On 31.01.20 15:28, Alan DeKok wrote:
On Jan 31, 2020, at 4:39 AM, Jan-Frederik Rieckers <rieckers+freeradius-devel@uni-bremen.de> wrote
I'm currently doing some research with the TLS client and server implementations in EAP-TLS.
Good to hear. Not many people have done this kind of research.
I'll probably write my bachelor thesis about some aspects. I'll definitely share results, if they concern the server side.
I have noticed, that Freeradius forces usage of one specific curve for ECDH Key Exchange. Is there a specific reason for that? ( set_ecdh_curve in src/main/tls.c )
No, the server *defaults* to one curve. The default can be changed by editing the configuration files.
Sorry, that was my wrong formulation. That's exactly what I meant.
It only supports one curve, largely because of limitations in the OpenSSL API. If OpenSSL supports fallback curves, we can definitely add support for that.
I don't know if that's true. As far as I know OpenSSL itself is perfectly capable of supporting multiple curves. I've tested that with my private HTTPS servers and openssl s_client: `openssl s_client -groups "X25519" -connect <host>` `openssl s_client -groups "prime256v1" -connect <host>` I've also observed at least one server in the eduroam federation which support multiple named curves. (Based on my data from analyzing TLS Handshakes in EAP-TLS) I haven't had the the time to try to modify freeradius locally to ignore the ecdh_curve completely. Unfortunately I'm just beginning to get into the openssl API. Jan-Frederik Rieckers