Re: [Lurk] lurk integration with openssl
Daniel Migault <daniel.migault@ericsson.com> Thu, 28 June 2018 13:14 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F1E0130F88 for <lurk@ietfa.amsl.com>; Thu, 28 Jun 2018 06:14:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.138
X-Spam-Level:
X-Spam-Status: No, score=-1.138 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UMCWFsIRbi9V for <lurk@ietfa.amsl.com>; Thu, 28 Jun 2018 06:14:41 -0700 (PDT)
Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65E20129619 for <lurk@ietf.org>; Thu, 28 Jun 2018 06:14:40 -0700 (PDT)
Received: by mail-lj1-x243.google.com with SMTP id k20-v6so4471227ljk.9 for <lurk@ietf.org>; Thu, 28 Jun 2018 06:14:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=Lyh8vKlkgaHUnPteTLpw87cxw5bjhW0XA1FrM3PArys=; b=o3ZYCrLP8ZTk9NXMki7HwuHi4VTK3SG+RMi5iiFRVs00nojPtxe3uKY8NOxQJGZHxQ GY2gkSG6LX2whjPi9ixWoBBhT8E+QpYVwIKHWxOmEqk/WxoN3Kzyvd2+6S/bDKdHe29G 5tDlr5CteV22SuELkHOKlDlxyr0YaPSDGqWj9hFJQBut8iqvFd3vPSP/fnLdBxRYUeUm 2RKPukd0J7FM5aVYnGgTUmKfOAN1513czZLMQCu/bTbCWldVuSwgz/oRqTWb1V2rH2gq BW/cFMCVMVzXDNn3HM4xDP+ueRAkZs/Knvbrm6WCZI3c3Ar33LFYjQSPMvLjOdY36uHD /ElQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=Lyh8vKlkgaHUnPteTLpw87cxw5bjhW0XA1FrM3PArys=; b=S1goUAnUI6uzB2oXjTUC9KlWTjCn2p9dVcIoq+fbsVLEYXYTW4fhE8GTmoXOz1MxEv NqaCT5TZlhrsxLaZwhWZFDEx1rmQV/cEyLRZb8ObdjWHNivYlkLOndtADJkJLnmEjTOQ WM0B1D0avip/dHzk4IIsQChSh2wXg2JRl2RZefv/bbLw1Sii5WF0c97rkyXDRm3LEDL6 8WmomsU4n/Funw67yuYwrk0Xw7cFkxoCiV1VtQVWASmJFU9NfLWaLXkHOj/1LByjpH2w G181ZPX4r8ypopsJDaqB2yp51N5as4nno5x4CE78fa8y5rJpbt2NgFVbGyDkc0MwZYWW Zt/w==
X-Gm-Message-State: APt69E0RU+AnwxIKVDP3RvOjgzCMvlsLoBJUC2pcpiFhiaHybQBF7+H+ eoEhaKhK7FWJFB49xlLodyAMG2XY7iAGqvMXSN0=
X-Google-Smtp-Source: AAOMgpdp3JkBCwLJ+AtxawlvCZj3WLcishkM9jabSk0uPp4skP0CNiMOK+cyyJiR9lBAGKfANvVsMFMF5lbcGtTX9QY=
X-Received: by 2002:a2e:88d1:: with SMTP id a17-v6mr7064147ljk.54.1530191678672; Thu, 28 Jun 2018 06:14:38 -0700 (PDT)
MIME-Version: 1.0
Sender: mglt.ietf@gmail.com
Received: by 2002:a2e:4281:0:0:0:0:0 with HTTP; Thu, 28 Jun 2018 06:14:38 -0700 (PDT)
In-Reply-To: <7ffa6dbe1b912b4bbfeb1eff101fcade@jesusalberto.me>
References: <CADZyTkmgW89C_hEYbuM2iVRADLGt47q2SMDqbWXMVLiYo9VtSw@mail.gmail.com> <CAAvCjhggLfVZwDbFuLpek0_T=VAryQVF8vFQH2mgvrVK0sJnGQ@mail.gmail.com> <fc8cdf45-9d4b-4840-9943-082db7538eef@Spark> <2DD56D786E600F45AC6BDE7DA4E8A8C118E4240A@eusaamb107.ericsson.se> <2f5dd5f6f12678d48679be2c5d7c4664@jesusalberto.me> <CADZyTkmNTPQDy9_k1QErcCqqxDuno4h4e41LJbNoMwugob92Kw@mail.gmail.com> <7ffa6dbe1b912b4bbfeb1eff101fcade@jesusalberto.me>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Thu, 28 Jun 2018 09:14:38 -0400
X-Google-Sender-Auth: S2ZQf5H6Ebfm8YCktQLFxmK81KA
Message-ID: <CADZyTknHWhjVrroxtWL32cGr5D5_kHexbx6DvfLJh6cScamT5g@mail.gmail.com>
To: Jesús Alberto Polo <ietf@jesusalberto.me>
Cc: LURK BoF <lurk@ietf.org>, Dmitry Kravkov <dmitryk@qwilt.com>
Content-Type: multipart/alternative; boundary="0000000000007211e3056fb383c7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lurk/lnrSJc7BZDwkYHwlzrWlzjdkI0Y>
Subject: Re: [Lurk] lurk integration with openssl
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jun 2018 13:14:44 -0000
Thanks for sharing your implementation. If there are other implementation please share them on the list! Yours, Daniel On Thu, Jun 28, 2018 at 4:31 AM, Jesús Alberto Polo <ietf@jesusalberto.me> wrote: > Hi, > > I’ve uploaded an early-version of a C implementation of LURK with openssl > and nginx to Github, concretely for the ECDHE handshake (I think RSA > handshake was developed in the previous hackathon). Note that it’s still a > prototype and some functionalities are missing or need to be improved > (those are specified in the README and in the code). > > The respository is available at https://github.com/jesusalber1/clurk. > > Best, > > Jesús Alberto > > > On 2018-05-23 19:19, Daniel Migault wrote: > >> Hi Jesus, >> >> That is really great to have two implementations! In addition the c >> implementation integrated with openssl would provide more accurate >> measurements on how lurk impact the edge server. That is great news >> and I wish interoperability tests may be done at the hackathon! >> >> Yours, >> >> Daniel >> >> On Wed, May 23, 2018 at 11:38 AM, Jesús Alberto Polo >> <ietf@jesusalberto.me> wrote: >> >> Hi, >>> >>> A very early version of clurk will be ready very soon. So far, the >>> ECDHE handshake is done (POO is missing though) and I’m finishing >>> the RSA handshake (PFS is missing as well) based on the patch you >>> shared lately. >>> >>> I’ll share the GitHub link as soon as it is ready and also provide >>> more details. >>> >>> Best, >>> >>> Jesús Alberto >>> >>> On 2018-04-24 17:34, Daniel Migault wrote: >>> >>> Thanks for the feed back! Yes absolutely for ecdhe, the >>> sig_and_hash >>> is missing from the spec. I have also slightly changed the extended >>> master structure by exchanging the session_hash and encrypted >>> premaster. I expect to be able to update the draft by next week as >>> well. On my python implementation I am using the following >>> structures >>> for ecdhe. >>> >>> Yours, >>> >>> Daniel >>> >>> TLS12ECDHERequestPayload = Struct( >>> >>> Embedded(TLS12Base), >>> >>> "sig_and_hash" / SignatureAndHashAlgorithm, >>> >>> "ecdhe_params" / ServerECDHParams, >>> >>> "poo_params" / Struct( >>> >>> "poo_prf" / Default( POOPRF, "null" ), >>> >>> "rG" / IfThenElse( this.poo_prf == 'null', >>> >>> Pass, >>> >>> Switch( this.ecdhe_params.curve_param.curve, >>> >>> { >>> >>> "secp256r1" : UncompressedPointRepresentation_256, >>> >>> "secp384r1" : UncompressedPointRepresentation_384, >>> >>> "secp512r1" : UncompressedPointRepresentation_512 >>> >>> }) ), >>> >>> "tG" / IfThenElse( this.poo_prf == 'null', >>> >>> Pass, >>> >>> Switch( this.ecdhe_params.curve_param.curve, >>> >>> { >>> >>> "secp256r1" : UncompressedPointRepresentation_256, >>> >>> "secp384r1" : UncompressedPointRepresentation_384, >>> >>> "secp512r1" : UncompressedPointRepresentation_512 >>> >>> }) ), >>> >>> ) >>> >>> ) >>> >>> With >>> >>> TLS12Base = Struct( >>> >>> "key_id" / KeyPairID , >>> >>> "client_random" / Random, >>> >>> "server_random" / Random, >>> >>> "tls_version" / ProtocolVersion, >>> >>> "prf" / PRFAlgorithm >>> >>> ) >>> >>> I have also changed the structure of the extended master by >>> interverting the session hash and the encrypted master to ease the >>> parsing. >>> >>> struct{ >>> >>> KeyPairID key_id >>> >>> ProtocolVersion tls_version // see RFC5246 section 6.2.1 >>> >>> PRFAlgorithm prf // see RFC5246 section 6.1 >>> >>> opaque session_hash<2...2^16-2> >>> >>> EncryptedPreMasterSecret pre_master >>> >>> // see RFC5246 section 7.4.7.1 >>> >>> }TLS12ExtendedMasterRSARequestPayload; >>> >>> ]]></artwork> >>> >>> FROM: Jesús Alberto Polo [mailto:ietf@jesusalberto.me] >>> SENT: Tuesday, April 24, 2018 11:11 AM >>> TO: Dmitry Kravkov <dmitryk@qwilt.com>; Daniel Migault >>> <daniel.migault@ericsson.com> >>> CC: LURK BoF <lurk@ietf.org> >>> SUBJECT: Re: [Lurk] lurk integration with openssl >>> >>> Hi, >>> >>> Thanks for the resources and the patch, it’s definitely easier to >>> solve it the way you did in the hackathon. >>> >>> I managed to integrate the basic functionality of LURK for ECDHE and >>> I’m preparing some tests, I hope they’re done and the code >>> cleaned >>> up by the end of this week. >>> >>> Regarding the TLS12ECDHERequestPayload [1], I think the _Signature >>> Algorithm_ field is missing (hash and signature), to indicate the >>> chosen algorithms for the TLS connection. >>> >>> Best regards, >>> >>> Jesús Alberto >>> >>> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00#section-7.1 >>> [1] >>> [1] >>> >>> On 22 Apr 2018, 12:08 +0200, Dmitry Kravkov <dmitryk@qwilt.com>, >>> wrote: >>> >>> Hi Jesus Alberto, >>> >>> this is a patch for openssl used during 101 hackathon >>> >>> It looks that direct calling for lurk library from statemachine will >>> be hard to push upstream, but adding more callbacks for master >>> secret calculation that nginx (or other client) registers for, will >>> be easier to submit. >>> >>> On Fri, Apr 20, 2018 at 9:26 PM Daniel Migault >>> <daniel.migault@ericsson.com> wrote: >>> >>> Hi Jesus Alberto, >>> >>> There have been some discussions regarding the integration of lurk >>> with openssl during the hackathon, so feel free to share your >>> concerns on the mailing list.. >>> >>> Here are some links you might find of interest: >>> >> >> https://www.agwa.name/blog/post/protecting_the_openssl_priva >> te_key_in_a_separate_process >> [4] >> >> >>>> https://www.agwa.name/blog/post/titus_isolation_techniques_continued >>> [3] >>> >>> Yours, >>>> >>>> Daniel >>>> >>>> _______________________________________________ >>>> Lurk mailing list >>>> Lurk@ietf.org >>>> https://www.ietf.org/mailman/listinfo/lurk [2] >>>> >>> >>> -- >>> >>> DMITRY KRAVKOV >>> Qwilt | Work: +972-72-2221630 | Mobile: +972-54-4839923 >>> >>> dmitrykATqwilt.com >>> >> >> Links: >> ------ >> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00%23section-7.1 >> [5] >> >> _______________________________________________ >> Lurk mailing list >> Lurk@ietf.org >> https://www.ietf.org/mailman/listinfo/lurk [2] >> >> >> >> Links: >> ------ >> [1] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00#section-7.1 >> [2] https://www.ietf.org/mailman/listinfo/lurk >> [3] https://www.agwa.name/blog/post/titus_isolation_techniques_continued >> [4] >> https://www.agwa.name/blog/post/protecting_the_openssl_priva >> te_key_in_a_separate_process >> [5] https://tools.ietf.org/html/draft-mglt-lurk-tls12-00%23section-7.1 >> >
- Re: [Lurk] lurk integration with openssl Jesús Alberto Polo
- Re: [Lurk] lurk integration with openssl Daniel Migault
- [Lurk] lurk integration with openssl Daniel Migault
- Re: [Lurk] lurk integration with openssl Dmitry Kravkov
- Re: [Lurk] lurk integration with openssl Jesús Alberto Polo
- Re: [Lurk] lurk integration with openssl Daniel Migault
- Re: [Lurk] lurk integration with openssl Jesús Alberto Polo
- Re: [Lurk] lurk integration with openssl Daniel Migault