This patch moves from using the deprecated RSA_generate_key() to the 'new'
RSA_generate_key_ex() to generate ephemeral RSA keys. This patch does
not change OpenVPN's behaviour.
One note on the implementation though; the code generates one ephemeral
RSA key that is used during the entire lifetime of an OpenVPN process.
If OpenSSL requests a new (ephemeral) key, it will keep on returning the
same (usually rather small) key. Not the best solution.
To actually run this code, I had to force usage by selecting the
TLS-RSA-EXPORT-WITH-DES40-CBC-SHA tls-cipher. That generated a 512-bit
ephemeral RSA key, and uses the outdated DES encryption protocol.
Using this mode could lead to a false sense of security. Then again, one
should be using (Ephemeral) Diffie-Hellman anyway, and OpenVPN requires
a tls-server to supply dh parameters. A user would need to deliberately
choose a weak tls-cipher like TLS-RSA-EXPORT-WITH-DES40-CBC-SHA, which
would be aligning a gun with his foot anyway. If one would decide this
implementation is not good enough anymore, I'd suggest to just strip out
support for this completely.
Code has been tested using the TLS-RSA-EXPORT-WITH-DES40-CBC-SHA tls-cipher
which uses this to create ephemeral RSA keys.
This should resolve trac#197.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <
52ADF633.
8040003@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8110
Signed-off-by: Gert Doering <gert@greenie.muc.de>
static RSA *rsa_tmp = NULL;
if (rsa_tmp == NULL)
{
+ int ret = -1;
+ BIGNUM *bn = BN_new();
+ rsa_tmp = RSA_new();
+
msg (D_HANDSHAKE, "Generating temp (%d bit) RSA key", keylength);
- rsa_tmp = RSA_generate_key (keylength, RSA_F4, NULL, NULL);
+
+ if(!bn || !BN_set_word(bn, RSA_F4) ||
+ !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
+ msg(M_SSLERR, "Failed to generate temp RSA key");
+
+ if (bn) BN_free( bn );
}
return (rsa_tmp);
}
projects / thirdparty / openvpn.git / commitdiff
