Commit Graph

31 Commits

Author SHA1 Message Date
Wolfgang Bumiller
aae8a03dc4 auth-api: bump version to 0.4.0
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-05-22 16:04:04 +02:00
Wolfgang Bumiller
9c95b4d66e auth-api: rustfmt
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-05-22 15:41:56 +02:00
Wolfgang Bumiller
fc75d98cb3 auth-api: cleanup a warning
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-05-22 15:40:12 +02:00
Wolfgang Bumiller
a6dc4d322d auth-api: remove unnecessary allocation
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-05-22 15:38:26 +02:00
Stefan Sterz
5b4cb9b124 auth-api: fix types compilefail test
due to missing `use` statements they failed, as they should, but for
the wrong reasons. also adapt a test case that presumably was meant
to test whether `TokennameRef` can be compared, but instead
duplicated the `UsernameRef` test case.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:44 +02:00
Stefan Sterz
4d6922e2c4 auth-api: move to hmac signing for csrf tokens
previously we used our own hmac-like implementation for csrf token
signing that simply appended the key to the message (csrf token).
however, this is possibly insecure as an attacker that finds a
collision in the hash function can easily forge a signature. after all,
two messages would then produce the same start conditions before
hashing the key. while this is probably a theoretic attack on our csrf
implementation, it does not hurt to move to the safer standard hmac
implementation that avoids such pitfalls.

this commit re-uses the hmac key wrapper used for the keyring. it also
keeps the old construction around so we can use it for a transition
period between old and new csrf token implementations.

this is a breaking change as it changes the signature of the
`csrf_secret` method of the `AuthContext` trait to return an hmac
key.

also exposes `assemble_csrf_prevention_toke` so we can re-use this
code here instead of duplicating it in e.g. proxmox-backup's
auth_helpers.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:40 +02:00
Stefan Sterz
8609fb58ef auth-api: use constant time comparison for csrf tokens
by using openssl's `memcmp::eq()` we can avoid potential side-channel
attack on the csrf token comparison. this comparison's runtime only
depends on the length of the two byte vectors, not their contents.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:38 +02:00
Stefan Sterz
b926ea1f5c auth-api: add ability to use hmac singing in keyring
previously we only used asymmetric cryptographic schemes to
authenticate tickets. this is fairly costly and not necessary in every
instance. imagine a service that runs as a single daemon. this daemon
is then the only party that needs to sign and verify tickets. this
makes hmac perfectly suitable for such usecases. hmac has some
advantages over asymmetric schemes:

- much simpler and well reviewed construction
- much faster and better optimized crypto primitives (hash functions)

this commit first introduces a new hmac key wrapper that uses openssl's
hmac implementation and can easily be reused by other parts of the
code. it also refactors the keyring code to make it easier to rotate
new hmac keys into place so switching to hmac keys is easier.

hmac keys are symmetric, so the verification key is the same key as the
signing key. this breaks the previous assumption by the keyring that
these correspond to public and private keys. thus, this commit
introduces two wrapper enums to distinguish between hmac and asymmetric
signature schemes.

the verification of hmac keys is also done via `openssl::memcmp::eq()`
to avoid potential timing side-channel attacks.

below are some simple benchmarks done with criterion.rs to show how much
faster hmac is, no matter the actual hash function:

rsa 4096 + sha256        time:   [2.7825 ms 2.7907 ms 2.7995 ms]
ed25519                  time:   [94.411 µs 94.840 µs 95.324 µs]
hmac sha256              time:   [5.7202 µs 5.7412 µs 5.7645 µs]
hmac sha384              time:   [6.6577 µs 6.6780 µs 6.7006 µs]
hmac sha3_256            time:   [5.6930 µs 5.7114 µs 5.7322 µs]

rsa with 4096 bit keys and a sha256 digest is our current default. the
test itself consists of a single sign + verification cycle. criterion
repeats this test as it sees fit to arrive at the above numbers.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:36 +02:00
Stefan Sterz
09d31a1a8b auth-api: move to Ed25519 signatures
previously we used P-256 as the curve of our choice for ec signatures.
however, in the meantime Ed25519 has become a lot more wide-spread.
this simplifies our ec generation code significantly while keeping the
same security level. Ed25519 was also specifically designed and
reviewed to avoid implementation errors likely making it a more secure
choice

note that Ed25519 as a signature scheme always uses sha512, so signing
or verifying with a chosen digest is not supported.

