Caddy: Feature request: Support for Curve25519
It would be nice, if Caddy could support Curve25519 as an alternative to the NIST P-256 curve for the Diffie鈥揌ellman handshake. Besides being not made by the NSA, it should also be slightly faster and more secure.
Some applications that use Curve25519:
- OpenSSH
- OpenBSD (for package signing)
- Tor
- Signal
- DNSCurve and DNSCrypt
Additional links:
mkoppmann
All 13 comments
Hey @mkoppmann, thanks for the request! Any idea how we use this without modifying the TLS stack?
mholt
on 3 Oct 2016
So I looked more into this and found this open issue. Guess we have to wait, until agl finished that. He is currently working on the implementation of Chacha20 and Poly1305 I believe, which is also super awesome, so maybe he will work on Curve25519 next, since it is all by djb.
mkoppmann
on 3 Oct 2016
As far as I know, ChaCha20Poly1305 is on the 1.8 dashboard - Adam will add it to the standard crypto/tls package - See Gerrit
aead
on 4 Oct 2016
Great -- since this seems out of scope for doing this in the Caddy project, I'll close the issue. Looking forward to the crypto improvements in Go 1.8 and beyond!
mholt
on 4 Oct 2016
@mholt @mkoppmann support for Curve25519 just landed in golang's master branch: https://github.com/golang/go/commit/e875fe42eee942c35cdecc7b4b5d4e762f47bade :smiley:
wendigo
on 12 Oct 2016
Is this really happening? Go 1.8 is going to be the best release ever :smile:
mkoppmann
on 12 Oct 2016
Giving the number of improvements to compiler, tooling, GC, performance and APIs I fully agree!
wendigo
on 12 Oct 2016
Cool, that was quick. :) We'll keep an eye on it as Go 1.8 matures and see what controls need to be exposed to configure it -- if any at all.
mholt
on 13 Oct 2016
Hello everybody,
I implement X25519 :smile: -- It's working (on Chrome)
elcore
on 13 Oct 2016
Whaaaat? :laughing:
mkoppmann
on 13 Oct 2016
It's pretty simple @mrkoppmann :smile:
Build Golang from master, modify Caddy and compile it :smile:
elcore
on 13 Oct 2016
Will try it next week after an exam. Thanks for the info :+1:
mkoppmann
on 13 Oct 2016
馃憤 @mkoppmann
diff --git a/caddytls/config.go b/caddytls/config.go
index 92e5729..7c2b692 100644
--- a/caddytls/config.go
+++ b/caddytls/config.go
@@ -456,9 +456,10 @@ var defaultCiphers = []uint16{
// Map of supported curves
// https://golang.org/pkg/crypto/tls/#CurveID
var supportedCurvesMap = map[string]tls.CurveID{
- "P256": tls.CurveP256,
- "P384": tls.CurveP384,
- "P521": tls.CurveP521,
+ "X25519": tls.X25519,
+ "P256": tls.CurveP256,
+ "P384": tls.CurveP384,
+ "P521": tls.CurveP521,
}
const (
diff --git a/caddytls/setup_test.go b/caddytls/setup_test.go
index b630e74..e5445c5 100644
--- a/caddytls/setup_test.go
+++ b/caddytls/setup_test.go
@@ -283,7 +283,7 @@ func TestSetupParseWithKeyType(t *testing.T) {
func TestSetupParseWithCurves(t *testing.T) {
params := `tls {
- curves p256 p384 p521
+ curves x25519 p256 p384 p521
}`
cfg := new(Config)
RegisterConfigGetter("", func(c *caddy.Controller) *Config { return cfg })
@@ -294,11 +294,11 @@ func TestSetupParseWithCurves(t *testing.T) {
t.Errorf("Expected no errors, got: %v", err)
}
- if len(cfg.CurvePreferences) != 3 {
- t.Errorf("Expected 3 curves, got %v", len(cfg.CurvePreferences))
+ if len(cfg.CurvePreferences) != 4 {
+ t.Errorf("Expected 4 curves, got %v", len(cfg.CurvePreferences))
}
- expectedCurves := []tls.CurveID{tls.CurveP256, tls.CurveP384, tls.CurveP521}
+ expectedCurves := []tls.CurveID{tls.X25519, tls.CurveP256, tls.CurveP384, tls.CurveP521}
// Ensure ordering is correct
for i, actual := range cfg.CurvePreferences {
Related issues
crvv
路
3Comments
mholt
路
3Comments
dafanasiev
路
3Comments
billop
路
3Comments
mikolysz
路
3Comments
Most helpful comment
@mholt @mkoppmann support for Curve25519 just landed in golang's master branch: https://github.com/golang/go/commit/e875fe42eee942c35cdecc7b4b5d4e762f47bade :smiley: