From patchwork Fri Feb  9 11:10:00 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Frank Lichtenheld <frank@lichtenheld.com>
X-Patchwork-Id: 3610
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:e8a8:b0:554:adf7:68e6 with SMTP id
 oz40csp786249mab;
        Fri, 9 Feb 2024 03:10:31 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCUpz/nAmlN0ChssBFaCcDTR01xwwOp19qCp8vhJtFbGaPYDUfG0YfEfjXfITVBho+BAryT49QCwhwJSwflHMDqxzE/y/Dc=
X-Google-Smtp-Source: 
 AGHT+IEDiFVKvVBCWj9BdwM10b0U4kY8PMvVyF/42vjYkv1leyYwqKeEi0g4N7s/WoYsEv0zMq25
X-Received: by 2002:a05:6358:890:b0:178:9f1d:65e9 with SMTP id
 m16-20020a056358089000b001789f1d65e9mr1101277rwj.2.1707477030944;
        Fri, 09 Feb 2024 03:10:30 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1707477030; cv=none;
        d=google.com; s=arc-20160816;
        b=V+dl4gcGbHGsfFRpMN38eBAqE8ccZq6oE/Z0lK2Cgb9DO4s6s30ephnocrLTmEHm/h
         MXePlPi1qV9epckS5Fu2NtjgwG4RifZm1HcVXfJKTd3mzx6CwHipo/fih/z32XssJvHC
         17yal+dkxtR1VUHdQu5+oxP5/OCdQgpiJ/T/V8CPxtwRg1tua0TLxKkIb1uEUr0VNHxn
         OiB5TpjU+PliD5jrTZ0D8NfpvfYRCBde1DkC8JMlCJzKypGZm7O8PCD+M74wS7kXAoUY
         /n+HrP991dFWHmX+SxnGXUBrEsy71qssL6fuuzw/MoxwSPjNb4GUzQM3ANp1T3uSluZg
         2jpQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature:dkim-signature;
        bh=EXajUHLfwx8JnGBKPbjLkPbNRsD3AyUSyA4uCVphwt4=;
        fh=WGBHuPt6VVPX1Al5T6v50AkKWAbdlSI9XLR3ov1xGnQ=;
        b=Cdfvz4n7bEdyOgiMKgPS+c1YSAci5FTmCGukEiVk6YsLulL+iIqUAYvgMEvUkSGKr+
         QlHNrc0hBuydB32BuKB4YS4zf9TD1GMqyTh2Aeajhdjzr6W0VaqbIe7+jcMO9QAKAq0Q
         LI8Wdq4iCDbWuJtXTa92TNmT3C9/AODTlKWDepndL6ykVljozSKM+AvytocUf2LakG3m
         2V7VD67ZvGwhzZlrbD3nJZ9yEtGo/yGoRpBGBpUV7lEzBTEQSlsYhBmw2eQ0tFCbgFWc
         j7CJMbQpZzTgmQxa2HjIEdU1vcP6bl3bgp0TspXmkH3JF5cbEEpSAY//iAL/hZ4vIDFD
         vOLQ==;
        darn=openvpn.net
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=AQRKXHZC;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=bm0ulU5Z;
       dkim=neutral (body hash did not verify) header.i=@lichtenheld.com
 header.s=MBO0001 header.b=Cg24xHN1;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
X-Forwarded-Encrypted: i=1;
 AJvYcCX6R6tlUhGPKMDoqiPEO27LTO7dSW1NrFw21S5vhpO0mo5t+R1dwWY5sOM+TC90e1eaP/D9dAXAmZebcpznGCy3dIQ/tlRs8Dsxl0cRATKV+ke2R/XDEtJOd9BolQS0Iu5ZXwGCb54RAdh8oUPv4To2lJcDZHI=
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 d6-20020aa78e46000000b006e045c176fcsi127467pfr.324.2024.02.09.03.10.30
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 09 Feb 2024 03:10:30 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=AQRKXHZC;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=bm0ulU5Z;
       dkim=neutral (body hash did not verify) header.i=@lichtenheld.com
 header.s=MBO0001 header.b=Cg24xHN1;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1rYOlo-0000D1-3s;
	Fri, 09 Feb 2024 11:10:12 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <frank@lichtenheld.com>) id 1rYOlm-0000Co-M4
