From patchwork Wed Apr 9 12:24:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4214 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:8598:b0:63e:cbae:3930 with SMTP id az24csp762601mab; Wed, 9 Apr 2025 05:25:04 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXs8mUnDtBcSpKEs2xXx1B1+2bRfCMRzNaNhST6SLMnPI2fuPfih/cvdzdFccs0WU24crA2HqdONjs=@openvpn.net X-Google-Smtp-Source: AGHT+IGOfzow0l3vN7vPSfOanHPBaBn690L9ExdM2VKq3r2vrL7bR2H5mMS0YBkS7qZuolHfHtD7 X-Received: by 2002:a05:6830:6f8b:b0:72b:9dc8:7f30 with SMTP id 46e09a7af769-72e70a54f4amr1511516a34.20.1744201504076; Wed, 09 Apr 2025 05:25:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1744201504; cv=none; d=google.com; s=arc-20240605; b=jovMr1r+IPLcif4VIQ48xzfJVNmi1mJA/OlS+JfWvEPmmc8By/as9ZcwQ2SKMbdU6Y abnBQWuJ4yuzH/apo6lBMmGKxpE1PSMG3XJqFF6ApZAPp96EE38EuzR3Y2MvofOcgV1O Pp4/mah8JR4vC7nLhd0FCZkMfQCVdCptkeSth8Ft8zFwqhZyMbosAv6auLaQZCnfZToA 61dJEBwFdYr+k+fxQ5orban7e/wKL8Z13WUT/9ZXPTuy8MS0sySG+u6MOUr6KY2HDjgg 3XffMO9fVz4A7UIT/ADhZTnRVJ6ndrY2nzRq3XjfTucS58zLirmldA5ilqBP/i1V/1sC DHfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=0wJAjxaWnDA1TVjjakW0m0wNzuU72HZDvHGoRAjv+aA=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=E7DjZGo6GJIt+Jbgp9DF5nU0RIWXb9BwdStVSlmco3xLXtD6oZ4K0+cmqZsJNyFi1D FU6jFthn7qg5wTKmCTC+X4BXAMMFTc0WEhqOT6uGvzICKeOdxFojefstDMLxygugElX9 F3k3WV/iL6QXuOhbSCY3ABWmyRZau4i5NdxUtQ+4Q1rmz5owvhfmYSvaiO8tnmEw0QOI PQ+qXxEuBkxZWnU4+ioQ1AWboE48DahMFrKFg6BBbNE8CEdcFMYNaIq5pTPZJJKh/VR8 3JWYGo3ghFvbwDCBv7WYQai+emOqRp5KZSRUNLqHgLOPqNn9oaV1myxxmoXp5o55fIhQ il+A==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QQKKwQzd; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=mUdDr3ok; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 46e09a7af769-72e73d52d0csi477172a34.39.2025.04.09.05.25.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 09 Apr 2025 05:25:03 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QQKKwQzd; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=mUdDr3ok; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1u2UUE-0002NJ-N9; Wed, 09 Apr 2025 12:24:58 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1u2UU0-0002Mw-EZ for openvpn-devel@lists.sourceforge.net; Wed, 09 Apr 2025 12:24:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=7hSFzY6Psc1wK3gbJ2tB5ObF+VCs5la1On8zJgptdVM=; b=QQKKwQzd4I/stfoue7yNNVypQr Vp0SRae8qLmLpIB42IKQZS/qvaf97F9V8PrvQZPZl7DqRrCeuGtFjIEqvoCvsay12NhUsP9Kkpbhk IaXCacQNEt++CgXLytepvUkcq0VPzGoPwzAfOeViJUK+US1AUlNEyI8XDu2lr+Q19xD0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=7hSFzY6Psc1wK3gbJ2tB5ObF+VCs5la1On8zJgptdVM=; b=mUdDr3okOYSrUcze1+ESmHzxFb rHFP3GTzTwNZm1simOBuJvPcWyZzhGMaPQbXk27IAGgvnJjIRuhPV/KCg4VhFoOrCYsqXy3WALV5A +pZ6CSUIsdsRTcQvbkHHjj4jNaXbdm+7+ySVgjWocxfLXy+xvi4WBgE/Xc3IWhLfa8JA=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1u2UTd-0006NG-UA for openvpn-devel@lists.sourceforge.net; Wed, 09 Apr 2025 12:24:38 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 539COA6D017681 for ; Wed, 9 Apr 2025 14:24:10 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 539CO946017680 for openvpn-devel@lists.sourceforge.net; Wed, 9 Apr 2025 14:24:09 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 9 Apr 2025 14:24:03 +0200 Message-ID: <20250409122409.17616-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.45.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe With TLS 1.0 to 1.2, the used key agreement was depended on the certificates themselves. With TLS 1.3 is no longer the case but basically always X25519 was used. So this information has been very inte [...] Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [193.149.48.174 listed in bl.score.senderscore.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [193.149.48.174 listed in sa-accredit.habeas.com] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1u2UTd-0006NG-UA Subject: [Openvpn-devel] [PATCH v1] Also print key agreement when printing negotiated details X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1828927836339440936?= X-GMAIL-MSGID: =?utf-8?q?1828927836339440936?= From: Arne Schwabe With TLS 1.0 to 1.2, the used key agreement was depended on the certificates themselves. With TLS 1.3 is no longer the case but basically always X25519 was used. So this information has been very interesting so far. But with OpenSSL 3.5.0 and the new X25519MLKEM768 hybrid key agreement, the used key agreement group actually becomes interesting information. This commit adds printing this information for OpenSSL 3.0.0+ and uses a compat version for OpenSSL 3.0-3.1 to avoid an additional ifdef in the code itself. Example output with ML-DSA-65 certificates on the server (client output): Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 15616 bits ML-DSA-65, signature: id-ml-dsa-65, peer signing digest/type: mldsa65 id-ml-dsa-65, key agreement: X25519MLKEM768 with an secp384r1 certificate: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 384 bits ECsecp384r1, signature: ecdsa-with-SHA256, peer signing digest/type: ecdsa_secp384r1_sha384 ECDSA, key agreement: X25519MLKEM768 Change-Id: I90d54853fe1b1d820661cc2c099e07ec5d31ed05 Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/938 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h index e2bd9bf..bd6f09c 100644 --- a/src/openvpn/openssl_compat.h +++ b/src/openvpn/openssl_compat.h @@ -197,6 +197,13 @@ } #endif /* if OPENSSL_VERSION_NUMBER < 0x30500000 && (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER > 0x3050400fL) */ - +#if OPENSSL_VERSION_NUMBER < 0x30200000L && OPENSSL_VERSION_NUMBER >= 0x30000000L +static inline const char * +SSL_get0_group_name(SSL *s) +{ + int nid = SSL_get_negotiated_group(s); + return SSL_group_to_name(s, nid); +} +#endif #endif /* OPENSSL_COMPAT_H_ */ diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 23b0266..d1d5d3e 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -2486,7 +2486,21 @@ peer_sig, peer_sig_type); } - +#if OPENSSL_VERSION_NUMBER >= 0x30000000L +void +print_tls_key_agreement_group(SSL *ssl, char *buf, size_t buflen) +{ + const char *groupname = SSL_get0_group_name(ssl); + if (!groupname) + { + snprintf(buf, buflen, ", key agreement: (error fetching group)"); + } + else + { + snprintf(buf, buflen, ", key agreement: %s", groupname); + } +} +#endif /* ************************************** * @@ -2503,8 +2517,9 @@ char s2[256]; char s3[256]; char s4[256]; + char s5[256]; - s1[0] = s2[0] = s3[0] = s4[0] = 0; + s1[0] = s2[0] = s3[0] = s4[0] = s5[0] = 0; ciph = SSL_get_current_cipher(ks_ssl->ssl); snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", prefix, @@ -2520,8 +2535,11 @@ } print_server_tempkey(ks_ssl->ssl, s3, sizeof(s3)); print_peer_signature(ks_ssl->ssl, s4, sizeof(s4)); +#if OPENSSL_VERSION_NUMBER >= 0x30000000L + print_tls_key_agreement_group(ks_ssl->ssl, s5, sizeof(s5)); +#endif - msg(D_HANDSHAKE, "%s%s%s%s", s1, s2, s3, s4); + msg(D_HANDSHAKE, "%s%s%s%s%s", s1, s2, s3, s4, s5); } void