Hi Paul,
I have sort of tunneled HMAC-SHA-256 over HTTPS.
I have used proven concepts (HMAC, SHA-256, challenge-response a.k.a.
CHAP, nonces, serials for replay attack prevention, ...).
I don't think it is an overkill because the server script has the right
to know who is calling it and to whom
it grants authorization. This is mainly because pam_get_item (pamh,
PAM_RHOST, &clientIP) mysteriously
gave me NULL, which is still left to investigate.
I don't feel bad about having a garage implementation that works. Of
course, garage implementation is not guaranteed to be cryptographically
unbreakable, so I will probably look after doing more homework and
attempts to logically prove it working. I feel safer with garage crypto
than no crypto at all :-)
If nothing else, this was a good programming and brain exercise, so I
have no regrets ;-)
I am not very familiar with openssl or GNUTLS.
Kind regards,
Mirsad
On 2/7/2022 7:51 PM, Paul Wouters wrote:
If you feel the pam TLS calls needs more than server side cert verification,
you should look into client authentication, eg mTLS. Don’t invent your own
crypto.
Paul
--
Mirsad Goran Todorovac
CARNet sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
CARNet system engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
