Dear OpenSSL users Thanks for thinking about it. (Especially grateful to Mr./Ms. Mattl, Michael and Kris. ) I took a little time to clarify our questions. The attached document is a diagram of our idea of how the original protocol and TLS should work together. Objective: We want to implement QUIC-TLS, which is lightweight and secure. Specifically, we would like to implement a handshake protocol by incorporating non-standard protocols. For example, we are considering a post-quantum key exchange protocol. This is just a part of our research, and we are not considering a new standardization proposal for TLS handshaking that includes the above protocols at this stage. What we would like to hear: 1. what exactly is the structure that stores ephemeral keys in ECDHE/DHE? 2. What is the function that calculates the ephemeral public key of ECDHE/DHE and stores the value in the above structure? 3. After receiving a client hello or server hello message, where is the part that extracts the ephemeral public key of the communication partner from the received message? Also, where is the place to calculate the session key from ECDHE/DHE? Additional two information. Current situation: I'm trying to implement it using "msquic". The handshake in "msquic" uses "quictls" forked from OpenSSL, but I think the implementation of the TLS handshake is based on OpenSSL. Problem: I would like to be able to use the TLS handshake part of OpenSSL (ClientHello, ServerHello) with protocol messages on behalf of ECDHE and DHE to perform key exchange and pass the generated session key to the TLS record protocol. Nobuo Aoki (master 1st student, Japan). (It seems that the file could not be attached because of the large sending byte size. Instead, I'll share it from my university's storage. Here is the link for sharing)
|
