根据RFC 4492第5.1.1节的规定,任意参数的曲线也被支持(参见下面的任意表达式_prime_curves)。这意味着如果您找到要测试的每条曲线的定义和所有EC参数,则可以通过openssl调用(例如EC_GROUP_new_curve,EC_KEY_set_group,EC_KEY_get0_private_key)生成密钥,然后在TLS握手中使用它们。
所以,结论是,如果不是使用命名曲线,而是使用自定义曲线,则可以支持您生成的所有按键可以支持。
enum {
sect163k1 (1), sect163r1 (2), sect163r2 (3),
sect193r1 (4), sect193r2 (5), sect233k1 (6),
sect233r1 (7), sect239k1 (8), sect283k1 (9),
sect283r1 (10), sect409k1 (11), sect409r1 (12),
sect571k1 (13), sect571r1 (14), secp160k1 (15),
secp160r1 (16), secp160r2 (17), secp192k1 (18),
secp192r1 (19), secp224k1 (20), secp224r1 (21),
secp256k1 (22), secp256r1 (23), secp384r1 (24),
secp521r1 (25),
reserved (0xFE00..0xFEFF),
arbitrary_explicit_prime_curves(0xFF01),
arbitrary_explicit_char2_curves(0xFF02),
(0xFFFF)
} NamedCurve;
'openssl ecparam'中还有-C选项,允许为命名曲线生成C代码。
openssl ecparam -name prime256v1 -C
会生成可用于生成自定义曲线与匹配命名曲线是参数键创建EC_GROUP对象代码:
static unsigned char ec_p_256[] = {
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
};
static unsigned char ec_a_256[] = {
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC
};
static unsigned char ec_b_256[] = {
0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,0xB3,0xEB,0xBD,0x55,
0x76,0x98,0x86,0xBC,0x65,0x1D,0x06,0xB0,0xCC,0x53,0xB0,0xF6,
0x3B,0xCE,0x3C,0x3E,0x27,0xD2,0x60,0x4B
};
static unsigned char ec_gen_256[] = {
0x04,0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,0xF8,0xBC,0xE6,
0xE5,0x63,0xA4,0x40,0xF2,0x77,0x03,0x7D,0x81,0x2D,0xEB,0x33,
0xA0,0xF4,0xA1,0x39,0x45,0xD8,0x98,0xC2,0x96,0x4F,0xE3,0x42,
0xE2,0xFE,0x1A,0x7F,0x9B,0x8E,0xE7,0xEB,0x4A,0x7C,0x0F,0x9E,
0x16,0x2B,0xCE,0x33,0x57,0x6B,0x31,0x5E,0xCE,0xCB,0xB6,0x40,
0x68,0x37,0xBF,0x51,0xF5
};
static unsigned char ec_order_256[] = {
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xBC,0xE6,0xFA,0xAD,0xA7,0x17,0x9E,0x84,
0xF3,0xB9,0xCA,0xC2,0xFC,0x63,0x25,0x51
};
static unsigned char ec_cofactor_256[] = {
0x01
};
EC_GROUP *get_ec_group_256(void)
{
int ok=0;
EC_GROUP *group = NULL;
EC_POINT *point = NULL;
BIGNUM *tmp_1 = NULL, *tmp_2 = NULL, *tmp_3 = NULL;
if ((tmp_1 = BN_bin2bn(ec_p_256, sizeof(ec_p_256), NULL)) == NULL)
goto err;
if ((tmp_2 = BN_bin2bn(ec_a_256, sizeof(ec_a_256), NULL)) == NULL)
goto err;
if ((tmp_3 = BN_bin2bn(ec_b_256, sizeof(ec_b_256), NULL)) == NULL)
goto err;
if ((group = EC_GROUP_new_curve_GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)
goto err;
/* build generator */
if ((tmp_1 = BN_bin2bn(ec_gen_256, sizeof(ec_gen_256), tmp_1)) == NULL)
goto err;
point = EC_POINT_bn2point(group, tmp_1, NULL, NULL);
if (point == NULL)
goto err;
if ((tmp_2 = BN_bin2bn(ec_order_256, sizeof(ec_order_256), tmp_2)) == NULL)
goto err;
if ((tmp_3 = BN_bin2bn(ec_cofactor_256, sizeof(ec_cofactor_256), tmp_3)) == NULL)
goto err;
if (!EC_GROUP_set_generator(group, point, tmp_2, tmp_3))
goto err;
ok=1;
err:
if (tmp_1)
BN_free(tmp_1);
if (tmp_2)
BN_free(tmp_2);
if (tmp_3)
BN_free(tmp_3);
if (point)
EC_POINT_free(point);
if (!ok)
{
EC_GROUP_free(group);
group = NULL;
}
return(group);
}
敬请告知我们的信息来源是什么? – ChiaraHsieh 2013-05-02 13:31:36
这是RFC 4492 - 椭圆曲线加密(ECC)传输层安全(TLS)密码套件 – 2013-05-02 19:39:55