#openstack-barbican log

13:01:41 <redrobot> #startmeeting barbican
13:01:42 <openstack> Meeting started Tue Jan 15 13:01:41 2019 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:01:43 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
13:01:46 <openstack> The meeting name has been set to 'barbican'
13:02:02 <Luzi> o/
13:02:06 <graeb> o/
13:02:39 <moguimar> o/
13:02:53 <moguimar> back from lunch just in time =D
13:03:41 <redrobot> #topic Roll Call
13:03:47 <redrobot> Courtesy ping for ade_lee hrybacki jamespage Luzi lxkong moguimar raildo rm_work xek
13:03:53 <redrobot> moguimar, nice
13:04:03 <raildo> o/
13:04:31 <redrobot> Sweet, let's get started
13:04:38 <jaosorior> o/
13:04:47 <redrobot> #topic Review action items from last week
13:05:03 <graeb> I successfully tested patch for SafeNet HSM (see https://review.openstack.org/#/c/629294/). Thank you very much for the work!
13:05:36 <redrobot> graeb, awesome!  Glad we were able to unbreak you guys
13:05:42 <graeb> Nevertheless I would like to stress one more time, that I am thinking, that generation of PKEKs with attribute CKA_SENSITIVE set to false may decreases security. As redrobot in the last meeting already mentioned, PKEKs get wrapped immediately after generation. But if my code analysis are correct, PKEKs stay in HSM memory after generation with attribute CKA_SENSITIVE set to false and will be used that way until they gets cleared out of the HSMs
13:05:42 <graeb> memory and need to be unwrapped again. Therefore setting the default for the new configuration parameter always_set_cka_sensitive to true was a good decision. Thanks again!
13:05:46 <redrobot> first action item:
13:06:02 <redrobot> redrobot to update the Barbican Wiki page
13:06:04 <redrobot> I did not do that
13:06:06 <redrobot> so let's punt
13:06:09 <redrobot> #action redrobot to update the Barbican Wiki page
13:06:30 <redrobot> Next: redrobot to ask alee about submitting the Barbican workshop to the next Summit
13:06:54 <redrobot> I did remind ade_lee that we've got the Summit CFP deadline coming up, but didn't ask about the workshop specifically
13:06:57 <redrobot> so punt!
13:07:07 <redrobot> #action redrobot to ask alee about submitting the Barbican workshop to the next Summit
13:07:38 <redrobot> graeb, I'll add an item to the agenda to talk about that
13:07:56 <graeb> redrobot, thx
13:09:22 <redrobot> ok, moving on
13:09:31 <redrobot> thanks Luzi and graeb for using the agenda etherpad
13:09:52 <redrobot> #topic Successfully tested regression fix patch for SafeNet HSM
13:10:04 <redrobot> #link https://review.openstack.org/#/c/629294/
13:10:08 <openstackgerrit> Merged openstack/barbican master: Replace tripleo-scenario002-multinode with scenario002-standalone  https://review.openstack.org/628244
13:10:44 <graeb> I was to fast, sorry, First point already mentioned. Second is, we found a new bug:  "ERROR: _get_master_key() takes exactly 3 arguments (2 given)" when executing `barbican-manage hsm rewrap_pkek`
13:11:29 <redrobot> RE: graeb's concern above
13:11:48 <redrobot> Some HSMs actually require that CKA_SENSITIVE=False when CKA_EXTRACTABLE=True
13:12:09 <redrobot> The spec is not very clear on the relationship between the two
13:12:19 <graeb> Jep. Nothing we can do
13:12:30 <redrobot> hence the disagreement between what the Safenet HSM does and what these other HSMs are doing.
13:12:44 <redrobot> ok, moving on
13:12:58 <redrobot> #topic Bug "ERROR: _get_master_key() takes exactly 3 arguments (2 given)" when executing `barbican-manage hsm rewrap_pkek` (Luzi, graeb)
13:13:20 <graeb> I think nothing more to say here?
13:13:42 <graeb> It's clearly a bug. Tested also with two different HSMs.
