Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls: api to change tls ticket keys #1465

Closed
silverwind opened this issue Apr 18, 2015 · 12 comments
Closed

tls: api to change tls ticket keys #1465

silverwind opened this issue Apr 18, 2015 · 12 comments
Labels
feature request Issues that request new features to be added to Node.js. tls Issues and PRs related to the tls subsystem.

Comments

@silverwind
Copy link
Contributor

As discussed briefly in #1462. Here's the relevant section from rfc5077:

   o  The keys should be changed regularly.

   o  The keys should be changed if the ticket format or cryptographic
      protection algorithms change.

For the first point, we need an api (a function?) to change the ticket keys. For the second part, I'm not sure, can these conditions happen?
@silverwind silverwind added the tls Issues and PRs related to the tls subsystem. label Apr 18, 2015
@silverwind
Copy link
Contributor Author

cc: @indutny

@silverwind
Copy link
Contributor Author

Also related: The docs don't state how long the default sessionTimeout is, if there's any (I hope so).

@silverwind
Copy link
Contributor Author

Another docs issue: What if ticketKeys isn't provided, will the keys be auto-generated in that case?

@indutny
Copy link
Member

indutny commented Apr 18, 2015

Yep, they will be auto-generated.

@silverwind
Copy link
Contributor Author

One thing to keep in mind is that changing the ticket key will invalidate all tickets offered before this point in time. I think the ticketKeys API would need to be extended to take an array of past and present keys to be able to decrypt old but valid tickets.

@indutny
Copy link
Member

indutny commented Apr 20, 2015

@silverwind I doubt OpenSSL will allow it. Actually, it is considered a normal behaviour. Old tickets are invalidated, the clients will have new tickets once they'll connect to the server.

@silverwind
Copy link
Contributor Author

Well, I'm not sure yet how, but Cloudflare seems to be able to match a ticket to the corresponding key:

https://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/#sessionticketresumption

Also we set the session ticket lifetime hint to be 18 hours, the same value for SSL session timeout. Each server also keeps ticket keys for the past 18 hours for ticket decryption.

@indutny
Copy link
Member

indutny commented Apr 20, 2015

cc @grittygrease: some trade secret? ;)

@silverwind
Copy link
Contributor Author

I think you might be able to store a timestamp and a hash of each encrypted ticket. With that you could map to the corresponding old key and decrypt the ticket with that. I think such functionality would be best left to user modules, but we should give them this option.

@grittygrease
Copy link

@indutny We do it in Lua with https://github.com/openresty, it has not been open sourced at this point in time.

@silverwind
Copy link
Contributor Author

Actually, it is considered a normal behaviour. Old tickets are invalidated, the clients will have new tickets once they'll connect to the server.

That kind of defeats the purpose of tickets in the case where you rotate keys faster than the lifetime of tickets. I still have to check out tickets in Wireshark if they contain any hints to which key was used to encrypt them, but doubt there is any.

@brendanashworth brendanashworth added the feature request Issues that request new features to be added to Node.js. label May 5, 2015
@indutny indutny mentioned this issue Jul 22, 2015
Closed
@indutny
Copy link
Member

indutny commented Jul 22, 2015

I finally made it: #2227

indutny added a commit to indutny/io.js that referenced this issue Jul 22, 2015
@indutny
tls: getTicketKeys()/setTicketKeys()
0e85e6d 
Introduce two new APIs for getting/settings the TLS Server Ticket Keys.

Fix: nodejs#1465
indutny added a commit that referenced this issue Jul 23, 2015
@indutny
tls: add getTicketKeys()/setTicketKeys()
e11fc67 
Introduce two new APIs for getting/settings the TLS Server Ticket Keys.

Fix: #1465
PR-URL: #2227
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@indutny indutny closed this as completed Jul 24, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request Issues that request new features to be added to Node.js. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@silverwind @indutny @brendanashworth @grittygrease