Re: [TLS] Tricking TLS library into crypto primitives library

[Salz, Rich]

> TLS does not use AES in a way that is consistent with what you would get if 
> you just used a typical AES library.

Let me agree with Eric: TLS adds things like padding and identifiers that make 
it *impossible* to use a TLS library to get AES, unless that library exposes an 
AES API.

AES can be hard to get right. If you are concerned about naïve users using AES, 
trying to pull it out of a TLS library is a bad way to get to a solution. You 
should look at crypto API's that are more resistant to mistakes and mis-use. 
NaCL, TINK, etc.


___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Tricking TLS library into crypto primitives library

[Melinda Shore]

On 6/25/23 9:21 AM, Soni L. wrote:
Python doesn't expose raw AES, etc. But it does expose a fairly rich TLS 
library.


If you're not comfortable using the Python cryptography hazmat module,
check out pycryptodome.

Melinda

--
Melinda Shore
melinda.sh...@nomountain.net

Software longa, hardware brevis



OpenPGP_signature
Description: OpenPGP digital signature
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Tricking TLS library into crypto primitives library

[Soni L.]

Pure-python forbids using the cryptography package. Only python code and 
the python stdlib are allowed. The fact that TLS uses AES at all means 
it might be possible to trick the python ssl module to do arbitrary AES, 
with some effort.


At the end of the day, the TLS protocol is also part of the ssl module's 
API surface. It's not the API surface you'd usually interact with, but 
nothing really stops you from doing so.


On 6/25/23 14:31, Eric Rescorla wrote:

I believe https://cryptography.io/en/latest/ is what you want.

TLS does not use AES in a way that is consistent with what you would 
get if you just used a typical AES library.

-Ekr


On Sun, Jun 25, 2023 at 10:21 AM Soni L. > wrote:


Python doesn't expose raw AES, etc. But it does expose a fairly
rich TLS library. Wondering if it would be possible to just
connect a TLS socket to a raw TCP socket and somehow write bytes
into TLS and get ciphertext out or write bytes into the raw TCP
socket and get plaintext out.

The point is to use AES for non-TLS protocols.

On 6/25/23 14:15, Eric Rescorla wrote:

I'm not aware of any. Why would you want to do this? Most such
libraries I am aware of expose low-level primitives or are built
on libraries which do.

-Ekr


On Sun, Jun 25, 2023 at 6:28 AM Soni L. mailto:fakedme%2b...@gmail.com>> wrote:

Has anyone done any work towards tricking a TLS library into
providing
cryptographic primitives? We know of similar work with
regards to
javacard https://arxiv.org/abs/1810.01662 but not sure if it
can be
applied to TLS.

___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls



___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Tricking TLS library into crypto primitives library

[Eric Rescorla]

I believe https://cryptography.io/en/latest/ is what you want.

TLS does not use AES in a way that is consistent with what you would get if
you just used a typical AES library.
-Ekr


On Sun, Jun 25, 2023 at 10:21 AM Soni L.  wrote:

> Python doesn't expose raw AES, etc. But it does expose a fairly rich TLS
> library. Wondering if it would be possible to just connect a TLS socket to
> a raw TCP socket and somehow write bytes into TLS and get ciphertext out or
> write bytes into the raw TCP socket and get plaintext out.
>
> The point is to use AES for non-TLS protocols.
>
> On 6/25/23 14:15, Eric Rescorla wrote:
>
> I'm not aware of any. Why would you want to do this? Most such libraries I
> am aware of expose low-level primitives or are built on libraries which do.
>
> -Ekr
>
>
> On Sun, Jun 25, 2023 at 6:28 AM Soni L.  wrote:
>
>> Has anyone done any work towards tricking a TLS library into providing
>> cryptographic primitives? We know of similar work with regards to
>> javacard https://arxiv.org/abs/1810.01662 but not sure if it can be
>> applied to TLS.
>>
>> ___
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>
>
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Tricking TLS library into crypto primitives library

[Soni L.]

Python doesn't expose raw AES, etc. But it does expose a fairly rich TLS 
library. Wondering if it would be possible to just connect a TLS socket 
to a raw TCP socket and somehow write bytes into TLS and get ciphertext 
out or write bytes into the raw TCP socket and get plaintext out.


The point is to use AES for non-TLS protocols.

On 6/25/23 14:15, Eric Rescorla wrote:
I'm not aware of any. Why would you want to do this? Most such 
libraries I am aware of expose low-level primitives or are built on 
libraries which do.


-Ekr


On Sun, Jun 25, 2023 at 6:28 AM Soni L. > wrote:


Has anyone done any work towards tricking a TLS library into
providing
cryptographic primitives? We know of similar work with regards to
javacard https://arxiv.org/abs/1810.01662 but not sure if it can be
applied to TLS.

___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Tricking TLS library into crypto primitives library

[Eric Rescorla]

I'm not aware of any. Why would you want to do this? Most such libraries I
am aware of expose low-level primitives or are built on libraries which do.

-Ekr


On Sun, Jun 25, 2023 at 6:28 AM Soni L.  wrote:

> Has anyone done any work towards tricking a TLS library into providing
> cryptographic primitives? We know of similar work with regards to
> javacard https://arxiv.org/abs/1810.01662 but not sure if it can be
> applied to TLS.
>
> ___
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

[TLS] Tricking TLS library into crypto primitives library

[Soni L.]

Has anyone done any work towards tricking a TLS library into providing 
cryptographic primitives? We know of similar work with regards to 
javacard https://arxiv.org/abs/1810.01662 but not sure if it can be 
applied to TLS.


___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls