'Re: Need guidance to replace HMAC-SHA1 implementation via engine'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    Re: Need guidance to replace HMAC-SHA1 implementation via engine
From:       "Dr. Stephen Henson" <steve () openssl ! org>
Date:       2014-07-29 12:30:59
Message-ID: 20140729123059.GA71489 () openssl ! org
[Download RAW message or body]

On Tue, Jul 29, 2014, Jitendra Lulla wrote:

> Hi Steve,
> 
> Please refer the following mail from you:
> 
> http://www.mail-archive.com/openssl-dev%40openssl.org/msg32918.html
> 
> "...
> The high level MAC (including HMAC) interfaces go through EVP_PKEY treating it
> as a signing operation. It *is* possible to redirect HMAC in that way but only
> if the application uses the EVP_PKEY MAC interface. Anything using the HMAC_*
> functions directly wont use the ENGINE.
> 
> There is a big gotcha though. The "lucky 13" attack fix had to bypass EVP
> entirely and reimplement HMAC (and SSLv3 MAC) in constant time. That means
> that the record MAC operations for SSL/TLS can no longer be redirected through
> an ENGINE. At some point this will be addressed but it requires support at the
> ENGINE (and associated hardware) too: to implement the appropriate constant
> time algorithms.
> 
> Steve
> .."
> 
> 
> could you please help me find the changeset that fixed the lucky 13 attack?
> I am in need of testing my engine which is supposed to take care of the following \
>                 command:
> ./openssl dgst -engine af_alg -sha1 -mac hmac -macopt \
> hexkey:f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff data_32.txt 
> The command gives the correct hmac but without going through the engine!

Only the SSL/TLS code goes through the lucky 13 fix so if the command line
utility isn't using your HMAC implementation it isn't anything to do with
that.

Redirecting HMAC is currently rather more complex than it should be.

There is an example in eng_openssl.c which redirects HMAC: look at the code
near TEST_ENG_OPENSSL_HMAC.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic