Re: [lamps] [EXTERNAL] Proposal for PBMAC1 in PKCS#12

Mike Ounsworth <Mike.Ounsworth@entrust.com> Thu, 30 June 2022 22:04 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84CD4C157908 for <spasm@ietfa.amsl.com>; Thu, 30 Jun 2022 15:04:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XOPuVL7GiIbQ for <spasm@ietfa.amsl.com>; Thu, 30 Jun 2022 15:04:42 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80CB5C14CF05 for <spasm@ietf.org>; Thu, 30 Jun 2022 15:04:42 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 25UIcQ13001175; Thu, 30 Jun 2022 17:04:40 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=mail1; bh=fd3311CLv6CU59CWBc+IZPt+npI8yVwjsZpvGDORE9U=; b=lHbiX0qJdDgs30BLOKdfhMJk1cSt7B3wR+qzfdseLi3GoFhqykyHhBFlDeG5BV2Mvm2T ir/L2AGFkPihPqS8dNEy/DQ0wFD5++0qW+7kCDYxxg09hVC3TqUVgoQXIie+/170uir8 Rr4cXECrU/+DtqT4Xxrih6LYxEolSoVvHZJdl6vHn1KZ3NY8uoPWiuPiDt6lo1ir4JPX YSe6oFa5jWjloZmbkDLufPmLu7ZiSGwAhV1gBC3nVidkxPuPwhlpbdnRj5FtrQTJRl7y X34xamFcqSs+2hoc+PTzXrk5+zoh7QctGyOxjmNg3O1eHq9/3/Ty6fln65G9ftSrqFuW DQ==
Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2174.outbound.protection.outlook.com [104.47.55.174]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3gwwbqn127-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 30 Jun 2022 17:04:40 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jOqRluGMd9sLypXN5ObQsLyo8BVcfAJckfApGh9HNGowUrOHZ0N1OrjAtRzYe0gXDc7Js/G+ExhJ0ldgj15SQqckVoYPq6jnyTkMki5gWC7dqxIhim2RburDTSDl1CVOfMeOm1TNYB3sOlduKQ0LaRFMq79GT0bXePY6aubmuMHbbY1c/OlDadgqLw30z14tpjynZY1Fyse7TFKA4A9nfHlV3x+e834tgeVtUzEZNPOAblODJzIyQg5mXDq0Bs9cFX7kALmp+sWn+24sFFBNF9Zdhe26hl9iemEnJ+QxYEdsI8MOkdqjdoMl4azKdfchsajE8xJqt+C734y/OpeNBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fd3311CLv6CU59CWBc+IZPt+npI8yVwjsZpvGDORE9U=; b=CTY1yusIxb3axi/hGpMO0CqPfyxhMvz03u1vHOAgmIEQR6DnfMMWcw+XSYB6ixo6xnyWqnqCgBmpqbYQRqpEkoSpKCS7FnpByCqeXZkwsTvHCEa0NTeoAvERG0yXmVbTlxniz1y8s0jS7xA11L7QxNgJbP/6dIN3tPmMfRFuX5/k/bX06fDYPhW1zejmynx3pulzFSyIdy99uZ2wDgj6sh2/GNkYbzlXZiRXUWuxvnG3X6I5zPiNAaA0+lO3EyMHf7kFlrTwz+xK97NfwLzm1gak9ma1cMC5BFckmDb9GgiTFSnnQ+ARQyq+FVqMarUFmPPTX2N74AA0aJ+DkYC2Ow==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by MWHPR1101MB2110.namprd11.prod.outlook.com (2603:10b6:301:4f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5395.15; Thu, 30 Jun 2022 22:04:36 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::610d:1832:5a42:40ad]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::610d:1832:5a42:40ad%5]) with mapi id 15.20.5395.015; Thu, 30 Jun 2022 22:04:36 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Hubert Kario <hkario@redhat.com>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [EXTERNAL] [lamps] Proposal for PBMAC1 in PKCS#12
Thread-Index: AQHYhiPTanYHTiYPi06iXtSkTNzhea1ojDEA
Date: Thu, 30 Jun 2022 22:04:36 +0000
Message-ID: <CH0PR11MB573967EB15B13D7AA8BDA6059FBA9@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <c282cba9-f6ae-4412-8e93-0810cffb16f2@redhat.com>
In-Reply-To: <c282cba9-f6ae-4412-8e93-0810cffb16f2@redhat.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: baba0e77-ac2c-4171-933f-08da5ae48587
x-ms-traffictypediagnostic: MWHPR1101MB2110:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: F0wecuPHm/jSvIAFY/xdPqmm4aY14AysiFbJtHG6wkudwtR6Iq2F8CIGnKkYTUuf18A+TpIn0Msyar5jcUovEn5PqmnxyY0U7RRKM2RmEl55bzpmDuzwckt4sgPY+GBJUyyqsLPFwDJnAkKazg65/J4mbL4vhkBnCze1jNFavUL9r/fRSmxEinAzKW8xTNaxXukbUXJO2Lpg/selnA+5j3AhihmgpHvFElxTtH2AuN2/ID9fxUs2iauXwad27MOeZnh/2xwPScwaNGM5i/xtukPidwFfZv+Wx5UhVomXQMkbaysmGqQIn59z+q+JX4dDlF5MzlbYRxEgCr30idl6bfL/4Z6zzyr6kLnjW0hcHZRmeT3rMmCiJxt77EXk7eVKSHDD8IPrgwmJ64WaHSzUABlcokhPxlKdbp6b0NJX/9fLDOcBk1c4C47TheHgD/sIoqUcObbCEal2LCgme4Nt6G4LUqhIgcRqNlxxzFarDZanupvF0O9Cd6PSUoxsbyLCsMsnqj0u0UZ3DoolO2SpZNRPK+TV2wX3dc923LN2WLS2BC0XTOgf+nCkhnGTeFLvOQMfQFuoBNelF+jwxkY3AffpRSvNgHKIAFCHe8Vb4pmzAQUeS60jDzTn7JJDJh8pNOX4itJ9URfFtF4EVZaolI72mxbr+Bx4TUHgcx2iTLssWV/WgwzaPWDzERKc83bZSYSAymTCOZLHZxukRwWSMLA4fthJqkO74sAGdSfcc5YE8VQZ01mtfu/8Ku5QJz+t03QwpTMpK9vnBh3KvmvkselwvIKVfRkIbtk+VoLPF8dIq/7IzVemWd6LY0g8ic88re0IiCIg+QJicU808N3zEg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(366004)(376002)(346002)(39860400002)(396003)(136003)(8676002)(66476007)(66446008)(64756008)(76116006)(66556008)(66946007)(71200400001)(478600001)(316002)(110136005)(8936002)(966005)(5660300002)(83380400001)(52536014)(33656002)(26005)(9686003)(53546011)(66574015)(6506007)(186003)(7696005)(2906002)(122000001)(55016003)(41300700001)(38100700002)(86362001)(38070700005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 3JcjiJbC++7G7ZdYQ6RazSt5oH88dzli9bXh8XF5aqyBHxkFTzvdeXfoUV+En0B3z/Po8R569nZWk/tftA3e2QBgSA/cCqgl9Cd5oMOSM0QT2ylCrfLLl/jzd5Ynq04rSy/Cw1YMzysJblbs5Bp4va8cPx+J/iA9Z8qV1QCNJI11QDJOFsno5UCOXnf1GHhdDYuYKbFOJdppsI9VSNv6QiSnK6N3sq4+noM0qMzeSP8fisz2haDQT2DpPeM71+kadaAs2CBlXTTXpb+h82lVsZEzeM/XIHtoJ6YJdY9mNdutwTUg2fQrhjNDt+FFrzh3KtXAxULkBTl+q3s3i12oE73U0orOWE9tTjQdke3dXfbd3kPEhs8ZWYhMLY4QBBHh3TUlFzLBrQ7Q2yVYoMFd5+wUljQDdHvfFdt6vOehds7ulTtiJD5y932xE5xcunE4ff0/0zr0oCas7HRx3YNiW4SX1hRjMLkvMDi2MtjrUlwvEatvtXd7TGM6/M5qUi6tTOQlQvO84nolCqo6VWIrm28cmGpFrcHrhBOjrKiZD8T2YSChCYXCJweH/+8/ZLt6KhFbm+pp+ETvad2/1Hk7f2qQE2tg1+kiJftSpbvUoGtF31GoFuB2KbUEcqdNlNsqx40VjheEptGaUXehpj0+Ow+xKCXwcWitZMnrSiWSZ4JZ9z/Op5jS8ZsK87BMn0yEDSIaPWLBTa3TaScR/S2/CeZs9bVbdzIUHNmvE6gDK6XoQRH8xx6fDD43qDgfv/w189b6J8s3gc3z9OJPbw/Ej1F99vtqaYDswWf96qS2NqMFt/dO5CJpoek2lj0sE+BgIkz8FEGlt5oI9lL8wzBEao3p6gLPMYTt0O+IkIdjnsMBypSjC+a4/79C3f7kcTY1aEaDfG4nyX7WQykw5B4+gpFpenoooxSH+iBkuO20Jm28d20qSPCSD3rUKCjcoUOovG+otzSeSqKGVunMfMlEudEOlpuOHNpHvZ7DmA3n13Snrat0Z0Z6Jvy4rsQyUtujM5dkgmBmH0M4713AknCPfaFgtFfCYUvMx4G2lSxkNe49OxLplijjzo/+AfUilTMjjT9PcN1V7Ji43BBIcGXahTCV3vyNLIuSX5BmgGJxqhZfq62F7CaOJB+W8xHQO7S4Y/1s2sp8CfPvEZ4na0ryLFwTcBqRrWAbEmkB21O1CUwf/nq56heUaYBL1eBt0+cvjxhDr0uXXy/c+uzBPVzprdnPqtFfHy4bE/9xzJ6hjOE06QwczrQSgQYi57m2pdEUFPtflQ0BS/iUwAcKPCnX4wKxKGuGJRrnFkTtpYYHKmj96+rEroKdfd1UOqZQk7sE+H+GJCAO7M4Vf2+7u0davf/r3q7Fh76Mp3sygp3czUqzxHHjudXXqXGZr0pxRe/uj9kSVJ6700OS0ewgRbC4xiK+mqkx1uDigMP/8TXJ6RDF3Ndq4i5+36Ua2U30L8ase48cIVkv8CffTmueBBNaVntdD9N667Acvmr3nczLspk2Pb2d6zcRIHIUvX5sY3VCtQaz29TQy13EsMHUSatEPKEqbiJQ4z6zn/uufFgCupiuQ3mZnvdkGu9FVf5WS211
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: baba0e77-ac2c-4171-933f-08da5ae48587
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jun 2022 22:04:36.5488 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7Nz4by5dPQflwMK3UnG2kT32NI61U7Jw3aMRJ+KFuf0FDbRcHe8CFHYskPPlIZ619kxL7Y1DzGFQZ+dwdW62PppNFCiR4jSv4CbA8tSRNB4=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR1101MB2110
X-Proofpoint-GUID: 959eseQ_AhSbtY-SCifPFDTAWJFDf9SB
X-Proofpoint-ORIG-GUID: 959eseQ_AhSbtY-SCifPFDTAWJFDf9SB
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-06-30_14,2022-06-28_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 phishscore=0 malwarescore=0 priorityscore=1501 spamscore=0 lowpriorityscore=0 bulkscore=0 mlxscore=0 adultscore=0 impostorscore=0 clxscore=1011 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2204290000 definitions=main-2206300085
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/R3yZYTljUNHN1y9gR7IgmXAv36c>
Subject: Re: [lamps] [EXTERNAL] Proposal for PBMAC1 in PKCS#12
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jun 2022 22:04:47 -0000

