From owner-freebsd-hackers@freebsd.org Fri Oct 27 10:00:05 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E6067E3ECF3; Fri, 27 Oct 2017 10:00:05 +0000 (UTC) (envelope-from benlaurie@gmail.com) Received: from mail-qk0-x242.google.com (mail-qk0-x242.google.com [IPv6:2607:f8b0:400d:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9F9CC8301F; Fri, 27 Oct 2017 10:00:05 +0000 (UTC) (envelope-from benlaurie@gmail.com) Received: by mail-qk0-x242.google.com with SMTP id x82so7643395qkb.12; Fri, 27 Oct 2017 03:00:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=ABB/QRnvrZxvpvJSimeFkXxTRdOwGsYQrgRenYUIXsU=; b=cnn3YlwyP1lqjoSGY8S0FvBqbWOg/d3l+RR4SvMT9VNX/yX6LLVGPSHLa49nutB1Ww Vfyz99hXvIh8qbwh7Pa+6tB1/F4wDAqhN8fefS9xQeyIOKO8W24Ea1ULjMpExlfU8bgg jxLUeE0P8XIXk1niwtN3FhguL8LkNkUSt4F8CkF8CsajN+YTKxLZrFB1cUemSbt8P3H3 DkOju03Yo5EqnEr9qT/Z4YnsTb5VZATRosZdU4cV2nXZ3IQq/C7MNay0WEaYC+9qNu9U Bza8we7Hg66eJTN59ZJ2nsWIiPTD5QTsAeZ/A7/0lptMyGgX10B6zssl/E5hYMA7l06m Yrow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=ABB/QRnvrZxvpvJSimeFkXxTRdOwGsYQrgRenYUIXsU=; b=h5EasdhZsncC0txuUuJbZaxqbldVKeTDyOI0GozeWYQwXKm3rUcRakVMwvW9LUfzgU IodZXyRkjizCKVd8m6XJ/MeXRAhKN0NWwSBvj1LTajnjXhLUMKfPJGydsLQ0QFEsuNfM x8gGruq26LlhXhrME0VtTPYlCJNkfbX3+CIgPLCA9ocvfp7+AhZiAlxVsFB2nc4JFK4p C9y/Hl0DyMEssg7efx7vJiGnLZTmQMELobsRW6tPooOhm6WD9+ryNa7Bm0oUXpAkjxwz OjC3iRjtpLJ15QxRpDEntm9CEtdpil2X5vpD3DPgWp0dqbwSnU15yJfObXVGzeJHswj4 P5Pw== X-Gm-Message-State: AMCzsaWb+7Ejor36Hr/Z5fT/R28jwakrUlKIHoKyd2V6S6s0CMMq/hQU imrLDG42JrFcL2YytM0hkx3PM3JS6Q5zHKm4dww= X-Google-Smtp-Source: ABhQp+TFY4158zoi+PFWoy+2+Vye0wZzzgWtZ7ALn8ha6AlCkVnip5h8K5fB01OdXzwOEPJ57u2eMoQVYHGwJXKdx/0= X-Received: by 10.233.216.199 with SMTP id u190mr11795910qkf.203.1509098404774; Fri, 27 Oct 2017 03:00:04 -0700 (PDT) MIME-Version: 1.0 Sender: benlaurie@gmail.com Received: by 10.200.22.174 with HTTP; Fri, 27 Oct 2017 03:00:04 -0700 (PDT) In-Reply-To: References: From: Ben Laurie Date: Fri, 27 Oct 2017 11:00:04 +0100 X-Google-Sender-Auth: q78TFe_MWnegvzwZJvlRaq7Odfc Message-ID: Subject: Re: Crypto overhaul To: Eric McCorkle Cc: "freebsd-arch@freebsd.org" , "freebsd-security@freebsd.org security" , "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Oct 2017 10:00:06 -0000 On 27 October 2017 at 01:29, Eric McCorkle wrote: > I was going to wait a bit to discuss this, but it's very pertinent to > the trust infrastructure I described earlier this week. > > There was a good bit of discussion at vBSDCon about a possible crypto > overhaul. This is my understanding of the current situation: > > * Userland crypto support is provided by OpenSSL, of course. My sense > is that there's a general dissatisfaction with OpenSSL, but that there's > a nontrivial effort required to liberate userland from it. > > * The kernel has sort of two crypto APIs: crypto and opencrypto. The > design of these APIs seems to be something of older hardware crypto > architectures and export restrictions. This is difficult to extract > from the kernel (and say, embed into the boot loader). > > * BIOS geli pulled the AES implementation out of opencrypto. This was > due in a large part to the size restrictions on BIOS loaders. > > * As a bridge measure, I've introduced boot_crypto into the EFI loader, > in order to support GELI. > > At vBSDcon, there seemed to be a consensus that this situation is too > fragmented. Moreover, it makes life difficult for anyone (like me) who > wants to do crypto-related projects. > > > A couple of options were discussed at vBSDcon. The two that seemed to > come to the forefront were BearSSL and LibreSSL. There seem to be some > advantages and disadvantages both ways: > > * LibreSSL is mature software with staff and support from another BSD > (OpenBSD), they've done some really good work, and have a definite > long-term roadmap. I'm not sure to what extent it could be easily > embedded into a kernel and bootloader, though. Have you considered BoringSSL? > * BearSSL's design seemingly lends itself to acting as a userland, > kernel, and bootloader library. On the other hand, it's new (which > means it will need to be reviewed by crypto experts and thoroughly > tested), and has one developer at this point. OpenSSL includes (and is used for) lots of crypto that is not used in SSL - since BearSSL targets SSL/TLS only, it can't, presumably, be used to replace all uses of OpenSSL. > > > I think it's worth discussing and investigating these options further at > this point. > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"