Add support for EECDH to Sofia-SIP

This adds support for the ephemeral elliptic curve Diffie-Hellman key exchange, which provides for forward secrecy in the event that long-term keys are compromised. For the moment, we've hard-coded the curve as prime256v1.
2025-04-14 08:05:37 +00:00 · 2014-02-06 15:27:06 +00:00 · 2014-02-06 15:27:06 +00:00 · 1398975622
commit 1398975622
parent 096f92fb17
1 changed files with 27 additions and 0 deletions
--- a/libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c
+++ b/libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c
@ -263,6 +263,27 @@ int tls_verify_cb(int ok, X509_STORE_CTX *store)
  return ok;
 }

+static
+int tls_init_ecdh_curve(tls_t *tls)
+{
+  int nid;
+  EC_KEY *ecdh;
+  if (!(nid = OBJ_sn2nid("prime256v1"))) {
+    tls_log_errors(1, "Couldn't find specified curve", 0);
+    errno = EIO;
+    return -1;
+  }
+  if (!(ecdh = EC_KEY_new_by_curve_name(nid))) {
+    tls_log_errors(1, "Couldn't create specified curve", 0);
+    errno = EIO;
+    return -1;
+  }
+  SSL_CTX_set_options(tls->ctx, SSL_OP_SINGLE_ECDH_USE);
+  SSL_CTX_set_tmp_ecdh(tls->ctx, ecdh);
+  EC_KEY_free(ecdh);
+  return 0;
+}
+
 static
 int tls_init_context(tls_t *tls, tls_issues_t const *ti)
 {
@ -381,6 +402,12 @@ int tls_init_context(tls_t *tls, tls_issues_t const *ti)
  SSL_CTX_set_verify_depth(tls->ctx, ti->verify_depth);
  SSL_CTX_set_verify(tls->ctx, verify, tls_verify_cb);

+  if (tls_init_ecdh_curve(tls) == 0) {
+    SU_DEBUG_3(("%s\n", "tls: initialized ECDH"));
+  } else {
+    SU_DEBUG_3(("%s\n", "tls: failed to initialize ECDH"));
+  }
+
  if (!SSL_CTX_set_cipher_list(tls->ctx, ti->ciphers)) {
    SU_DEBUG_1(("%s: error setting cipher list\n", "tls_init_context"));
    tls_log_errors(3, "tls_init_context", 0);