Re: [Lurk] lurk integration with openssl

Daniel Migault <> Tue, 24 April 2018 15:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BB2F812E89A for <>; Tue, 24 Apr 2018 08:35:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.309
X-Spam-Status: No, score=-4.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CMQ_7DnRMFgw for <>; Tue, 24 Apr 2018 08:35:00 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 499CA12FB15 for <>; Tue, 24 Apr 2018 08:34:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256;; s=mailgw201801; c=relaxed/simple; q=dns/txt;; t=1524584059; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=NPIkfTDJh5t2McnTAzYjdnV4NL7Y4GgDZBAUMXb4K6E=; b=eoMiVC3A6wPPIVS+XDWt2d4rV0qnfp3VzooSW3IhPVeRkpXu4igWL9RevLO8bnai 7cs3/NljRZqT6ZGLJw1K8hAzQK5Hv/+NDbW646ZuiLJXvJTNQOaMgmv+Gvqq8hRR 8UiZ3JGgCprh/IxqGAp1hmAUFlONPhEEIqf53up8Z9w=;
X-AuditID: c6180641-5a9879c000003b41-c8-5adf4e7b51a0
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id EA.B5.15169.B7E4FDA5; Tue, 24 Apr 2018 17:34:19 +0200 (CEST)
Received: from ([]) by ([]) with mapi id 14.03.0382.000; Tue, 24 Apr 2018 11:34:18 -0400
From: Daniel Migault <>
To: =?utf-8?B?SmVzw7pzIEFsYmVydG8gUG9sbw==?= <>, "Dmitry Kravkov" <>
Thread-Topic: [Lurk] lurk integration with openssl
Thread-Index: AQHT295z6Zmqt6EvUEihILg94E6wlqQQCDvw
Date: Tue, 24 Apr 2018 15:34:15 +0000
Message-ID: <>
References: <> <> <fc8cdf45-9d4b-4840-9943-082db7538eef@Spark>
In-Reply-To: <fc8cdf45-9d4b-4840-9943-082db7538eef@Spark>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_2DD56D786E600F45AC6BDE7DA4E8A8C118E4240Aeusaamb107erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRmVeSWpSXmKPExsUyuXRPuG613/0og7W3pS1+Tf7DanHp+hM2 i7dr/ByYPZYs+cnkcWnOChaPBTf/MgUwR3HZpKTmZJalFunbJXBlfFp0nq2g5QxjxaGJK1kb GC8cY+xi5OSQEDCRWD/lPnsXIxeHkMBRRonbz75BOcsZJRbsvc8EUsUmYCTRdqifHcQWEciW eLVuIwuIzSwgI9F9qwXMFhYwlGjtusIKUWMkMeXlAaBeDjC7cyMPSJhFQFXibOM9ZhCbV8BX YlPbQiaIXccYJX6/mAx2EaeApUTnlHdsIDajgJjE91NrmCB2iUvcejKfCeJqAYkle84zQ9ii Ei8f/2OFsJUl1hy5wwiyl1kgX2Lxj2SIXYISJ2c+YZnAKDILyaRZCFWzkFRBhDUl1u/Sh6hW lJjS/ZAdwtaQaJ0zlx1ZfAEj+ypGjtLigpzcdCPDTYzAeDomwea4g3Fvr+chRgEORiUe3vk2 96OEWBPLiitzDzFKcDArifDulbsXJcSbklhZlVqUH19UmpNafIhRmoNFSZz3nCdvlJBAemJJ anZqakFqEUyWiYNTqoGxu3rvFHdFvWnMibeyeWqFFNNmnT+WxrXkX8POuwsbD91sf8P9/md7 Miv7CT/mzCdCMtP+Mx7J+KTHekqdl/mDwwIt/51NWsErKtmrZaybnFrtQ+5P7NI5LKU8RWFZ /Oq9v84fXcl1+rVOQJ2aW4TFpn8m4uWnbZrdWy9f1djv/mmB+Gd73+tKLMUZiYZazEXFiQBy GaqXowIAAA==
Archived-At: <>
Subject: Re: [Lurk] lurk integration with openssl
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Limited Use of Remote Keys <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 24 Apr 2018 15:35:04 -0000

Thanks for the feed back! Yes absolutely for ecdhe, the sig_and_hash is missing from the spec. I have also slightly changed the extended master structure by exchanging the session_hash and encrypted premaster. I expect to be able to update the draft by next week as well. On my python implementation I am using the following structures for ecdhe.


TLS12ECDHERequestPayload = Struct(
    "sig_and_hash" / SignatureAndHashAlgorithm,
    "ecdhe_params" / ServerECDHParams,
    "poo_params" / Struct(
        "poo_prf" / Default( POOPRF, "null" ),
        "rG" / IfThenElse( this.poo_prf == 'null',
             Switch( this.ecdhe_params.curve_param.curve,
                "secp256r1" : UncompressedPointRepresentation_256,
                "secp384r1" : UncompressedPointRepresentation_384,
                "secp512r1" : UncompressedPointRepresentation_512

               }) ),
        "tG" / IfThenElse( this.poo_prf == 'null',
              Switch( this.ecdhe_params.curve_param.curve,
                  "secp256r1" : UncompressedPointRepresentation_256,
                  "secp384r1" : UncompressedPointRepresentation_384,
                  "secp512r1" : UncompressedPointRepresentation_512

               }) ),


TLS12Base = Struct(
    "key_id" / KeyPairID ,
    "client_random" / Random,
    "server_random" / Random,
    "tls_version" /  ProtocolVersion,
    "prf" / PRFAlgorithm

I have also changed the structure of the extended master by interverting the session hash and the encrypted master to ease the parsing.

    KeyPairID key_id
    ProtocolVersion tls_version   // see RFC5246 section 6.2.1
    PRFAlgorithm prf              // see RFC5246 section 6.1
    opaque session_hash<2...2^16-2>
    EncryptedPreMasterSecret  pre_master
                                  // see RFC5246 section

From: Jesús Alberto Polo []
Sent: Tuesday, April 24, 2018 11:11 AM
To: Dmitry Kravkov <>om>; Daniel Migault <>
Cc: LURK BoF <>
Subject: Re: [Lurk] lurk integration with openssl


Thanks for the resources and the patch, it’s definitely easier to solve it the way you did in the hackathon.

I managed to integrate the basic functionality of LURK for ECDHE and I’m preparing some tests, I hope they’re done and the code cleaned up by the end of this week.

Regarding the TLS12ECDHERequestPayload [1], I think the Signature Algorithm field is missing (hash and signature), to indicate the chosen algorithms for the TLS connection.

Best regards,

Jesús Alberto


On 22 Apr 2018, 12:08 +0200, Dmitry Kravkov <<>>, wrote:

Hi Jesus Alberto,

this is a patch for openssl used during 101 hackathon

It looks that direct calling for lurk library from statemachine will be hard to push upstream, but adding more callbacks for master secret calculation that nginx (or other client) registers for,  will be easier to submit.

On Fri, Apr 20, 2018 at 9:26 PM Daniel Migault <<>> wrote:
Hi Jesus Alberto,
There have been some discussions regarding the integration of lurk with openssl during the hackathon, so feel free to share your concerns on the mailing list..
Here are some links you might find of interest:

Lurk mailing list<>

Dmitry Kravkov
Qwilt | Work: +972-72-2221630 | Mobile: +972-54-4839923