Re: [Lurk] lurk integration with openssl

Daniel Migault <daniel.migault@ericsson.com> Wed, 23 May 2018 17:19 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49024127978 for <lurk@ietfa.amsl.com>; Wed, 23 May 2018 10:19:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.403
X-Spam-Level:
X-Spam-Status: No, score=-1.403 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ExggbOlYvWMC for <lurk@ietfa.amsl.com>; Wed, 23 May 2018 10:19:21 -0700 (PDT)
Received: from mail-wr0-x232.google.com (mail-wr0-x232.google.com [IPv6:2a00:1450:400c:c0c::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32D1212741D for <lurk@ietf.org>; Wed, 23 May 2018 10:19:21 -0700 (PDT)
Received: by mail-wr0-x232.google.com with SMTP id k5-v6so15786476wrn.3 for <lurk@ietf.org>; Wed, 23 May 2018 10:19:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=+4Xpcp8EcEz6B7/CP/0G8Oecnjb7T6UnuVE/KGsGZbQ=; b=GbII/vMHItsgsZYbuxZavPiECtKB5DHOmI0haCUEvTWw3ybxSinIYnI6WjnL3nJfoH safJlkcIihYbxpDjH2k+7WFwSHHal1dfCT2DGiQ6V6pLVnp3BIYrbL/MN7BvXNEotq00 iX38Ca6k6j9hC/VXZhSq279RUnKjs+2V9e3xqA9qWUYXjV1yrZbA4dewB80fP2VTFGPH 4IIOcrB5yarxHfQMKmHmju24DR5zny3tYPIeJtZg7bTYaBNomgLKcbZ6ZALHeYM3iUOi h4gv+5qIO29+mc1UAyLlJpPh0qDVasiEAMyvOtodVuH2InE5bygn0F0rgYsfzYsF+ls7 AaAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=+4Xpcp8EcEz6B7/CP/0G8Oecnjb7T6UnuVE/KGsGZbQ=; b=NihYfHI4aqreWF/4H6qUKAXZ5HqmzL3wRYa2Knq8djIypTaKwldZLc4/jjPsuVe8hE 4EqWLxk/v7cz0D/fABr+9wcXfEa0wAgShgEWroTW7xpOsCvYV7oY2M4GWEv0iDTKlCnZ jrcWY4wYlxA2qFXiJlBYane2uTjUxFC1Tyv2vC/wBcoUDozlMBLc1z+kF6zDKs2pZUXj lowuSErbCfYOsT83ERgkROwklr6O25yMVV/ezjXG6VhuC1Lpp/JaTG0Jdf7LQlDaOZW6 Bnbd6fcCelotVdx1Qzcuv0g0viIrDzMwJ4gsCq3Gth3YgmKEWIjT5y30q/y5Aqro2Y3R 4ylQ==
X-Gm-Message-State: ALKqPwcbj6r8SFAIZpzWP4QQJsOyZUHI6v/KvUnZo+7sr/M5udwnt4Vy z4bGMowncr+YH8JfDJyRjE+sU6FQJqSFggxo3GU=
X-Google-Smtp-Source: AB8JxZrMjd5NT36D82WSC8C72oaP63a2vwaInBwxM/f7o0Sk9Mn5F51ml7P/iL47sH9rAzI/oacmIH1m5WRxzhSLRNs=
X-Received: by 2002:a19:d7d5:: with SMTP id q82-v6mr2235520lfi.71.1527095959649; Wed, 23 May 2018 10:19:19 -0700 (PDT)
MIME-Version: 1.0
Sender: mglt.ietf@gmail.com
Received: by 2002:a2e:510a:0:0:0:0:0 with HTTP; Wed, 23 May 2018 10:19:18 -0700 (PDT)
In-Reply-To: <2f5dd5f6f12678d48679be2c5d7c4664@jesusalberto.me>
References: <CADZyTkmgW89C_hEYbuM2iVRADLGt47q2SMDqbWXMVLiYo9VtSw@mail.gmail.com> <CAAvCjhggLfVZwDbFuLpek0_T=VAryQVF8vFQH2mgvrVK0sJnGQ@mail.gmail.com> <fc8cdf45-9d4b-4840-9943-082db7538eef@Spark> <2DD56D786E600F45AC6BDE7DA4E8A8C118E4240A@eusaamb107.ericsson.se> <2f5dd5f6f12678d48679be2c5d7c4664@jesusalberto.me>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Wed, 23 May 2018 13:19:18 -0400
X-Google-Sender-Auth: eOElcfCPv7QYhmPbsAkNChr2IZA
Message-ID: <CADZyTkmNTPQDy9_k1QErcCqqxDuno4h4e41LJbNoMwugob92Kw@mail.gmail.com>
To: =?UTF-8?Q?Jes=C3=BAs_Alberto_Polo?= <ietf@jesusalberto.me>
Cc: LURK BoF <lurk@ietf.org>, Dmitry Kravkov <dmitryk@qwilt.com>
Content-Type: multipart/alternative; boundary="0000000000003683ae056ce2bcf9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lurk/X6jExW0JFKCmywvYAJvL8ISxjRE>
Subject: Re: [Lurk] lurk integration with openssl
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2018 17:19:24 -0000

Hi Jesus,

That is really great to have two implementations! In addition the c
implementation integrated with openssl would provide more accurate
measurements on how lurk impact the edge server. That is great news and I
wish interoperability tests may be done at the hackathon!

Yours,
Daniel

On Wed, May 23, 2018 at 11:38 AM, Jesús Alberto Polo <ietf@jesusalberto.me>;
wrote:

> Hi,
>
> A very early version of clurk will be ready very soon. So far, the ECDHE
> handshake is done (POO is missing though) and I’m finishing the RSA
> handshake (PFS is missing as well) based on the patch you shared lately.
>
> I’ll share the GitHub link as soon as it is ready and also provide more
> details.
>
> Best,
>
> Jesús Alberto
>
>
> On 2018-04-24 17:34, Daniel Migault wrote:
>
>> Thanks for the feed back! Yes absolutely for ecdhe, the sig_and_hash
>> is missing from the spec. I have also slightly changed the extended
>> master structure by exchanging the session_hash and encrypted
>> premaster. I expect to be able to update the draft by next week as
>> well. On my python implementation I am using the following structures
>> for ecdhe.
>>
>> Yours,
>>
>> Daniel
>>
>> TLS12ECDHERequestPayload = Struct(
>>
>>     Embedded(TLS12Base),
>>
>>     "sig_and_hash" / SignatureAndHashAlgorithm,
>>
>>     "ecdhe_params" / ServerECDHParams,
>>
>>     "poo_params" / Struct(
>>
>>         "poo_prf" / Default( POOPRF, "null" ),
>>
>>         "rG" / IfThenElse( this.poo_prf == 'null',
>>
>>              Pass,
>>
>>              Switch( this.ecdhe_params.curve_param.curve,
>>
>>                 {
>>
>>                 "secp256r1" : UncompressedPointRepresentation_256,
>>
>>                 "secp384r1" : UncompressedPointRepresentation_384,
>>
>>                 "secp512r1" : UncompressedPointRepresentation_512
>>
>>                }) ),
>>
>>         "tG" / IfThenElse( this.poo_prf == 'null',
>>
>>               Pass,
>>
>>               Switch( this.ecdhe_params.curve_param.curve,
>>
>>                   {
>>
>>                   "secp256r1" : UncompressedPointRepresentation_256,
>>
>>                   "secp384r1" : UncompressedPointRepresentation_384,
>>
>>                   "secp512r1" : UncompressedPointRepresentation_512
>>
>>                }) ),
>>
>>     )
>>
>> )
>>
>> With
>>
>> TLS12Base = Struct(
>>
>>     "key_id" / KeyPairID ,
>>
>>     "client_random" / Random,
>>
>>     "server_random" / Random,
>>
>>     "tls_version" /  ProtocolVersion,
>>
>>     "prf" / PRFAlgorithm
>>
>> )
>>
>> I have also changed the structure of the extended master by
>> interverting the session hash and the encrypted master to ease the
>> parsing.
>>
>> struct{
>>
>>     KeyPairID key_id
>>
>>     ProtocolVersion tls_version   // see RFC5246 section 6.2.1
>>
>>     PRFAlgorithm prf              // see RFC5246 section 6.1
>>
>>     opaque session_hash<2...2^16-2>
>>
>>     EncryptedPreMasterSecret  pre_master
>>
>>                                   // see RFC5246 section 7.4.7.1
>>
>> }TLS12ExtendedMasterRSARequestPayload;
>>
>>         ]]></artwork>
>>
>> FROM: Jesús Alberto Polo [mailto:ietf@jesusalberto.me]
>> SENT: Tuesday, April 24, 2018 11:11 AM
>> TO: Dmitry Kravkov <dmitryk@qwilt.com>;; Daniel Migault
>> <daniel.migault@ericsson.com>;
>> CC: LURK BoF <lurk@ietf.org>;
>> SUBJECT: Re: [Lurk] lurk integration with openssl
>>
>> Hi,
>>
>> Thanks for the resources and the patch, it’s definitely easier to
>> solve it the way you did in the hackathon.
>>
>> I managed to integrate the basic functionality of LURK for ECDHE and
>> I’m preparing some tests, I hope they’re done and the code cleaned
>> up by the end of this week.
>>
>> Regarding the TLS12ECDHERequestPayload [1], I think the _Signature
>> Algorithm_ field is missing (hash and signature), to indicate the
>> chosen algorithms for the TLS connection.
>>
>> Best regards,
>>
>> Jesús Alberto
>>
>> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00#section-7.1
>> [1]
>>
>> On 22 Apr 2018, 12:08 +0200, Dmitry Kravkov <dmitryk@qwilt.com>;,
>> wrote:
>>
>> Hi Jesus Alberto,
>>>
>>> this is a patch for openssl used during 101 hackathon
>>>
>>> It looks that direct calling for lurk library from statemachine will
>>> be hard to push upstream, but adding more callbacks for master
>>> secret calculation that nginx (or other client) registers for,  will
>>> be easier to submit.
>>>
>>> On Fri, Apr 20, 2018 at 9:26 PM Daniel Migault
>>> <daniel.migault@ericsson.com>; wrote:
>>>
>>> Hi Jesus Alberto,
>>>>
>>>> There have been some discussions regarding the integration of lurk
>>>> with openssl during the hackathon, so feel free to share your
>>>> concerns on the mailing list..
>>>>
>>>> Here are some links you might find of interest:
>>>>
>>>>
>>>>
>>> https://www.agwa.name/blog/post/protecting_the_openssl_priva
>> te_key_in_a_separate_process
>>
>>>
>>>> https://www.agwa.name/blog/post/titus_isolation_techniques_continued
>>>
>>>>
>>>>
>>>> Yours,
>>>>
>>>> Daniel
>>>>
>>>> _______________________________________________
>>>> Lurk mailing list
>>>> Lurk@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/lurk
>>>>
>>>
>>> --
>>>
>>> DMITRY KRAVKOV
>>> Qwilt | Work: +972-72-2221630 | Mobile: +972-54-4839923
>>>
>>> dmitrykATqwilt.com
>>>
>>
>>
>> Links:
>> ------
>> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00%23section-7.1
>>
>
> _______________________________________________
> Lurk mailing list
> Lurk@ietf.org
> https://www.ietf.org/mailman/listinfo/lurk
>