Menu
▾
▴
Re: [Openvpn-users] Windows XP SP3 and openvpn with sha512 and support for ECC
|
From: Jan J. K. <ja...@ni...> - 2008-05-03 21:36:39
|
Big BDI wrote: > I thought openvpn for windows would work with sha512, > since the crypto api in windows xp was updated and now > includes sha512. I was incorrect. I don't know if > the bundled version of openssl, which is very old, > includes it. > the windows version of openvpn is compiled against openssl 0.9.7L which does not support SHA512. It does NOT use the crypto APIs for encryption, although it is possible to access a public/private key from the crypto store. > How can I get openvpn to work with sha512 in windows > xp? I tried recompiling openvpn in windows, but it > was far too confusing, and it was not working for me. > > I would also like to know how to compile support for > ECC (Elliptic Curce Cryptography) into openvpn. It is > already available in openssl. In the current version > 0.9.8g it is listed as a draft cipher, but it works > very well. I compiled support into apache with a > simple patch that I found > (https://issues.apache.org/bugzilla/attachment.cgi?id=18657&action=edit), > I wonder if it can be adapted to openvpn. > sure, recompile openvpn against 0.9.8g :-) > Does anyone have any ideas? I tried compiling openvpn > with Minigw... Is there an easier way? Perhaps the > next version of openvpn will include support for these > two things I am asking about? > > I can compile a version of openvpn for you if you like , and link it against openssl 0.9.8g. Compiling openvpn using MingW isn't all that hard - getting it bundled into a installer executable is (which I cannot do easily either). Hopefully the next release of the windows openvpn executables will be linked against openssl 0.9.8g ... HTH, JJK |