13:14:50 <Luzi> Safenet and Utimaco Soft HSM are the ones we test with
13:15:41 <redrobot> Yeah, sounds like we forgot to update wrap_pkek when we changed things to use configurable mechanisms
13:15:47 <redrobot> should be a striaghtforward fix
13:15:57 <redrobot> graeb, Luzi did y'all add a Story yet?
13:16:02 <graeb> No
13:16:14 <Luzi> will do it, after the meeting
13:16:26 <graeb> luzi, thx
13:17:15 <redrobot> Cool
13:17:37 <redrobot> Luzi, thanks, please post the link in the IRC channel after you open it.  I'll see about getting that fixed
13:17:49 <Luzi> redrobot, okay :)
13:18:08 <redrobot> #action Luzi to add a new story to the Barbican Storyboard for the _get_master_key() error
13:19:46 <redrobot> #topic Why do we SHA256 HMAC over a wrapped PKEK?
13:19:59 <graeb> We have problems with a HSM (emulator) from Utimaco. If a new PKEK gets generated, Barbican computes a HMAC of the wrapped PKEK (and its initialization vector) using CKM_SHA256_HMAC. Barbican throws a traceback with error CKR_MECHANISM_INVALID. We already in touch with Utimaco. One of their system engineers suggested to replace CKM_SHA256_HMAC by CKM_AES_MAC, which works. The problem now is, that the HMAC, that will be generated is just 64 bits
13:19:59 <graeb> long instead of 256 bits. So i was just wondering, whether Barbican becomes less secure because of that and that the reason for computing a HMAC of wrapped PKEKs actually is?
13:22:55 <redrobot> So, we calculate an HMAC to guarantee integrity of the data
13:23:17 <redrobot> e.g. an hmac would fail if the ciphertext for the PKEK becomes corrupted
13:23:45 <graeb> Ok, but why secure it with an Key?
13:24:37 <graeb> For integrity reasons makes sense to me. But don't know why encrypting the signature.
13:24:57 <redrobot> So, HMAC does use a key
13:25:11 <redrobot> and the signature is not sensitive material
13:25:16 <redrobot> so there's no need to encrypt that
13:27:36 <mhen> so, the difference between 256 and 64 bit HMAC is only how frequent collisions are?
13:27:45 <mhen> (sorry for barging in suddenly)
13:28:04 <redrobot> I'm not 100% on how AES HMAC works
13:28:12 <redrobot> no worries mhen
13:28:29 <redrobot> we always appreciate input from smart folks
13:28:31 <redrobot> :D
13:29:01 <graeb> So its just a compatibility issue with Utimaco HSMs. What to do about it?
13:30:51 <redrobot> graeb, yeah, we'll need to make that HMAC wrap a configurable mechanism as weel
13:30:53 <redrobot> *well
13:31:24 <graeb> Sounds good. :-D Shall I add a story?
13:32:06 <redrobot> graeb, yes, please
13:32:20 <redrobot> #action graeb to add story for making HMAC Key Wrap mechanism configurable
13:32:28 <graeb> redrobot, thanks I will do after the meeting.
13:32:42 <redrobot> #topic Failing Gates
13:32:51 <redrobot> I'm sure you noticed the gates were failing all last week.
13:33:07 <redrobot> We ended up merging a workaround yesterday
13:33:22 <redrobot> #link https://review.openstack.org/#/c/628667/
13:33:48 <redrobot> To undo the workaround we're going to need to rewrite the paging/quota tests so that there are no race conditions when run in parallel
13:34:03 <redrobot> We'll also need to figure out why grenade is failing
13:35:49 <redrobot> Maybe I should add some stories for those
13:36:07 <redrobot> #action redrobot to add stories for permanent fixes to the gate workarounds
13:36:40 <redrobot> We should be back in business now, so I'll be rebasing patches to get the patch backlog down
13:37:40 <redrobot> any questions about the workaround?
13:38:49 <redrobot> Ok, that's all the topics I had for today
13:38:56 <redrobot> any last minute topics y'all want to talk about?
13:40:35 <redrobot> I'm gonna take that as a no
13:40:45 <redrobot> thanks for coming everyone!
13:40:49 <redrobot> #endmeeting