as this mostly affects newly generated keys, this should not break any
existing setups.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:35 +02:00
Stefan Sterz
8e566591d5 auth-api: move signing into the private key
this commit moves the current ticket signing code into the private key
implementation. the upside is that the caller does not need to deal
with openssl's `Signer` directly. it also simplifies and unifies the
code by using the same helper for verifying a signature and creating it.

also derive `Clone` on `PrivateKey` and `PublicKey`. as they are
essentially thin wrappers around `openssl::pkey::PKey<Private>` and
`openssl::pkey::PKey<Public>`, which can be cloned, deriving `Clone`
just makes them easier to use.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:33 +02:00
Thomas Lamprecht
863d760340 auth-api: bump version to 0.3.5
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-24 21:22:33 +02:00
Thomas Lamprecht
d73eb3dcf1 tree-wide: run cargo fmt
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-03-25 17:04:17 +01:00
Christoph Heiss
0475421498 auth-api: implement Display for Realm{, Ref}
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
2024-03-25 17:03:27 +01:00
Wolfgang Bumiller
2c2783451f bump proxmox-auth-api to 0.3.4
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-03-19 11:09:49 +01:00
Dietmar Maurer
a6f1b36fa6 proxmox-auth-api: use const_format to define static strings
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2024-03-18 10:19:48 +01:00
Wolfgang Bumiller
d9b783f1a8 bump proxmox-auth-api to 0.3.3
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-02-02 14:01:57 +01:00
Wolfgang Bumiller
3932e5bedf bump proxmox-auth-api to 0.3.2
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-11-27 14:46:59 +01:00
Wolfgang Bumiller
d951b3329f bump proxmox-auth-api to 0.3.1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-07-24 11:03:49 +02:00
Wolfgang Bumiller
4ca8dbf74f auth-api: fixup examples
These were missing the new client-ip parameter in the auth
function calls which was introduced to support `PAM_RHOST`.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-07-10 09:06:35 +02:00
Wolfgang Bumiller
ba39c5f990 auth-api: bump d/control
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-14 13:50:29 +02:00
Wolfgang Bumiller
cc091c4fe5 bump proxmox-auth-api to 0.3.0
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-14 09:55:31 +02:00
Wolfgang Bumiller
a228a22918 auth-api: set PAM_RHOST during pam authentication
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-14 09:32:03 +02:00
Wolfgang Bumiller
8f08039e7e auth-api: drop pam crate
it's too limited

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-14 08:51:43 +02:00
Wolfgang Bumiller
4508c8b23c add some missing d/source/format files
For crates which already used (native) versioning.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-02 08:44:50 +02:00
Wolfgang Bumiller
e5ff0dc40b bump proxmox-auth-api to 0.2.0-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-05-23 13:02:51 +02:00
Wolfgang Bumiller
8f8d52f148 update d/copyright files to debian copyright-format 1.0
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-05-23 13:02:39 +02:00
Wolfgang Bumiller
76ac1a3903 bump proxmox-tfa to 4.0.0-1, auth-api to 0.1.1-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-05-10 10:43:21 +02:00
Wolfgang Bumiller
4324aea004 auth-api: update to new tfa crate
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-05-10 10:43:21 +02:00
Wolfgang Bumiller
32e7d3ccdf bump proxmox-auth-api to 0.1.0-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-03-02 16:44:35 +01:00
Wolfgang Bumiller
1bccff7e68 auth-api: make example require pam-authenticator
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-03-02 16:44:35 +01:00
Wolfgang Bumiller
5349ae208b add proxmox-auth-api crate
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-03-02 16:44:35 +01:00