[erlang-patches] SSL: export some session key material and make the TLS PRF accessible

Andreas Schultz <>
Tue Feb 28 12:18:42 CET 2012


Hi Ingela,

Documentation is update in the same place.

The first sentence is now:
+        <p>This function can only be used with TLS connections, <c>{error, undefined}</c>
+         is returned for SSLv3 connections.</p>

I have also removed the warning.

Andreas

----- Original Message -----
> Hi Andreas!
> 
> I think it looks good :)
> 
> But there is a strange part in the documentation:
> 
> This sentence I think needs to be reformulated!
> 
> + This function is menaing for for TLS connections, <c>{error,
> undefined}</c>
> + is returned for SSLv3 connections.</p>
> 
> No longer needed:
> 
> +  <p>When using this functions with key and/or random material from
> the
> TLS session,
> +   special care needs to be take to not expose any sensitive crypto
> state</p>
> +     </desc>
> 
> Regards Ingela Erlang/OTP team - Ericsson AB
> 
> Andreas Schultz wrote:
> > Hi Ingela,
> >
> > I have pushed a new version to the same location.
> >
> > git fetch git://github.com/RoadRunnr/otp.git tls-export-stuff
> >
> > https://github.com/RoadRunnr/otp/compare/tls-export-stuff
> > https://github.com/RoadRunnr/otp/compare/tls-export-stuff.patch
> >
> > This version removes the access to the internal security_parameters
> > and adopts a scheme for the prf function that is close to what you
> > suggested. The prf function is now:
> >
> > -type prf_random() :: client | server.
> >
> > prf(#sslsocket{}, Secret::binary() | 'master_secret',
> > Label::binary(),
> > 	  Seed::[binary() | prf_random()], WantedLen::non_neg_integer())
> > 	  ->
> > 		 {ok, binary()} | {error, reason()}
> >
> > It always works on an ssl socket and uses the TLS version
> > negotiated for
> > the socket. Specifying the TLS version does not really makes sense
> > as the
> > internal security_parameters are TLS version dependent and I can
> > not see
> > a use case for using the PRF without an active TLS connection.
> >
> > Allowing the client and server randoms for the secret without
> > exporting
> > them is somewhat strange, so I don't allow that. The same goes for
> > using
> > the master secret as seed.
> >
> > Andreas
> >
> > ----- Original Message -----
> >   
> >> Hi!
> >>
> >> I looked into this a bit and I would prefer not to have have a
> >> function
> >> that exports security parameters as this is not really desirable
> >> and
> >> also
> >> kind of unnecessary as you send them back to the SSL/TLS-gen-fsm
> >> process.
> >>
> >> I think there should be a function prf
> >>
> >> -type security_parm_name() :: master_secret | client_random |
> >> server_random
> >>
> >> prf(tls_version(), Secret::binary() | security_param_name(),
> >> Label::binary(),
> >>     Seed:: [binary()| security_parm_name()],
> >>     WantedLen::non_neg_integer()) -> {ok, binary()} | {error,
> >>     reason()}
> >>
> >>
> >> Then the erlang SSL/TLS-fsm process will replace all
> >> security_param_name-instances with the value of the corresponding
> >> security parameter
> >> before calling the prf-function.
> >>
> >> I think there is no need for an {'EXIT, term()} return  if
> >> necessary
> >> to
> >> catch something {error, Reason} is sufficient and the Reason can
> >> provide the
> >> information it was a caught EXIT if that could be interesting in
> >> that
> >> particular case, it is not always  for example consider the
> >> following
> >> catch
> >>
> >> connect(Host, Port, Socket, Options, User, CbInfo, Timeout) ->
> >>     try start_fsm(client, Host, Port, Socket, Options, User,
> >>     CbInfo,
> >>           Timeout)
> >>     catch
> >>     exit:{noproc, _} ->
> >>         {error, ssl_not_started}
> >>     end.
> >>
> >> Regards Ingela  Erlang/OTP team Ericsson AB
> >>
> >> Andreas Schultz wrote:
> >>     
> >>> Hi,
> >>>
> >>> Please fetch:
> >>>
> >>>   git fetch git://github.com/RoadRunnr/otp.git tls-export-stuff
> >>>
> >>> Export some session key material and make the TLS PRF accessible
> >>>
> >>> Some protocols (e.g. EAP-PEAP, EAP-TLS, EAP-TTLS) that use TLS as
> >>> transport layer need to generate additional application specific
> >>> key material. One way to generate such material is to use the TLS
> >>> PRF and key material from the TLS session itself.
> >>>     
> >>> This change adds a function to access the required key material
> >>> and
> >>> makes a TLS session PRF accessible.
> >>>
> >>> https://github.com/RoadRunnr/otp/compare/tls-export-stuff
> >>> https://github.com/RoadRunnr/otp/compare/tls-export-stuff.patch
> >>>
> >>> Regards
> >>> Andreas
> >>>
> >>>   
> >>>       
> >>     
> >
> >   
> 
> 

-- 
-- 
Dipl. Inform.
Andreas Schultz

email: 
phone: +49-391-819099-224
mobil: +49-179-7654368

------------------ managed broadband access ------------------

Travelping GmbH               phone:           +49-391-8190990
Roentgenstr. 13               fax:           +49-391-819099299
D-39108 Magdeburg             email:       
GERMANY                       web:   http://www.travelping.com

Company Registration: HRB21276 Handelsregistergericht Chemnitz
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
--------------------------------------------------------------



More information about the erlang-patches mailing list