From 8c5c58742c72fd20febace14047fbb0f54c2c421 Mon Sep 17 00:00:00 2001 From: Steffan Karger Date: Sun, 15 Dec 2013 19:34:27 +0100 Subject: [PATCH] Use RSA_generate_key_ex() instead of deprecated, RSA_generate_key() This patch moves from using the deprecated RSA_generate_key() to the 'new' RSA_generate_key_ex() to generate ephemeral RSA keys. This patch does not change OpenVPN's behaviour. One note on the implementation though; the code generates one ephemeral RSA key that is used during the entire lifetime of an OpenVPN process. If OpenSSL requests a new (ephemeral) key, it will keep on returning the same (usually rather small) key. Not the best solution. To actually run this code, I had to force usage by selecting the TLS-RSA-EXPORT-WITH-DES40-CBC-SHA tls-cipher. That generated a 512-bit ephemeral RSA key, and uses the outdated DES encryption protocol. Using this mode could lead to a false sense of security. Then again, one should be using (Ephemeral) Diffie-Hellman anyway, and OpenVPN requires a tls-server to supply dh parameters. A user would need to deliberately choose a weak tls-cipher like TLS-RSA-EXPORT-WITH-DES40-CBC-SHA, which would be aligning a gun with his foot anyway. If one would decide this implementation is not good enough anymore, I'd suggest to just strip out support for this completely. Code has been tested using the TLS-RSA-EXPORT-WITH-DES40-CBC-SHA tls-cipher which uses this to create ephemeral RSA keys. This should resolve trac#197. Signed-off-by: Steffan Karger Acked-by: Arne Schwabe Message-Id: <52ADF633.8040003@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/8110 Signed-off-by: Gert Doering --- src/openvpn/ssl_openssl.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 0193acf3e..db7fd06da 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -103,8 +103,17 @@ tmp_rsa_cb (SSL * s, int is_export, int keylength) static RSA *rsa_tmp = NULL; if (rsa_tmp == NULL) { + int ret = -1; + BIGNUM *bn = BN_new(); + rsa_tmp = RSA_new(); + msg (D_HANDSHAKE, "Generating temp (%d bit) RSA key", keylength); - rsa_tmp = RSA_generate_key (keylength, RSA_F4, NULL, NULL); + + if(!bn || !BN_set_word(bn, RSA_F4) || + !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) + msg(M_SSLERR, "Failed to generate temp RSA key"); + + if (bn) BN_free( bn ); } return (rsa_tmp); } -- 2.47.2