{Spam?} Re: loading psk credentials from encrypted file

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Oct 24 03:34:55 CEST 2009


Michael Weiser wrote:

> A few days ago I had an idea though: Why not abuse the PKCS12 functions
> to save the datum_t holding the PSK key out in an encrypted PKCS12
> structure? 

What are the reasons for doing that? Is it for distributing the actual
key to clients? For protecting the whole password file maybe pkcs-12 is
too much, and saving the password file into an encrypted partition might
be simpler.

> The code looks as shown below (without the error checking for
> readability). It works fine, but my questions are:
> 
> - Is this at all sensible or (will it break|is it braindead|other
>   reason for never ever doing it)?

I don't like pkcs-12 due to it's complexity, but nevertheless there is
nothing (else) wrong with it and pretty much seems to fit here.

> - Is my PSK key secure this way or do I have an inherent security hole
>   somewhere?

Depends on how is it going to be used.

> - Can I use something stronger than RC4-128 for encryption?

I believe PKCS-12 supports 3DES as well.

> - Can I have my own bag type GNUTLS_BAG_PSK_KEY so I don't need to abuse
>   GNUTLS_BAG_CERTIFICATE? ;) Or should/can I use GNUTLS_BAG_ENCRYPTED
>   for generic encrypted data?

In
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12.asn
I can see a secretbag that is underdefined though. If you want to use
that you might need to do some checking on whether someone already uses
this bag type to put octet data (the asn.1 wording for bytes) there. If
yes I think the modifications to gnutls to support it should be minor.
If noone uses it might be possible to use some object identifier (OID)
to define just a blob.

best regards,
Nikos





More information about the Gnutls-help mailing list