[erlang-patches] SSL: export some session key material and make the TLS PRF accessible

Ingela Anderton Andin ingela@REDACTED
Tue Feb 28 10:53:37 CET 2012


Hi Andreas!

I think it looks good :)

But there is a strange part in the documentation:

This sentence I think needs to be reformulated!

+ This function is menaing for for TLS connections, <c>{error, 
undefined}</c>
+ is returned for SSLv3 connections.</p>

No longer needed:

+  <p>When using this functions with key and/or random material from the 
TLS session,
+   special care needs to be take to not expose any sensitive crypto 
state</p>
+     </desc>

Regards Ingela Erlang/OTP team - Ericsson AB

Andreas Schultz wrote:
> Hi Ingela,
>
> I have pushed a new version to the same location.
>
> git fetch git://github.com/RoadRunnr/otp.git tls-export-stuff
>
> https://github.com/RoadRunnr/otp/compare/tls-export-stuff
> https://github.com/RoadRunnr/otp/compare/tls-export-stuff.patch
>
> This version removes the access to the internal security_parameters
> and adopts a scheme for the prf function that is close to what you
> suggested. The prf function is now:
>
> -type prf_random() :: client | server.
>
> prf(#sslsocket{}, Secret::binary() | 'master_secret', Label::binary(),
> 	  Seed::[binary() | prf_random()], WantedLen::non_neg_integer()) ->
> 		 {ok, binary()} | {error, reason()}
>
> It always works on an ssl socket and uses the TLS version negotiated for
> the socket. Specifying the TLS version does not really makes sense as the
> internal security_parameters are TLS version dependent and I can not see
> a use case for using the PRF without an active TLS connection.
>
> Allowing the client and server randoms for the secret without exporting
> them is somewhat strange, so I don't allow that. The same goes for using
> the master secret as seed.
>
> Andreas
>
> ----- Original Message -----
>   
>> Hi!
>>
>> I looked into this a bit and I would prefer not to have have a
>> function
>> that exports security parameters as this is not really desirable and
>> also
>> kind of unnecessary as you send them back to the SSL/TLS-gen-fsm
>> process.
>>
>> I think there should be a function prf
>>
>> -type security_parm_name() :: master_secret | client_random |
>> server_random
>>
>> prf(tls_version(), Secret::binary() | security_param_name(),
>> Label::binary(),
>>     Seed:: [binary()| security_parm_name()],
>>     WantedLen::non_neg_integer()) -> {ok, binary()} | {error,
>>     reason()}
>>
>>
>> Then the erlang SSL/TLS-fsm process will replace all
>> security_param_name-instances with the value of the corresponding
>> security parameter
>> before calling the prf-function.
>>
>> I think there is no need for an {'EXIT, term()} return  if necessary
>> to
>> catch something {error, Reason} is sufficient and the Reason can
>> provide the
>> information it was a caught EXIT if that could be interesting in that
>> particular case, it is not always  for example consider the following
>> catch
>>
>> connect(Host, Port, Socket, Options, User, CbInfo, Timeout) ->
>>     try start_fsm(client, Host, Port, Socket, Options, User, CbInfo,
>>           Timeout)
>>     catch
>>     exit:{noproc, _} ->
>>         {error, ssl_not_started}
>>     end.
>>
>> Regards Ingela  Erlang/OTP team Ericsson AB
>>
>> Andreas Schultz wrote:
>>     
>>> Hi,
>>>
>>> Please fetch:
>>>
>>>   git fetch git://github.com/RoadRunnr/otp.git tls-export-stuff
>>>
>>> Export some session key material and make the TLS PRF accessible
>>>
>>> Some protocols (e.g. EAP-PEAP, EAP-TLS, EAP-TTLS) that use TLS as
>>> transport layer need to generate additional application specific
>>> key material. One way to generate such material is to use the TLS
>>> PRF and key material from the TLS session itself.
>>>     
>>> This change adds a function to access the required key material and
>>> makes a TLS session PRF accessible.
>>>
>>> https://github.com/RoadRunnr/otp/compare/tls-export-stuff
>>> https://github.com/RoadRunnr/otp/compare/tls-export-stuff.patch
>>>
>>> Regards
>>> Andreas
>>>
>>>   
>>>       
>>     
>
>   




More information about the erlang-patches mailing list