From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH v3] OpenVPN: New AES-GCM cipher for N2N and RW
Date: Sun, 25 Feb 2018 17:06:10 +0000
Message-ID: <1519578370.24148.1.camel@ipfire.org>
In-Reply-To: <1519566589-18901-1-git-send-email-erik.kapfer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1740316627408253418=="
List-Id: <development.lists.ipfire.org>

--===============1740316627408253418==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

I suppose this looks alright.

Does OpenVPN 2.4 support ChaCha20-Poly1305, too?

-Michael

On Sun, 2018-02-25 at 14:49 +0100, Erik Kapfer via Development wrote:
> AES-GCM 128, 196 and 256 bit has been added to Net-to-Net and Roadwarrior s=
ection.
>=20
> HMAC selection for N2N will be disabled if AES-GCM is used since GCM provid=
es an own message authentication (GMAC).
>     'auth *' line in N2N.conf will be deleted appropriately if AES-GCM is u=
sed since '--tls-auth' is not available for N2N.
> HMAC selection menu for Roadwarriors is still available since '--tls-auth' =
is available for RWs
>     which uses the configuered HMAC even AES-GCM has been applied.
>=20
> Signed-off-by: Erik Kapfer <erik.kapfer(a)ipfire.org>
> ---
>  html/cgi-bin/ovpnmain.cgi | 84 ++++++++++++++++++++++++++++++++++++++-----=
----
>  1 file changed, 69 insertions(+), 15 deletions(-)
>=20
> diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
> index c52e8ba..ff3d055 100644
> --- a/html/cgi-bin/ovpnmain.cgi
> +++ b/html/cgi-bin/ovpnmain.cgi
> @@ -970,12 +970,18 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams=
{'NAME'}"){mkdir "${General
>    print SERVERCONF "dh ${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}\n";
>    print SERVERCONF "# Cipher\n";=20
>    print SERVERCONF "cipher $cgiparams{'DCIPHER'}\n";
> -  if ($cgiparams{'DAUTH'} eq '') {
> -	print SERVERCONF "auth SHA1\n";
> +
> +  # If GCM cipher is used, do not use --auth
> +  if (($cgiparams{'DCIPHER'} eq 'AES-256-GCM') ||
> +      ($cgiparams{'DCIPHER'} eq 'AES-192-GCM') ||
> +      ($cgiparams{'DCIPHER'} eq 'AES-128-GCM')) {
> +    print SERVERCONF unless "# HMAC algorithm\n";
> +    print SERVERCONF unless "auth $cgiparams{'DAUTH'}\n";
>    } else {
> -	print SERVERCONF "# HMAC algorithm\n";
> -	print SERVERCONF "auth $cgiparams{'DAUTH'}\n";
> +    print SERVERCONF "# HMAC algorithm\n";
> +    print SERVERCONF "auth $cgiparams{'DAUTH'}\n";
>    }
> +
>    if ($cgiparams{'COMPLZO'} eq 'on') {
>     print SERVERCONF "# Enable Compression\n";
>     print SERVERCONF "comp-lzo\n";
> @@ -1076,12 +1082,18 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgipara=
ms{'NAME'}"){mkdir "${General
>    print CLIENTCONF "# Cipher\n";=20
>    print CLIENTCONF "cipher $cgiparams{'DCIPHER'}\n";
>    print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$cgiparams{'NAME'=
}.p12\r\n";
> -  if ($cgiparams{'DAUTH'} eq '') {
> -	print CLIENTCONF "auth SHA1\n";
> +
> +  # If GCM cipher is used, do not use --auth
> +  if (($cgiparams{'DCIPHER'} eq 'AES-256-GCM') ||
> +      ($cgiparams{'DCIPHER'} eq 'AES-192-GCM') ||
> +      ($cgiparams{'DCIPHER'} eq 'AES-128-GCM')) {
> +    print CLIENTCONF unless "# HMAC algorithm\n";
> +    print CLIENTCONF unless "auth $cgiparams{'DAUTH'}\n";
>    } else {
> -	print CLIENTCONF "# HMAC algorithm\n";
> -	print CLIENTCONF "auth $cgiparams{'DAUTH'}\n";
> +    print CLIENTCONF "# HMAC algorithm\n";
> +    print CLIENTCONF "auth $cgiparams{'DAUTH'}\n";
>    }
> +
>    if ($cgiparams{'COMPLZO'} eq 'on') {
>     print CLIENTCONF "# Enable Compression\n";
>     print CLIENTCONF "comp-lzo\n";
> @@ -2198,13 +2210,18 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
>  	 print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$confighash{$cgip=
arams{'KEY'}}[1].p12\r\n";
>       $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{=
'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add f=
ile $confighash{$cgiparams{'KEY'}}[1].p12\n";
>     }
> -   if ($confighash{$cgiparams{'KEY'}}[39] eq '') {
> -	print CLIENTCONF "# HMAC algorithm\n";
> -	print CLIENTCONF "auth SHA1\n";
> +
> +   # If GCM cipher is used, do not use --auth
> +   if (($confighash{$cgiparams{'KEY'}}[40] eq 'AES-256-GCM') ||
> +       ($confighash{$cgiparams{'KEY'}}[40] eq 'AES-192-GCM') ||
> +       ($confighash{$cgiparams{'KEY'}}[40] eq 'AES-128-GCM')) {
> +        print CLIENTCONF unless "# HMAC algorithm\n";
> +        print CLIENTCONF unless "auth $confighash{$cgiparams{'KEY'}}[39]\n=
";
>     } else {
> -   print CLIENTCONF "# HMAC algorithm\n";
> -   print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n";
> +        print CLIENTCONF "# HMAC algorithm\n";
> +        print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n";
>     }
> +
>     if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
>     print CLIENTCONF "# Enable Compression\n";
>     print CLIENTCONF "comp-lzo\n";
> @@ -4544,6 +4561,9 @@ if ($cgiparams{'TYPE'} eq 'net') {
>      }
>      $checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} =3D 'checked=
=3D\'checked\'';
> =20
> +    $selected{'DCIPHER'}{'AES-256-GCM'} =3D '';
> +    $selected{'DCIPHER'}{'AES-192-GCM'} =3D '';
> +    $selected{'DCIPHER'}{'AES-128-GCM'} =3D '';
>      $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} =3D '';
>      $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} =3D '';
>      $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} =3D '';
> @@ -4629,6 +4649,15 @@ if ($cgiparams{'TYPE'} eq 'net') {
>  	    } else {
>  		print "<td width=3D'25%'><input type=3D'text' name=3D'NAME' value=3D'$cg=
iparams{'NAME'}' maxlength=3D'20' /></td>";
>  	    }
> +
> +		# If GCM ciphers are in usage, HMAC menu is disabled
> +		my $hmacdisabled;
> +		if (($confighash{$cgiparams{'KEY'}}[40] eq 'AES-256-GCM') ||
> +			($confighash{$cgiparams{'KEY'}}[40] eq 'AES-192-GCM') ||
> +			($confighash{$cgiparams{'KEY'}}[40] eq 'AES-128-GCM')) {
> +				$hmacdisabled =3D "disabled=3D'disabled'";
> +		};
> +
>  	    print <<END;
>  		    <td width=3D'25%'>&nbsp;</td>
>  		    <td width=3D'25%'>&nbsp;</td></tr>=09
> @@ -4707,7 +4736,10 @@ if ($cgiparams{'TYPE'} eq 'net') {
>  	</tr>
> =20
>  	<tr><td class=3D'boldbase'>$Lang::tr{'cipher'}</td>
> -		<td><select name=3D'DCIPHER'>
> +		<td><select name=3D'DCIPHER'  id=3D"n2ncipher" required>
> +				<option value=3D'AES-256-GCM'		$selected{'DCIPHER'}{'AES-256-GCM'}>AES=
-GCM (256 $Lang::tr{'bit'})</option>
> +				<option value=3D'AES-192-GCM'		$selected{'DCIPHER'}{'AES-192-GCM'}>AES=
-GCM (192 $Lang::tr{'bit'})</option>
> +				<option value=3D'AES-128-GCM'		$selected{'DCIPHER'}{'AES-128-GCM'}>AES=
-GCM (128 $Lang::tr{'bit'})</option>
