Re: [Lurk] lurk integration with openssl

Jesús Alberto Polo <ietf@jesusalberto.me> Wed, 23 May 2018 15:38 UTC

Return-Path: <ietf@jesusalberto.me>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6423612E04B for <lurk@ietfa.amsl.com>; Wed, 23 May 2018 08:38:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kha_vVBTx_a3 for <lurk@ietfa.amsl.com>; Wed, 23 May 2018 08:38:29 -0700 (PDT)
Received: from fnsib-smtp01.srv.cat (fnsib-smtp01.srv.cat [46.16.60.189]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F591127342 for <lurk@ietf.org>; Wed, 23 May 2018 08:38:28 -0700 (PDT)
Received: from mail.jesusalberto.me (vxmag-22.srv.cat [134.0.13.9]) by fnsib-smtp01.srv.cat (Postfix) with ESMTPA id C93848143; Wed, 23 May 2018 17:38:24 +0200 (CEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Date: Wed, 23 May 2018 17:38:24 +0200
From: =?UTF-8?Q?Jes=C3=BAs_Alberto_Polo?= <ietf@jesusalberto.me>
To: Daniel Migault <daniel.migault@ericsson.com>
Cc: Dmitry Kravkov <dmitryk@qwilt.com>, LURK BoF <lurk@ietf.org>
Reply-To: ietf@jesusalberto.me
Mail-Reply-To: ietf@jesusalberto.me
In-Reply-To: <2DD56D786E600F45AC6BDE7DA4E8A8C118E4240A@eusaamb107.ericsson.se>
References: <CADZyTkmgW89C_hEYbuM2iVRADLGt47q2SMDqbWXMVLiYo9VtSw@mail.gmail.com> <CAAvCjhggLfVZwDbFuLpek0_T=VAryQVF8vFQH2mgvrVK0sJnGQ@mail.gmail.com> <fc8cdf45-9d4b-4840-9943-082db7538eef@Spark> <2DD56D786E600F45AC6BDE7DA4E8A8C118E4240A@eusaamb107.ericsson.se>
Message-ID: <2f5dd5f6f12678d48679be2c5d7c4664@jesusalberto.me>
X-Sender: ietf@jesusalberto.me
User-Agent: Roundcube Webmail/1.1.4
Archived-At: <https://mailarchive.ietf.org/arch/msg/lurk/bzW1f6MdtvKbkSfde188rZH4ShQ>
Subject: Re: [Lurk] lurk integration with openssl
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2018 15:38:33 -0000

Hi,

A very early version of clurk will be ready very soon. So far, the ECDHE 
handshake is done (POO is missing though) and I’m finishing the RSA 
handshake (PFS is missing as well) based on the patch you shared lately.

I’ll share the GitHub link as soon as it is ready and also provide more 
details.

Best,

Jesús Alberto

On 2018-04-24 17:34, Daniel Migault wrote:
> Thanks for the feed back! Yes absolutely for ecdhe, the sig_and_hash
> is missing from the spec. I have also slightly changed the extended
> master structure by exchanging the session_hash and encrypted
> premaster. I expect to be able to update the draft by next week as
> well. On my python implementation I am using the following structures
> for ecdhe.
> 
> Yours,
> 
> Daniel
> 
> TLS12ECDHERequestPayload = Struct(
> 
>     Embedded(TLS12Base),
> 
>     "sig_and_hash" / SignatureAndHashAlgorithm,
> 
>     "ecdhe_params" / ServerECDHParams,
> 
>     "poo_params" / Struct(
> 
>         "poo_prf" / Default( POOPRF, "null" ),
> 
>         "rG" / IfThenElse( this.poo_prf == 'null',
> 
>              Pass,
> 
>              Switch( this.ecdhe_params.curve_param.curve,
> 
>                 {
> 
>                 "secp256r1" : UncompressedPointRepresentation_256,
> 
>                 "secp384r1" : UncompressedPointRepresentation_384,
> 
>                 "secp512r1" : UncompressedPointRepresentation_512
> 
>                }) ),
> 
>         "tG" / IfThenElse( this.poo_prf == 'null',
> 
>               Pass,
> 
>               Switch( this.ecdhe_params.curve_param.curve,
> 
>                   {
> 
>                   "secp256r1" : UncompressedPointRepresentation_256,
> 
>                   "secp384r1" : UncompressedPointRepresentation_384,
> 
>                   "secp512r1" : UncompressedPointRepresentation_512
> 
>                }) ),
> 
>     )
> 
> )
> 
> With
> 
> TLS12Base = Struct(
> 
>     "key_id" / KeyPairID ,
> 
>     "client_random" / Random,
> 
>     "server_random" / Random,
> 
>     "tls_version" /  ProtocolVersion,
> 
>     "prf" / PRFAlgorithm
> 
> )
> 
> I have also changed the structure of the extended master by
> interverting the session hash and the encrypted master to ease the
> parsing.
> 
> struct{
> 
>     KeyPairID key_id
> 
>     ProtocolVersion tls_version   // see RFC5246 section 6.2.1
> 
>     PRFAlgorithm prf              // see RFC5246 section 6.1
> 
>     opaque session_hash<2...2^16-2>
> 
>     EncryptedPreMasterSecret  pre_master
> 
>                                   // see RFC5246 section 7.4.7.1
> 
> }TLS12ExtendedMasterRSARequestPayload;
> 
>         ]]></artwork>
> 
> FROM: Jesús Alberto Polo [mailto:ietf@jesusalberto.me]
> SENT: Tuesday, April 24, 2018 11:11 AM
> TO: Dmitry Kravkov <dmitryk@qwilt.com>;; Daniel Migault
> <daniel.migault@ericsson.com>;
> CC: LURK BoF <lurk@ietf.org>;
> SUBJECT: Re: [Lurk] lurk integration with openssl
> 
> Hi,
> 
> Thanks for the resources and the patch, it’s definitely easier to
> solve it the way you did in the hackathon.
> 
> I managed to integrate the basic functionality of LURK for ECDHE and
> I’m preparing some tests, I hope they’re done and the code cleaned
> up by the end of this week.
> 
> Regarding the TLS12ECDHERequestPayload [1], I think the _Signature
> Algorithm_ field is missing (hash and signature), to indicate the
> chosen algorithms for the TLS connection.
> 
> Best regards,
> 
> Jesús Alberto
> 
> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00#section-7.1
> [1]
> 
> On 22 Apr 2018, 12:08 +0200, Dmitry Kravkov <dmitryk@qwilt.com>;,
> wrote:
> 
>> Hi Jesus Alberto,
>> 
>> this is a patch for openssl used during 101 hackathon
>> 
>> It looks that direct calling for lurk library from statemachine will
>> be hard to push upstream, but adding more callbacks for master
>> secret calculation that nginx (or other client) registers for,  will
>> be easier to submit.
>> 
>> On Fri, Apr 20, 2018 at 9:26 PM Daniel Migault
>> <daniel.migault@ericsson.com>; wrote:
>> 
>>> Hi Jesus Alberto,
>>> 
>>> There have been some discussions regarding the integration of lurk
>>> with openssl during the hackathon, so feel free to share your
>>> concerns on the mailing list..
>>> 
>>> Here are some links you might find of interest:
>>> 
>>> 
>> 
> https://www.agwa.name/blog/post/protecting_the_openssl_private_key_in_a_separate_process
>>> 
>> https://www.agwa.name/blog/post/titus_isolation_techniques_continued
>>> 
>>> 
>>> Yours,
>>> 
>>> Daniel
>>> 
>>> _______________________________________________
>>> Lurk mailing list
>>> Lurk@ietf.org
>>> https://www.ietf.org/mailman/listinfo/lurk
>> 
>> --
>> 
>> DMITRY KRAVKOV
>> Qwilt | Work: +972-72-2221630 | Mobile: +972-54-4839923
>> 
>> dmitrykATqwilt.com
> 
> 
> Links:
> ------
> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00%23section-7.1