On my pi I have installed the latest openssl 1.0.1j (needed for easy-rsa and some manual operations) and mbedTLS 2.4.0 for OpenVPN server:
*** openssl
https://www.openssl.org/source/openssl-1.0.2j.tar.gz
tar xvf openssl-1.0.2j.tar.gz
cd openssl-1.0.2j
./config
make
sudo install
*** mbedtls
wget https://tls.mbed.org/download/mbedtls-2.4.0-gpl.tgz
tar xvf mbedtls-2.4.0-gpl.tgz
cd mbedtls-2.4.0/
make
sudo make install
Then I have built the latest OpenVPN 2.4
wget https://swupdate.openvpn.org/community/ ... 4.0.tar.gz
tar xvf openvpn-2.4.0.tar.gz
cd openvpn-2.4.0
./configure --with-crypto-library=mbedtls
make
sudo make install
As manual installation does not replace openvpn software which comes with raspberry pi please be careful which version you run. For testing I would recommend just run it from command like openvpn --config server_ecc.conf
When you are happy with results you can tinker with systemd or initd to make 2.4 your default autostart option.
Now time to generate our EC keys. The easiest way is to use easy-rsa
cd ~
mkdir OPENVPN
cd OPENVPN
git clone git://github.com/OpenVPN/easy-rsa
cd easy-rsa/easyrsa3
cp vars.example vars
# edit vars - see my example file below. Make sure you point openssl to the latest one
# my vars file BEGIN ------------
set_var EASYRSA "$PWD"
# make sure that it points to your latest openssl file
set_var EASYRSA_OPENSSL "/usr/local/openssl/bin/openssl"
set_var EASYRSA_PKI "$EASYRSA/pki"
set_var EASYRSA_DN org
set_var EASYRSA_REQ_COUNTRY "US"
set_var EASYRSA_REQ_PROVINCE "California"
set_var EASYRSA_REQ_CITY "San Francisco"
set_var EASYRSA_REQ_ORG "Copyleft Certificate Co"
set_var EASYRSA_REQ_EMAIL "me@example.net"
set_var EASYRSA_REQ_OU "My Organizational Unit"
# !!! going elliptic crypto mode. Yipie
set_var EASYRSA_ALGO ec
# Define the named curve - choose what you like and what is supported - openvpn --show-curves
set_var EASYRSA_CURVE secp521r1
# In how many days should the root CA key expire?
set_var EASYRSA_CA_EXPIRE 3650
# In how many days should certificates expire?
set_var EASYRSA_CERT_EXPIRE 3650
# How many days until the next CRL publish date? Please note that 2.4 takes seriously next crl publish date and dont run if it expires. If you use setup from 2.3 you might have to recreate crl files. you can check your crl with openssl crl -in crl.pem -noout -text
set_var EASYRSA_CRL_DAYS 3650
# my vars file END ------------
# create new PKI
./easyrsa init-pki
# build CA
./easyrsa build-ca
# create server cert
./easyrsa gen-req myECserver nopass
# sign server cert
./easyrsa sign-req server myECserver
#create user cert
./easyrsa gen-req ECClient1
# sign user cert
./easyrsa sign-req client ECClient1
go to ./pki/private folder and 3DES encrypt your private key. again - make sure you are using the latest openssl. I am not 100% sure if this step is required for all clients.
/usr/local/ssl/bin/openssl ec -in ECClient1.key -des3 -out ECClient1.3des.key
Now you have all server files.
./pki/ca.crt
./pki/issued/myECserver.crt
./pki/private/myECserver.key
Copy them to your openvpn server config folder. I put them in separate folder /etc/openvpn/ECCkeys
and use these client files to create ovpn file:
./pki/ca.crt - use for <ca> value in your ovpn file
./pki/issued/ECClient1.crt - use for <cert> value (only part between BEGIN and END)
./pki/private/ECClient1.3des.key - use for <key> value
Please see below my ovpn example file. This is an example with real data - of course I don't use it any more so don't waste time cracking it:) I have commented out all non essential parameters. If you make it working you can uncomment whatever you think is useful for you. But why to complicate things from the start...
dev tun
remote myserver.com 1194 udp
#float
#resolv-retry infinite
#nobind
#persist-key
#persist-tun
#mute-replay-warnings
#cipher AES-256-GCM
#auth SHA512
#key-direction 1
#reneg-sec 0
#compress lz4
#verb 3
#mute 20
#remote-cert-tls server
#remote-cert-eku "TLS Web Server Authentication"
#verify-x509-name DB-OpenVPN-Server name
<ca>
-----BEGIN CERTIFICATE-----
MIIEDzCCA3CgAwIBAgIJAPExRQl9wMeRMAoGCCqGSM49BAMCMIGyMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj
bzEgMB4GA1UECgwXQ29weWxlZnQgQ2VydGlmaWNhdGUgQ28xHzAdBgNVBAsMFk15
IE9yZ2FuaXphdGlvbmFsIFVuaXQxFDASBgNVBAMMC0Vhc3ktUlNBIENBMR0wGwYJ
KoZIhvcNAQkBFg5tZUBleGFtcGxlLm5ldDAeFw0xNzAxMTYwOTE0MDJaFw0yNzAx
MTQwOTE0MDJaMIGyMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEW
MBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEgMB4GA1UECgwXQ29weWxlZnQgQ2VydGlm
aWNhdGUgQ28xHzAdBgNVBAsMFk15IE9yZ2FuaXphdGlvbmFsIFVuaXQxFDASBgNV
BAMMC0Vhc3ktUlNBIENBMR0wGwYJKoZIhvcNAQkBFg5tZUBleGFtcGxlLm5ldDCB
mzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAWGwh3oYzUzpVX7qyqO4A0ygo834d4eZ
2ZPHOYoxZRdBieQv51pCY6hZl/6/qlcUl8pKqn7mDWH9ySIIiqz0X8QTAM6XSH8H
at/thQPZt5o6sRrJqrBCuX0h8lZs0QWIRs4od0442NQIJ7spu5MIYXCoycuoZm+b
RGocerRG6Mmt0G3Mo4IBKDCCASQwHQYDVR0OBBYEFEo9zHVMOGgBkSyHb64NgSeC
ERbSMIHnBgNVHSMEgd8wgdyAFEo9zHVMOGgBkSyHb64NgSeCERbSoYG4pIG1MIGy
MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2Fu
IEZyYW5jaXNjbzEgMB4GA1UECgwXQ29weWxlZnQgQ2VydGlmaWNhdGUgQ28xHzAd
BgNVBAsMFk15IE9yZ2FuaXphdGlvbmFsIFVuaXQxFDASBgNVBAMMC0Vhc3ktUlNB
IENBMR0wGwYJKoZIhvcNAQkBFg5tZUBleGFtcGxlLm5ldIIJAPExRQl9wMeRMAwG
A1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA4GMADCBiAJCAKWu
xGrpBfNnKpTOSCG0P9veO1SO86HUuRubTYtf66RNjH+K4PV1DT2z65FwN42VvAK/
M3by41KiHGDxZvupOtNCAkIBbXJkDU6NHNcX7fMwD0TpjThi8Iim0PKATuT32CcK
nM5BwY5HsNhnomYNWo74hZ9oUUJi+upkaqSzYtNJJboPzZ0=
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIEGDCCA3mgAwIBAgIBATAKBggqhkjOPQQDAjCBsjELMAkGA1UEBhMCVVMxEzAR
BgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xIDAeBgNV
BAoMF0NvcHlsZWZ0IENlcnRpZmljYXRlIENvMR8wHQYDVQQLDBZNeSBPcmdhbml6
YXRpb25hbCBVbml0MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTEdMBsGCSqGSIb3DQEJ
ARYObWVAZXhhbXBsZS5uZXQwHhcNMTcwMTE2MDkxNDMyWhcNMjcwMTE0MDkxNDMy
WjCBsTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
DVNhbiBGcmFuY2lzY28xIDAeBgNVBAoMF0NvcHlsZWZ0IENlcnRpZmljYXRlIENv
MR8wHQYDVQQLDBZNeSBPcmdhbml6YXRpb25hbCBVbml0MRMwEQYDVQQDDApteUVD
c2VydmVyMR0wGwYJKoZIhvcNAQkBFg5tZUBleGFtcGxlLm5ldDCBmzAQBgcqhkjO
PQIBBgUrgQQAIwOBhgAEAWwv2UTxAuqsKkOXqwLCw76trsk+1yFI8TX+9FRfuH2P
T1jWk3Pe8a+TYTW+dnHOjXoXRbrnHFKdEfqWBQKR1nrYADaA/OpnESuFzxTYVfMa
wkNVGMTWsDEdjBSSBSGCEql4UzS8y5v9Vy6u6GenMCoH+WHcbleZMOj3AFrx1PFO
uBb6o4IBOjCCATYwCQYDVR0TBAIwADAdBgNVHQ4EFgQUqBpL9NRgSpBzJqO+ZEQy
tldFvMswgecGA1UdIwSB3zCB3IAUSj3MdUw4aAGRLIdvrg2BJ4IRFtKhgbikgbUw
gbIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1T
YW4gRnJhbmNpc2NvMSAwHgYDVQQKDBdDb3B5bGVmdCBDZXJ0aWZpY2F0ZSBDbzEf
MB0GA1UECwwWTXkgT3JnYW5pemF0aW9uYWwgVW5pdDEUMBIGA1UEAwwLRWFzeS1S
U0EgQ0ExHTAbBgkqhkiG9w0BCQEWDm1lQGV4YW1wbGUubmV0ggkA8TFFCX3Ax5Ew
EwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMAoGCCqGSM49BAMCA4GM
ADCBiAJCAezxL0fJ03jQENU6xmv9UccdZHRBXUpKfv3zpYMZLtW4szFhrGgIzLVH
eUnicoAx6l9cwcfMDHnfqsuTpR2GWiTfAkIBgHCsyvZ1tAYWABgvyOLi10gQZILf
qNhDc3y4S5rt1aKW9spsQOmNJSBubjjiJjXolX7qMzegw6WujI5iyTfNNAA=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,6778BFA39150BF9E
UkkHCq3x6FsWPbW14hFtag+Qc2+iA6bK9teY0uCENWmJFb4UTnJQeW8silkLvUE5
bJ8C7Jxb2vVgufF4zx8BQkVYZipKyUZyjA42Ktjm0GQ6QVJ3mbMYmow4GzWmPbxI
fK2Q6C4ZizzYixBqYzq2/fsenkc8Pe9ZRZ5j4ynm5n5H3cLP3hM6fJ+NfzH8v41e
FHMXeO38SFvuaHs99E//kU0ClZjIG2oRADBF69BlTtrMpYdgQS7FTOeiqQ3QgVzN
rzme9Q7HC7OYmO6b8r0OFq+vSTwNxG6xYAthplrO4h0=
-----END EC PRIVATE KEY-----
</key>
now let's create server config. The same principle as before - I comment out all what is not essential. Less things to troubleshoot. In my working setup I have both files uncommented but before you play with it I really recommend to make sure that you setup works with minimum set of options.
dev tun
proto udp
port 1194
# SSL/TLS root certificate (ca), certificate (cert), private key (key) and Diffie Hellman parameters (dh)
tls-server
ca /etc/openvpn/ECCkeys/ca.crt
cert /etc/openvpn/ECCkeys/myECserver.crt
key /etc/openvpn/ECCkeys/myECserver.crt.key
# as we want to go pure EC we don't need DH anymore
dh none
# Data channel - it will be negotiated with client. Later you can ucomment to enforce your own policies
#ncp-ciphers AES-256-GCM
#cipher AES-256-GCM
#auth SHA512
# Control channel (TLS) - also negotiated with client.
#tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
#tls-version-min 1.2
# new in 2.4. does similar job like tls-auth in 2.3 but apparently better
#tls-crypt /etc/openvpn/ECCkeys/tc.key 0
#key-direction 0
# Ensure that remote machine has client cert
#remote-cert-eku "TLS Web Client Authentication"
# replace this section with whatever config you are using
server 10.88.90.0 255.255.255.0
ifconfig 10.88.90.1 10.88.90.2
push "route 10.88.90.1 255.255.255.255"
push "route 10.88.90.0 255.255.255.0"
push "dhcp-option DNS 84.200.69.80"
push "dhcp-option DNS 84.200.70.40"
push "redirect-gateway def1 bypass-dhcp"
#Block IPv6
#push "block-ipv6"
# Uncomment this directive to allow different clients to be able to "see" each other.
#client-to-client
# Uncomment this directive if multiple clients might connect with the same certificate/key
#duplicate-cn
# The keepalive. Ping every 10 seconds, assume that remote peer is down if no ping received during a 120 second
#keepalive 10 120
# Enable compression on the VPN link. Enable the same for client
#compress lz4
# don't run server as root
user nobody
group nogroup
# The persist options will try to avoid accessing certain resources on restart
# that may no longer be accessible because of the privilege downgrade.
#persist-key
#persist-tun
#persist-local-ip
#persist-remote-ip
# Output a short status file showing current connections, truncated
# and rewritten every minute.
status /var/log/openvpn-status_ecc.log 20
# Lof file
log /var/log/openvpn_ecc.log
#verb 4
#mute-replay-warnings
# check revoked certs
#crl-verify /etc/openvpn/ECCkeys/crl.pem
#server starts:
Mon Jan 16 11:14:44 2017 OpenVPN 2.4.0 armv7l-unknown-linux-gnueabihf [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan 16 2017
Mon Jan 16 11:14:44 2017 library versions: mbed TLS 2.4.0, LZO 2.09
Mon Jan 16 11:14:44 2017 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Jan 16 11:14:44 2017 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Jan 16 11:14:44 2017 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Jan 16 11:14:44 2017 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Jan 16 11:14:44 2017 ROUTE_GATEWAY 192.168.142.1/255.255.255.0 IFACE=wlan0 HWADDR=f4:f2:6d:0f:68:9b
Mon Jan 16 11:14:44 2017 TUN/TAP device tun2 opened
Mon Jan 16 11:14:44 2017 TUN/TAP TX queue length set to 100
Mon Jan 16 11:14:44 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jan 16 11:14:44 2017 /sbin/ifconfig tun2 10.88.90.1 pointopoint 10.88.90.2 mtu 1500
Mon Jan 16 11:14:44 2017 /sbin/route add -net 10.88.90.0 netmask 255.255.255.0 gw 10.88.90.2
Mon Jan 16 11:14:44 2017 Could not determine IPv4/IPv6 protocol. Using AF_INET
Mon Jan 16 11:14:44 2017 Socket Buffers: R=[163840->163840] S=[163840->163840]
Mon Jan 16 11:14:44 2017 UDPv4 link local (bound): [AF_INET][undef]:1194
Mon Jan 16 11:14:44 2017 UDPv4 link remote: [AF_UNSPEC]
Mon Jan 16 11:14:44 2017 GID set to nogroup
Mon Jan 16 11:14:44 2017 UID set to openvpn_server
Mon Jan 16 11:14:44 2017 MULTI: multi_init called, r=256 v=256
Mon Jan 16 11:14:44 2017 IFCONFIG POOL: base=10.88.90.4 size=62, ipv6=0
Mon Jan 16 11:14:44 2017 Initialization Sequence Completed
#client connects:
Mon Jan 16 11:15:28 2017 81.109.233.126:51479 TLS: Initial packet from [AF_INET]81.109.233.126:51479, sid=369005aa f97df4d9
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 VERIFY OK: depth=1, C=US, ST=California, L=San Francisco, O=Copyleft Certificate Co, OU=My Organizational Unit, CN=EasyRSA-DB, emailAddress=me@example.net
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 Validating certificate extended key usage
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 ++ Certificate has EKU (str) TLS Web Client Authentication, expects TLS Web Client Authentication
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 VERIFY EKU OK
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 VERIFY OK: depth=0, C=US, ST=California, L=San Francisco, O=Copyleft Certificate Co, OU=My Organizational Unit, CN=clientname1, emailAddress=me@example.net
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_VER=2.4.0
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_PLAT=mac
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_PROTO=2
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_NCP=2
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_LZ4=1
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_LZ4v2=1
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_LZO=1
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_COMP_STUB=1
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_COMP_STUBv2=1
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 peer info: IV_TCPNL=1
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 Control Channel: TLSv1.2, cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, 521 bit key
Mon Jan 16 11:15:29 2017 81.109.233.126:51479 [clientname1] Peer Connection Initiated with [AF_INET]81.109.233.126:51479
Mon Jan 16 11:15:29 2017 clientname1/81.109.233.126:51479 MULTI_sva: pool returned IPv4=10.88.90.6, IPv6=(Not enabled)
Mon Jan 16 11:15:29 2017 clientname1/81.109.233.126:51479 MULTI: Learn: 10.88.90.6 -> clientname1/81.109.233.126:51479
Mon Jan 16 11:15:29 2017 clientname1/81.109.233.126:51479 MULTI: primary virtual IP for clientname1/81.109.233.126:51479: 10.88.90.6
Mon Jan 16 11:15:30 2017 clientname1/81.109.233.126:51479 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jan 16 11:15:30 2017 clientname1/81.109.233.126:51479 SENT CONTROL [clientname1]: 'PUSH_REPLY,route 10.88.90.1 255.255.255.255,route 10.88.90.0 255.255.255.0,dhcp-option DNS 84.200.69.80,dhcp-option DNS 84.200.70.40,redirect-gateway def1 bypass-dhcp,block-ipv6,route 10.88.90.1,topology net30,ping 300,ping-restart 1200,ifconfig 10.88.90.6 10.88.90.5,peer-id 0,cipher AES-256-GCM' (status=1)
Mon Jan 16 11:15:30 2017 clientname1/81.109.233.126:51479 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jan 16 11:15:30 2017 clientname1/81.109.233.126:51479 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key