Re: [Lurk] lurk integration with openssl

Jesús Alberto Polo <ietf@jesusalberto.me> Thu, 28 June 2018 08:32 UTC

Return-Path: <ietf@jesusalberto.me>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F18C5130E66 for <lurk@ietfa.amsl.com>; Thu, 28 Jun 2018 01:32:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FddOGTqqVUIL for <lurk@ietfa.amsl.com>; Thu, 28 Jun 2018 01:31:58 -0700 (PDT)
Received: from fnsib-smtp02.srv.cat (fnsib-smtp02.srv.cat [46.16.60.191]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 425C012F1AC for <lurk@ietf.org>; Thu, 28 Jun 2018 01:31:57 -0700 (PDT)
Received: from mail.jesusalberto.me (vxmag-22.srv.cat [134.0.13.9]) by fnsib-smtp02.srv.cat (Postfix) with ESMTPA id 05A1E80A7; Thu, 28 Jun 2018 10:31:55 +0200 (CEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Date: Thu, 28 Jun 2018 10:31:54 +0200
From: =?UTF-8?Q?Jes=C3=BAs_Alberto_Polo?= <ietf@jesusalberto.me>
To: Daniel Migault <daniel.migault@ericsson.com>
Cc: LURK BoF <lurk@ietf.org>, Dmitry Kravkov <dmitryk@qwilt.com>, mglt.ietf@gmail.com
Reply-To: ietf@jesusalberto.me
Mail-Reply-To: ietf@jesusalberto.me
In-Reply-To: <CADZyTkmNTPQDy9_k1QErcCqqxDuno4h4e41LJbNoMwugob92Kw@mail.gmail.com>
References: <CADZyTkmgW89C_hEYbuM2iVRADLGt47q2SMDqbWXMVLiYo9VtSw@mail.gmail.com> <CAAvCjhggLfVZwDbFuLpek0_T=VAryQVF8vFQH2mgvrVK0sJnGQ@mail.gmail.com> <fc8cdf45-9d4b-4840-9943-082db7538eef@Spark> <2DD56D786E600F45AC6BDE7DA4E8A8C118E4240A@eusaamb107.ericsson.se> <2f5dd5f6f12678d48679be2c5d7c4664@jesusalberto.me> <CADZyTkmNTPQDy9_k1QErcCqqxDuno4h4e41LJbNoMwugob92Kw@mail.gmail.com>
Message-ID: <7ffa6dbe1b912b4bbfeb1eff101fcade@jesusalberto.me>
X-Sender: ietf@jesusalberto.me
User-Agent: Roundcube Webmail/1.1.4
Archived-At: <https://mailarchive.ietf.org/arch/msg/lurk/-Da7xrFl2rUUHaim3jk4sxuWhgo>
Subject: Re: [Lurk] lurk integration with openssl
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jun 2018 08:32:02 -0000

Hi,

I’ve uploaded an early-version of a C implementation of LURK with 
openssl and nginx to Github, concretely for the ECDHE handshake (I think 
RSA handshake was developed in the previous hackathon). Note that it’s 
still a prototype and some functionalities are missing or need to be 
improved (those are specified in the README and in the code).

The respository is available at https://github.com/jesusalber1/clurk.

Best,

Jesús Alberto

On 2018-05-23 19:19, Daniel Migault wrote:
> Hi Jesus,
> 
> That is really great to have two implementations! In addition the c
> implementation integrated with openssl would provide more accurate
> measurements on how lurk impact the edge server. That is great news
> and I wish interoperability tests may be done at the hackathon!
> 
> Yours,
> 
> Daniel
> 
> On Wed, May 23, 2018 at 11:38 AM, Jesús Alberto Polo
> <ietf@jesusalberto.me>; wrote:
> 
>> Hi,
>> 
>> A very early version of clurk will be ready very soon. So far, the
>> ECDHE handshake is done (POO is missing though) and I’m finishing
>> the RSA handshake (PFS is missing as well) based on the patch you
>> shared lately.
>> 
>> I’ll share the GitHub link as soon as it is ready and also provide
>> more details.
>> 
>> Best,
>> 
>> Jesús Alberto
>> 
>> On 2018-04-24 17:34, Daniel Migault wrote:
>> 
>> Thanks for the feed back! Yes absolutely for ecdhe, the
>> sig_and_hash
>> is missing from the spec. I have also slightly changed the extended
>> master structure by exchanging the session_hash and encrypted
>> premaster. I expect to be able to update the draft by next week as
>> well. On my python implementation I am using the following
>> structures
>> for ecdhe.
>> 
>> Yours,
>> 
>> Daniel
>> 
>> TLS12ECDHERequestPayload = Struct(
>> 
>> Embedded(TLS12Base),
>> 
>> "sig_and_hash" / SignatureAndHashAlgorithm,
>> 
>> "ecdhe_params" / ServerECDHParams,
>> 
>> "poo_params" / Struct(
>> 
>> "poo_prf" / Default( POOPRF, "null" ),
>> 
>> "rG" / IfThenElse( this.poo_prf == 'null',
>> 
>> Pass,
>> 
>> Switch( this.ecdhe_params.curve_param.curve,
>> 
>> {
>> 
>> "secp256r1" : UncompressedPointRepresentation_256,
>> 
>> "secp384r1" : UncompressedPointRepresentation_384,
>> 
>> "secp512r1" : UncompressedPointRepresentation_512
>> 
>> }) ),
>> 
>> "tG" / IfThenElse( this.poo_prf == 'null',
>> 
>> Pass,
>> 
>> Switch( this.ecdhe_params.curve_param.curve,
>> 
>> {
>> 
>> "secp256r1" : UncompressedPointRepresentation_256,
>> 
>> "secp384r1" : UncompressedPointRepresentation_384,
>> 
>> "secp512r1" : UncompressedPointRepresentation_512
>> 
>> }) ),
>> 
>> )
>> 
>> )
>> 
>> With
>> 
>> TLS12Base = Struct(
>> 
>> "key_id" / KeyPairID ,
>> 
>> "client_random" / Random,
>> 
>> "server_random" / Random,
>> 
>> "tls_version" /  ProtocolVersion,
>> 
>> "prf" / PRFAlgorithm
>> 
>> )
>> 
>> I have also changed the structure of the extended master by
>> interverting the session hash and the encrypted master to ease the
>> parsing.
>> 
>> struct{
>> 
>> KeyPairID key_id
>> 
>> ProtocolVersion tls_version   // see RFC5246 section 6.2.1
>> 
>> PRFAlgorithm prf              // see RFC5246 section 6.1
>> 
>> opaque session_hash<2...2^16-2>
>> 
>> EncryptedPreMasterSecret  pre_master
>> 
>> // see RFC5246 section 7.4.7.1
>> 
>> }TLS12ExtendedMasterRSARequestPayload;
>> 
>> ]]></artwork>
>> 
>> FROM: Jesús Alberto Polo [mailto:ietf@jesusalberto.me]
>> SENT: Tuesday, April 24, 2018 11:11 AM
>> TO: Dmitry Kravkov <dmitryk@qwilt.com>;; Daniel Migault
>> <daniel.migault@ericsson.com>;
>> CC: LURK BoF <lurk@ietf.org>;
>> SUBJECT: Re: [Lurk] lurk integration with openssl
>> 
>> Hi,
>> 
>> Thanks for the resources and the patch, it’s definitely easier to
>> solve it the way you did in the hackathon.
>> 
>> I managed to integrate the basic functionality of LURK for ECDHE and
>> I’m preparing some tests, I hope they’re done and the code
>> cleaned
>> up by the end of this week.
>> 
>> Regarding the TLS12ECDHERequestPayload [1], I think the _Signature
>> Algorithm_ field is missing (hash and signature), to indicate the
>> chosen algorithms for the TLS connection.
>> 
>> Best regards,
>> 
>> Jesús Alberto
>> 
>> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00#section-7.1
>> [1]
>> [1]
>> 
>> On 22 Apr 2018, 12:08 +0200, Dmitry Kravkov <dmitryk@qwilt.com>;,
>> wrote:
>> 
>> Hi Jesus Alberto,
>> 
>> this is a patch for openssl used during 101 hackathon
>> 
>> It looks that direct calling for lurk library from statemachine will
>> be hard to push upstream, but adding more callbacks for master
>> secret calculation that nginx (or other client) registers for,  will
>> be easier to submit.
>> 
>> On Fri, Apr 20, 2018 at 9:26 PM Daniel Migault
>> <daniel.migault@ericsson.com>; wrote:
>> 
>> Hi Jesus Alberto,
>> 
>> There have been some discussions regarding the integration of lurk
>> with openssl during the hackathon, so feel free to share your
>> concerns on the mailing list..
>> 
>> Here are some links you might find of interest:
> 
> https://www.agwa.name/blog/post/protecting_the_openssl_private_key_in_a_separate_process
> [4]
> 
>>> 
>> https://www.agwa.name/blog/post/titus_isolation_techniques_continued
>> [3]
>> 
>>> Yours,
>>> 
>>> Daniel
>>> 
>>> _______________________________________________
>>> Lurk mailing list
>>> Lurk@ietf.org
>>> https://www.ietf.org/mailman/listinfo/lurk [2]
>> 
>> --
>> 
>> DMITRY KRAVKOV
>> Qwilt | Work: +972-72-2221630 | Mobile: +972-54-4839923
>> 
>> dmitrykATqwilt.com
> 
> Links:
> ------
> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00%23section-7.1
> [5]
> 
> _______________________________________________
> Lurk mailing list
> Lurk@ietf.org
> https://www.ietf.org/mailman/listinfo/lurk [2]
> 
> 
> 
> Links:
> ------
> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00#section-7.1
> [2] https://www.ietf.org/mailman/listinfo/lurk
> [3] 
> https://www.agwa.name/blog/post/titus_isolation_techniques_continued
> [4]
> https://www.agwa.name/blog/post/protecting_the_openssl_private_key_in_a_separate_process
> [5] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00%23section-7.1