summaryrefslogtreecommitdiff
path: root/enc.conf.in
diff options
context:
space:
mode:
authorDimitri Staessens <dimitri@ouroboros.rocks>2026-06-11 10:03:14 +0000
committerSander Vrijders <sander@ouroboros.rocks>2026-06-29 08:32:58 +0200
commit67c55d5869d5473e5139614637f31ea37746181d (patch)
treeacc2ace032eca6eaac1110d323d6f809bb8eb364 /enc.conf.in
parentf5b15630d20acc893e3000f248f03185763f24b0 (diff)
downloadouroboros-67c55d5869d5473e5139614637f31ea37746181d.tar.gz
ouroboros-67c55d5869d5473e5139614637f31ea37746181d.zip
irmd: Specify peer authentication contract
OAP accepted requests and responses without a certificate even when the peer was expected to authenticate. An on-path attacker could strip the certificate and signature from a flow allocation response and substitute its own key exchange, silently downgrading the handshake to unauthenticated. Add an auth=required|optional policy to enc.conf, enforced per role: a client config requires the server to present a valid certificate, a server config requires the same from the client. Default is required for client side (https), optional server side. The client side default can be changed via OAP_CLIENT_AUTH_DEFAULT for testing. Replace the bare 'none' keyword with encryption=none, which disables encryption only: the digest and the authentication policy are kept, so authenticated but unencrypted flows can be configured. Configs using bare 'none' are now rejected. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
Diffstat (limited to 'enc.conf.in')
-rw-r--r--enc.conf.in23
1 files changed, 21 insertions, 2 deletions
diff --git a/enc.conf.in b/enc.conf.in
index 8f91d717..17b480c1 100644
--- a/enc.conf.in
+++ b/enc.conf.in
@@ -22,7 +22,8 @@
# cipher=<cipher> Symmetric cipher algorithm
# kdf=<hash> Key derivation function hash algorithm
# kem_mode=<mode> KEM encapsulation mode (server or client)
-# none Explicitly disable encryption
+# auth=<policy> Peer authentication policy (required or optional)
+# encryption=none Explicitly disable encryption
#
# Supported KEX algorithms (kex=):
# --------------------------------
@@ -76,6 +77,20 @@
# blake2b512 BLAKE2b-512
# blake2s256 BLAKE2s-256
#
+# Peer Authentication (auth=):
+# ----------------------------
+#
+# optional Accept unauthenticated peers
+# required Reject peers that do not present a valid certificate
+#
+# This setting applies to the *peer*: in a client config it requires
+# the server to authenticate; in a server config it requires the
+# client. The defaults mirror the web: a client config defaults to
+# required (the server must authenticate), a server config defaults
+# to optional (client authentication is opt-in). Set auth=required on
+# the server too for mutual authentication. Combine encryption=none
+# with auth=required for authenticated but unencrypted flows.
+#
# KEM Mode (kem_mode=):
# ---------------------
#
@@ -147,4 +162,8 @@ kdf=sha256
# kdf=sha512
#
# Disable encryption:
-# none
+# encryption=none
+#
+# Authentication required, no encryption:
+# encryption=none
+# auth=required