Attention is currently required from: flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1041?usp=email
to look at the new patch set (#2).
Change subject: Use mbedtls_ssl_export_keying_material()
......................................................................
Use mbedtls_ssl_export_keying_material()
Mbed TLS now has an implementation of the TLS-Exporter feature (though
not yet in a released version). Use it if it's available.
Change-Id: I1204bc2ff85952160a86f0b9d1caae90e5065bc4
Signed-off-by: Max Fillinger <maximilian.fillin...@foxcrypto.com>
---
M CMakeLists.txt
M configure.ac
M src/openvpn/ssl_mbedtls.c
M src/openvpn/ssl_mbedtls.h
4 files changed, 48 insertions(+), 18 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/41/1041/2
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 40bffd4..0744eb4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -302,6 +302,7 @@
check_symbol_exists(mbedtls_ctr_drbg_update_ret mbedtls/ctr_drbg.h
HAVE_MBEDTLS_CTR_DRBG_UPDATE_RET)
check_symbol_exists(mbedtls_ssl_conf_export_keys_ext_cb mbedtls/ssl.h
HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB)
check_symbol_exists(mbedtls_ssl_set_export_keys_cb mbedtls/ssl.h
HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB)
+ check_symbol_exists(mbedtls_ssl_export_keying_material mbedtls/ssl.h
HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL)
check_include_files(psa/crypto.h HAVE_MBEDTLS_PSA_CRYPTO_H)
endfunction()
diff --git a/configure.ac b/configure.ac
index 75367e8..daaf202 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1065,19 +1065,28 @@
)
have_export_keying_material="yes"
+
AC_CHECK_FUNC(
- [mbedtls_ssl_conf_export_keys_ext_cb],
- [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [1],
[yes])],
- [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB], [0],
[no])]
+ [mbedtls_ssl_export_keying_material],
+ AC_DEFINE([HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL], [1],
+ [Have mbedtls_ssl_export_keying_material])
)
- if test "x$ac_cv_func_mbedtls_ssl_conf_export_keys_ext_cb" != xyes; then
+
+ if test "x$ac_cv_func_mbedtls_ssl_export_keying_material" != xyes; then
AC_CHECK_FUNC(
- [mbedtls_ssl_set_export_keys_cb],
- [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [1],
[yes])],
- [AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [0],
[no])]
+ [mbedtls_ssl_conf_export_keys_ext_cb],
+ [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB],
[1], [yes])],
+ [AC_DEFINE([HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB],
[0], [no])]
)
- if test "x$ac_cv_func_mbedtls_ssl_set_export_keys_cb" != xyes;
then
- have_export_keying_material="no"
+ if test "x$ac_cv_func_mbedtls_ssl_conf_export_keys_ext_cb" !=
xyes; then
+ AC_CHECK_FUNC(
+ [mbedtls_ssl_set_export_keys_cb],
+
[AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [1], [yes])],
+
[AC_DEFINE([HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB], [0], [no])]
+ )
+ if test "x$ac_cv_func_mbedtls_ssl_set_export_keys_cb"
!= xyes; then
+ have_export_keying_material="no"
+ fi
fi
fi
diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index ec3135a..03f8c80 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -253,8 +253,8 @@
memcpy(cache->master_secret, secret, sizeof(cache->master_secret));
cache->tls_prf_type = tls_prf_type;
}
-#else /* if HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB */
-#error either HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB or
HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB must be defined when
HAVE_EXPORT_KEYING_MATERIAL is defined
+#elif !HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL
+#error HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB,
HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB or HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL
must be set when HAVE_EXPORT_KEYING_MATERIAL is defined
#endif /* HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB */
bool
@@ -264,6 +264,20 @@
{
ASSERT(strlen(label) == label_size);
+#if HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL
+ /* Our version of mbed TLS has a built-in TLS-Exporter. */
+
+ mbedtls_ssl_context *ctx = session->key[KS_PRIMARY].ks_ssl.ctx;
+ if (mbed_ok(mbedtls_ssl_export_keying_material(ctx, ekm, ekm_size, label,
label_size, NULL, 0, 0)))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+
+#else /* HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL */
struct tls_key_cache *cache =
&session->key[KS_PRIMARY].ks_ssl.tls_key_cache;
/* If the type is NONE, we either have no cached secrets or
@@ -288,7 +302,9 @@
secure_memzero(ekm, session->opt->ekm_size);
return false;
}
+#endif /* HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL */
}
+
#else /* ifdef HAVE_EXPORT_KEYING_MATERIAL */
bool
key_state_export_keying_material(struct tls_session *session,
@@ -1238,7 +1254,7 @@
mbedtls_ssl_conf_max_tls_version(ks_ssl->ssl_config, version);
}
-#if HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB
+#if HAVE_MBEDTLS_SSL_CONF_EXPORT_KEYS_EXT_CB &&
!HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL
/* Initialize keying material exporter, old style. */
mbedtls_ssl_conf_export_keys_ext_cb(ks_ssl->ssl_config,
mbedtls_ssl_export_keys_cb, session);
@@ -1253,7 +1269,7 @@
* verification. */
ASSERT(mbed_ok(mbedtls_ssl_set_hostname(ks_ssl->ctx, NULL)));
-#if HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB
+#if HAVE_MBEDTLS_SSL_SET_EXPORT_KEYS_CB &&
!HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL
/* Initialize keying material exporter, new style. */
mbedtls_ssl_set_export_keys_cb(ks_ssl->ctx, mbedtls_ssl_export_keys_cb,
session);
#endif
diff --git a/src/openvpn/ssl_mbedtls.h b/src/openvpn/ssl_mbedtls.h
index ec30bb5..309dc7ce 100644
--- a/src/openvpn/ssl_mbedtls.h
+++ b/src/openvpn/ssl_mbedtls.h
@@ -85,16 +85,20 @@
void *sign_ctx;
};
-#ifdef HAVE_EXPORT_KEYING_MATERIAL
-/** struct to cache TLS secrets for keying material exporter (RFC 5705).
- * The constants (64 and 48) are inherent to TLS version and
- * the whole keying material export will likely change when they change */
+#if defined(HAVE_EXPORT_KEYING_MATERIAL) &&
!HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL
+/**
+ * struct to cache TLS secrets for keying material exporter (RFC 5705).
+ * Not needed if the library itself implements the keying material exporter,
+ * or if we can't obtain the secrets anyway.
+ *
+ * The constants 64 and 48 are inherent to TLS 1.2. For TLS 1.3, it is not
+ * possible to obtain the exporter master secret from mbed TLS. */
struct tls_key_cache {
unsigned char client_server_random[64];
mbedtls_tls_prf_types tls_prf_type;
unsigned char master_secret[48];
};
-#else /* ifdef HAVE_EXPORT_KEYING_MATERIAL */
+#else /* if defined(HAVE_EXPORT_KEYING_MATERIAL) &&
!HAVE_MBEDTLS_SSL_EXPORT_KEYING_MATERIAL */
struct tls_key_cache { };
#endif
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1041?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I1204bc2ff85952160a86f0b9d1caae90e5065bc4
Gerrit-Change-Number: 1041
Gerrit-PatchSet: 2
Gerrit-Owner: MaxF <m...@max-fillinger.net>
Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com>
Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-Attention: plaisthos <arne-open...@rfc2549.org>
Gerrit-Attention: flichtenheld <fr...@lichtenheld.com>
Gerrit-MessageType: newpatchset
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
