hi
the debug test codes in OpenVPN are as follow, but the HMAC output is wrong.
Did I missed out anything?
regards
Frances
static void init_hmac (HMAC_CTX *ctx, const EVP_MD *digest,
struct key *key, const struct key_type *kt, const char *prefix)
{
struct gc_arena gc = gc_new ();
HMAC_CTX_init (ctx);
HMAC_Init_ex (ctx, key->hmac, kt->hmac_length, digest, NULL);
msg (D_HANDSHAKE,
"%s: Using %d bit message hash '%s' for HMAC authentication --- HMAC
KEY Size: %d ",
prefix, HMAC_size (ctx) * 8, OBJ_nid2sn (EVP_MD_type (digest)),
kt->hmac_length);
/* make sure we used a big enough key */
ASSERT (HMAC_size (ctx) <= kt->hmac_length);
dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
format_hex (key->hmac, kt->hmac_length, 0, &gc));
dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
prefix,
EVP_MD_size (digest),
EVP_MD_block_size (digest));
gc_free (&gc);
}
void openvpn_encrypt (struct buffer *buf, struct buffer work,
const struct crypto_options *opt,
const struct frame* frame)
{
.... (more codes)
/* HMAC the ciphertext (or plaintext if !cipher) */
if (ctx->hmac)
{
int hmac_len;
uint8_t *output;
dmsg (D_PACKET_CONTENT, "HMAC work (input): %s -- BLEN (&work): %d",
format_hex (BPTR (&work), BLEN (&work), 0, &gc), BLEN (&work));
HMAC_Init_ex (ctx->hmac, NULL, 0, NULL, NULL);
HMAC_Update (ctx->hmac, BPTR (&work), BLEN (&work));
output = buf_prepend (&work, HMAC_size (ctx->hmac));
ASSERT (output);
HMAC_Final (ctx->hmac, output, (unsigned int *)&hmac_len);
ASSERT (hmac_len == HMAC_size (ctx->hmac));
dmsg (D_PACKET_CONTENT, "HMAC work (input): %s -- BLEN (&work): %d",
format_hex (BPTR (&work), BLEN (&work), 0, &gc), BLEN (&work));
dmsg (D_PACKET_CONTENT, "HMAC output (generated hmac): %s -- hmac_len:
%d",
format_hex (output, hmac_len, 0, &gc), hmac_len);
}
On Tue, Mar 9, 2010 at 6:06 PM, froggu 21 <frogg...@gmail.com> wrote:
> hi Jan
>
> Thanks.
>
> yes, the keys file was generated using the openvpn genkey function. The
> display was generated during the OpenVPN keys establishment phase. The keys
> are verified to be correct. Just that the HMAC generation output does not
> tally. In fact, I found that only the TLS PRF HMAC generation process is
> correct. I wonder is it due to the reusing of context that cause the
> inconsistencies?
>
> regards
> Frances
>
> On Tue, Mar 9, 2010 at 5:25 PM, Jan Just Keijser <janj...@nikhef.nl>wrote:
>
>> Hi Frances,
>>
>>
>> froggu 21 wrote:
>>
>>> hi all
>>>
>>> May I know whether you have successfully verified the HMAC generated by
>>> OpenVPN? I found that the HMAC value generated by the OpenVPN does not tally
>>> with the HMAC value generated from the OpenSSL directly. I wonder is there
>>> any incorrect implementation of HMAC by OpenVPN?
>>>
>>> please see results:
>>> Captured Output:
>>> #Using 160 bit message hash 'SHA' for HMAC authentication --- HMAC KEY
>>> Size: 20
>>> #HMAC KEY: 4024a8e1 168ffb50 1b3c3fd7 e1fbe630 d2d26623
>>> #HMAC work (input): 86d320dd b8d20f0b 4f79a041 4cc1cd47 70775ee8 1e770fc8
>>> 85d2ee0c dcd9d670 fd58393a 50fc4094 a8372cb0 16cf30e9 -- BLEN (&work): 48
>>> #HMAC work (input): 9956b5bc 81286af6 a06b8d8e a5bdeca5 4a9324b9 86d320dd
>>> b8d20f0b 4f79a041 4cc1cd47 70775ee8 1e770fc8 85d2ee0c dcd9d670 fd58393a
>>> 50fc4094 a8372cb0 16cf30e9 -- BLEN (&work): 68
>>> #HMAC output (generated hmac): 9956b5bc 81286af6 a06b8d8e a5bdeca5
>>> 4a9324b9 -- hmac_len: 20
>>>
>>>
>>> Using the OpenSSL to verify the HMAC output:
>>> @@Testing HMAC digest SHA1
>>> Key Data
>>> 0000 40 24 a8 e1 16 8f fb 50 1b 3c 3f d7 e1 fb e6 30
>>> 0010 d2 d2 66 23
>>> Input Data
>>> 0000 86 d3 20 dd b8 d2 0f 0b 4f 79 a0 41 4c c1 cd 47
>>> 0010 70 77 5e e8 1e 77 0f c8 85 d2 ee 0c dc d9 d6 70
>>> 0020 fd 58 39 3a 50 fc 40 94 a8 37 2c b0 16 cf 30 e9
>>> Expected Hash
>>> 0000 99 56 b5 bc 81 28 6a f6 a0 6b 8d 8e a5 bd ec a5
>>> 0010 4a 93 24 b9
>>>
>>> HMAC Digest mismatch
>>> Got
>>> 0000 83 cb 72 19 f4 2a 33 f8 37 a6 62 59 8f 2e 05 cb
>>> 0010 0a 39 0f 37
>>> Expected
>>> 0000 99 56 b5 bc 81 28 6a f6 a0 6b 8d 8e a5 bd ec a5
>>> 0010 4a 93 24 b9
>>>
>>> I wonder did I missed out anything? Or is there something different in
>>> OpenVPN HMAC implementation? Could you advise?
>>>
>>> how did you generate this output (on the openvpn side) ?
>> Note that there no "correct HMAC implementation" per se: to use HMAC you
>> generate a 2048 bit key using
>> openvpn --genkey -secret ta.key
>> OpenVPN then uses parts of this key for HMAC ciphers, encryption etc.
>> For more details, read the HMAC section in the FAQ:
>> http://openvpn.net/index.php/open-source/faq.html
>>
>> HTH,
>>
>> JJK
>>
>>
>
