[SSL] Support ephemeral diffie hellman kex

Pushing some non private data into openssl enables to use edh that provides perfect forward secrecy.
2009-01-25 14:24:22 +01:00 · 2009-01-25 14:24:22 +01:00 · b62c3e4697
parent 7e539298fd
commit b62c3e4697
3 changed files with 109 additions and 0 deletions
--- a/2
+++ b/2
@ -12,6 +12,8 @@ Visible changes:
  hours.
 - autorejoin on kick by default. Can be disabled with the option
  autojoin_on_kick = false in a connection block.
+- bip SSL on the client<->bip part now support Ephemeral Diffie Hellman key
+  exchange.

 2008-02-07  Arnaud Cornet <nohar@t1r.net>
 What's to expect in bip now:
--- a/src/connection.c
+++ b/src/connection.c
@ -1033,6 +1033,71 @@ static connection_t *connection_init(int anti_flood, int ssl, int timeout,
 	return conn;
 }

+#ifdef HAVE_LIBSSL
+
+#include "moduli.h"
+
+/* from postfix tls impl */
+static DH *dh_512(void)
+{
+	DH *dh;
+	static DH *dh_512;
+
+	if (dh_512 == NULL) {
+		if ((dh = DH_new()) == NULL) {
+			mylog(LOG_WARN, "SSL: cannot create DH parameter set");
+			return (0);
+		}
+		dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), (BIGNUM *) 0);
+		dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), (BIGNUM *) 0);
+		if ((dh->p == NULL) || (dh->g == NULL)) {
+			mylog(LOG_WARN, "SSL: cannot load compiled-in DH "
+					"parameters");
+			DH_free(dh);
+			return (0);
+		} else
+			dh_512 = dh;
+	}
+	return dh_512;
+}
+
+/* tls_get_dh_1024 - get 1024-bit DH parameters, compiled-in or from file */
+static DH *dh_1024(void)
+{
+	DH *dh;
+	static DH *dh_1024;
+
+	if (dh_1024 == NULL) {
+		if ((dh = DH_new()) == NULL) {
+			mylog(LOG_WARN, "SSL: cannot create DH parameter set");
+			return (0);
+		}
+		dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), (BIGNUM *) 0);
+		dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), (BIGNUM *) 0);
+		if ((dh->p == NULL) || (dh->g == NULL)) {
+			mylog(LOG_WARN, "SSL: cannot load compiled-in DH "
+					"parameters");
+			DH_free(dh);
+			return (0);
+		} else
+			dh_1024 = dh;
+	}
+	return (dh_1024);
+}
+
+/* ripped from postfix's tls_dh.c */
+static DH *tmp_dh_cb(SSL *ssl_unused, int export, int keylength)
+{
+	DH *ret;
+
+	if (export && keylength == 512)
+		ret = dh_512();
+	else
+		ret = dh_1024();
+	return ret;
+}
+#endif
+
 connection_t *accept_new(connection_t *cn)
 {
 	connection_t *conn;
@ -1073,6 +1138,10 @@ connection_t *accept_new(connection_t *cn)
 						conf_ssl_certfile,
 						SSL_FILETYPE_PEM))
 				mylog(LOG_WARN, "SSL: Unable to load key file");
+
+			/* diffie hellman key generation need us to feed some
+			   data that can be static ... */
+			SSL_CTX_set_tmp_dh_callback(sslctx, tmp_dh_cb);
 		}

 		conn->ssl_h = SSL_new(sslctx);
--- a/src/moduli.h
+++ b/src/moduli.h
@ -0,0 +1,38 @@
+/* ripped from postfix tls_dh.c */
+
+ /*
+  * Compiled-in DH parameters. These are used when no parameters are
+  * explicitly loaded from file.
+  *
+  * XXX What is the origin of these parameters?
+  */
+static unsigned char dh512_p[] = {
+	0x88, 0x3F, 0x00, 0xAF, 0xFC, 0x0C, 0x8A, 0xB8, 0x35, 0xCD, 0xE5, 0xC2,
+	0x0F, 0x55, 0xDF, 0x06, 0x3F, 0x16, 0x07, 0xBF, 0xCE, 0x13, 0x35, 0xE4,
+	0x1C, 0x1E, 0x03, 0xF3, 0xAB, 0x17, 0xF6, 0x63, 0x50, 0x63, 0x67, 0x3E,
+	0x10, 0xD7, 0x3E, 0xB4, 0xEB, 0x46, 0x8C, 0x40, 0x50, 0xE6, 0x91, 0xA5,
+	0x6E, 0x01, 0x45, 0xDE, 0xC9, 0xB1, 0x1F, 0x64, 0x54, 0xFA, 0xD9, 0xAB,
+	0x4F, 0x70, 0xBA, 0x5B,
+};
+static unsigned char dh512_g[] = {
+	0x02,
+};
+
+static unsigned char dh1024_p[] = {
+	0xB0, 0xFE, 0xB4, 0xCF, 0xD4, 0x55, 0x07, 0xE7, 0xCC, 0x88, 0x59, 0x0D,
+	0x17, 0x26, 0xC5, 0x0C, 0xA5, 0x4A, 0x92, 0x23, 0x81, 0x78, 0xDA, 0x88,
+	0xAA, 0x4C, 0x13, 0x06, 0xBF, 0x5D, 0x2F, 0x9E, 0xBC, 0x96, 0xB8, 0x51,
+	0x00, 0x9D, 0x0C, 0x0D, 0x75, 0xAD, 0xFD, 0x3B, 0xB1, 0x7E, 0x71, 0x4F,
+	0x3F, 0x91, 0x54, 0x14, 0x44, 0xB8, 0x30, 0x25, 0x1C, 0xEB, 0xDF, 0x72,
+	0x9C, 0x4C, 0xF1, 0x89, 0x0D, 0x68, 0x3F, 0x94, 0x8E, 0xA4, 0xFB, 0x76,
+	0x89, 0x18, 0xB2, 0x91, 0x16, 0x90, 0x01, 0x99, 0x66, 0x8C, 0x53, 0x81,
+	0x4E, 0x27, 0x3D, 0x99, 0xE7, 0x5A, 0x7A, 0xAF, 0xD5, 0xEC, 0xE2, 0x7E,
+	0xFA, 0xED, 0x01, 0x18, 0xC2, 0x78, 0x25, 0x59, 0x06, 0x5C, 0x39, 0xF6,
+	0xCD, 0x49, 0x54, 0xAF, 0xC1, 0xB1, 0xEA, 0x4A, 0xF9, 0x53, 0xD0, 0xDF,
+	0x6D, 0xAF, 0xD4, 0x93, 0xE7, 0xBA, 0xAE, 0x9B,
+};
+
+static unsigned char dh1024_g[] = {
+	0x02,
+};
+