add support for DHE ciphers via compiled in dhparam

make it possible to use regular (non EC) EDH ciphers. To make this possible a Diffie-Hellman parameter must be passed to the openssl library. There are a few options possible as described in the manuals at [1] and [2]. Simplest approach is to generate a DH parameter using openssl dhparam -C <lenght> and include the code into the application. The lenght used for this commit is 2236 bits long, which is the longest possible without risking backward incompatibilities with old systems as stated in [1]. Newer systems should use ECDH anyway, so it makes sense to keep this method as compatible with older system as possible. Paramters longer than 2048 should still be secure enough at the time of writing. [1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters [2] https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
6 years ago · 70b5adb396
parent 6cdc0f31b0
commit 70b5adb396
1 changed files with 61 additions and 0 deletions
--- a/common/ssl_calls.c
+++ b/common/ssl_calls.c
@ -32,6 +32,7 @@
 #include <openssl/hmac.h>
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
+# include <openssl/dh.h>

 #include "os_calls.h"
 #include "arch.h"
@ -485,6 +486,60 @@ ssl_gen_key_xrdp1(int key_size_in_bits, const char *exp, int exp_len,
    return error;
 }

+/*****************************************************************************/
+/** static DH parameter, can be used if no custom parameter is specified
+see also 
+ * https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
+ * https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
+*/
+DH *get_dh2236()
+{
+    static unsigned char dhp_2236[] = {
+        0x0A, 0x32, 0x29, 0xCA, 0x5A, 0x84, 0x4C, 0xD2, 0x66, 0x61,
+        0x29, 0xAD, 0x46, 0xD7, 0xFB, 0x3A, 0x1E, 0x92, 0x8D, 0x3F,
+        0xC8, 0x16, 0x41, 0x83, 0x0C, 0xA1, 0x96, 0x29, 0xD9, 0x0B,
+        0x28, 0x3F, 0x9A, 0x1F, 0xDA, 0x81, 0x9F, 0xD2, 0x3E, 0xE4,
+        0xFA, 0x94, 0xDF, 0x35, 0x7F, 0x7F, 0xBB, 0x23, 0xA4, 0xB2,
+        0x66, 0x50, 0x64, 0x3E, 0xCD, 0x50, 0xAE, 0xEC, 0x51, 0xE1,
+        0x12, 0x41, 0xB7, 0xC4, 0xF9, 0x79, 0xC7, 0x3D, 0x80, 0x16,
+        0xE2, 0xA8, 0x4B, 0xCA, 0x0B, 0x2A, 0xA3, 0xC1, 0x93, 0xCD,
+        0x15, 0x2C, 0xE3, 0x81, 0x92, 0x0A, 0x4C, 0x59, 0x88, 0x07,
+        0xC3, 0x18, 0xCC, 0x9B, 0xCE, 0x74, 0x7A, 0x80, 0x3A, 0x85,
+        0x6E, 0xF3, 0x81, 0x2B, 0xD3, 0x84, 0x6C, 0xBC, 0xB6, 0xE2,
+        0x51, 0xCD, 0x20, 0x4B, 0x3C, 0x45, 0x03, 0xDB, 0xA9, 0xB4,
+        0xFB, 0x95, 0x54, 0x16, 0x46, 0xA7, 0x7F, 0x03, 0xFC, 0xBB,
+        0xA1, 0xF7, 0x71, 0x10, 0xCB, 0x58, 0x21, 0x5C, 0xF4, 0x89,
+        0x52, 0x91, 0xAC, 0x69, 0x84, 0xA0, 0x6D, 0x88, 0xC8, 0x05,
+        0x2B, 0x23, 0x0B, 0x88, 0xB2, 0xE7, 0xE8, 0x28, 0x7E, 0x0D,
+        0x01, 0xBF, 0xBF, 0xCD, 0xC8, 0xD7, 0xE8, 0x2C, 0x6C, 0xE3,
+        0x58, 0xFD, 0x37, 0x9D, 0x31, 0x98, 0xAC, 0xC3, 0x49, 0x8E,
+        0x0B, 0x66, 0x86, 0xE7, 0xD2, 0xE5, 0xD6, 0x1D, 0x95, 0x1F,
+        0xD2, 0x84, 0xE5, 0x68, 0x76, 0x5C, 0x40, 0xB9, 0xF1, 0x58,
+        0xD2, 0x33, 0x2D, 0x92, 0x1F, 0xA1, 0x8A, 0xD1, 0xE6, 0x35,
+        0xC2, 0xBF, 0xBF, 0xD8, 0x63, 0xB5, 0x8E, 0x3D, 0x50, 0xD2,
+        0x80, 0x67, 0x5B, 0x04, 0x4F, 0x33, 0x20, 0xAF, 0xA1, 0xE9,
+        0xB5, 0xA6, 0x7A, 0x17, 0x8E, 0xC2, 0x3D, 0xFF, 0xB6, 0x81,
+        0x2A, 0xA8, 0x13, 0x32, 0x78, 0x8B, 0x38, 0x09, 0x8F, 0x54,
+        0x5D, 0x6F, 0x3E, 0x84, 0x93, 0x49, 0x96, 0x26, 0x4E, 0x68,
+        0x82, 0x42, 0x40, 0xD9, 0x30, 0xA3, 0x90, 0x6B, 0x99, 0x1B,
+        0x11, 0x3A, 0x36, 0xE9, 0xD8, 0x52, 0x8A, 0x85, 0xDD, 0xB3
+    };
+    static unsigned char dhg_2236[] = {
+        0x02
+    };
+    DH *dh = DH_new();
+
+    if (dh == NULL)
+        return NULL;
+    dh->p=BN_bin2bn(dhp_2236,sizeof(dhp_2236),NULL);
+    dh->g=BN_bin2bn(dhg_2236,sizeof(dhg_2236),NULL);
+    if (dh->p == NULL || dh->g == NULL) {
+        DH_free(dh);
+        return NULL;
+    }
+    return dh;
+}
+
 /*****************************************************************************/
 struct ssl_tls *
 ssl_tls_create(struct trans *trans, const char *key, const char *cert)
@ -592,6 +647,12 @@ ssl_tls_accept(struct ssl_tls *self, long ssl_protocols,
                     SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
                     SSL_MODE_ENABLE_PARTIAL_WRITE);
    SSL_CTX_set_options(self->ctx, options);
+    DH *dh = get_dh2236 ();
+    if (SSL_CTX_set_tmp_dh(self->ctx, dh) != 1) {
+        g_writeln("SSL_CTX_set_tmp_dh failed");
+        return 1;
+    }
+    DH_free (dh);
 #if defined(SSL_CTX_set_ecdh_auto)
    SSL_CTX_set_ecdh_auto(self->ctx, 1);
 #endif