Attention is currently required from: MaxF, flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/804?usp=email )
Change subject: Implement methods to generate and manage OpenVPN Epoch keys ...................................................................... Patch Set 9: (23 comments) File src/openvpn/crypto.h: http://gerrit.openvpn.net/c/openvpn/+/804/comment/4cf4ae43_56da8da9 : PS9, Line 175: /** the epoch of the key is if it was generated as epoch data key material */ > I think you mean: The epoch of the key, if it was generated as epoch data key > material. […] I will clarify that this only meaningful if key parameters are used in epoch data and it is not meaningful otherwise. http://gerrit.openvpn.net/c/openvpn/+/804/comment/788a09ea_7023fafa : PS9, Line 223: is > this? Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/3d1e7540_b7a53f6a : PS9, Line 307: This limit for AEAD cipher > The limit for AEAD ciphers? Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/1dead943_a6393dd1 : PS9, Line 315: key > keys yes but also the comment is wrong as epoch_data_keys_future only stores receive keys. http://gerrit.openvpn.net/c/openvpn/+/804/comment/78aa125b_37d2d67c : PS9, Line 316: to switch also sending key > to also switch the sending key? Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/f57d4cd6_30ec7906 : PS9, Line 324: switch > switched? yes, and also before instead of bevor. http://gerrit.openvpn.net/c/openvpn/+/804/comment/be5e1ecc_1af62691 : PS9, Line 524: @param epoch Epoch read from packet or 0 when epoch is not used. > That's not an argument of the function. yes that got into a commit too early. I moved it to the commit that actually adds the epoch parameter. File src/openvpn/crypto_epoch.h: http://gerrit.openvpn.net/c/openvpn/+/804/comment/87827b4b_e2c66cc6 : PS9, Line 72: * @param epoch_key Epoch key to be used : * @param key Destination for the generated data key > wrong order compared to the function. Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/3e654f8c_e8b2f61e : PS9, Line 91: using > uses Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/0a1c083e_f7fbf9ba : PS9, Line 96: a > for the receive key? Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/f2c845b2_b82d132e : PS9, Line 103: send_epoch_keyt > send_epoch_key Acknowledged http://gerrit.openvpn.net/c/openvpn/+/804/comment/2ef5767a_589a85d0 : PS9, Line 118: * @param e1_send The E1 send epoch key derived by TLS-EKM : * @param e1_recv The E1 receive epoch key derived by TLS-EKM > incomplete parameters Acknowledged File src/openvpn/crypto_epoch.c: http://gerrit.openvpn.net/c/openvpn/+/804/comment/37c7c0ca_5ba66eff : PS9, Line 136: 11 > We could use strlen() here. I will be using sizeof(array) - 1 as strlen doesn't really like operating on a uint8_t array. http://gerrit.openvpn.net/c/openvpn/+/804/comment/b83b22ac_c3dd00bb : PS9, Line 157: 8 > strlen? same as above http://gerrit.openvpn.net/c/openvpn/+/804/comment/ae88362e_fa765dab : PS9, Line 163: 7 > strlen? same as above http://gerrit.openvpn.net/c/openvpn/+/804/comment/4b15f462_6189d29b : PS9, Line 210: uint16_t current_epoch_recv = co->key_ctx_bi.decrypt.epoch; > The variable name makes this look like it should be co->epoch_key_recv.epoch. > […] I reworked the comment and the function doxygen to hopefully make it a bit better to understand. http://gerrit.openvpn.net/c/openvpn/+/804/comment/85168ea8_12a0a758 : PS9, Line 423: is > in? not sure how I managed to mangle this when I copy&pasted it. File src/openvpn/packet_id.h: http://gerrit.openvpn.net/c/openvpn/+/804/comment/929b34fb_60e60e0a : PS9, Line 214: */ > Incomplete Acknowledged File src/openvpn/packet_id.c: http://gerrit.openvpn.net/c/openvpn/+/804/comment/129a630b_4118bf6c : PS9, Line 81: packet_id_init_recv(struct packet_id_rec *rec, int seq_backtrack, int time_backtrack, const char *name, int unit) > You could make this a static function. Acknowledged File tests/unit_tests/openvpn/test_crypto.c: http://gerrit.openvpn.net/c/openvpn/+/804/comment/b63adfb5_696e6519 : PS9, Line 728: is uses > uses Done http://gerrit.openvpn.net/c/openvpn/+/804/comment/aa4ca31d_556d7a6b : PS9, Line 830: 1-5 > 2-6 Done http://gerrit.openvpn.net/c/openvpn/+/804/comment/cb188983_ad366b2c : PS9, Line 835: assert_int_equal(epoch_lookup_decrypt_key(co, 1)->epoch, 1); > Could we make sure that it really is the retiring key by comparing it with > &co->epoch_retiring_data_ […] good idea. http://gerrit.openvpn.net/c/openvpn/+/804/comment/eca5ecc7_126d252a : PS9, Line 899: assert_null(epoch_lookup_decrypt_key(co, UINT16_MAX - 32)); > This hard-codes the assumption that this function is called with a state that > has num_future_keys == […] I think for a unit test hardcoding this is fine. I think we want to rather hardcode it here rather then to rely on the internal state of co being correct for the unit test. I will add an assert that the num_future_keys is 32 and then use num_future_keys as you suggested. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/804?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Id7d6a576ca8c9560cb2dfae82fc62175820e9b80 Gerrit-Change-Number: 804 Gerrit-PatchSet: 9 Gerrit-Owner: plaisthos <arne-open...@rfc2549.org> Gerrit-Reviewer: MaxF <m...@max-fillinger.net> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-Attention: flichtenheld <fr...@lichtenheld.com> Gerrit-Attention: MaxF <m...@max-fillinger.net> Gerrit-Comment-Date: Sun, 29 Dec 2024 03:09:05 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: MaxF <m...@max-fillinger.net> Gerrit-MessageType: comment
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel