From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: OpenVPN patchset from Erik's input
Date: Wed, 22 Feb 2023 16:20:12 +0000
Message-ID: <2E0DC5BA-D756-42A6-9FF7-D95ACB12A699@ipfire.org>
In-Reply-To: <fc139447-5bdd-e1f7-4b85-3c0486530c06@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0406915310036019273=="
List-Id: <development.lists.ipfire.org>

--===============0406915310036019273==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello,

> On 22 Feb 2023, at 13:15, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>=20
> Hi All,
>=20
> Followup re the Blake2 question.
>=20
> On 22/02/2023 13:54, Adolf Belka wrote:
>> Hi Michael,
>>=20
>> On 22/02/2023 12:21, Michael Tremer wrote:
>>> Hello Adolf,
>>>=20
>>>> On 17 Feb 2023, at 11:46, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>=20
>>>> Hi All,
>>>>=20
>>>>=20
>>>> I got Erik's OpenVPN patchset from some time ago and have created an upd=
ated patchset based on the current state of IPFire.
>>>=20
>>> Okay. So I suppose it all applied well or you were able to fix any merge =
conflicts.
>> I had to end up applying all the patches manually. There were enough chang=
es with the OTP stuff plus the change to the system commands that many Hunks =
failed to apply plus I found one hunk that applied in the wrong place.
>>=20
>> So manual application just seemed the most secure if a bit long winded app=
roach. That was why I created the new patch set because that is now based on =
next so any changes can be done relative to that patch set.
>>>=20
>>>> I applied those changes to ovpnmain.cgi and en.pl and installed them int=
o a vm clone on my testbed.
>>>>=20
>>>> Here are some images of the changes. Basically the ciphers are moved fro=
m the main page to an additional ciphers page.
>>>=20
>>> Yes, this is something the user ideally does not need to change. I would =
actually not hesitate too much to just hardcode something as 99% of people wi=
ll be on the same settings.
>>>=20
>>> However, I do not understand why there are different options for the cont=
rol and data channel. I do not see any reason why I would want different sett=
ings because I either support a certain cipher or I don=E2=80=99t. If I consi=
der my data channel =E2=80=9Cless important=E2=80=9D or need more throughput =
and use AES-128 instead of AES-256, then what is the benefit of keeping the c=
ontrol channel on AES-256?
>>>=20
>>> Then there is labelling which isn=E2=80=99t clear to me. I suppose it wor=
ks as follows:
>>>=20
>>> Data Channel is the new setting. It should in theory be possible to selec=
t multiple options.
>>>=20
>>> Data Channel fallback seems to be what used to be on the front page befor=
e and it should only allow to pick one option. If that is the case, then I be=
lieve that the UI suggests otherwise. This setting will then also go away wit=
h OpenVPN 2.6.0. Is that correct?
>> That is what I would read it as. I will check if more than one option can =
be selected in the fallback set.
>>>=20
>>> On the control channel the options are mislabeled. I suppose TLSv3 should=
 be TLSv1.3 and TLSv2 should be TLSv1.2 and possible less?!
>> That sounds like what is intended.
>>>=20
>>> I don=E2=80=99t really like it that there are two boxes, but since TLSv1.=
3 does not support many of the cipher suites that TLSv1.2 supports, there mig=
ht be no easy way around it. TLSv1.2 is on its way out, so we won=E2=80=99t n=
eed to support this for forever hopefully.
>>>=20
>>> Authentication: If there is only one option, the <select> tag should not =
look like it does currently where it suggests that multiple options can be se=
lected at the same time.
>> I am also not sure if all are needed. I will need to check if TLS-Auth no =
longer works with the TLSv1.3. TLS-Auth is what is currently working and I ha=
ven't seen anything suggesting it is deprecated. SHA2 512 bit seems strong en=
ough for the moment and is not at risk from being broken as far as I am aware=
. I would just remove the SHA1 has as that is definitely not recommended any =
more.
>> It would be simpler and easier if that stayed just with TLS-Auth if that w=
orks with TLSv1.3. I will check into that.
>>>=20
>>> What does 64-bit/8-32bit optimised mean for Blake2?
>> I have no idea.
>>>=20
> Blake2 comes in two formats.
>=20
> Blake2b which is typically just referred to as Blake2 which has been optimi=
sed for 64 bit platforms and produces digests of any size between 1 and 64 by=
tes.
>=20
> Blake2s is optimised for 8 to 32 bit platforms and produces digests of any =
size between 1 and 32 bytes.
>=20
> The above found on the blake2.net website
>=20
> As far as I understand the fact that Blake2 is optimised for 64 bit systems=
 means that it has a 512 bit capability and for Blake2s the 32 bit max means =
that it has a 256 bit capability. Therefore it would seem we only need Blake2=
 256bit or Blake2 512 bit and not the remaining words.

Well, this is still not really information that we need to give our users. We=
 don=E2=80=99t talk about the block size of AES still being 128 bit even when=
 the key is 256 bit long.

I am not even sure why we want to support BLAKE2 at all since there is so muc=
h competition, but that is another topic.

If possible, and yes it is cryptography, I would like to keep the UI as simpl=
e as possible.

>>> Why is there an extra button for the encryption settings? Why is this not=
 part of the advanced options?
>> I don't know but putting it all on the advanced options page wouldn't be t=
oo difficult ( says he keeping he fingers well crossed).
>>>=20
>>>> 1st image is current status of the main page, 2nd image is the modified =
main page and the 3rd is the Advanced Encryption settings page.
>>>>=20
>>>> I will also upload the updated patches to my ipfire git repo
>>>>=20
>>>> https://git.ipfire.org/?p=3Dpeople/bonnietwin/ipfire-2.x.git;a=3Dsummary
>>>=20
>>> So this is a good start, but the UI is not making this process easy.
>>>=20
>>> I had a brief look at the code and it looks okay. Our CGIs are quite mess=
y anyways, so I do not think it is worth adding the most polished code here :=
) This should not mean that we can just do whatever because we are just makin=
g future changes even more difficult for ourselves.
>>>=20
>>> I didn=E2=80=99t apply this to my system and test. Did you do this? Does =
it work with various client version of OpenVPN?
>> I put it onto a vm clone on my system to get the screenshots. I haven't te=
sted various options yet as I have been a bit busy with clearing out some bug=
s but I will do that and report back on it.
>> My only problem with that is that all my clients are up to date so I don't=
 have any that would only work with older ciphers but at least I can check th=
at everything works with my Android phone and my Linux laptop with various ci=
phers etc selected.
>>=20
>> Regards,
>> Adolf
>>>=20
>>> -Michael
>>>=20
>>>>=20
>>>>=20
>>>> Regards,
>>>>=20
>>>> Adolf.
>>>>=20
>>>> <Screenshot - main page.png><Screenshot - modified main page.png><Screen=
shot - advanced encryptions settings page.png>
>>>=20
>>=20
>=20
> --=20
> Sent from my laptop



--===============0406915310036019273==--