https://libreswan.org/wiki/api.php?action=feedcontributions&user=Sahana+Prasad&feedformat=atomLibreswan - User contributions [en]2024-03-29T15:59:31ZUser contributionsMediaWiki 1.35.14https://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21485Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2019-02-11T10:19:41Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/libreswan/libreswan/commit/12f2f1a03de214e1e3ecf5cfa84950f09a8d35c4<br />
<br />
https://github.com/libreswan/libreswan/commit/c6a711c091974b323feb61b3ea5c86713b80ea63<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21484Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2019-02-11T10:19:23Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/libreswan/libreswan/commit/12f2f1a03de214e1e3ecf5cfa84950f09a8d35c4<br />
https://github.com/libreswan/libreswan/commit/c6a711c091974b323feb61b3ea5c86713b80ea63<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21401Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-21T09:56:49Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21400Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-21T09:56:07Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21399Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-21T09:48:06Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21398Student projects2018-08-21T09:47:32Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by Google summer of code<br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
* Status : Merged and released in Libreswan 3.25<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
* Status : Development complete, code not yet merged.<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page: [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002<br />
<br />
<br />
= RFC 5685 IKEv2 Redirect Mechanism =<br />
<br />
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018<br />
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]<br />
* Status: Code pending review<br />
<br />
<br />
= Libreswan Managing Interface =<br />
<br />
* Student: Rishabh Chaudhary - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Libreswan Managing Interface ]]<br />
* Status: Development complete, waiting for release<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/Rishabh04-02/Libreswan-managing-interface</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21397Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-21T09:15:36Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
1. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21396Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-21T09:15:10Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
3. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
<br />
authby = ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
1. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21395Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-21T09:13:04Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Configuring ECDSA in Libreswan ==<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
1. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21394Student projects2018-08-21T09:11:15Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by Google summer of code<br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
* Status : Merged and released in Libreswan 3.25<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
* Status : Implementation is complete, code not yet merged.<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page: [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002<br />
<br />
<br />
= RFC 5685 IKEv2 Redirect Mechanism =<br />
<br />
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018<br />
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]<br />
* Status: Code pending review<br />
<br />
<br />
= Libreswan Managing Interface =<br />
<br />
* Student: Rishabh Chaudhary - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Libreswan Managing Interface ]]<br />
* Status: Development complete, waiting for release<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/Rishabh04-02/Libreswan-managing-interface</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21391Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-20T06:34:28Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
1. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after code-clean up and detailed code-review.<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21390Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-20T06:27:20Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
<br />
1. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after a fixing a few issues, review and code-clean up<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21389Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-17T22:11:35Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
Please note that this code is hardcoded for ecdsa in a few places and has debug logs enabled.<br />
It will be merged after a fixing a few issues, review and code-clean up<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21388Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-17T22:09:12Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
Signature generation is performed by using the PK11_Sign API<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
It was found that this error was set and not cleared by NSS.<br />
It was solved by checking for errors only when private key retrieved was not equal to NULL.<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21385Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T14:40:02Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
Private key is retrieved using the API PK11_FindKeyByKeyID or PK11_FindKeyByAnyCert through the CKAID.<br />
This part is not yet working fully as private key retrieval from certificates fails due to the issue mentioned below.<br />
Signature generation is performed by using the PK11_Sign API<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21384Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T14:35:23Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet working fully as private key retrieval from certificates fails due to the issue mentioned below.<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21383Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T09:12:27Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s. EC_FillParams is used to fill the ecParams of the public key.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
To generate the <br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
https://github.com/sahanaprasad07/libreswan/tree/ecdsa<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21382Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T09:02:44Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and tested during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21381Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T09:02:17Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implementation of RSA-PSS and support for SHA2 and it's variants. The work was started before GSoC 2018 but was fully completed and test during the GSoC 2018 period.<br />
Work is described in this project page [[RSA-PSS Support in compliance with RFC 7427 and RFC 8247]].<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21380Student projects2018-08-14T08:59:42Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by Google summer of code<br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
* Status : Merged and released in Libreswan 3.25<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
* Status : Initial framework is implemented and is found to be partly working. Yet to overcome some issues to fully implement ECDSA.<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page: [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002<br />
<br />
<br />
= RFC 5685 IKEv2 Redirect Mechanism =<br />
<br />
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018<br />
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]<br />
* Status: Code pending review</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21379Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T08:57:11Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
Inorder to verify the hash received by the peer, we also compute our own hash using the PRF(SK_d,ID[ir]). The computed hash, received Signature and the retrieved Public are then used by NSS API : ECDSA_VerifyDigest to verify the Signature. The ECDSA Signature is DER encoded and is as follows : <br />
<br />
Ecdsa-Sig-Value ::= SEQUENCE {<br />
r INTEGER,<br />
s INTEGER<br />
}<br />
<br />
Therefore before using the ECDSA_VerifyDigest API, the Signature must be DER decoded to obtain the integers r and s.<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21378Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T08:26:46Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively. New public key algorithm and policy , PUBKEY_ALG_ECDSA and POLICY_ECDSA are introduced respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
To verify a signature from the peer, the public key of the peer has to be retrieved from pluto_pubkeys and check if the keyed matches.<br />
A hash mush be computed <br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21377Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T07:50:51Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing it in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
To verify a signature from the peer, <br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21376Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T07:46:42Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21375Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T07:46:28Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
1. Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
2. Interoperability with Apple and Elvis Plus<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21374Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T07:45:33Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the keyid and ckaid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate respectively.<br />
<br />
2. Support for configuring authby=ecdsa<br />
Possible options for setting ecdsa as the public key to be used for Digital Signature Authentication with appropriate SHA2 hash algorithm are as follows :<br />
ecdsa/ecdsa-sha2_256, ecdsa-sha2_384, ecdsa-sha2_512<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21373Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T07:38:52Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the ckaid and keyid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21372Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-14T07:38:40Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
As per RFC-4754, ECDSA signatures are smaller than RSA signatures of similar cryptographic strength. <br />
ECDSA public keys (and certificates) are smaller than similar strength DSA keys, resulting in improved communications efficiency. <br />
Furthermore, on many platforms, ECDSA operations can be computed more quickly than similar strength RSA or DSA operations for a security analysis of key sizes across public key algorithms.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the ckaid and keyid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21368Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-13T23:52:01Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the ckaid and keyid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
== Additional Work during GSoC 2018==<br />
Implemented RSA-PSS (the work was started before GSoC 2018). The complete project page is here :<br />
https://libreswan.org/wiki/RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21367Student projects2018-08-13T23:49:12Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by Google summer of code<br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
* Status : Merged and released in Libreswan 3.25<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
* Status : Initial framework implemented and is found to be partly working. To overcome some issues to fully implement ECDSA.<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page: [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002<br />
<br />
<br />
= RFC 5685 IKEv2 Redirect Mechanism =<br />
<br />
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018<br />
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]<br />
* Status: Code pending review</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21366Student projects2018-08-13T23:47:16Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by Google summer of code<br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
* Status : Merged and released in Libreswan 3.25<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page: [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002<br />
<br />
<br />
= RFC 5685 IKEv2 Redirect Mechanism =<br />
<br />
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018<br />
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]<br />
* Status: Code pending review</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21365RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:46:17Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
RSASSA-PSS was developed in an effort to have more mathematically provable security. PKCS #1 v1.5 signatures were developed in an ad hoc manner;<br />
RSASSA-PSS was developed based on mathematical foundations.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 (if configured)<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
Interoperability test with Elvis Plus<br />
<br />
== Source code ==<br />
<br />
Code commit : https://github.com/libreswan/libreswan/commit/fd547b0<br />
<br />
Testing commit : https://github.com/libreswan/libreswan/commit/83fc58d<br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21364RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:43:10Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
RSASSA-PSS was developed in an effort to have more mathematically provable security. PKCS #1 v1.5 signatures were developed in an ad hoc manner;<br />
RSASSA-PSS was developed based on mathematical foundations.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 (if configured)<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
== Source code ==<br />
<br />
Code commit : https://github.com/libreswan/libreswan/commit/fd547b0<br />
<br />
Testing commit : https://github.com/libreswan/libreswan/commit/83fc58d<br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21363RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:40:46Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strong swan.<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 (if configured)<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
== Source code ==<br />
<br />
Code commit : https://github.com/libreswan/libreswan/commit/fd547b0<br />
<br />
Testing commit : https://github.com/libreswan/libreswan/commit/83fc58d<br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21362RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:39:54Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 (if configured)<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
<br />
== Source code ==<br />
<br />
Code commit : https://github.com/libreswan/libreswan/commit/fd547b0<br />
Testing commit : https://github.com/libreswan/libreswan/commit/83fc58d<br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21361RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:35:52Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 (if configured)<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
<br />
== Source code ==<br />
<br />
Code commit : <br />
Testing commit : <br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21360RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:35:15Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 -if configured<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
<br />
== Source code ==<br />
<br />
Code commit : <br />
Testing commit : <br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21359RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:35:01Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 -if configured<br />
Example : authby=rsa-sha2,rsasig - RSA with SHA1 and without Digital Signature Authentication<br />
<br />
<br />
== Source code ==<br />
<br />
Code commit : <br />
Testing commit : <br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21358RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-13T23:34:25Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
To make RSA with SHA2 as default and fall back to RSA with SHA1 (if configured)<br />
Example : authby=rsa-sha2,rsasig (RSA with SHA1 and without Digital Signature Authentication) <br />
<br />
<br />
== Source code ==<br />
<br />
Code commit : <br />
Testing commit : <br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21357Student projects2018-08-13T23:30:28Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by Google summer of code<br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page: [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002<br />
<br />
<br />
= RFC 5685 IKEv2 Redirect Mechanism =<br />
<br />
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018<br />
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]<br />
* Status: Code pending review</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21356Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-13T23:28:26Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c , x509.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm. This involves checking if a certificate is of type ecdsa and extracting the public key from it and storing in the NSS Database. Code changes are made to obtain the ckaid and keyid of the ECDSA public keys. These IDs are used to retrieve the public key from pluto secrets and extract the private key from the certificate.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
This part is not yet implemented fully as private key retrieval from certificates fails due <br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
Successful generation of ECDSA signature and verification of it through interoperability tests.<br />
<br />
== Source code ==<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters and Andrew Cagney<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21355Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-13T23:19:46Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21354Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-13T23:19:28Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
SECERR: 35 (0x23): Certificate extension not found.<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21353Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-13T23:19:07Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major code changes were done in ikev2_keys.c and secrets.c. New structures are defined for Private and public ECDSA key parameters.<br />
Most functions that had a specific check for rsa are now able to also handle ecdsa as public key algorithm.<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Signature generation through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
(SECERR: 35 (0x23): Certificate extension not found.)<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21352Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-13T23:14:16Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
Major changes in ikev2_keys.c and secrets.c to <br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
3. Signature Verification through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
NSS looks for specific x509v3 certificate extensions in the end certificates and It is unclear which one is exactly missing in the certificates being used.<br />
This error has be be debugged further (as there is little information from the nss logs): <br />
(SECERR: 35 (0x23): Certificate extension not found.)<br />
Due to this, the private key cannot be obtained through these APIs : PK11_FindKeyByKeyID and PK11_FindKeyByAnyCert<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21344RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-11T00:04:22Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=RSA-PSS_Support_in_compliance_with_RFC_7427_and_RFC_8247&diff=21343RSA-PSS Support in compliance with RFC 7427 and RFC 82472018-08-10T23:41:31Z<p>Sahana Prasad: Created page with " == Introduction == As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5. But RFC-..."</p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA v1.5.<br />
But RFC-8247, in section 3.2 Digital Signature Recommendations, mandates the support for RSASSA-PSS with SHA-256.<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Removing support of RSA v1.5 with SHA1 as Digital Signature Authentication method<br />
<br />
2. Support for SHA2 and its variants.<br />
authby =rsa-sha2, rsa-sha2_256, rsa-sha2_384,rsa-sha2_512<br />
authby = rsasig (old style RSA with SHA1 and without Digital Signature Authentication)<br />
<br />
3. Signature generation and Verification for RSA-PSS through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Student_projects&diff=21342Student projects2018-08-10T23:35:01Z<p>Sahana Prasad: </p>
<hr />
<div>= Introduction =<br />
<br />
The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]<br />
<br />
Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.<br />
<br />
<br />
<br />
= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017<br />
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]<br />
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures<br />
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651<br />
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a<br />
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853<br />
<br />
=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=<br />
* Student: Sahana Prasad - sponsored by <br />
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]<br />
<br />
=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=<br />
<br />
* Student: Sahana Prasad - sponsored by Google Summer of Code 2018<br />
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]<br />
<br />
<br />
= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =<br />
<br />
* Student: Mayank Totale - sponsored by Google Summer of Code 2017<br />
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]<br />
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc<br />
<br />
<br />
= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =<br />
<br />
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017<br />
* Project Page [[ Postquantum Preshared Keys ]]<br />
* Status: Passed vendor interop testing<br />
* Code: Merged and released in libreswan 3.23<br />
<br />
=== Code and Testing commits ===<br />
<br />
* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac<br />
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21341Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-10T23:29:49Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
3. Signature generation and Verification through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
<br />
<br />
== Future work ==<br />
<br />
<br />
<br />
== Source code ==<br />
<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2018 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasadhttps://libreswan.org/wiki/index.php?title=Extend_RFC-7427_Signature_Authentication_support_to_IKEv2_with_ECDSA&diff=21340Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA2018-08-10T22:49:59Z<p>Sahana Prasad: </p>
<hr />
<div><br />
== Introduction ==<br />
<br />
As part of Google summer of Code work in 2017 described in , RFC-7427 Digital Signature Authentication was implemented with support for RSA. This work is an extension to support ECDSA. Implementation of ECDSA requires the modification of the existing Libreswan public key code to fix the RSA only parts so that it is able to accept different new types of keys in the future ( not just limited to ECDSA ). This will ensure compliance to RFC-7427 and RFC-8247.<br />
<br />
<br />
== Implementation ==<br />
<br />
To make Libreswan RFC 7427 and RFC 8247 compliant, the following items have been implemented :<br />
<br />
1. Fixing the RSA only public key code<br />
<br />
2. Support for configuring authby=ecdsa<br />
<br />
3. Signature generation and Verification through NSS APIs<br />
<br />
4. Test Suite changes<br />
<br />
The Test Suite was extended by adding test cases to verify feature functionality and perform interoperability tests with strongswan.<br />
<br />
== Issues encountered ==<br />
[https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc4307bis/ The RFC 4307bis] mandates the usage of RSASSA-PSS along with Digital Signature Authentication. However the older flavour PKCS v1.5 may still be supported. But a way to indicate to the peer, which flavour of RSA should be used is not yet described. Since no other client supports RSASSA-PSS, interoperability tests cannot be performed.<br />
<br />
== Future work ==<br />
<br />
* Support for Signature algorithms ECDSA and RSASSA-PSS <br />
Implementation of ECDSA requires the extension of the Libreswan's public key code to remove the hardwiring for RSA. Implementation of RSASSA-PSS would have to use different NSS library method call. The implementation is waiting for [https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc4307bis/ RFC 4307bis] to clarify the usage of PSS.<br />
<br />
* Support for Hash algorithm SHA-2.<br />
SHA2 needs an extended parser for the authby = keyword, in ipsec.conf.<br />
<br />
== Source code ==<br />
<br />
[https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651 Feature implementation]<br />
<br />
[https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853 Addition and modification of test cases]<br />
<br />
This project work was sponsored by Google as part of the Google Summer of Code 2017 Program.<br />
The implementation for this project is done by Sahana Prasad (sahana.prasad07@gmail.com) under the tutelage of Paul Wouters.<br />
<br />
[[ Use Cases and Requirements document for ECC/ECDSA support ]]</div>Sahana Prasad