Re: [netconf] ietf crypto types - permanently hidden

Balázs Kovács <balazs.kovacs@ericsson.com> Thu, 30 May 2019 09:48 UTC

Return-Path: <balazs.kovacs@ericsson.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 934BD120105 for <netconf@ietfa.amsl.com>; Thu, 30 May 2019 02:48:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xDU550lI7Yvc for <netconf@ietfa.amsl.com>; Thu, 30 May 2019 02:48:41 -0700 (PDT)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10041.outbound.protection.outlook.com [40.107.1.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB21A120074 for <netconf@ietf.org>; Thu, 30 May 2019 02:48:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+8z+2sy4DoCSgXQRXbNq44Xfg5VWv0jAE8HolCNK5Zk=; b=R/7MT4iQ17BQa34OYfKeFrB11aS6MlO0AbIHxcH4ylxJy6g0Tb2xor70+cf/eTP4RzjnKwDJJyoGmSJqa+5pyiligPPcazO54x6irlB+KRS8Y8l25nT+DAHcRAM2hkuwcMpEYg5jWAWhKLF6W6+m1jq9J/7evNIBZKfesxG6Ank=
Received: from VI1PR07MB4735.eurprd07.prod.outlook.com (20.177.57.146) by VI1PR07MB5326.eurprd07.prod.outlook.com (20.178.11.208) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1943.12; Thu, 30 May 2019 09:48:34 +0000
Received: from VI1PR07MB4735.eurprd07.prod.outlook.com ([fe80::95e8:7ebf:d9f5:d887]) by VI1PR07MB4735.eurprd07.prod.outlook.com ([fe80::95e8:7ebf:d9f5:d887%7]) with mapi id 15.20.1943.016; Thu, 30 May 2019 09:48:34 +0000
From: =?iso-8859-1?Q?Bal=E1zs_Kov=E1cs?= <balazs.kovacs@ericsson.com>
To: Kent Watsen <kent@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] ietf crypto types - permanently hidden
Thread-Index: AdTf8DCbvspujhISQkyURJOX9ReFpALufsOAAAVM5oADthG5oAAICCMAAAQfJ4AABQvugADqJOIAAAiERYAAKAZY4AABZSwAAAGYSwAABxXrgAA8jwUAAB/0SoAAJqYTgAAFKLEAAAT2BoAACbL7AAAASZ0AAL8j1gAAAX72AAASqQQAABHnTAAArPS3AAKWLDUAARaMhaA=
Date: Thu, 30 May 2019 09:48:34 +0000
Message-ID: <VI1PR07MB4735A8741475AB48FC53FACD83180@VI1PR07MB4735.eurprd07.prod.outlook.com>
References: <0100016a7e7a9e54-d4987061-96d8-49f3-a2bf-36b98851b3a3-000000@email.amazonses.com> <0100016a7e822689-e6fdbdbe-ba84-43e1-aefe-47196fe692e3-000000@email.amazonses.com> <e6930b6e52a642bda9f1bd76731ce9c3@XCH-RCD-007.cisco.com> <20190507.141926.1879619200930898148.mbj@tail-f.com> <0100016a942528d9-f65afd2a-2cc7-451d-93d8-788495f6a13a-000000@email.amazonses.com> <20190508054622.rz64qmxdhbx53x4g@anna.jacobs.jacobs-university.de> <0100016aa7b06b97-15f7703f-58b7-40a9-8afe-a54dd2b809e2-000000@email.amazonses.com> <0100016aeb7ee1aa-93dbb2f2-f4ff-432f-9a26-a10abb96b03b-000000@email.amazonses.com>
In-Reply-To: <0100016aeb7ee1aa-93dbb2f2-f4ff-432f-9a26-a10abb96b03b-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.kovacs@ericsson.com;
x-originating-ip: [89.135.192.225]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: efc5a62e-04e0-4e71-941f-08d6e4e3fb9b
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:VI1PR07MB5326;
x-ms-traffictypediagnostic: VI1PR07MB5326:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <VI1PR07MB5326E82575A291B29C577E5E83180@VI1PR07MB5326.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00531FAC2C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(346002)(366004)(376002)(396003)(136003)(199004)(189003)(11346002)(25786009)(446003)(6246003)(71200400001)(66946007)(66066001)(476003)(486006)(14454004)(790700001)(54896002)(6306002)(9686003)(186003)(6116002)(53936002)(64756008)(236005)(3846002)(5660300002)(73956011)(81166006)(2501003)(66556008)(76116006)(256004)(66476007)(66446008)(14444005)(7736002)(561944003)(86362001)(68736007)(71190400001)(81156014)(316002)(102836004)(110136005)(966005)(606006)(9326002)(26005)(74316002)(229853002)(6436002)(8676002)(55016002)(2906002)(508600001)(76176011)(6506007)(99286004)(52536014)(7696005)(45776006)(33656002)(53546011)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB5326; H:VI1PR07MB4735.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Ub6Ea3w6G1DLBoYAxEpsAzbmjkJCaEXcBd/Kb0i7ajzGFS2UthO713Xi/lNB3yL1kwUYSygf5VYjuj2qkGxh2hZCbtzckzYP3vuwmfuVhdsz7bT4U+4I5xN+rweLURzD2fj6au10cZARmDsUx9tufHtpws+FarcB/u0rYPTpNL0GcjIaHs0ig164Jbd2X0s7oIDr7KY9SmbKqJfUVoJ1gY2hVtKQ5n0EyxGaRJIBcNwOVU/C1XnBtXTW5uqKJ0/v+ZcRuyZq9SToNsb0XScRbgqCcajoFFgnBgJRISunSEOWDMTOH6GxGYUSu/AG8ZCpXc0BF/8/CHHmmcDpM5VROkq+Y4x0WSln3M0QqX9ftg4BTvGBlsBPHSm9OYpwhT8+T+SHv0rdRbd9xWcW/3Rbf8HuRnrfZ5rjjQM9d/33fWE=
Content-Type: multipart/alternative; boundary="_000_VI1PR07MB4735A8741475AB48FC53FACD83180VI1PR07MB4735eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: efc5a62e-04e0-4e71-941f-08d6e4e3fb9b
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 May 2019 09:48:34.9060 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: balazs.kovacs@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB5326
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/hJOEK1UtR51WsymvaqVrwyNk9WA>
Subject: Re: [netconf] ietf crypto types - permanently hidden
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2019 09:48:45 -0000

Hi Kent,

In case of crypt-hash, I can accept the extension of the crypt(3) schemes with a $0$ that sort of represents a hash() action, since it matches the original crypt(3) syntax.

In this case, I find it awkward to tell what to do with the data (verbs) as prefixes of the data. I personally preferred actions better for this purpose. I assume that this representation also does not change the matter of "actions" affecting configuration (see 'output' values). Also validation of required input and output seems more complicated to me.

The generate action returning the name of the key or optionally creating configuration sounded so far the closest match to me.

I'm also thinking do we need the 'generate-and-not-hide' and the 'install-and-hide' use cases?

Br,
Balazs


From: netconf <netconf-bounces@ietf.org>; On Behalf Of Kent Watsen
Sent: Friday, May 24, 2019 10:19 PM
To: netconf@ietf.org
Subject: Re: [netconf] ietf crypto types - permanently hidden


The message below was sent two weeks ago.   As a matter of expediency, I will assume there are no objections to this "crypt-hash"-like proposal.

Thanks,
Kent  // contributor





On May 11, 2019, at 12:18 PM, Kent Watsen <kent+ietf@watsen.net<mailto:kent+ietf@watsen.net>> wrote:


Hi Juergen,



I discussed this option in my "wide-screen needed" email from last Friday.
There are 3 cases to consider:

1) the manufacturer creates the (most likely "hidden") key pair and associated certificate.
    - these nodes MUST originate in <operational> (origin="system")
    - clients MUST replicate their (potentially encrypted or "permanently-hidden"
      enumerated) content into <running> in order reference the key and/or cert.

The question is what or how much needs replication. We refer to
hardware interfaces created by the manufacturer (and identified during
system startup - or during hotplug procedures) by having a name
binding of config in <running> to operational state in <operational>.
If you configure eth0, then this config binds to an <operational>
interface with the same name. So if there is a key pair created by the
vendor, perhaps all we need is a kind of a name that can be used to
bind the config to the key.

True, it could to a handle, but it's unclear what the handle would be.  We'd probably have to create one just to resolve this issue.



2) the client wishes to generate a key (hidden or not) without ever touching the
  private key.
    - presumably this occurs via a "generate-key" action (open to ideas)
    - this key ultimately MUST be in <running> in order to be referenced by config.

Perhaps the question is whether this is 'the key' or 'the name of the
key'.

Same as above.



    - ideally it shows up in <running> as consequence of invoking the action.
    - less ideal, as in (1), a <get-data>/<edit-data> sequence could be used
      to bring the key into <running>.

Would it help if "generate-key" simply returns a name for the new key?

Perhaps, I'd have to think through it more but, first, I want to dig a little more on the "crypt-hash" approach (see below).



3) the client wished to installed a hidden key.
    - note that we don't discuss installing a non-hidden key here, because
      that is exactly what a standard <edit-config> operation does.
    - presumably this occurs via a "install-key" action (open to ideas)
    - this is a weird case because the client is initially okay with touching the
      private key, but thereafter wants it to be protected by the system.
    - again, as with (2), ideally the key shows up in running as consequence
      of the action, but a round-trip could also get it there.

/js



Switching gears, I'd like to explore more the idea of reverting the 3-tuple back to "mandatory true" as discussed here: https://mailarchive.ietf.org/arch/msg/netconf/P-xcpHqUNq3LfX5meOCpNQMJusY but, instead of using `action` statements, perhaps we can use something similar to "crypt-hash".

>From RFC 7317:

    typedef crypt-hash {
      type string {
        pattern
          '$0$.*'
        + '|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}'
        + '|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}'
        + '|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}';
      }
      description
        "The crypt-hash type is used to store passwords using
         a hash function.  The algorithms for applying the hash
         function and encoding the result are implemented in
         various UNIX systems as the function crypt(3).

         A value of this type matches one of the forms:

           $0$<clear text password>
           $<id>$<salt>$<password hash>
           $<id>$<parameter>$<salt>$<password hash>

         The '$0$' prefix signals that the value is clear text.  When
         such a value is received by the server, a hash value is
         calculated, and the string '$<id>$<salt>$' or
         $<id>$<parameter>$<salt>$ is prepended to the result.  This
         value is stored in the configuration data store.
    <snip/>


Note that the last sentence says "stored in the configuration data store".
So how about this (note: all 3 values are "mandatory true"):


   leaf algorithm {
     nacm:default-deny-write;
     type asymmetric-key-algorithm-ref;
     mandatory true;
     description
       "Identifies the key's algorithm.";
   }


   leaf public-key {
     nacm:default-deny-write;
     type union {
       type binary;
       type string {
         pattern
         + '<value-to-be-generated(-and-hidden)?>'
         + '|<value-to-be-hidden>[A-Za-z0-9+/]+[=]{1,3}';
       }
     mandatory true;
     description
       "
       Binary is used for a standard configuration value.

       Prefix values are used to support special use-cases as follows:

         <value-to-be-generated(-and-hidden)?>

           An input value that is used to request the system to
           generate the key-pair.

           Without the optional '-and-hidden' postfix, the generated
           key pair is stored in the configuration data store.  This
           is used to support the security best practice use case
           whereby the client doesn't touch the private key.

           With the optional '-and-hidden' postfix, the key pair is
           generated in such a way that it will thereafter be reported
           either using '<permanently-hidden>' or '<encrypted by='*'>'.

           When the '<value-to-be-generated(-and-hidden)?>' prefix is
           used, it MUST be used in both the 'public-key' and 'private-
           key' values.

         <value-to-be-hidden>[A-Za-z0-9+/]+[=]{1,3}

           An input value that is used to request the system to
           store the provided key-pair in such a way that it will
           thereafter be reported either as '<permanently-hidden>'
           or '<encrypted by='*'>*'.

           Following the prefix is the base64-encoded value of the
           public key.

           When the '<value-to-be-hidden>' prefix is used, it MUST be
           used in both the 'public-key' and 'private-key' values.
       ";
   }


   leaf private-key {
     nacm:default-deny-all;
     type union {
       type binary;
       type string {
         pattern
           '<permanently-hidden>'
         + '|<encrypted by="*">[A-Za-z0-9+/]+[=]{1,3}'
         + '|<value-to-be-generated(-and-hidden)?>'
         + '|<value-to-be-hidden>[A-Za-z0-9+/]+[=]{1,3}';
       }
     mandatory true;
     description
       "
       Binary is used for a standard configuration value.

       Prefix values are used to support special use-cases as follows:

         <permanently-hidden>

           An output value that is used by the system to indicate
           that the private key value is not available in any form.

         <encrypted by='*'>[A-Za-z0-9+/]+[=]{1,3}

           An output value that is used by the system to indicate
           that the private key value is encrypted using the key
           identified by the 'by' attribute.

           Following the prefix is the base64-encoded value of the
           encrypted private key.

         <value-to-be-generated(-and-hidden)?>

           An input value that is used to request the system to
           generate the key-pair.

           Without the optional '-and-hidden' postfix, the generated
           key pair is stored in the configuration data store.  This
           is used to support the security best practice use case
           whereby the client doesn't touch the private key.

           With the optional '-and-hidden' postfix, the key pair is
           generated in such a way that it will thereafter be reported
           either using '<permanently-hidden>' or '<encrypted by='*'>'.

           When the '<value-to-be-generated(-and-hidden)?>' prefix is
           used, it MUST be used in both the 'public-key' and 'private-
           key' values.

         <value-to-be-hidden>[A-Za-z0-9+/]+[=]{1,3}

           An input value that is used to request the system to
           store the provided key-pair in such a way that it will
           thereafter be reported either as '<permanently-hidden>'
           or '<encrypted by='*'>*'.

           Following the prefix is the base64-encoded value of the
           private key.

           When the '<value-to-be-hidden>' prefix is used, it MUST be
           used in both the 'public-key' and 'private-key' values.
       ";
   }



Kent // contributor


_______________________________________________
netconf mailing list
netconf@ietf.org<mailto:netconf@ietf.org>
https://www.ietf.org/mailman/listinfo/netconf