Haproxy: ssl_c_sha256

Created on 17 Jun 2019  路  7Comments  路  Source: haproxy/haproxy

Output of haproxy -vv and uname -a

Re haproxy -vv: N/A - not using haproxy in part due to not having this feature

Linux ip-172-31-23-135.ec2.internal 4.14.121-109.96.amzn2.x86_64 #1 SMP Wed May 22 16:54:10 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

What should haproxy do differently? Which functionality do you think we should add?

Extend layer 5 sample fetch methods; add ssl_c_sha256 as an alternative to ssl_c_sha1. The ever greater weakness of SHA1 should make the need for this self explanatory.

What are you trying to do?

Check client certificates in a proxied application using the DER hash value. Presently using nginx which also can only provide the SHA1 hash value of the client certificate. So I forward the entire client certificate, which is often a rather large and awkward chunk of data to be passing around using headers. Since haproxy can do no better I am not compelled to convert.

fixed feature

Most helpful comment

The patch will be included in HAProxy 2.1. I guess it can be trivially applied to 2.0 if you are willing to compile your own HAProxy.

All 7 comments

This adds a converter for the SHA-2 family, supporting SHA-224, SHA-256
SHA-384 and SHA-512.

The converter relies on the OpenSSL implementation, thus only being available
when HAProxy is compiled with USE_OPENSSL.

See GitHub issue #123. The hypothetical ssl_?_sha256 fetch can then be
simulated using ssl_?_der,sha2(256):

http-response set-header Server-Cert-FP %[ssl_f_der,sha2(256),hex]

doc/configuration.txt | 12 ++++++-
reg-tests/converter/sha2.vtc | 60 ++++++++++++++++++++++++++++++++
src/sample.c | 67 ++++++++++++++++++++++++++++++++++++
3 files changed, 138 insertions(+), 1 deletion(-)
create mode 100644 reg-tests/converter/sha2.vtc

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 3e402fb92..2a09bab61 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -14086,9 +14086,19 @@ set-var()
contain characters 'a-z', 'A-Z', '0-9', '.' and '_'.

sha1
- Converts a binary input sample to a SHA1 digest. The result is a binary
+ Converts a binary input sample to a SHA-1 digest. The result is a binary
sample with length of 20 bytes.

+sha2([])

  • Converts a binary input sample to a digest in the SHA-2 family. The result
  • is a binary sample with length of /8 bytes.
    +
  • Valid values for are 224, 256, 384, 512, each corresponding to
  • SHA-. The default value is 256.
    +
  • Please note that this converter is only available when haproxy has been
  • compiled with USE_OPENSSL.
    +
    strcmp()
    Compares the contents of with the input value of type string. Returns
    the result as a signed integer compatible with strcmp(3): 0 if both strings
    diff --git a/reg-tests/converter/sha2.vtc b/reg-tests/converter/sha2.vtc
    new file mode 100644
    index 000000000..0354b0a20
    --- /dev/null
    +++ b/reg-tests/converter/sha2.vtc
    @@ -0,0 +1,60 @@
    +varnishtest "sha2 converter Test"
    +
    +#REQUIRE_VERSION=2.1
    +#REQUIRE_OPTION=OPENSSL
    +
    +feature ignore_unknown_macro
    +
    +server s1 {
  • rxreq
  • txresp
    +} -repeat 3 -start
    +
    +haproxy h1 -conf {
  • defaults
  • mode http
  • timeout connect 1s
  • timeout client 1s
  • timeout server 1s
    +
  • frontend fe
  • bind "fd@${fe}"
    +
  • #### requests
  • http-request set-var(txn.hash) req.hdr(hash)
    +
  • http-response set-header SHA2 "%[var(txn.hash),sha2,hex,lower]"
  • http-response set-header SHA2-224 "%[var(txn.hash),sha2(224),hex,lower]"
  • http-response set-header SHA2-256 "%[var(txn.hash),sha2(256),hex,lower]"
  • http-response set-header SHA2-384 "%[var(txn.hash),sha2(384),hex,lower]"
  • http-response set-header SHA2-512 "%[var(txn.hash),sha2(512),hex,lower]"
  • http-response set-header SHA2-invalid "%[var(txn.hash),sha2(1),hex,lower]"
    +
  • default_backend be
    +
  • backend be
  • server s1 ${s1_addr}:${s1_port}
    +} -start
    +
    +client c1 -connect ${h1_fe_sock} {
  • txreq -url "/" \
  • -hdr "Hash: 1"
  • rxresp
  • expect resp.status == 200
  • expect resp.http.sha2 == "6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b"
  • expect resp.http.sha2-224 == "e25388fde8290dc286a6164fa2d97e551b53498dcbf7bc378eb1f178"
  • expect resp.http.sha2-256 == "6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b"
  • expect resp.http.sha2-384 == "47f05d367b0c32e438fb63e6cf4a5f35c2aa2f90dc7543f8a41a0f95ce8a40a313ab5cf36134a2068c4c969cb50db776"
  • expect resp.http.sha2-512 == "4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a"
  • expect resp.http.sha2-invalid == ""
  • txreq -url "/" \
  • -hdr "Hash: 2"
  • rxresp
  • expect resp.status == 200
  • expect resp.http.sha2 == "d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35"
  • expect resp.http.sha2-224 == "58b2aaa0bfae7acc021b3260e941117b529b2e69de878fd7d45c61a9"
  • expect resp.http.sha2-256 == "d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35"
  • expect resp.http.sha2-384 == "d063457705d66d6f016e4cdd747db3af8d70ebfd36badd63de6c8ca4a9d8bfb5d874e7fbd750aa804dcaddae7eeef51e"
  • expect resp.http.sha2-512 == "40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114"
  • expect resp.http.sha2-invalid == ""
    +} -run
    diff --git a/src/sample.c b/src/sample.c
    index 67f59e844..96102504b 100644
    --- a/src/sample.c
    +++ b/src/sample.c
    @@ -1537,6 +1537,70 @@ static int sample_conv_sha1(const struct arg *arg_p, struct sample *smp, void *p
    return 1;
    }

+#ifdef USE_OPENSSL
+static int sample_conv_sha2(const struct arg *arg_p, struct sample *smp, void *private)
+{

  • struct buffer *trash = get_trash_chunk();
  • int bits = 256;
  • if (arg_p && arg_p->data.sint)
  • bits = arg_p->data.sint;
    +
  • switch (bits) {
  • case 224: {
  • SHA256_CTX ctx;
    +
  • memset(&ctx, 0, sizeof(ctx));
    +
  • SHA224_Init(&ctx);
  • SHA224_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
  • SHA224_Final((unsigned char *) trash->area, &ctx);
  • trash->data = SHA224_DIGEST_LENGTH;
  • break;
  • }
  • case 256: {
  • SHA256_CTX ctx;
    +
  • memset(&ctx, 0, sizeof(ctx));
    +
  • SHA256_Init(&ctx);
  • SHA256_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
  • SHA256_Final((unsigned char *) trash->area, &ctx);
  • trash->data = SHA256_DIGEST_LENGTH;
  • break;
  • }
  • case 384: {
  • SHA512_CTX ctx;
    +
  • memset(&ctx, 0, sizeof(ctx));
    +
  • SHA384_Init(&ctx);
  • SHA384_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
  • SHA384_Final((unsigned char *) trash->area, &ctx);
  • trash->data = SHA384_DIGEST_LENGTH;
  • break;
  • }
  • case 512: {
  • SHA512_CTX ctx;
    +
  • memset(&ctx, 0, sizeof(ctx));
    +
  • SHA512_Init(&ctx);
  • SHA512_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
  • SHA512_Final((unsigned char *) trash->area, &ctx);
  • trash->data = SHA512_DIGEST_LENGTH;
  • break;
  • }
  • default:
  • return 0;
  • }
    +
  • smp->data.u.str = *trash;
  • smp->data.type = SMP_T_BIN;
  • smp->flags &= ~SMP_F_CONST;
  • return 1;
    +}
    +#endif
    +
    static int sample_conv_bin2hex(const struct arg *arg_p, struct sample *smp, void *private)
    {
    struct buffer *trash = get_trash_chunk();
    @@ -3203,6 +3267,9 @@ static struct sample_conv_kw_list sample_conv_kws = {ILH, {
    { "word", sample_conv_word, ARG3(2,SINT,STR,SINT), sample_conv_field_check, SMP_T_STR, SMP_T_STR },
    { "regsub", sample_conv_regsub, ARG3(2,REG,STR,STR), sample_conv_regsub_check, SMP_T_STR, SMP_T_STR },
    { "sha1", sample_conv_sha1, 0, NULL, SMP_T_BIN, SMP_T_BIN },
    +#ifdef USE_OPENSSL
  • { "sha2", sample_conv_sha2, ARG1(0, SINT), NULL, SMP_T_BIN, SMP_T_BIN },
    +#endif
    { "concat", sample_conv_concat, ARG3(1,STR,STR,STR), smp_check_concat, SMP_T_STR, SMP_T_STR },
    { "strcmp", sample_conv_strcmp, ARG1(1,STR), smp_check_strcmp, SMP_T_STR, SMP_T_SINT },

--
2.21.0

I had expected that email in the collapsed comment to look better. Anyway @allentc I've proposed a patch to add a converter for the SHA-2 family on the mailing list: https://www.mail-archive.com/[email protected]/msg34217.html

Using this converter you would be able to achieve your desired use-case using: http-request set-header Client-Cert %[ssl_c_der,sha2(256),hex].

The patch will be included in HAProxy 2.1. I guess it can be trivially applied to 2.0 if you are willing to compile your own HAProxy.

One more haproxy convert! Thank you.

Can't find documentation related to ssl_c_sha2 in here: https://cbonte.github.io/haproxy-dconv/2.3/configuration.html
in 2.2 configuration documentation. If missing, can we have the fix documented please? Thanks!

That's because "ssl_c_sha2" doesn't exist. You have to use ssl_c_der and the sha2 converter like explained by Tim.

https://cbonte.github.io/haproxy-dconv/2.3/configuration.html#ssl_c_der
https://cbonte.github.io/haproxy-dconv/2.3/configuration.html#sha2

Because this sample fetch does not exist. But there is a sha2 converter.

Was this page helpful?
0 / 5 - 0 ratings