[ipxe-devel] ECDHE_RSA cipher suites
Michael Brown
mcb30 at ipxe.org
Sun Jul 29 13:00:25 UTC 2018
On 28/07/18 05:04, LAU, ALOYSIUS wrote:
> In our environment, the servers are using the **ECDHE_RSA** cipher suites.
>
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
>
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
>
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
>
> In the source code that was cloned from “git clone
> http://git.ipxe.org/ipxe.git” on 26-Jul-2018, I did not see the ECDHE
> support.
>
> I plan to add the ECDHE support in iPXE and test it in our environment.
> Once I get it all tested, we will contribute the source code to the iPXE
> project. Would the iPXE’s gate keeper open to this proposal?
As long as it fits within the structure and style of the existing crypto
code then yes, that would be a welcome addition. Existing crypto code
is extremely small, easily separable, has no external dependencies, and
is covered by the published NIST test vectors for correctness.
Thanks,
Michael
More information about the ipxe-devel
mailing list