diff options
author | daurnimator <quae@daurnimator.com> | 2017-04-03 12:52:39 +1000 |
---|---|---|
committer | daurnimator <quae@daurnimator.com> | 2017-04-03 13:27:14 +1000 |
commit | 70439fbea9ddd6acb942fc746bea9a522f940380 (patch) | |
tree | 474a68c1742126a094e5ff63af61d933dbc162df /doc | |
parent | 8d91ac802732222ba1b775712543601137d2bf20 (diff) | |
download | luaossl-70439fbea9ddd6acb942fc746bea9a522f940380.tar.gz luaossl-70439fbea9ddd6acb942fc746bea9a522f940380.tar.bz2 luaossl-70439fbea9ddd6acb942fc746bea9a522f940380.zip |
doc/: Mention that OpenSSL < 1.0.2 only supports a single curve at a time
Diffstat (limited to 'doc')
-rw-r--r-- | doc/luaossl.tex | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/luaossl.tex b/doc/luaossl.tex index 72f4d06..32a4dba 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex @@ -893,7 +893,7 @@ Sets the supported curves. The string format is a list of colon separated curve Sets \module{openssl.pkey} object $key$ as the ephemeral key during key exchanges which use that particular key type. Typically $key$ will be either a Diffie-Hellman or Elliptic Curve key. -\emph{In order to configure an SSL server to support an ephemeral key exchange cipher suite (i.e. DHE-* and ECDHE-*), the application must explicitly set the ephemeral keys. Simply enabling the cipher suite is not sufficient. The application can statically generate Diffie-Hellman public key parameters, and many servers ship with such a key compiled into the software. Elliptic curve keys are necessarily static, and instantiated by curve name\footnote{\href{http://en.wikipedia.org/w/index.php?title=Comparison\_of\_TLS\_implementations&oldid=629779090\#Supported\_elliptic\_curves}{According to Wikipedia} the most widely supported curve is prime256v1, so to enable ECDHE-* applications can simply do \texttt{ctx:setEphemeralKey(pkey.new\{ type = ``EC'', curve = ``prime256v1'' \})}. To achieve Perfect Forward Secrecy for ECDHE-*, applications must also do \texttt{ctx:setOptions(context.OP\_SINGLE\_ECDH\_USE)}. The \texttt{ctx} object must then be used to configure each SSL session, such as by passing it to \fn{cqueues.socket:starttls()}.}.} +\emph{In order to configure an SSL server to support an ephemeral key exchange cipher suite (i.e. DHE-* and ECDHE-*), the application must explicitly set the ephemeral keys. Simply enabling the cipher suite is not sufficient. The application can statically generate Diffie-Hellman public key parameters, and many servers ship with such a key compiled into the software. Elliptic curve keys are necessarily static, and instantiated by curve name\footnote{OpenSSL < 1.0.2 only supports a single curve, \href{http://en.wikipedia.org/w/index.php?title=Comparison\_of\_TLS\_implementations&oldid=629779090\#Supported\_elliptic\_curves}{according to Wikipedia} the most widely supported curve is prime256v1, so to enable ECDHE-*, applications can simply do \texttt{ctx:setEphemeralKey(pkey.new\{ type = ``EC'', curve = ``prime256v1'' \})}. To achieve Perfect Forward Secrecy for ECDHE-*, applications must also do \texttt{ctx:setOptions(context.OP\_SINGLE\_ECDH\_USE)}. The \texttt{ctx} object must then be used to configure each SSL session, such as by passing it to \fn{cqueues.socket:starttls()}.}.} \emph{In addition, to attain Perfect Forward Secrecy the options \texttt{OP\_SINGLE\_DH\_USE} and \texttt{OP\_SINGLE\_ECDH\_USE} must be set so that OpenSSL discards and regenerates the secret keying parameters for each key exchange.} |