Bug 1255248 - Enable curve secp256k1 in OpenSSL
Summary: Enable curve secp256k1 in OpenSSL
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openssl
Version: 7.1
Hardware: Unspecified
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: Stefan Dordevic
URL:
Whiteboard:
: 1324263 (view as bug list)
Depends On:
Blocks: 1203710 1420851
TreeView+ depends on / blocked
 
Reported: 2015-08-20 06:33 UTC by Bharti Kundal
Modified: 2020-09-10 09:25 UTC (History)
7 users (show)

Fixed In Version: openssl-1.0.2k-1.el7
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 18:16:10 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:1929 0 normal SHIPPED_LIVE openssl bug fix and enhancement update 2017-08-01 18:08:01 UTC

Description Bharti Kundal 2015-08-20 06:33:23 UTC
Description of problem:

Seems that the version of Openssl on RHEl 6 and RHEL 7 :OpenSSL 1.0.1e-fips 11 Feb 2013 and  do not provide secp256k1.

    1. Proposed title of this feature request  
>>>Enable curve secp256k1 in OpenSSL
      
      
    2. Who is the customer behind the request?  
    Account: name and acct # 1319153 Etes GmbH
      
    TAM customer: no
    SRM customer: no
    Strategic: no
      
    3. What is the nature and description of the request?  
>>curve secp256k1 in OpenSSL is enabled for Fedora and likely needs to be included in RHEL 
      
    4. Why does the customer need this? (List the business requirements here)
>>>There is not yet a specific business requirement, however they think that having the same cryptography options like in Fedora avoids a lack of them at a later time. The intention is to query this early with lower priority in order to hopefully have this feature at a later time when it is needed.  
      
    5. How would the customer like to achieve this? (List the functional requirements here)  
>>>enable the curve in the OpenSSL 
      
    6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.  
>>>
      
    7. Is there already an existing RFE upstream or in Red Hat Bugzilla? 
>>>Yes https://bugzilla.redhat.com/show_bug.cgi?id=1021898 
      
    8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?  
>>>No specific timeline. RHEL 7, RHEL 6

      
    9. Is the sales team involved in this request and do they have any additional input?  
>>>No
      
    10. List any affected packages or components.  
>>>OpenSSL
      
    11. Would the customer be able to assist in testing this functionality if implemented?  
>>>Yes



Version-Release number of selected component (if applicable):OpenSSL 1.0.1e


How reproducible:


Steps to Reproduce:
1.Run the following command to check for the list of available ciphers:

[bkundal@bkundal ~]$ openssl ecparam -list_curves
  secp384r1 : NIST/SECG curve over a 384 bit prime field
  prime256v1: X9.62/SECG curve over a 256 bit prime field

This does not list the secp256k1

Additional information:

curve secp256k1 in OpenSSL is enabled for Fedora

Comment 5 Tomas Mraz 2016-09-29 14:45:32 UTC
*** Bug 1324263 has been marked as a duplicate of this bug. ***

Comment 10 errata-xmlrpc 2017-08-01 18:16:10 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1929


Note You need to log in before you can comment on or make changes to this bug.