>  				<option value=3D'CAMELLIA-256-CBC'	$selected{'DCIPHER'}{'CAMELLIA-256-=
CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
>  				<option value=3D'CAMELLIA-192-CBC'	$selected{'DCIPHER'}{'CAMELLIA-192-=
CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
>  				<option value=3D'CAMELLIA-128-CBC'	$selected{'DCIPHER'}{'CAMELLIA-128-=
CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
> @@ -4724,7 +4756,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
>  		</td>
> =20
>  		<td class=3D'boldbase'>$Lang::tr{'ovpn ha'}:</td>
> -		<td><select name=3D'DAUTH'>
> +		<td><select name=3D'DAUTH' id=3D"n2nhmac" $hmacdisabled>
>  				<option value=3D'whirlpool'		$selected{'DAUTH'}{'whirlpool'}>Whirlpool=
 (512 $Lang::tr{'bit'})</option>
>  				<option value=3D'SHA512'			$selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lan=
g::tr{'bit'})</option>
>  				<option value=3D'SHA384'			$selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lan=
g::tr{'bit'})</option>
> @@ -4738,6 +4770,22 @@ if ($cgiparams{'TYPE'} eq 'net') {
>  END
>  ;
>  	}
> +
> +#### JAVA SCRIPT ####
> +# Validate N2N cipher. If GCM will be used, HMAC menu will be disabled onc=
hange
> +print<<END;
> +	<script>
> +		var disable_options =3D false;
> +		document.getElementById('n2ncipher').onchange =3D function () {
> +			if((this.value =3D=3D "AES-256-GCM"||this.value =3D=3D "AES-192-GCM"||t=
his.value =3D=3D "AES-128-GCM")) {
> +				document.getElementById('n2nhmac').setAttribute('disabled', true);
> +			} else {
> +				document.getElementById('n2nhmac').removeAttribute('disabled');
> +			}
> +		}
> +	</script>
> +END
> +
>  #jumper
>  	print "<tr><td class=3D'boldbase'>$Lang::tr{'remark title'}</td>";
>  	print "<td colspan=3D'3'><input type=3D'text' name=3D'REMARK' value=3D'$c=
giparams{'REMARK'}' size=3D'55' maxlength=3D'50' /></td></tr></table>";
> @@ -5109,6 +5157,9 @@ END
>      $selected{'DPROTOCOL'}{'tcp'} =3D '';
>      $selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} =3D 'SELECTED';
> =20
> +    $selected{'DCIPHER'}{'AES-256-GCM'} =3D '';
> +    $selected{'DCIPHER'}{'AES-192-GCM'} =3D '';
> +    $selected{'DCIPHER'}{'AES-128-GCM'} =3D '';
>      $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} =3D '';
>      $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} =3D '';
>      $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} =3D '';
> @@ -5205,6 +5256,9 @@ END
> =20
>  		<td class=3D'boldbase' nowrap=3D'nowrap'>$Lang::tr{'cipher'}</td>
>  		<td><select name=3D'DCIPHER'>
> +				<option value=3D'AES-256-GCM' $selected{'DCIPHER'}{'AES-256-GCM'}>AES-=
GCM (256 $Lang::tr{'bit'})</option>
> +				<option value=3D'AES-192-GCM' $selected{'DCIPHER'}{'AES-192-GCM'}>AES-=
GCM (192 $Lang::tr{'bit'})</option>
> +				<option value=3D'AES-128-GCM' $selected{'DCIPHER'}{'AES-128-GCM'}>AES-=
GCM (128 $Lang::tr{'bit'})</option>
>  				<option value=3D'CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-=
CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
>  				<option value=3D'CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-=
CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
>  				<option value=3D'CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-=
CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>

--===============1740316627408253418==--