Hi Hubert,

About these two changes:


> 3. if the PBMAC1 algorithm is used, the macSalt value MUST be ignored, for backwards compatibility it SHOULD NOT be empty

> 4. if the PBMAC1 algorithm is used, the iteration value MUST be ignored, for backwards compatibility it SHOULD have a non-zero positive value

I assume the reason for ignoring these is that they are already specified in the id-PBMAC1 params "PBKDF2-params", and so you're proposing to have the copy in the PKCS#12 MacData be ignored and the copy in PBKDF2-params be used?



About the backwards compatibility discussion; I think I agree with Russ that encouraging no integrity protection check is worse than supporting old algorithms -- though your FIPS lab may not agree :/  That means a "flag day" is almost preferrable if a client is not able to parse a p12 with new crypto.
I wonder if this is substantial enough to be worth bumping the version field of the p12 object to v4?
And if you're doing that ... then might as well clean up the ASN.1 to make MacData.macSalt and MacData.Iterations OPTIONAL.

---
Mike Ounsworth

-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of Hubert Kario
Sent: June 22, 2022 5:35 AM
To: spasm@ietf.org
Subject: [EXTERNAL] [lamps] Proposal for PBMAC1 in PKCS#12

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

______________________________________________________________________
Hello everybody,

The work on the new NIST FIPS 140-3 implementations made us aware that the current PKCS #12 specification uses a legacy PBKDF for the calculation of the whole-file MAC value: PBKDF1. The PKCS #12 standard also doesn't provide a way to specify any alternative KDF. Since PBKDF1 isn't an approved mechanism in FIPS, the whole file becomes FIPS non-compliant.

While deciding how to modify the PFX structure we considered two options:
change the structure completely, so that the whole macData is extensible and allows for use of PBMAC1, or by placing the PBMAC1 as as "hash"
in the existing structure. The first option is much cleaner, but it has the unintended consequence of making the file completely unreadable by any of the popular software able to process PKCS#12 files that exists now.
The second option does on the other hand create files that even old versions of OpenSSL (like 1.0.1) can read when the user specifies the -nomacver option. Allowing for a relatively easy workaround for interoperability with old systems.

With those two things in mind I'd like to propose the following I-D to specify use of PBMAC1 in PKCS#12:
https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-kario-pkcs12-pbmac1/__;!!FJ-Y8qCqXTj2!dYb2eaF0MwC-dRJr3A_dd2ATl_kQPOjYAJEJlT3c4I0Oez8iCwGlmHLIcYFF20iyPJzspaK9tNfd80wg-2LxBOUcxg$
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: https://urldefense.com/v3/__http://www.cz.redhat.com__;!!FJ-Y8qCqXTj2!dYb2eaF0MwC-dRJr3A_dd2ATl_kQPOjYAJEJlT3c4I0Oez8iCwGlmHLIcYFF20iyPJzspaK9tNfd80wg-2LywBbDYQ$
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic

_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!dYb2eaF0MwC-dRJr3A_dd2ATl_kQPOjYAJEJlT3c4I0Oez8iCwGlmHLIcYFF20iyPJzspaK9tNfd80wg-2IU-16RvA$
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.