 for openvpn-devel@lists.sourceforge.net;
 Fri, 09 Feb 2024 11:10:11 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=BlRdYUfo33tKfzuw+IyBZRl7isd/PCeBXnDq0UFy504=; b=AQRKXHZCYjRJs8UYx0/5OlEatd
 vSuMG1dEp6ji5Iz4k7jcI6HA6o9X9XjmTu6eTuOTVd+UJvoq9W05kP6CIbxg5z72NmIDl7Zg1h5K0
 oOMpr4RukexZwRO+lPNA1UqcFT4gAn4WPzSKS7OMpV0Vsuq9ZMhT+aIQ1NQs51SdgGk4=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=BlRdYUfo33tKfzuw+IyBZRl7isd/PCeBXnDq0UFy504=; b=bm0ulU5ZUs+8gwK7ORwxVdJ66t
 mkx4MrQb1fxQOXcivf+g1w6yVbd7TLIT2IGszN26WP1kOkWa5iWmCqU5U/esLsy9PdlZoDUTnJpi+
 1BxMLTlgyOBHZLBWeO8lj9snYGR7g+MrgtGLIfZb8ZEHoiHZCunqiRKJe9MmA1O5tlEM=;
Received: from mout-p-201.mailbox.org ([80.241.56.171])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1rYOll-0008Gn-Gh for openvpn-devel@lists.sourceforge.net;
 Fri, 09 Feb 2024 11:10:11 +0000
Received: from smtp102.mailbox.org (smtp102.mailbox.org
 [IPv6:2001:67c:2050:b231:465::102])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
 (No client certificate requested)
 by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4TWWN93yhzz9tLk;
 Fri,  9 Feb 2024 12:10:01 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com;
 s=MBO0001; t=1707477001;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=BlRdYUfo33tKfzuw+IyBZRl7isd/PCeBXnDq0UFy504=;
 b=Cg24xHN1caKlWKPH+O7taxWKMFWgqAWExzJm023r+iiW/1ID5i+qi5opHMrLkjCXAqlrvV
 I4Gw0UEg0/CtCqfi5H1YFx2zcBYgr7FDoJ6WJgpyaiCb0GPcfsu5xa8ZbuY21iYW90AOGM
 Iyznlq1AOikSkf7juJ2/z12URVyM3ybm/EfOsiMOiKVifiHdIr3ta+Hr4M5v+xEHdNopsG
 md2b1gL29z4rAcp+cxyLggH4UpdQoqqbKvGiiklZPxfbUk+hZOHAocf9uMbSWn2iJVP6aB
 L1RH8/hYEfw3INIkBN5P36TCLF65w76Sg8834o26yBqtWqQ0/HHQpJq301lzEQ==
From: Frank Lichtenheld <frank@lichtenheld.com>
To: openvpn-devel@lists.sourceforge.net
Date: Fri,  9 Feb 2024 12:10:00 +0100
Message-Id: <20240209111000.16258-1-frank@lichtenheld.com>
In-Reply-To: 
 <gerrit.1696674325000.Ib5fc0c4b8f164596681ac5ad73002068ec6de1e5@gerrit.openvpn.net>
References: 
 <gerrit.1696674325000.Ib5fc0c4b8f164596681ac5ad73002068ec6de1e5@gerrit.openvpn.net>
MIME-Version: 1.0
X-Rspamd-Queue-Id: 4TWWN93yhzz9tLk
X-Spam-Score: -0.9 (/)
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Arne Schwabe <arne@rfc2549.org> This is more SSL debug
 information that most people do not really need or care about. OpenSSL's
 own s_client also logs them: Peer signing digest: SHA256 Peer signature type:
 ECDSA Content analysis details:   (-0.9 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/,
 low trust [80.241.56.171 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 -0.0 T_SCC_BODY_TEXT_LINE   No description available.
X-Headers-End: 1rYOll-0008Gn-Gh
Subject: [Openvpn-devel] [PATCH v9] Print SSL peer signature information in
 handshake debug details
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1790419434992635388?=
X-GMAIL-MSGID: =?utf-8?q?1790419434992635388?=

From: Arne Schwabe <arne@rfc2549.org>

This is more SSL debug information that most people do not really need
or care about. OpenSSL's own s_client also logs them:

Peer signing digest: SHA256
Peer signature type: ECDSA

The complete message looks like this:

   Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, server temp key: 253 bits X25519, peer signing digest/type: SHA256 RSASSA-PSS

or when forcing a specific group via tls-groups X448 with a ECDSA server:

   Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 384 bits ECsecp384r1, signature: ecdsa-with-SHA256, server temp key: 448 bits X448, peer signing digest/type: SHA384 ECDSA

Change-Id: Ib5fc0c4b8f164596681ac5ad73002068ec6de1e5
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/365
This mail reflects revision 9 of this Change.
Acked-by according to Gerrit (reflected above):
Frank Lichtenheld <frank@lichtenheld.com>

diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index c30e6a9..9b6027c 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -2166,6 +2166,83 @@
     EVP_PKEY_free(pkey);
 }
 
+#if !defined(LIBRESSL_VERSION_NUMBER)  && OPENSSL_VERSION_NUMBER >= 0x1010000fL
+/**
+ * Translate an OpenSSL NID into a more human readable name
+ * @param nid
+ * @return
+ */
+static const char *
+get_sigtype(int nid)
+{
+    /* Fix a few OpenSSL names to be better understandable */
+    switch (nid)
+    {
+        case EVP_PKEY_RSA:
+            /* will otherwise say rsaEncryption */
+            return "RSA";
+
+        case EVP_PKEY_DSA:
+            /* dsaEncryption otherwise */
+            return "DSA";
+
+        case EVP_PKEY_EC:
+            /* will say id-ecPublicKey */
+            return "ECDSA";
+
+        case -1:
+            return "(error getting name)";
+
+        default:
+            return OBJ_nid2sn(nid);
+    }
+}
+#endif /* ifndef LIBRESSL_VERSION_NUMBER */
+
+/**
+ * Get the type of the signature that is used by the peer during the
+ * TLS handshake
+ */
+static void
+print_peer_signature(SSL *ssl, char *buf, size_t buflen)
+{
+    int peer_sig_nid = NID_undef, peer_sig_type_nid = NID_undef;
+    const char *peer_sig = "unknown";
+    const char *peer_sig_type = "unknown type";
+
+    /* Even though these methods use the deprecated NIDs instead of using
+     * string as new OpenSSL APIs do, there seem to be no API that replaces
+     * it yet */
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER > 0x3050400fL
+    if (SSL_get_peer_signature_nid(ssl, &peer_sig_nid)
+        && peer_sig_nid != NID_undef)
+    {
+        peer_sig = OBJ_nid2sn(peer_sig_nid);
+    }
+#endif
+
+#if (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010000fL) \
+    || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3090000fL)
+    /* LibreSSL 3.7.x and 3.8.x implement this function but do not export it
+     * and fail linking with an unresolved symbol */
+    if (SSL_get_peer_signature_type_nid(ssl, &peer_sig_type_nid)
+        && peer_sig_type_nid != NID_undef)
+    {
+        peer_sig_type = get_sigtype(peer_sig_type_nid);
+    }
+#endif
+
+    if (peer_sig_nid == NID_undef && peer_sig_type_nid == NID_undef)
+    {
+        return;
+    }
+
+    openvpn_snprintf(buf, buflen, ", peer signing digest/type: %s %s",
+                     peer_sig, peer_sig_type);
+}
+
+
+
 /* **************************************
  *
  * Information functions
@@ -2180,8 +2257,9 @@
     char s1[256];
     char s2[256];
     char s3[256];
+    char s4[256];
 
-    s1[0] = s2[0] = s3[0] = 0;
+    s1[0] = s2[0] = s3[0] = s4[0] = 0;
     ciph = SSL_get_current_cipher(ks_ssl->ssl);
     openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s %s",
                      prefix,
@@ -2196,8 +2274,9 @@
         X509_free(cert);
     }
     print_server_tempkey(ks_ssl->ssl, s3, sizeof(s3));
+    print_peer_signature(ks_ssl->ssl, s4, sizeof(s4));
 
-    msg(D_HANDSHAKE, "%s%s%s", s1, s2, s3);
+    msg(D_HANDSHAKE, "%s%s%s%s", s1, s2, s3, s4);
 }
 
 void