Am 14.12.21 um 18:10 schrieb Frank Lichtenheld:
Arne Schwabe hat am 14.12.2021 16:09 geschrieben:
This consolidates the MSS fix calculation into a single function
instead having it distributed all over the code. It also calculates
the real wire overhead without extra sizes for buffer etc
> Arne Schwabe hat am 14.12.2021 16:09 geschrieben:
>
>
> This consolidates the MSS fix calculation into a single function
> instead having it distributed all over the code. It also calculates
> the real wire overhead without extra sizes for buffer etc.
>
> Patch v2: improve comment
>
> Si
From: Selva Nair
Signed-off-by: Selva Nair
---
src/openvpn/openvpn.vcxproj | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj
index 65ee6839..2f0cee60 100644
--- a/src/openvpn/openvpn.vcxproj
+++ b/src/openvpn/openvpn.vcxproj
@@ -316
From: Selva Nair
- Load the 'private key' handle through the provider and set it in
SSL_CTX
- Add a sign op function to interface provider with pkcs11-helper.
Previously we used its "OpenSSL Session" which internally sets up
callbacks in RSA and EC key methods. Not useful for the provider
From: Selva Nair
- Add xkey_cng_sign() as sign_op for the provider
and load the key using xkey_generic_load.
- Enable/Disable old code when provider is available or not.
- xkey_digest is made non-static for use in cryptoapi.c
One function cng_padding_type() is moved down to reduce number
of
From: Selva Nair
Sending largish messages to the management interface errors due to
the limited size used for the "error" buffer in x_msg_va(). Although
all intermediate steps allocate required space for the data to
send, it gets truncated at the last step.
This really requires a smarter fix. As
From: Selva Nair
Our key object retains info about the external
key as an opaque handle to the backend. We also
need the public key as an EVP_PKEY *.
For native keys we use OpenSSL API to import
data into the key. The 'handle' representing the
private key in that case is the OpenSSL
From: Selva Nair
A minimal set of functions for keymgmt are implemented.
No support for external key import as yet, only native
keys. Support for native keys is required as keys may
get imported into us for some operations as well as
for comparison with unexportable external keys that we hold.
I
From: Selva Nair
- Leverage keymgmt_import through EVP_PKEY_new_fromdata() to
import "management-external-key"
- When required, use this to set SSL_CTX_use_PrivateKey
The sign_op is not implemented yet. This will error out while
signing with --management-external-key. The next commit
fixes th
From: Selva Nair
- Load keys by specifying the opaque privtae key handle,
public key, sign-op and free-op required for loading keys
from Windows store and pkcs11.
- xkey_load_management_key is refactored to use the new function
- Also make xkey_digest non-static
Used in following commits t
From: Selva Nair
- Basic frame work for announcing support for signature
operations
- DigestSign and Sign functions for native keys are also
implemented. Though strictly not needed, these functions
for native keys sets up the framework for signature operations.
They also help loading an
From: Selva Nair
Support for padding algorithms in management-client is indicated
in the optional argument to --management-external-key as "pkcs1",
"pss" etc. We currently use it only for an early exit based on heuristics
that a required algorithm may not be handled by the client. When
signature
From: Selva Nair
Hooking into callbacks in RSA_METHOD and EVP_PKEY_METHOD
structures is deprecated in OpenSSL 3.0. For signing with
external keys that are not exportable (tokens, stores, etc.)
requires a custom provider interface so that key operations
are done under its context.
A single provid
From: Selva Nair
To receive undigested message for signing, indicate support
for handling message digesting in the client using an argument
"digest" to --management-external-key.
For example, to announce pkcs1 padding and digesting support use:
--management-external-key pkcs1 pss digest
In PK_
From: Selva Nair
The --management-external-key option can currently indicate support
for 'nopadding' or 'pkcs1' signatures in the client. Add 'pss' as an
option to announce that PSS signing requests are accepted.
To match, extend the algorithm string in PK_SIGN request to
include the following f
From: Selva Nair
The following series of patches implement a built-in
provider for interfacing OpenSSL 3.0 when external
keys are in use.
