From e6f7d93bf8524dc8a4be87fe25332d36e7e99b7c Mon Sep 17 00:00:00 2001 From: Ryan Petschek Date: Sun, 7 Jun 2015 13:00:16 -0400 Subject: [PATCH 1/4] doc: add note about available ECC curves Added instructions on how to get the elliptic curves supported by the OpenSSL installation in the crypto.createECDH() constructor. Also made a few minor grammar fixes within the same paragraph. --- doc/api/crypto.markdown | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/api/crypto.markdown b/doc/api/crypto.markdown index 1a181e7e69f3eb..99b28149b5cb0f 100644 --- a/doc/api/crypto.markdown +++ b/doc/api/crypto.markdown @@ -528,8 +528,10 @@ Example (obtaining a shared secret): ## crypto.createECDH(curve_name) -Creates a Elliptic Curve (EC) Diffie-Hellman key exchange object using a -predefined curve specified by `curve_name` string. +Creates an Elliptic Curve (EC) Diffie-Hellman key exchange object using a +predefined curve specified by the `curve_name` string. On recent releases, +`openssl ecparam -list_curves` will display the name and description of each +available elliptic curve. ## Class: ECDH From 0dc385d08987a9ac86b2d063f1c83001796ee338 Mon Sep 17 00:00:00 2001 From: Ryan Petschek Date: Sun, 7 Jun 2015 13:31:17 -0400 Subject: [PATCH 2/4] doc: add note about ECC curves in TLS server docs --- doc/api/tls.markdown | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown index a00b27dab91c94..3c67f18e28637c 100644 --- a/doc/api/tls.markdown +++ b/doc/api/tls.markdown @@ -181,6 +181,9 @@ automatically set as a listener for the [secureConnection][] event. The Defaults to `prime256v1`. Consult [RFC 4492] for more details. + On recent releases, `openssl ecparam -list_curves` will display the name and + description of each available elliptic curve. + - `dhparam`: A string or `Buffer` containing Diffie Hellman parameters, required for Perfect Forward Secrecy. Use `openssl dhparam` to create it. Its key length should be greater than or equal to 1024 bits, otherwise From bf3ee3347b65c5c34508adb7e6ed8d12dd89fed9 Mon Sep 17 00:00:00 2001 From: Ryan Petschek Date: Sun, 7 Jun 2015 13:39:50 -0400 Subject: [PATCH 3/4] doc: revise description of TLS server ecdhCurve --- doc/api/tls.markdown | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown index 3c67f18e28637c..cdb1a0811de571 100644 --- a/doc/api/tls.markdown +++ b/doc/api/tls.markdown @@ -179,10 +179,9 @@ automatically set as a listener for the [secureConnection][] event. The - `ecdhCurve`: A string describing a named curve to use for ECDH key agreement or false to disable ECDH. - Defaults to `prime256v1`. Consult [RFC 4492] for more details. - - On recent releases, `openssl ecparam -list_curves` will display the name and - description of each available elliptic curve. + Defaults to `prime256v1` (NIST P-256). On recent releases, `openssl ecparam + -list_curves` will display the name and description of each available elliptic + curve. - `dhparam`: A string or `Buffer` containing Diffie Hellman parameters, required for Perfect Forward Secrecy. Use `openssl dhparam` to create it. From b116c6f9821573e500dd62fcb30ff36ac0e62aee Mon Sep 17 00:00:00 2001 From: Ryan Petschek Date: Sun, 7 Jun 2015 14:43:13 -0400 Subject: [PATCH 4/4] Removed trailing whitespace --- doc/api/crypto.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api/crypto.markdown b/doc/api/crypto.markdown index 99b28149b5cb0f..df5f28e5f91fd4 100644 --- a/doc/api/crypto.markdown +++ b/doc/api/crypto.markdown @@ -530,7 +530,7 @@ Example (obtaining a shared secret): Creates an Elliptic Curve (EC) Diffie-Hellman key exchange object using a predefined curve specified by the `curve_name` string. On recent releases, -`openssl ecparam -list_curves` will display the name and description of each +`openssl ecparam -list_curves` will display the name and description of each available elliptic curve. ## Class: ECDH