From patchwork Tue Jan 22 04:03:29 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arne Schwabe <arne@rfc2549.org>
X-Patchwork-Id: 672
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director8.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net with LMTP id kIi5Nw8xR1ynLgAAIUCqbw
	for <patchwork@openvpn.net>; Tue, 22 Jan 2019 10:04:47 -0500
Received: from proxy3.mail.ord1d.rsapps.net ([172.30.191.6])
	by director8.mail.ord1d.rsapps.net with LMTP id 6NBzNw8xR1wsdAAAfY0hYg
	; Tue, 22 Jan 2019 10:04:47 -0500
Received: from smtp35.gate.ord1d ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy3.mail.ord1d.rsapps.net with LMTP id 8KoKNw8xR1wXHQAA7WKfLA
	; Tue, 22 Jan 2019 10:04:47 -0500
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp35.gate.ord1d.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=rfc2549.org
X-Suspicious-Flag: YES
X-Classification-ID: 0ddd5e60-1e57-11e9-9807-525400a7b7b4-1-1
Received: from [216.105.38.7] ([216.105.38.7:42512]
 helo=lists.sourceforge.net)
	by smtp35.gate.ord1d.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id D9/D5-10546-D01374C5; Tue, 22 Jan 2019 10:04:46 -0500
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1glxam-00014o-5h; Tue, 22 Jan 2019 15:03:56 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <arne@kamera.blinkt.de>) id 1glxal-000146-92
 for openvpn-devel@lists.sourceforge.NET; Tue, 22 Jan 2019 15:03:55 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:
 To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=gi5d4Ce8Kb4MWCosIcVMOevzHLSknZ+C/M1XUlLku7M=; b=BLGRfHKUJABxRyJ6R3ujDDGqQ5
 FC9jW2t+geIqQM1g6jKMVPQVqV46jDaNIF57izDC3vCmps6BQnuvYB5mbVIEJsD6UK2dmXol8HzX+
 WsZLCioBwY1Jrwxz89DV+4UZGsKtiNkuOxbR6RVEXdtE+dNhGnH2S3K7zg+TUK+QAZdE=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=gi5d4Ce8Kb4MWCosIcVMOevzHLSknZ+C/M1XUlLku7M=; b=bbfUs/rk8m+ngdW6yZnNuB3flj
 6GhpYxS025xMTH+ekzNuSpMILyV3sW+B8wx6lNZmbFWQBkkTVgMlzLeilLdHSvdXSYNNAihDtGZpT
 xrkjUTaQvOraWv2f/Ma2KvbWhrAotCOjFheKqPkfPPSIpA7exaROTlXwwCao+9wPh6vc=;
Received: from mail.blinkt.de ([192.26.174.232])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 id 1glxaW-009VBk-GS
 for openvpn-devel@lists.sourceforge.NET; Tue, 22 Jan 2019 15:03:55 +0000
Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c])
 by mail.blinkt.de with smtp (Exim 4.91 (FreeBSD))
 (envelope-from <arne@kamera.blinkt.de>)
 id 1glxaP-000IMg-Lq; Tue, 22 Jan 2019 16:03:33 +0100
Received: (nullmailer pid 1109 invoked by uid 10006);
 Tue, 22 Jan 2019 15:03:33 -0000
From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 22 Jan 2019 16:03:29 +0100
Message-Id: <20190122150333.1061-2-arne@rfc2549.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20190122150333.1061-1-arne@rfc2549.org>
References: <20190122150333.1061-1-arne@rfc2549.org>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
 domains are different
X-Headers-End: 1glxaW-009VBk-GS
Subject: [Openvpn-devel] [PATCH v2 2/6] Allow pem_read_key_file to generate
 a random key
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Arne Schwabe <arne@openvpn.net>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Arne Schwabe <arne@openvpn.net>

This is useful for features that can use either a persistent
or an ephemeral key.
---
 src/openvpn/crypto.c    | 23 ++++++++++++++++++++---
 src/openvpn/crypto.h    |  4 +++-
 src/openvpn/tls_crypt.c |  5 +++--
 3 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index ff9dbfdc..68a28dee 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -1885,13 +1885,30 @@ cleanup:
 
 bool
 read_pem_key_file(struct buffer *key, const char *pem_name,
-                  const char *key_file, const char *key_inline)
+                  const char *key_file, const char *key_inline,
+                  bool allow_random)
 {
     bool ret = false;
     struct buffer key_pem = { 0 };
     struct gc_arena gc = gc_new();
 
-    if (strcmp(key_file, INLINE_FILE_TAG))
+
+    if (allow_random && key_file == NULL)
+    {
+        msg(M_INFO, "Using random %s.", pem_name);
+        uint8_t rand[BCAP(key)];
+        if (!rand_bytes(rand, BCAP(key)))
+        {
+            msg(M_WARN, "ERROR: could not generate random key");
+        }
+        else
+        {
+            buf_write(key, rand, BCAP(key));
+            ret = true;
+        }
+        goto cleanup;
+    }
+    else if (strcmp(key_file, INLINE_FILE_TAG))
     {
         key_pem = buffer_read_from_file(key_file, &gc);
         if (!buf_valid(&key_pem))
@@ -1914,7 +1931,7 @@ read_pem_key_file(struct buffer *key, const char *pem_name,
 
     ret = true;
 cleanup:
-    if (strcmp(key_file, INLINE_FILE_TAG))
+    if (key_file && strcmp(key_file, INLINE_FILE_TAG))
     {
         buf_clear(&key_pem);
     }
diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h
index 09f7bb25..dfbfb38b 100644
--- a/src/openvpn/crypto.h
+++ b/src/openvpn/crypto.h
@@ -436,11 +436,13 @@ write_pem_key_file(const char *filename, const char *pem_name);
  * @param pem_name      the name used in the pem encoding start/end lines
  * @param key_file      name of the file to read
  * @param key_inline    a string holding the data in case of an inline key
+ * @param allow_random  allow generating a random key if no file is provided
  * @return              true if reading into key was successful
  */
 bool
 read_pem_key_file(struct buffer *key, const char *pem_name,
-                  const char *key_file, const char *key_inline);
+                  const char *key_file, const char *key_inline,
+                  bool allow_random);
 
 /* Minimum length of the nonce used by the PRNG */
 #define NONCE_SECRET_LEN_MIN 16
diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c
index d6a82252..baa193c3 100644
--- a/src/openvpn/tls_crypt.c
+++ b/src/openvpn/tls_crypt.c
@@ -301,7 +301,7 @@ tls_crypt_v2_init_client_key(struct key_ctx_bi *key, struct buffer *wkc_buf,
                                          + TLS_CRYPT_V2_MAX_WKC_LEN);
 
     if (!read_pem_key_file(&client_key, tls_crypt_v2_cli_pem_name,
-                           key_file, key_inline))
+                           key_file, key_inline, false))
     {
         msg(M_FATAL, "ERROR: invalid tls-crypt-v2 client key format");
     }
@@ -326,8 +326,9 @@ tls_crypt_v2_init_server_key(struct key_ctx *key_ctx, bool encrypt,
     struct buffer srv_key_buf;
 
     buf_set_write(&srv_key_buf, (void *)&srv_key, sizeof(srv_key));
+
     if (!read_pem_key_file(&srv_key_buf, tls_crypt_v2_srv_pem_name,
-                           key_file, key_inline))
+                           key_file, key_inline, false))
     {
         msg(M_FATAL, "ERROR: invalid tls-crypt-v2 server key format");
     }