TLS-Auth- How are the static key HMACs produced?

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
Letalis
OpenVPN User
Posts: 47
Joined: Mon Sep 14, 2020 11:46 am

TLS-Auth- How are the static key HMACs produced?

Post by Letalis » Mon May 09, 2022 11:21 am

Hi, I've been trying to understand a bit more of how the OpenVPN protocol works and I'm hoping someone can clear up some confusion.
When I run my server on verb 7 I am able to see the 256 bit HMAC key used to sign and verify packets for the control channel (I am using SHA256, with no key direction specified so the same key is used both ways).

According to the community resource on the OpenVPN protocol the HMAC is a:

Code: Select all

signature of entire encapsulation header for integrity
I took a look at the packets sent from my client when I connect to the server to see if I can match the HMAC, but I am unsure as to what the "encapsulation header" is referring to. I understand the idea of encapsulation in packets, but I've tried using headers from the lower layers, as well as all of the headers combined, but have had no luck matching it. I've also tried using just the opcode/key_id, as the same OpenVPN protocol resource says this is used in UDP (I probably should have said I'm using UDP) before the payload, but still no luck. What exact data in the packet is used with my key to produce the HMAC used for static key authentication shown below?

Image

I've tried looking at the OpenVPN source and despite finding where the HMAC is applied in tls-auth I can't locate the exact logic used to calculate it so any help would be greatly appreciated.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS-Auth- How are the static key HMACs produced?

Post by TinCanTech » Mon May 09, 2022 11:42 am

Letalis wrote:
Mon May 09, 2022 11:21 am
I am using SHA256, with no key direction specified so the same key is used both ways
Re-he-he-healy ..

Letalis
OpenVPN User
Posts: 47
Joined: Mon Sep 14, 2020 11:46 am

Re: TLS-Auth- How are the static key HMACs produced?

Post by Letalis » Mon May 09, 2022 11:56 am

Is that not the case? Since I didn't specify a direction my server lists the same keys for outgoing and incoming on the control channel. I've been reading this OpenVPN FAQ https://openvpn.net/faq/changed-hex-byt ... ginal-key/. This page states:

Code: Select all

Since you probably didn't specify a key direction parameter, the encrypt/decrypt keys for both directions are the same and the HMAC keys for both directions are also the same.
The page seems to backup what I thought... Since I haven't specified a key direction I thought that's how it worked.
Please let me know if I've misunderstood the contents of that page :)

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS-Auth- How are the static key HMACs produced?

Post by TinCanTech » Mon May 09, 2022 12:04 pm

I believe that newer versions of OpenVPN set the client --key-direction automatically.

Letalis
OpenVPN User
Posts: 47
Joined: Mon Sep 14, 2020 11:46 am

Re: TLS-Auth- How are the static key HMACs produced?

Post by Letalis » Mon May 09, 2022 1:07 pm

I've just tested on both a client and server running 2.5.6. The key-direction is unset, and the keys for incoming and outgoing on both the client and server are identical. So on the version I'm on at least the key seems to be used both ways.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS-Auth- How are the static key HMACs produced?

Post by TinCanTech » Mon May 09, 2022 4:57 pm

Looks like some confusion.

--tls-auth key uses --key-direction, I think you are asking about HMAC from --auth

To be honest, I doubt I can help ..

Letalis
OpenVPN User
Posts: 47
Joined: Mon Sep 14, 2020 11:46 am

Re: TLS-Auth- How are the static key HMACs produced?

Post by Letalis » Mon May 09, 2022 5:03 pm

I am indeed asking about the HMACs, I'm mentioning tls-auth as these are additional ones for control packets that only get produced when tls-auth is active (the HMAC shown in the screenshot isn't there until I enable tls-auth).

No worries if you can't help, I'm just hoping there may be someone else on these forums that could give me a bit more insight as I thought this would be the best place to ask.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS-Auth- How are the static key HMACs produced?

Post by TinCanTech » Mon May 09, 2022 7:10 pm

Probably makes sense to explain what your goal is.

Letalis
OpenVPN User
Posts: 47
Joined: Mon Sep 14, 2020 11:46 am

Re: TLS-Auth- How are the static key HMACs produced?

Post by Letalis » Mon May 09, 2022 7:52 pm

Security just interests me, and I'm trying to gain an understanding of how tls-auth operates as a small project. To do this I've been trying to modify my network traffic so that my server accepts the control packets with the option enabled (I just want to see if I can get the server to not disregard the packets and recognise their HMAC signatures as correct). Through the resources I've talked about I've parsed the correct parts of my client static key, and modified the control packet structure to match that of a standard tls-auth enabled client.

So far my server has recognised the control packets as the format it expects and attempts to read the HMAC. Due to a bit of confusion as to what the OpenVPN protocol page defines as 'entire encapsulation header', I've been struggling to get the calculation for the HMAC correct.

I have took another look at the OpenVPN source though, and am currently trying to call OpenSSL's HMAC functions in the same fashion to see if I can get the correct output.

Maybe this isn't the right place to ask this sort of question, so sorry if this is too off-topic even for the off-topic forum :D

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS-Auth- How are the static key HMACs produced?

Post by TinCanTech » Mon May 09, 2022 8:57 pm

Letalis wrote:
Mon May 09, 2022 7:52 pm
Security just interests me
Enjoy the ride 8-)

Best place to look is the source code.

Post Reply