microsoft / pqcrypto-vpn Goto Github PK

View Code? Open in Web Editor NEW

309.0 32.0 72.0 5.93 MB

Post-quantum Cryptography VPN

Home Page: https://www.microsoft.com/research/project/post-quantum-crypto-vpn/

License: MIT License

Python 19.09% Shell 14.07% Perl 64.27% CSS 0.55% Dockerfile 2.03%

post-quantum openvpn

pqcrypto-vpn's Introduction

Thank you for your interest! This project is no longer active. Please see the OpenVPN demo at the Open Quantum Safe project for an up-to-date PQ-enabled version of OpenVPN.

Welcome to the PQCrypto-VPN project!

Please start with our project page at Microsoft Research for an overview of this project.

This project takes a fork of the OpenVPN software and combines it with post-quantum cryptography. In this way, we can test these algorithms with VPNs, evaluating functionality and performance of the quantum resistant cryptography. Because this project is experimental, it should not be used to protect sensitive data or communications at this time. Further cryptanalysis and research must first be done over the next few years to determine which algorithms are truly post-quantum safe.

This work is sponsored by Microsoft Research Security and Cryptography, as part of our post-quantum cryptography project. Along with academic and industry collaborators, we have designed the following algorithms and contributed them to the Open Quantum Safe project and are usable in this fork of OpenVPN:

Frodo: a key exchange protocol based on the learning with errors problem
SIDH: a key exchange protocol based on Supersingular Isogeny Diffie-Hellman
Picnic: a signature algorithm using symmetric-key primitives and non-interactive zero-knowledge proofs
qTESLA: a signature algorithm based on the ring learning with errors problem

We will also enable other ciphersuites as much as we are able to make them work. Our OpenVPN fork depends on the Open Quantum Safe project fork of OpenSSL, so contributors looking to add support for a new algorithm should ensure it is supported by Open Quantum Safe.

We also provide software and instructions for building a post-quantum secure VPN appliance with a Raspberry Pi 3. The device acts as a WiFi access point, and tunnels all of its traffic over the post-quantum VPN. This has two main advantages when compared to using a VPN client on the device. First, installing VPN client software is not required. Second, using VPN software can be error prone, and not all traffic will be protected if there are configuration errors. With a hardware device, all devices connecting to it get post-quantum security transparently. See the pqap directory, and the README file there for more information.

Releases

Please see our releases page for pre-built binaries for both Windows and Ubuntu Linux.

Tell us what you think

For bug reports, feature requests, and other issues with the code itself, please raise them in our issues tracker. For pull requests, please see the next section on Contributing. For other feedback, questions, comments, or anything else you'd like to tell us, you can talk to us at [email protected].

Prerequisites

To run the binaries: either Ubuntu Linux 18.04 or newer, or Windows 10. Only 64-bit operating systems are supported.
To build the source: Ubuntu Linux 18.04. Newer versions of Ubuntu are likely to also be fine, but we have not tested them.

OpenVPN for Windows does not build natively on Windows; it is only cross-compiled on Linux. Therefore all building from source must be done on Linux.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA, so if you have already signed a CLA with Microsoft for another project, that covers contributions to us as well.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

Cloning

Our build relies on Git submodules for the sources to OQS-OpenSSL and OpenVPN. When cloning, be sure to use the --recurse-submodules option to git clone. If you forget, you should be able to run git submodule init followed by git submodule update to retrieve the submodules after a clone. For your convenience, here is a full clone command:

git clone --recurse-submodules https://github.com/microsoft/PQCrypto-VPN.git

Build Process Overview

Following OpenVPN's build process, binaries for both Linux and Windows are produced by a Linux-based build system that cross-compiles for Windows. Our build process first builds liboqs and the Open Quantum Safe fork of OpenSSL, and then our version of OpenVPN which uses them.

There is one Python script for running the build:

build.py: This does a full build of everything on Linux: both Linux and Windows versions of liboqs, OpenSSL, OpenVPN, and on Windows only, OpenVPN-GUI. The outputs of the build process are a gzipped tarball that can be unpacked onto an Ubuntu Linux system, and a Windows installer executable for installing on 64-bit Windows.

See the comments at the top of build.py for a list of prerequisite packages that must be installed before building. There is also a Dockerfile in openvpn/build/docker to build the installers in a container.

Previous versions of PQCrypto-VPN required OpenSSL ot be built on Windows, but now cross-compilation on Linux is supported there as well. As a result, our entire build process runs only on Linux, and we no longer require doing part of the build process on Windows nor are dependent on the Visual C++ Runtime Redistributable DLLs.

Subprojects

To enable our build of OpenVPN, we have forks of three OpenVPN GitHub repos that we have modified to enable this functionality. Pull requests are welcomed in these subprojects as well. The same requirements to sign a CLA apply to these repos.

Please open all issues here on the PQCrypto-VPN project.

Open Quantum Safe's implementations of the algorithms are in their liboqs library, which is consumed by the OpenSSL fork below.

https://github.com/open-quantum-safe/liboqs

We also use the OpenSSL fork maintained by the Open Quantum Safe Project for the implementations of the algorithms themselves. As we work closely with OQS, we do not maintain our own fork of their code. They also welcome opening issues and pull requests directly at their project.

https://github.com/open-quantum-safe/openssl

Setup instructions

The setup instructions are the same whether you download our pre-made binaries, or if you build them yourself.

Windows client

After running the installer executable, you will need to create a configuration file. This can be located anywhere, though OpenVPN-GUI uses %USERPROFILE%\OpenVPN\config. Samples have beeen provided in the openvpn\config directory:

client-win.ovpn: Client authenticating with a certificate
client-passdb.ovpn: Client authenticating with a username/password. This sample configuration file is based on Linux, so you will need to adjust the pathnames for a Windows host.

The tunnel can then be established by running OpenVPN-GUI, right-clicking on its system tray icon, selecting the configuration file, and choosing Connect. OpenVPN can be run from an elevated command prompt, just like on Linux; see the Linux instructions below if you prefer this method.

Linux client or server

Unpack pq-openvpn-linux-staged.tgz from the root directory as root. This will drop the installation in /usr/local/openvpn as well as an automatic startup script suitable for Ubuntu hosts running systemd.

Optional: If you are configuring a server and want OpenVPN to start automatically at boot, run the initialsetup.sh script installed in the /usr/local/openvpn/sbin directory. We recommend you only do this when you have thoroughly tested your configuration.

You then need to create a configuration file. If running a server, the automatic start scripts expect this to be called server.ovpn and located in /usr/local/openvpn/etc. If you are running a client or a server from the command line, it can be called whatever you want as you will provide the configuration filename when starting OpenVPN. The following samples have been provided in the openvpn/config directory:

client.ovpn: Client authenticating with a certificate
client-passdb.ovpn: Client authenticating with a username/password
server.ovpn: Server only accepting client certificate authentication
server-passdb.ovpn: Server only accepting username/password authentication

The ecdh-curve configuration directive is used to select the key exchange algorithm and must be present to guarantee a post-quantum algorithm is selected. You can see the list of valid choices from the list of supported algorithms at OQS's OpenSSL fork here: https://github.com/open-quantum-safe/openssl#supported-algorithms

If no ecdh-curve directive is present, p256_sikep434 is chosen by default. If present, the ecdh-curve directive must agree on both client and server, or a session will fail to negotiate. It is possible to pick a non-post quantum algorithm from the list of all algorithms supported by OpenSSL; make sure only to select choices from the list linked above to ensure use of a post-quantum key exchange.

The authentication algorithm depends on the types of certificates provided as part of the configuration. You can use classical signature algorithms (like RSA or ECDSA), but these are not post-quantum. See the instructions in openvpn/config/picnic-pki.md for creating certificates using Picnic-L1FS as the signature algorithm as one post-quantum option. See the above list of supported algorithms for post-quantum signature algorithms.

OpenVPN is then started by running from a root command prompt:

/usr/local/openvpn/sbin/openvpn --config <config file name>

This will keep OpenVPN running in the foreground and keep control of your terminal. You can safely terminate OpenVPN by typing Control-C; OpenVPN will clean up its network setup before exiting. You can add the --daemon to the command line or daemon to the configuration file to make it go into the background, and you can then use kill to send its process a signal to terminate when desired.

Setting up username/password authentication on a Linux server

This setup uses the host's built-in username and password database for authentication as an expedient method of authentication. Any valid user presenting a correct password will be able to authenticate and connect.

Suggested procedure for creating a user that can't log into the host but can authenticate to OpenVPN with these settings:

useradd -c "<User Full Name Here>" -d /usr/local/openvpn -s /bin/false <username>

passwd <username>

<username> and <User Full Name Here> are user-specific inputs. The above example assumes ${INSTALL_ROOT} is /usr/local/openvpn; modify as needed if the path is different. It is critical that whatever follows the -s parameter does NOT appear in the /etc/shells file on the host; /bin/false should never be in there.

For additional security, in /etc/ssh/sshd_config should be the line PasswordAuthentication no to prevent any password authentication. This appears to be the default for Azure VMs but not for regular Linux hosts. This will, of course, require using public key authentication for administrators to log into the host directly. If password authentication to the host is required, create a group for OpenVPN users and then instruct the SSH server to deny logins to that group as follows as root:

groupadd openvpn
Add a -g openvpn argument to the useradd command above
Add a DenyGroups openvpn directive to /etc/ssh/sshd_config

Already-created users can be retroactively added to this group with usermod -a -G openvpn <username>.

Although having /bin/false as the shell should prevent users from doing anything, denying the group will make the SSH return an authentication failure; not having this will cause the authentication to succeed, but when the host executes /bin/false as the shell, it will return immediately and the connection should then close. But since SSH allows authenticated users to do a number of things like open network tunnels without starting a shell, SSH access should be explicitly denied to prevent any functionality being invoked by a successful authentication.

Setting up certificate authentication

The process of setting up RSA-signed certificates for client and server authentication is the same for regular OpenVPN, and so we refer you to their excellent instructions for setting up a Certificate Authority (CA) and issuing certificates. Even if you use username/password authentication for clients, servers must still have a certificate, and the certificate of the CA must be provided to clients.

The analogous process for Picnic-signed certificates is described in in openvpn/config/picnic-pki.md. This uses the OpenSSL command line tool from the Open Quantum Safe fork of OpenSSL.

Known Issues

Only the server currently lists the key exchange algorithm used in its log output as "group_id", and it is only listed by the OpenSSL numerical identifier, which we realize is not very user-friendly. After the group_id value will be a message that says either (post-quantum key exchange) or (NOT post-quantum key exchange) to address this. OpenSSL does not expose the necessary API surface to obtain this information on the client.

Although the p256_sikep434 hybrid key exchange is chosen by default, it is possible to choose a non-post quantum key exchange with the ecdh-curve configuration directive. We have chosen this default and provided ample documentation to ensure as much as possible that a non-post quantum key exchange is not selected accidentally.

The Open Quantum Safe fork of OpenSSL only provides post-quantum algorithms for TLS 1.3 connections. Use of TLS 1.2 or earlier has no post-quantum algorithms. Therefore, it is vital the tls-version-min 1.3 directive is always present in configuration files to ensure clients and servers never fall back to older versions of TLS.

pqcrypto-vpn's People

Contributors

Stargazers

Watchers

Forkers

dconnolly techlord-rce sctnightcore cybermonitor devilcoder vug1uskr otakumonster nicolas040 stowage d4r5c0d3 siriusanalyst minabarret northeastwolf myqiuyun wangqiaozi zoltanharmath superf0sh mblackbourne nuzumco nuzumglobal luckyginger seamaster300 lazerhawk dgotrik cobra16319 stjordanis rythmosadvisory wadx2019 jittrfunc lrubens iqranaz240 suvrajeet01 pu55yf3r prchander bhaskers-blu-org2 yeswici 5l1v3r1 taffywrinkle claudiusgonzo geovandro jartlov 00mjk m-jabari global-localhost global19 global19-atlassian-net open-qkd-network sycomix bpanicker13 pickkaa hhy5277 digital-startup librechain xshengshe vojtechsu leancssmbb ashleshaatrey laichis pantyhose-x laplacekorea marcus-arcadius yuanmabiji adityakoranga imhojeong viper3784 v41bh4v ujjwalmsft foodchain1028 thecoder0xff filip2142

pqcrypto-vpn's Issues

Instructions for more/all liboqs algorithms support (KEMs and signature)

Kevin,
Within this link I found that there are instructions on how to implement at code/compile-level those liboqs algorithms you want, who are not (currently) included in the oqs-openssl forks. There seem to be two ways to achieve that. I propose for the full liboqs list support of algorithms (KEMs and signatures) so those interested may have the widest possible range of options and ability to test the algorithms.

Also I confirm that I have tested all the oqs-openssl signature schemes and all of them are working on my Windows build (which is the exact latest since I am always checking the devel repo for updates)

It would be great if you would implement the total range of algorithms, in the end, the more the options the better the cryptography result. Please let us know of your thoughts on this possibility.

Best regards!

Add command-line parameters to skip either the Linux or Windows build

Default build will remain both, but this will allow skipping one build in private builds as suggested in #15.

build error

ninja: error: manifest 'build.ninja' still dirty after 100 tries

dev1.3 branch, build error

I tried building in a docker container and I get this error following the instructions on the readme for the new branch. Since I am building in Linux the build should not fail if the windows-building-process fails.

Also, is nsis really required? Can we get rid of it? :)

Edit 1: I build on alpine base image, not ubuntu or the one in the repo.

Error message

Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/liboqs.tar.gz'
Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/lzo-2.10.tar.gz'
Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/openssl-oqs.tar.gz'
Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/openvpn-2.4.8.tar.gz'
Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/openvpn-gui-11.tar.gz'
Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/pkcs11-helper-1.22.tar.bz2'
Extract '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/tap-windows-9.24.2.zip'
Archive:  /opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/sources/tap-windows-9.24.2.zip
   creating: tap-windows-9.24.2/
   creating: tap-windows-9.24.2/arm64/
  inflating: tap-windows-9.24.2/arm64/tapinstall.exe
  inflating: tap-windows-9.24.2/arm64/tap0901.cat
  inflating: tap-windows-9.24.2/arm64/tap0901.sys
  inflating: tap-windows-9.24.2/arm64/OemVista.inf
   creating: tap-windows-9.24.2/include/
  inflating: tap-windows-9.24.2/include/tap-windows.h
   creating: tap-windows-9.24.2/amd64/
  inflating: tap-windows-9.24.2/amd64/tapinstall.exe
  inflating: tap-windows-9.24.2/amd64/tap0901.cat
  inflating: tap-windows-9.24.2/amd64/tap0901.sys
  inflating: tap-windows-9.24.2/amd64/OemVista.inf
   creating: tap-windows-9.24.2/i386/
  inflating: tap-windows-9.24.2/i386/tapinstall.exe
  inflating: tap-windows-9.24.2/i386/tap0901.cat
  inflating: tap-windows-9.24.2/i386/tap0901.sys
  inflating: tap-windows-9.24.2/i386/OemVista.inf
Patch: '/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/generic/patches/pkcs11-helper-001-RFC7512.patch'
patching file lib/pkcs11h-serialization.c
patching file lib/pkcs11h-util.c
Build liboqs
-- The C compiler identification is GNU 8.3.0
-- The ASM compiler identification is GNU
-- Found assembler: /usr/bin/x86_64-w64-mingw32-gcc
-- Check for working C compiler: /usr/bin/x86_64-w64-mingw32-gcc
-- Check for working C compiler: /usr/bin/x86_64-w64-mingw32-gcc -- broken
CMake Error at /usr/share/cmake/Modules/CMakeTestCCompiler.cmake:60 (message):
  The C compiler

    "/usr/bin/x86_64-w64-mingw32-gcc"

  is not able to compile a simple test program.

  It fails with the following output:

    Change Dir: /opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/tmp/build-x86_64/liboqs/build-win/CMakeFiles/CMakeTmp
    
    Run Build Command(s):/usr/bin/ninja cmTC_38761 && [1/2] Building C object CMakeFiles/cmTC_38761.dir/testCCompiler.c.obj
    [2/2] Linking C executable cmTC_38761.exe
    FAILED: cmTC_38761.exe 
    : && /usr/bin/x86_64-w64-mingw32-gcc -Wl,--dynamicbase,--nxcompat   CMakeFiles/cmTC_38761.dir/testCCompiler.c.obj  -o cmTC_38761.exe -Wl,--out-implib,libcmTC_38761.dll.a -Wl,--major-image-version,0,--minor-image-version,0  -lkernel32 -luser32 -lgdi32 -lwinspool -lshell32 -lole32 -loleaut32 -luuid -lcomdlg32 -ladvapi32 && :
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find crt2.o: No such file or directory
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find crtbegin.o: No such file or directory
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lkernel32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -luser32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lgdi32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lwinspool
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lshell32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lole32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -loleaut32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -luuid
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lcomdlg32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -ladvapi32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmingw32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lgcc
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lgcc_eh
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmoldname
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmingwex
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmsvcrt
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -ladvapi32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lshell32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -luser32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lkernel32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmingw32
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lgcc
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lgcc_eh
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmoldname
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmingwex
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find -lmsvcrt
    /usr/lib/gcc/x86_64-w64-mingw32/8.3.0/../../../../x86_64-w64-mingw32/bin/ld: cannot find crtend.o: No such file or directory
    collect2: error: ld returned 1 exit status
    ninja: build stopped: subcommand failed.
    
    

  

  CMake will not be able to correctly generate this project.
Call Stack (most recent call first):
  CMakeLists.txt:4 (project)


-- Configuring incomplete, errors occurred!
See also "/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/tmp/build-x86_64/liboqs/build-win/CMakeFiles/CMakeOutput.log".
See also "/opt/PQCrypto-VPN/openvpn/build/repos/openvpn-build/windows-nsis/tmp/build-x86_64/liboqs/build-win/CMakeFiles/CMakeError.log".
FATAL: cmake
FATAL: build x86_64 >&2
***** Running command: ninja
***** Running command: ninja install
***** Running command: ./config shared --prefix=/opt/PQCrypto-VPN/openvpn/build/scratch/oqs-openssl-output/openssl --openssldir=/opt/PQCrypto-VPN/openvpn/build/scratch/oqs-openssl-output/ssl -lm
***** Running command: make -j
***** Running command: make install
***** Running command: autoreconf -i -f -v
***** Running command: touch ./usr/local/openvpn/etc/.placeholder ./usr/local/openvpn/log/.placeholder
***** Running command: tar -cz --group=root --owner=root -f ../pq-openvpn-linux-staged.tar.gz .
***** Running command: tar czvvf /tmp/liboqs.tar.gz liboqs
***** Running command: tar czvvf /tmp/openssl-oqs.tar.gz openssl-oqs
***** Running command: autoreconf -i -v -f
***** Running command: ./configure
***** Running command: tar czvvf /tmp/openvpn-2.4.8.tar.gz openvpn-2.4.8
***** Running command: autoreconf -i -v -f
***** Running command: tar czvvf /tmp/openvpn-gui-11.tar.gz openvpn-gui
***** Running command: ./windows-nsis/build-complete
Traceback (most recent call last):
  File "build.py", line 236, in <module>
    build_openvpn_windows()
  File "build.py", line 207, in build_openvpn_windows
    run_command(['./windows-nsis/build-complete'])
  File "build.py", line 42, in run_command
    raise RuntimeError('Command failed')
RuntimeError: Command failed
The command '/bin/sh -c cd  /opt/PQCrypto-VPN/openvpn/build                          && python build.py' returned a non-zero code: 1
(ERROR)-(Exit Code 1)-(General error)

Build failure at step 1.

Error message:

docker build -t vpn_microsoft_test .
Sending build context to Docker daemon  2.048kB
Step 1/5 : FROM ubuntu:19.10
 ---> 4f82834f04c6
Step 2/5 : WORKDIR /tmp
 ---> Using cache
 ---> c7c7524a447f
Step 3/5 : RUN apt update && apt install -y git gcc cmake make python
 ---> Using cache
 ---> 7eb2fb99e108
Step 4/5 : RUN git clone https://github.com/microsoft/PQCrypto-VPN.git
 ---> Running in 11898c70764e
Cloning into 'PQCrypto-VPN'...
Removing intermediate container 11898c70764e
 ---> 492e553a7b01
Step 5/5 : RUN cd /tmp/PQCrypto-VPN/openvpn/build && python build.py
 ---> Running in 01de9c40f600
fatal: Remote branch OpenSSL_1_0_2-stable not found in upstream origin
Cloning openssl ...
***** Running command: git clone -q --branch OpenSSL_1_0_2-stable https://github.com/open-quantum-safe/openssl openssl-oqs
Traceback (most recent call last):
  File "build.py", line 258, in <module>
    build_oqs_openssl()
  File "build.py", line 121, in build_oqs_openssl
    git_clone(OPENSSL_OQS_REPO, OPENSSL_OQS_BRANCH, 'openssl-oqs', OPENSSL_OQS_COMMIT)
  File "build.py", line 74, in git_clone
    os.chdir(local_name)
OSError: [Errno 2] No such file or directory: 'openssl-oqs'
The command '/bin/sh -c cd /tmp/PQCrypto-VPN/openvpn/build && python build.py' returned a non-zero code: 1

Dockerfile to reproduce error:

FROM ubuntu:19.10

WORKDIR /tmp

RUN apt update && apt install -y git gcc cmake make python
RUN git clone https://github.com/microsoft/PQCrypto-VPN.git 

RUN cd /tmp/PQCrypto-VPN/openvpn/build && python build.py

I modified the build.py script quiet a bit to get past several errors, but they just keep coming. Could someone please update the build system for this repo so that it actually builds on the first try. There have many changes in OQS OpenSSL and it breaks everything.

PQCrypto-VPN builds and runs, but OQS-KEX keys missing in traffic.

I have been able to successfully build and run PQCrypto-VPN, but there is a key issue (double meaning intended):

I have tls-cipher OQSKEX-MLWE-KYBER-ECDHE-RSA-WITH-AES-256-GCM-SHA384 set in the ovpn config file for the client.
In the traffic, I do not see the keys being sent from either the Client Hello or the Server Hello.
My executable is linked as follows, not sure that it matters though:

ldd /opt/PQCrypto-VPN/openvpn/build/scratch/stage/usr/local/openvpn/sbin/openvpn
	/lib/ld-musl-x86_64.so.1 (0x7f4ea75cc000)
	liblzo2.so.2 => /usr/lib/liblzo2.so.2 (0x7f4ea70f5000)
	liblz4.so.1 => /usr/lib/liblz4.so.1 (0x7f4ea70c1000)
	libssl.so.1.0.0 => /opt/PQCrypto-VPN/openvpn/build/scratch/openssl-oqs//libssl.so.1.0.0 (0x7f4ea7044000)
	libcrypto.so.1.0.0 => /opt/PQCrypto-VPN/openvpn/build/scratch/openssl-oqs//libcrypto.so.1.0.0 (0x7f4ea6cec000)
	libc.musl-x86_64.so.1 => /lib/ld-musl-x86_64.so.1 (0x7f4ea75cc000)

What needs to be done to fix this? I expect to see keys for kyber on the DHE from both sides. Also, the fact that wireshark cannot parse that TLS record suggests something is amiss.

Update Raspberry Pi "post-quantum access point" instructions for PQCrypto-VPN 1.3

Instructions in the pqap subtree have not been tested to work with version 1.3 of PQCrypto-VPN, and likely need updating.

branch: oqsrepo Build Error

The error:

Traceback (most recent call last):
  File "build.py", line 270, in <module>
    build_openvpn_linux()
  File "build.py", line 185, in build_openvpn_linux
    shutil.copy('../oqs-openssl-output/openssl/lib/libcrypto.so.1.0.0', stagepath + '/' + OPENVPN_LINUX_PREFIX + '/lib')
  File "/usr/lib/python2.7/shutil.py", line 139, in copy
    copyfile(src, dst)
  File "/usr/lib/python2.7/shutil.py", line 97, in copyfile
    with open(dst, 'wb') as fdst:
IOError: [Errno 2] No such file or directory: '/opt/PQCrypto-VPN/openvpn/build/scratch/stage//usr/local/openvpn/lib'
The command '/bin/sh -c cd /opt/PQCrypto-VPN/openvpn/build && python build.py' returned a non-zero code: 1

This is a simple error to fix, but after I fix it more errors just keep coming. If you look at "'/opt/PQCrypto-VPN/openvpn/build/scratch/stage//usr/local/openvpn/lib'" it has two forward slashes instead of one. Please take a look.

Dockerfile:

FROM ubuntu:19.10

RUN apt update && apt install -y \
        liblz4-dev               \
        liblzo2-dev              \
        libpam-dev               \
        libssl-dev               \
        libtool                  \
        libtool-bin              \
        cmake                    \
        make                     \
        autoconf                 \
        python                   \
        git

RUN cd /opt && git clone --branch oqsrepo https://github.com/microsoft/PQCrypto-VPN.git
RUN cd /opt/PQCrypto-VPN/openvpn/build && python build.py

I should mention that python3 has the built in path module in pathlib which handles path independent of operating system. If the build script is ever ported to python 3, path error of this kind can be avoided all together.

Edit 1: The "oqsrepo" branch was merged into master at commit 1d35894 for future reference.

sidhp751 crash - linux

Kevin,
Since a while ago (since the dev-1.3 testing started or so) I would like to report that PQCrypto-VPN seems to crash when sidhp751 is used as KEM. This occurs in the linux built if I have observed correctly.

Thanks in advance

Fix Windows build in darwin branch

The darwin branch has significant improvements to the build.py script. The contributor confirmed the build works on Darwin and I confirmed it works on Linux, but the Windows build is broken, and needs to be fixed before it can be merged into master.

How to build a custom PQCrypto-VPN with latest (dev) liboqs and OQS-OpenSSL (1.1.1k) on Windows 10

My building system's basic details:
O.S.: Windows 10 Home Edition

CPU: AMD-type

CMD Prompt: Using Administrator x64 Native tools command prompt of VS 2019

Stage: all tests passed, oqs-openssl and libs installed correctly and working

Here is a quick guide on how to achieve it:

1. Build the repository of Microsoft PQCrypto-VPN as it currently is resulting is the windows binary and install it.

2. Install all the according Windows dependencies (git, VS 2019, Perl - Active & Strawberry - MinGW & MSys, other needed extensions like Ninja, NASM e.t.c. - check the liboqs and openssl-oqs repo) and clone the latest (dev versions) of liboqs and openssl-oqs from the gits.

3. After cloning, when in \liboqs\build use:
cmake -GNinja -DCMAKE_INSTALL_PREFIX=..\..\openssl-oqs\oqs -DBUILD_SHARED_LIBS=OFF ..
then ninja and ninja install should work just fine

4. build normally according to the instructions (perl Configure VC-WIN64A, then nmake test, then nmake install)

5. Import (copy) the libraries from the newly install Program Files\OpenSSL directory (under C:) to the openvpn\bin directory
You should also copy the newly created openssl.exe (binary) from \Program Files\OpenSSL\bin to \OpenVPN\bin aswell. It works but the system may need to be restarted.

**6. Don't forget to set the according PATH variables

7. Test the new algorithms
You can also activate other desired OQS algorithms than the default enabled ones. Follow this guide of the openssl-oqs folder on an Ubuntu machine and the download the updated archive/directory to your Windows system, re-install liboqs as explained above targeting this new directory and then perl Configure... , nmake... and you should be ready!

I wish you find my guide useful.

Best regards!

Broken implementation of kyber512, kyber768 and kyber1024 as KEX.

I tested kyber512, kyber768 and kyber1024. The test is simple:

Establish a VPN using each of those algorithms as KEX.
Observe the raw network traffic.
Confirm both parties exchange the keys.
Confirm the number of bytes for said keys are correct.

Kyber512 ( click to see the Kyber NIST submission paper for round 2 with the Kyber specs):

Here is what happens with openssl s_server/s_client testing.

Private kyber512 Key: 768 bytes
Public kyber512 Key: 800 bytes
-Kyber is designed for KEM, although it is being used as a KEX. I haven't looked at the KEX mechanism for it, but the private key being sent in the clear probably makes sense in this use case.
Everything checks out.

Here is what happens with openvpn --config server/client(.ovpn):

client.ovpn has ecdh-curve kyber512
server.ovpn has ecdh-curve kyber512 and tls-version-min 1.3 :
Observation 1: Keys exchanged are from a different "ec-groups'; mismatch.
Observation 2: Client does not choose kyber512 "ec-curve", but instead ec-curve x25519.
Observation 3: Client does not send its key kyber512 key, but instead the x25519 key.
Observation 4: server chooses kyber512 and returns its kyber512 key.
Observation 5: This establishes a valid connection, but the crypto is utterly incorrect/broken just from glancing at the observations above.
Observation 2 means the client is never setting the ecdh-curve parameter found in the configuration file, but it seems the server does set it.

Kyber768:

Same configuration as above except ecdh-curve kyber768.
Observation 1: Observation 1, 2 and 3 in kyber512 hold true here as well.
Observation 2: The server responds with Change Cipher Spec and specifies the kyber768 group, but does not send its key.

kyber1024:

Observations are the same as kyber768.

Add logging to show key exchange algorithm negotiated

It's not obvious what algorithm is being used for key exchange on the control connection. Add logging to state which algorithm is being used when a tunnel is established.

Curve configuration setting

Greetings Kevin,

Thank you for your working on those latest commits on OQS-OpenSSL and OQS-liboqs because I was stuck for days.

I am trying to figure out if the 0.3.1-dev version of liboqs in combination with openssl-oqs rc2 produce a different curve configuration directive. In dev-3.1 this one is represented within ecdh-curve.

Thank you for your time and work.

Best regards!

OQS OpenSSL fails to run after build.

The error:

root@7dc66bd1ac35: cd /opt/PQCrypto-VPN/openvpn/build/scratch/pq-openvpn-linux/oqs-openssl-output/openssl/bin/
root@7dc66bd1ac35:/opt/PQCrypto-VPN/openvpn/build/scratch/pq-openvpn-linux/oqs-openssl-output/openssl/bin# ./openssl 
./openssl: symbol lookup error: ./openssl: undefined symbol: OQS_RAND_free

Dockerfile:

FROM ubuntu:18.04

RUN apt update && apt install -y \
        liblz4-dev               \
        liblzo2-dev              \
        libpam-dev               \
        libssl-dev               \
        libtool                  \
        libtool-bin              \
        cmake                    \
        make                     \
        autoconf                 \
        python                   \
        git                      \
        curl                     \
        libpam0g-dev             \
        unzip                    \
        net-tools                \
        pkg-config               \
        wget

RUN cd /opt && \
        git clone -b master https://github.com/microsoft/PQCrypto-VPN.git && \
        cd PQCrypto-VPN

RUN cd /opt/PQCrypto-VPN/openvpn/build && python build.py

After getting inside the container just run:

cd /opt/PQCrypto-VPN/openvpn/build/scratch/pq-openvpn-linux/oqs-openssl-output/openssl/bin/
./openssl

Enabling KEM and QSIGNATURE of choice in PQCrypto-VPN

The "PQCrypto-VPN/openvpn/config" folder contains examples on how to enable any available QCipherSuite:

How can I specify what KEM or QSIGNATURE PQCrypto-VPN should use? Thanks.

EDIT 1: I just realized that KEMs are part of the Cipher Suite, but they are coded as KEX, or more precisely as "OQSKEX" which is slightly confusing. "OQSKEM" would be better. Any notes on how to use the QSIGNATURE in the vpn would still be valuable though.

Here for reference, the available traditional and quantum cipher suites.:

 * SSL/TLS Cipher suite name translation table
 */
static const tls_cipher_name_pair tls_cipher_name_translation_table[] = {
    {"ADH-SEED-SHA", "TLS-DH-anon-WITH-SEED-CBC-SHA"},
    {"AES128-GCM-SHA256", "TLS-RSA-WITH-AES-128-GCM-SHA256"},
    {"AES128-SHA256", "TLS-RSA-WITH-AES-128-CBC-SHA256"},
    {"AES128-SHA", "TLS-RSA-WITH-AES-128-CBC-SHA"},
    {"AES256-GCM-SHA384", "TLS-RSA-WITH-AES-256-GCM-SHA384"},
    {"AES256-SHA256", "TLS-RSA-WITH-AES-256-CBC-SHA256"},
    {"AES256-SHA", "TLS-RSA-WITH-AES-256-CBC-SHA"},
    {"CAMELLIA128-SHA256", "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256"},
    {"CAMELLIA128-SHA", "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA"},
    {"CAMELLIA256-SHA256", "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256"},
    {"CAMELLIA256-SHA", "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA"},
    {"DES-CBC3-SHA", "TLS-RSA-WITH-3DES-EDE-CBC-SHA"},
    {"DES-CBC-SHA", "TLS-RSA-WITH-DES-CBC-SHA"},
    {"DH-DSS-SEED-SHA", "TLS-DH-DSS-WITH-SEED-CBC-SHA"},
    {"DHE-DSS-AES128-GCM-SHA256", "TLS-DHE-DSS-WITH-AES-128-GCM-SHA256"},
    {"DHE-DSS-AES128-SHA256", "TLS-DHE-DSS-WITH-AES-128-CBC-SHA256"},
    {"DHE-DSS-AES128-SHA", "TLS-DHE-DSS-WITH-AES-128-CBC-SHA"},
    {"DHE-DSS-AES256-GCM-SHA384", "TLS-DHE-DSS-WITH-AES-256-GCM-SHA384"},
    {"DHE-DSS-AES256-SHA256", "TLS-DHE-DSS-WITH-AES-256-CBC-SHA256"},
    {"DHE-DSS-AES256-SHA", "TLS-DHE-DSS-WITH-AES-256-CBC-SHA"},
    {"DHE-DSS-CAMELLIA128-SHA256", "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256"},
    {"DHE-DSS-CAMELLIA128-SHA", "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA"},
    {"DHE-DSS-CAMELLIA256-SHA256", "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256"},
    {"DHE-DSS-CAMELLIA256-SHA", "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA"},
    {"DHE-DSS-SEED-SHA", "TLS-DHE-DSS-WITH-SEED-CBC-SHA"},
    {"DHE-RSA-AES128-GCM-SHA256", "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256"},
    {"DHE-RSA-AES128-SHA256", "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256"},
    {"DHE-RSA-AES128-SHA", "TLS-DHE-RSA-WITH-AES-128-CBC-SHA"},
    {"DHE-RSA-AES256-GCM-SHA384", "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384"},
    {"DHE-RSA-AES256-SHA256", "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"},
    {"DHE-RSA-AES256-SHA", "TLS-DHE-RSA-WITH-AES-256-CBC-SHA"},
    {"DHE-RSA-CAMELLIA128-SHA256", "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256"},
    {"DHE-RSA-CAMELLIA128-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA"},
    {"DHE-RSA-CAMELLIA256-SHA256", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256"},
    {"DHE-RSA-CAMELLIA256-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA"},
    {"DHE-RSA-CHACHA20-POLY1305", "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256"},
    {"DHE-RSA-SEED-SHA", "TLS-DHE-RSA-WITH-SEED-CBC-SHA"},
    {"DH-RSA-SEED-SHA", "TLS-DH-RSA-WITH-SEED-CBC-SHA"},
    {"ECDH-ECDSA-AES128-GCM-SHA256", "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256"},
    {"ECDH-ECDSA-AES128-SHA256", "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256"},
    {"ECDH-ECDSA-AES128-SHA", "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA"},
    {"ECDH-ECDSA-AES256-GCM-SHA384", "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384"},
    {"ECDH-ECDSA-AES256-SHA256", "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA256"},
    {"ECDH-ECDSA-AES256-SHA384", "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384"},
    {"ECDH-ECDSA-AES256-SHA", "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA"},
    {"ECDH-ECDSA-CAMELLIA128-SHA256", "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256"},
    {"ECDH-ECDSA-CAMELLIA128-SHA", "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA"},
    {"ECDH-ECDSA-CAMELLIA256-SHA256", "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA256"},
    {"ECDH-ECDSA-CAMELLIA256-SHA", "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA"},
    {"ECDH-ECDSA-DES-CBC3-SHA", "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA"},
    {"ECDH-ECDSA-DES-CBC-SHA", "TLS-ECDH-ECDSA-WITH-DES-CBC-SHA"},
    {"ECDH-ECDSA-RC4-SHA", "TLS-ECDH-ECDSA-WITH-RC4-128-SHA"},
    {"ECDHE-ECDSA-AES128-GCM-SHA256", "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256"},
    {"ECDHE-ECDSA-AES128-SHA256", "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256"},
    {"ECDHE-ECDSA-AES128-SHA384", "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA384"},
    {"ECDHE-ECDSA-AES128-SHA", "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA"},
    {"ECDHE-ECDSA-AES256-GCM-SHA384", "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"},
    {"ECDHE-ECDSA-AES256-SHA256", "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA256"},
    {"ECDHE-ECDSA-AES256-SHA384", "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384"},
    {"ECDHE-ECDSA-AES256-SHA", "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA"},
    {"ECDHE-ECDSA-CAMELLIA128-SHA256", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256"},
    {"ECDHE-ECDSA-CAMELLIA128-SHA", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA"},
    {"ECDHE-ECDSA-CAMELLIA256-SHA256", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA256"},
    {"ECDHE-ECDSA-CAMELLIA256-SHA", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA"},
    {"ECDHE-ECDSA-CHACHA20-POLY1305", "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256"},
    {"ECDHE-ECDSA-DES-CBC3-SHA", "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA"},
    {"ECDHE-ECDSA-DES-CBC-SHA", "TLS-ECDHE-ECDSA-WITH-DES-CBC-SHA"},
    {"ECDHE-ECDSA-RC4-SHA", "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA"},
    {"ECDHE-RSA-AES128-GCM-SHA256", "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256"},
    {"ECDHE-RSA-AES128-SHA256", "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256"},
    {"ECDHE-RSA-AES128-SHA384", "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA384"},
    {"ECDHE-RSA-AES128-SHA", "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA"},
    {"ECDHE-RSA-AES256-GCM-SHA384", "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"},
    {"ECDHE-RSA-AES256-SHA256", "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA256"},
    {"ECDHE-RSA-AES256-SHA384", "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384"},
    {"ECDHE-RSA-AES256-SHA", "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA"},
    {"ECDHE-RSA-CAMELLIA128-SHA256", "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256"},
    {"ECDHE-RSA-CAMELLIA128-SHA", "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA"},
    {"ECDHE-RSA-CAMELLIA256-SHA256", "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA256"},
    {"ECDHE-RSA-CAMELLIA256-SHA", "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA"},
    {"ECDHE-RSA-CHACHA20-POLY1305", "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"},
    {"ECDHE-RSA-DES-CBC3-SHA", "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA"},
    {"ECDHE-RSA-DES-CBC-SHA", "TLS-ECDHE-RSA-WITH-DES-CBC-SHA"},
    {"ECDHE-RSA-RC4-SHA", "TLS-ECDHE-RSA-WITH-RC4-128-SHA"},
    {"ECDH-RSA-AES128-GCM-SHA256", "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256"},
    {"ECDH-RSA-AES128-SHA256", "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256"},
    {"ECDH-RSA-AES128-SHA384", "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA384"},
    {"ECDH-RSA-AES128-SHA", "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA"},
    {"ECDH-RSA-AES256-GCM-SHA384", "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384"},
    {"ECDH-RSA-AES256-SHA256", "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA256"},
    {"ECDH-RSA-AES256-SHA384", "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384"},
    {"ECDH-RSA-AES256-SHA", "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA"},
    {"ECDH-RSA-CAMELLIA128-SHA256", "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256"},
    {"ECDH-RSA-CAMELLIA128-SHA", "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA"},
    {"ECDH-RSA-CAMELLIA256-SHA256", "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA256"},
    {"ECDH-RSA-CAMELLIA256-SHA", "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA"},
    {"ECDH-RSA-DES-CBC3-SHA", "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA"},
    {"ECDH-RSA-DES-CBC-SHA", "TLS-ECDH-RSA-WITH-DES-CBC-SHA"},
    {"ECDH-RSA-RC4-SHA", "TLS-ECDH-RSA-WITH-RC4-128-SHA"},
    {"EDH-DSS-DES-CBC3-SHA", "TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA"},
    {"EDH-DSS-DES-CBC-SHA", "TLS-DHE-DSS-WITH-DES-CBC-SHA"},
    {"EDH-RSA-DES-CBC3-SHA", "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA"},
    {"EDH-RSA-DES-CBC-SHA", "TLS-DHE-RSA-WITH-DES-CBC-SHA"},
    {"EXP-DES-CBC-SHA", "TLS-RSA-EXPORT-WITH-DES40-CBC-SHA"},
    {"EXP-EDH-DSS-DES-CBC-SHA", "TLS-DH-DSS-EXPORT-WITH-DES40-CBC-SHA"},
    {"EXP-EDH-RSA-DES-CBC-SHA", "TLS-DH-RSA-EXPORT-WITH-DES40-CBC-SHA"},
    {"EXP-RC2-CBC-MD5", "TLS-RSA-EXPORT-WITH-RC2-CBC-40-MD5"},
    {"EXP-RC4-MD5", "TLS-RSA-EXPORT-WITH-RC4-40-MD5"},
    {"NULL-MD5", "TLS-RSA-WITH-NULL-MD5"},
    {"NULL-SHA256", "TLS-RSA-WITH-NULL-SHA256"},
    {"NULL-SHA", "TLS-RSA-WITH-NULL-SHA"},
    {"PSK-3DES-EDE-CBC-SHA", "TLS-PSK-WITH-3DES-EDE-CBC-SHA"},
    {"PSK-AES128-CBC-SHA", "TLS-PSK-WITH-AES-128-CBC-SHA"},
    {"PSK-AES256-CBC-SHA", "TLS-PSK-WITH-AES-256-CBC-SHA"},
    {"PSK-RC4-SHA", "TLS-PSK-WITH-RC4-128-SHA"},
    {"RC4-MD5", "TLS-RSA-WITH-RC4-128-MD5"},
    {"RC4-SHA", "TLS-RSA-WITH-RC4-128-SHA"},
    {"SEED-SHA", "TLS-RSA-WITH-SEED-CBC-SHA"},
    {"SRP-DSS-3DES-EDE-CBC-SHA", "TLS-SRP-SHA-DSS-WITH-3DES-EDE-CBC-SHA"},
    {"SRP-DSS-AES-128-CBC-SHA", "TLS-SRP-SHA-DSS-WITH-AES-128-CBC-SHA"},
    {"SRP-DSS-AES-256-CBC-SHA", "TLS-SRP-SHA-DSS-WITH-AES-256-CBC-SHA"},
    {"SRP-RSA-3DES-EDE-CBC-SHA", "TLS-SRP-SHA-RSA-WITH-3DES-EDE-CBC-SHA"},
    {"SRP-RSA-AES-128-CBC-SHA", "TLS-SRP-SHA-RSA-WITH-AES-128-CBC-SHA"},
    {"SRP-RSA-AES-256-CBC-SHA", "TLS-SRP-SHA-RSA-WITH-AES-256-CBC-SHA"},
    /*
     * Non-standard, post-quantum cipher suites, provided by the OQS fork of OpenSSL.
     * https://github.com/open-quantum-safe/openssl
     */
    {"OQSKEX-SIDH-MSR-ECDHE-RSA-AES256-GCM-SHA384", "OQSKEX-SIDH-MSR-ECDHE-RSA-AES256-GCM-SHA384"},
    {"OQSKEX-LWE-FRODO-RECOMMENDED-ECDHE-RSA-AES256-GCM-SHA384", "OQSKEX-LWE-FRODO-RECOMMENDED-ECDHE-RSA-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-BCNS15-ECDHE-RSA-AES256-GCM-SHA384", "OQSKEX-RLWE-BCNS15-ECDHE-RSA-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-NEWHOPE-ECDHE-RSA-AES256-GCM-SHA384", "OQSKEX-RLWE-NEWHOPE-ECDHE-RSA-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-MSRLN16-ECDHE-RSA-AES256-GCM-SHA384", "OQSKEX-RLWE-MSRLN16-ECDHE-RSA-AES256-GCM-SHA384"},
    {"OQSKEX-SIDH-IQC-REF-ECDHE-RSA-WITH-AES-256-GCM-SHA384", "OQSKEX-SIDH-IQC-REF-ECDHE-RSA-WITH-AES-256-GCM-SHA384"},
    {"OQSKEX-CODE-MCBITS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", "OQSKEX-CODE-MCBITS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"},
    {"OQSKEX-NTRU-ECDHE-RSA-WITH-AES-256-GCM-SHA384", "OQSKEX-NTRU-ECDHE-RSA-WITH-AES-256-GCM-SHA384"},
    {"OQSKEX-MLWE-KYBER-ECDHE-RSA-WITH-AES-256-GCM-SHA384", "OQSKEX-MLWE-KYBER-ECDHE-RSA-WITH-AES-256-GCM-SHA384"},
    /* same list as above, but with ECDSA instead of RSA */
    {"OQSKEX-SIDH-MSR-ECDHE-ECDSA-AES256-GCM-SHA384", "OQSKEX-SIDH-MSR-ECDHE-ECDSA-AES256-GCM-SHA384"},
    {"OQSKEX-LWE-FRODO-RECOMMENDED-ECDHE-ECDSA-AES256-GCM-SHA384", "OQSKEX-LWE-FRODO-RECOMMENDED-ECDHE-ECDSA-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-BCNS15-ECDHE-ECDSA-AES256-GCM-SHA384", "OQSKEX-RLWE-BCNS15-ECDHE-ECDSA-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-NEWHOPE-ECDHE-ECDSA-AES256-GCM-SHA384", "OQSKEX-RLWE-NEWHOPE-ECDHE-ECDSA-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-MSRLN16-ECDHE-ECDSA-AES256-GCM-SHA384", "OQSKEX-RLWE-MSRLN16-ECDHE-ECDSA-AES256-GCM-SHA384"},
    {"OQSKEX-SIDH-IQC-REF-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", "OQSKEX-SIDH-IQC-REF-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"},
    {"OQSKEX-CODE-MCBITS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", "OQSKEX-CODE-MCBITS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"},
    {"OQSKEX-NTRU-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", "OQSKEX-NTRU-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"},
    {"OQSKEX-MLWE-KYBER-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", "OQSKEX-MLWE-KYBER-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"},
    /* Picnic-capable ciphersuites */
    {"OQSKEX-LWE-FRODO-RECOMMENDED-PICNIC-AES256-GCM-SHA384", "OQSKEX-LWE-FRODO-RECOMMENDED-PICNIC-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-MSRLN16-PICNIC-AES256-GCM-SHA384", "OQSKEX-RLWE-MSRLN16-PICNIC-AES256-GCM-SHA384"},
    {"OQSKEX-SIDH-MSR-PICNIC-AES256-GCM-SHA384", "OQSKEX-SIDH-MSR-PICNIC-AES256-GCM-SHA384"},
    {"OQSKEX-LWE-FRODO-RECOMMENDED-ECDHE-PICNIC-AES256-GCM-SHA384", "OQSKEX-LWE-FRODO-RECOMMENDED-ECDHE-PICNIC-AES256-GCM-SHA384"},
    {"OQSKEX-RLWE-MSRLN16-ECDHE-PICNIC-AES256-GCM-SHA384", "OQSKEX-RLWE-MSRLN16-ECDHE-PICNIC-AES256-GCM-SHA384"},
    {"OQSKEX-SIDH-MSR-ECDHE-PICNIC-AES256-GCM-SHA384", "OQSKEX-SIDH-MSR-ECDHE-PICNIC-AES256-GCM-SHA384"},
#ifdef ENABLE_CRYPTO_OPENSSL
    /* OpenSSL-specific group names */
    {"DEFAULT", "DEFAULT"},
    {"ALL", "ALL"},
    {"HIGH", "HIGH"}, {"!HIGH", "!HIGH"},
    {"MEDIUM", "MEDIUM"}, {"!MEDIUM", "!MEDIUM"},
    {"LOW", "LOW"}, {"!LOW", "!LOW"},
    {"ECDH", "ECDH"}, {"!ECDH", "!ECDH"},
    {"ECDSA", "ECDSA"}, {"!ECDSA", "!ECDSA"},
    {"EDH", "EDH"}, {"!EDH", "!EDH"},
    {"EXP", "EXP"}, {"!EXP", "!EXP"},
    {"RSA", "RSA"}, {"!RSA", "!RSA"},
    {"kRSA", "kRSA"}, {"!kRSA", "!kRSA"},
    {"SRP", "SRP"}, {"!SRP", "!SRP"},
#endif
    {NULL, NULL}
};

tls-cipher schemes for control channel negotiation request and certificate read issue

Greetings all,

Congratulations and thanks for all this work you have done so far and the quest to implement post quantum algorithms into current cryptography protocols.

First of all I have to state that I have pretty basic knowledge of programming languages, but I can handle various operating systems. Lately I had the interest to start learning about cryptography and started encrypting my connection, playing around with the various available classic protocols etc.
I have successfully installed your software in both *nix based and microsoft platforms of mine, at least up to the openssl-integrated-with-liboqs stage, but still I am not sure I have understood how I should form the tls-cipher and/or tls-ciphersuites (for the openssl 1.1.1d version I use) directive to handle the oqskex. Also the openssl certificates I issue with the openssl commands (openssl seems to have been integrated correctly since I can use it for -at least- most of the pq algorithms) seem not readable from my openvpn software on neither side. (It provides various certificate related errors such as the "unsupported certificate purpose" / "certificate verify failed" / extended key usage errors etc.)

I reached as far as I could alone, but I think I will need your help to go further. I use Debian Buster and Windows 10 Pro Edition.

Any help and recommendation will be appreciated. Keep up the good work.

Best regards,
Alex

Compatibility with OQS-OpenSSL_1_1_1 branch of openssl

Are there any updates on integrating OpenSSL 1.1.1? Are there compatibility issues? I am currently working on integrating one of the PQ algorithms into this project; however, it was built on the OQS-OpenSSL_1_1_1 branch.

virustotal

https://www.virustotal.com/#/file/abf2ed55d6f7dbff0638a29fd16604d47ee8fdd92060f74ee6e6db3299d0c617/detection

OpenVPN version update?

The project update to integrate with the latest OpenSSL is great step forward. Is there any roadmap to update the OpenVPN side to the latest version as well?

Thanks.

Picnic

I wonder if Picnic is really usable in PQCrypto-VPN as you mentioned here?

I created the certificate with picnicl1fs key and received the error:

Mon Jan 13 12:55:40 2020 OpenSSL: error:0609E09C:digital envelope routines:PKEY_SET_TYPE:unsupported algorithm
Mon Jan 13 12:55:40 2020 OpenSSL: error:0B07706F:x509 certificate routines:X509_PUBKEY_get:unsupported algorithm
Mon Jan 13 12:55:40 2020 OpenSSL: error:140BF10C:SSL routines:SSL_SET_CERT:x509 lib
Mon Jan 13 12:55:40 2020 MANAGEMENT: Client disconnected
Mon Jan 13 12:55:40 2020 Cannot load certificate file C:\Program Files\OpenVPN_PQCrypto\config\client.crt
Mon Jan 13 12:55:40 2020 Exiting due to fatal error

Integrate with liboqs 0.4.0

Greetings Kevin,

After your previous fix I managed to locate two points within the PQCrypto-VPN code which I changed and managed to build the latest engine of PQCrypto-VPN, initially by downloading the fork here and then by replacing (re-downloading) the current master liboqs fork (0.3.1-dev) with the very latest OQS-OpenSSL. I should note that this latest version of the engine built, is way smaller than the previous one, about half the size of the current found in dev-3.1 for both windows and linux. But it seems to perfectly work after your latest fixes.

It is more than welcome for me if you want to me to provide those fixes either here in my post or directly in the code.

Looking forward to hearing from you, thanks again.

Best regards

microsoft / pqcrypto-vpn Goto Github PK

pqcrypto-vpn's Introduction

Thank you for your interest! This project is no longer active. Please see the OpenVPN demo at the Open Quantum Safe project for an up-to-date PQ-enabled version of OpenVPN.

Welcome to the PQCrypto-VPN project!

Releases

Tell us what you think

Prerequisites

Contributing

Cloning

Build Process Overview

Subprojects

Setup instructions

Windows client

Linux client or server

Setting up username/password authentication on a Linux server

Setting up certificate authentication

Known Issues

pqcrypto-vpn's People

Contributors

Stargazers

Watchers

Forkers

pqcrypto-vpn's Issues

Recommend Projects

Recommend Topics

Recommend Org