[Openvpn-devel,3/3] Allow all GCM ciphers

Message ID 20210408120029.19438-3-arne@rfc2549.org
State Changes Requested
Headers show
Series
  • [Openvpn-devel,1/3] Always save/restore pull options
Related show

Commit Message

Arne Schwabe April 8, 2021, noon
OpenSSL also allows ARIA-GCM and that works well with our implementation
While the handpicked list was needed for earlier OpenSSL versions (and
is still needed for Chacha20-Poly1305), the API nowadays with OpenSSL
1.0.2 and 1.1.x works as expected.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
---
 src/openvpn/crypto_openssl.c | 5 +++++
 1 file changed, 5 insertions(+)

Comments

Antonio Quartulli April 15, 2021, 10:22 p.m. | #1
Hi,

On 08/04/2021 14:00, Arne Schwabe wrote:
> OpenSSL also allows ARIA-GCM and that works well with our implementation
> While the handpicked list was needed for earlier OpenSSL versions (and
> is still needed for Chacha20-Poly1305), the API nowadays with OpenSSL
> 1.0.2 and 1.1.x works as expected.
> 
> Signed-off-by: Arne Schwabe <arne@rfc2549.org>
> ---
>  src/openvpn/crypto_openssl.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
> index f8b36bf85..235d0c321 100644
> --- a/src/openvpn/crypto_openssl.c
> +++ b/src/openvpn/crypto_openssl.c
> @@ -728,6 +728,11 @@ cipher_kt_mode_aead(const cipher_kt_t *cipher)
>  {
>      if (cipher)
>      {
> +        if (EVP_CIPHER_mode(cipher) == OPENVPN_MODE_GCM)
> +        {
> +            return true;
> +        }
> +
>          switch (EVP_CIPHER_nid(cipher))
>          {
>              case NID_aes_128_gcm:

If the hand-picked list is required only for chacha-poly1305, why not
removing all the AES variants from this list?

I tested ossl 1.0.2 and indeed EVP_CIPHER_mode(*aes-gcm*) returns GCM,
so this list should not be required.

Regards,
Arne Schwabe April 16, 2021, 10:58 a.m. | #2
Am 16.04.21 um 00:22 schrieb Antonio Quartulli:
> Hi,
> 
> On 08/04/2021 14:00, Arne Schwabe wrote:
>> OpenSSL also allows ARIA-GCM and that works well with our implementation
>> While the handpicked list was needed for earlier OpenSSL versions (and
>> is still needed for Chacha20-Poly1305), the API nowadays with OpenSSL
>> 1.0.2 and 1.1.x works as expected.
>>
>> Signed-off-by: Arne Schwabe <arne@rfc2549.org>
>> ---
>>  src/openvpn/crypto_openssl.c | 5 +++++
>>  1 file changed, 5 insertions(+)
>>
>> diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
>> index f8b36bf85..235d0c321 100644
>> --- a/src/openvpn/crypto_openssl.c
>> +++ b/src/openvpn/crypto_openssl.c
>> @@ -728,6 +728,11 @@ cipher_kt_mode_aead(const cipher_kt_t *cipher)
>>  {
>>      if (cipher)
>>      {
>> +        if (EVP_CIPHER_mode(cipher) == OPENVPN_MODE_GCM)
>> +        {
>> +            return true;
>> +        }
>> +
>>          switch (EVP_CIPHER_nid(cipher))
>>          {
>>              case NID_aes_128_gcm:
> 
> If the hand-picked list is required only for chacha-poly1305, why not
> removing all the AES variants from this list?
> 
> I tested ossl 1.0.2 and indeed EVP_CIPHER_mode(*aes-gcm*) returns GCM,
> so this list should not be required.

I was a chicken and did not test libreSSL but I can test it and then
send an updated patch. %)

Arne

Patch

diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index f8b36bf85..235d0c321 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -728,6 +728,11 @@  cipher_kt_mode_aead(const cipher_kt_t *cipher)
 {
     if (cipher)
     {
+        if (EVP_CIPHER_mode(cipher) == OPENVPN_MODE_GCM)
+        {
+            return true;
+        }
+
         switch (EVP_CIPHER_nid(cipher))
         {
             case NID_aes_128_gcm: