback() sets the callback only for B<ssl>.
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_set_tmp_dh() sets the parameters only for B<ssl>.
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod: if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return
doc/ssl/SSL_CTX_set_tmp_dh_callback.pod:SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0
include/openssl/ssl.h:# define SSL_CTX_set_tmp_dh(ctx,dh) \
include/openssl/ssl.h:# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
include/openssl/ssl.h:# define SSL_set_tmp_dh(ssl,dh) \
include/openssl/ssl.h:# define SSL_set_tmp_ecdh(ssl,ecdh) \
include/openssl/ssl.h:# define SSL_CTX_set_tmp_rsa(ctx,rsa) 1
include/openssl/ssl.h:# define SSL_set_tmp_rsa(ssl,rsa) 1
include/openssl/ssl.h:# define SSL_CTX_set_tmp_rsa_callback(ctx, cb) while(0) (cb)(NULL, 0, 0)
include/openssl/ssl.h:# define SSL_set_tmp_rsa_callback(ssl, cb) while(0) (cb)(NULL, 0, 0)
include/openssl/ssl.h:void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
include/openssl/ssl.h:void SSL_set_tmp_dh_callback(SSL *ssl,
ssl/ssl_conf.c: rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);
ssl/ssl_conf.c: rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);
ssl/ssl_conf.c: rv = SSL_CTX_set_tmp_dh(cctx->ctx, dh);
ssl/ssl_conf.c: rv = SSL_set_tmp_dh(cctx->ssl, dh);
ssl/ssl_lib.c:void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
ssl/ssl_lib.c:void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
test/ssltest_old.c: SSL_CTX_set_tmp_dh(s_ctx, dh);
test/ssltest_old.c: SSL_CTX_set_tmp_dh(s_ctx2, dh);
util/libssl.num:SSL_set_tmp_dh_callback 20 1_1_0 EXIST::FUNCTION:DH
util/libssl.num:SSL_CTX_set_tmp_dh_callback 156 1_1_0 EXIST::FUNCTION:DH
Upvotes: 1
Related Questions
- Purpose of EVP_EncryptFinal_ex function in OpenSSL
- OpenSSL 1.1.1d - Async use of SSL_CTX_set_cert_verify_callback?
- Using ECDHE TLS with Boost ASIO
- Elliptic Curve Diffie-Hellman (ECDH) - What is SecretPrepend and SecretAppend for?
- What does this callback function do?
- ECDHE how the client sends Premaster sectret
- ECDH in OpenSSL
- Can anyone explain me this part of the code
- what does ablkcipher_request_set_callback do?
- What is the use of callback function in C++ ?