Essentially, to intercept the sign operation, the SSL_CTX
object has to be created with properties string set to
prioritize our provider. In the provider we
From: Selva Nair
- Add function to check when external key is in use
- Load xkey provider into a custom library context when required
- Use the custom libctx in SSL CTX when external key is in use
As no keys are yet loaded through the provider,
no functionality gets delegated to it as yet.
v2
From: Selva Nair
The EVP_PKEY interface as well as provider passes the raw
digest to the sign() function. In case of RSA_PKCS1,
our management interface expects an encoded hash, which
has the DigestInfo header added as per PKCSv1.5 specs,
unless the hash algorithm is legacy MD5_SHA1.
Fix this by
From: Selva Nair
Tests:
- Check SIGNATURE and KEYMGMT methods can be fetched
from the provider
- Load sample RSA and EC keys as management-external-key
and check that their sign callbacks are correctly exercised:
with and without digest support mocked in the client
capability flag.
Signe
From: Selva Nair
- Add a function to set as sign_op during key import. The
function passes the signature request to management interface,
and returns the result to the provider.
v2 changes: Method to do digest added to match the changes in
the provider signature callback.
TODO:
From: Selva Nair
Signed-off-by: Selva Nair
---
configure.ac | 2 -
tests/unit_tests/openvpn/Makefile.am | 4 -
tests/unit_tests/openvpn/test_provider.c | 112 +--
3 files changed, 105 insertions(+), 13 deletions(-)
diff --git a/configure.
Instead relying on the link_mtu_dynamic field and its calculation
in the frame struct, add a new field max_fragment_size and add
a calculation of it similar to mssfix.
Also whenever mssfix value is calculated, we also want to calculate
the values for fragment as both options need to be calculated
These functions are intended to lay the groundwork to later replace
the distributed frame calculations and centralise the calculation in
one place.
Patch v2: clarify that the socks comments is assuming IPv4
Signed-off-by: Arne Schwabe
---
src/openvpn/crypto.c | 55
The current mssfix parameter is a bit as it needs manual calculation of
the allowable packet size and also the resulting MSS value does not take
into account if IPv4 or IPv6 is used on the outer tunnel. The mtu parameter
fixes both of these problem by dynamically including the real overhead.
The s
The warning that fragment/mssfix needs also tun-mtu set to 1500 makes
little sense. Remove it completely. Instead warn if there are incosistencies
between --fragment and mssfix.
Patch v2: clarify the mssfix and fragment mtu warning message
Signed-off-by: Arne Schwabe
---
src/openvpn/init.c | 15
This consolidates the MSS fix calculation into a single function
instead having it distributed all over the code. It also calculates
the real wire overhead without extra sizes for buffer etc.
Patch v2: improve comment
Signed-off-by: Arne Schwabe
---
src/openvpn/forward.c | 5 ++---
src/openvpn
Hi,
The OpenVPN 3 Linux v17 (beta) is now available. This release consists
mostly of several enhancements of various sizes.
* Behaviour change: Only AEAD ciphers available for data channel by default
As part of the OpenSSL 3 support, non-AEAD ciphers are no longer enabled
by default on for
Acked-by: Gert Doering
I follow the reasoning - since we set the MTU now, we do not need to
adjust the frame afterwards. Logging the MTU might be useful (Windows
is weird, maybe it does not always "stick"...), so let's keep this in
for the time being.
Spurious comment change in ssl.c removed f
Not tested in any way, as this is just comments, and Frank has reviewed
them. I hope we'll see --tun-mtu-extra die later in this series... :-)
Your patch has been applied to the master branch.
commit 66c05aeabc7218e58266bd2bb39ddbd040030328
Author: Arne Schwabe
Date: Tue Dec 7 18:01:55 2021 +0
Acked-by: Gert Doering
I have not tested the actuall ASSERT() crash, but went through the
change asking myself "so, what will happen instead, now?"
- handle_data_channel_packet() will now ignore all keys that are
no longer KS_AUTH_TRUE, so if there is no other key, it will end
up in "TLS er
30 matches
Mail list logo
