New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ClientHello sends ECC ciphers without extensions #366

Closed
jay opened this Issue Mar 27, 2016 · 3 comments

Comments

Projects
None yet
2 participants
@jay
Contributor

jay commented Mar 27, 2016

I've noticed to send ECC extensions requires not only --enable-ecc but --enable-supportedcurves and wolfSSL_CTX_UseSupportedCurve. I had only done --enable-ecc and recently tried to connect to a go server using wolfSSL and it failed because the only ciphersuites the server had in common were ECDHE, and go server won't select ECDHE unless both curve and point extensions are sent by the client.

RFC 4492 in section 4 says "A client that proposes ECC cipher suites may choose not to include these extensions. In this case, the server is free to choose any one of the elliptic curves or point formats listed in Section 5." I've proposed a change in go server to address that, however I think you may want to consider enabling ECC extensions when ECC ciphers are sent, otherwise the server could pick a curve that though allowed by the RFC is not supported by wolfSSL and there could still be an error. Also I think the burden of setting some default supported curves should be on the library.

I think a way to accomplish this would be if --enable-ecc then that should imply --enable-supportedcurves during build, and during runtime if the user does not call wolfSSL_CTX_UseSupportedCurve and wolfSSL is going to send ECDHE in the ClientHello it should include some default list of curves and points that are safe and supported, similar to what OpenSSL does.

@cconlon

This comment has been minimized.

Show comment
Hide comment
@cconlon

cconlon Mar 28, 2016

Member

Hi,

Thanks for the ideas and suggestions. For portability reasons, enabling TLS extensions by default on all platforms may not be the best choice, but it may make sense on standard desktop environments. We'll put this on our list to think over.

If supported curves has been enabled, having wolfSSL send a default list of curves sounds like a good idea (unless explicitly set with wolfSSL_CTX_UseSupportedCurve()). We'll add this to our desired feature list.

Thanks!
Chris

Member

cconlon commented Mar 28, 2016

Hi,

Thanks for the ideas and suggestions. For portability reasons, enabling TLS extensions by default on all platforms may not be the best choice, but it may make sense on standard desktop environments. We'll put this on our list to think over.

If supported curves has been enabled, having wolfSSL send a default list of curves sounds like a good idea (unless explicitly set with wolfSSL_CTX_UseSupportedCurve()). We'll add this to our desired feature list.

Thanks!
Chris

@cconlon cconlon self-assigned this Mar 28, 2016

@cconlon

This comment has been minimized.

Show comment
Hide comment
@cconlon

cconlon Mar 29, 2016

Member

Added to Feature Request list, closing.

Member

cconlon commented Mar 29, 2016

Added to Feature Request list, closing.

@cconlon cconlon closed this Mar 29, 2016

jay added a commit to curl/curl that referenced this issue Mar 29, 2016

@jay

This comment has been minimized.

Show comment
Hide comment
@jay

jay Mar 29, 2016

Contributor

To remedy this as much as possible for us I've added support for the ECC curves extension,
curl/curl@7921628
I don't see a way to send the the format points extension though so in a build of wolfSSL without static ciphers enabled I don't believe it will be possible to connect to a go server. Please consider adding missing format point extension as a related issue. Thanks

Contributor

jay commented Mar 29, 2016

To remedy this as much as possible for us I've added support for the ECC curves extension,
curl/curl@7921628
I don't see a way to send the the format points extension though so in a build of wolfSSL without static ciphers enabled I don't believe it will be possible to connect to a go server. Please consider adding missing format point extension as a related issue. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment