Add OQS to libnss (enabling loading quantum safe certificate into Chromium) about oqs-demos HOT 23 OPEN

@baentsch do you have any guidance on this?

from oqs-demos.

When running oqs-Chrome from a terminal, this error message is emitted when loading the cert above:

[1949:1949:0710/102038.438671:ERROR:nsNSSCertificateDB.cpp(89)] PK11_ImportCert failed with error -8168

This in turn to me means that Chromium uses (NSS') PKCS#11 API (store?) for maintaining certificates -- and I'm not aware of anyone who has begun to OQS-enable NSS, so a rejection of an OQS-cert seems logical. @xvzcf, @dstebila, @jschanck : Does either of you know more about NSS (an OQS-enablement thereof)? Do we know anyone at Mozilla who might be interested in this? And if NSS P11 is not the problem (to be determined), does anyone know what's implementing that API for Chromium?

@tylerleblond @taylormadehdz : Can you share what's your use case for this? We always only intended Chromium to be a demonstration, not a full-feature OQS browser integration -- but if there is serious interest, someone might look into it.

from oqs-demos.

And if NSS P11 is not the problem (to be determined), does anyone know what's implementing that API for Chromium?

Answering my own question: Looks like it's really libnss(3) (failing to) provide that functionality.

So, indeed, it seems OQS-cert import won't work in Chromium until (lib)NSS is OQS-enabled. Nothing oqs-demos/chromium can do about (short of creating a new project: Volunteers welcome :)

from oqs-demos.

Would there be a way to use a different lib for maintaining certificates?

Our use case is to migrate a chat app on one system to make it quantum safe for prototyping activities. @baentsch ... any other ideas for workarounds?

from oqs-demos.

Would there be a way to use a different lib for maintaining certificates?

(OQS-)OpenSSL handles QSC certs just fine -- but then again, chromium doesn't use OSSL by default for all I know -- although there seem to be historical traces of chromium being able to utilize OpenSSL...

Our use case is to migrate a chat app on one system to make it quantum safe for prototyping activities. @baentsch ... any other ideas for workarounds?

Loads -- but I'm constrained by not knowing whether you're free to chose the chat app to QSC-enable. If that were possible, why not look for one using openssl as transport? Next idea: Why not completely do away with application-integrated (QSC-)confidentiality and use (oqs-)SSH instead (obviously only works with a-priori known chat partners)? Third, if for some reason you are bound to chromium, changing the cert-storage to one based on OSSL may be an option -- but that may be convoluted: I never checked all chromium cert-interaction points in that regard. But then again, I don't understand why chromium uses PKCS#11 for server cert storage to begin with: Normally, one would only use that for client certs... Simple file-storage (with a validation layer) might have been sufficient....

from oqs-demos.

Okay we're pretty set on using Chromium... Here is the sitch:

Quantum safe Chromium can connect to OQS test server using the quantum safe cert
Quantum safe HA proxy can connect to OQS test server with curl
want to connect HA proxy & chromium, chromium not accept

Would we be able to use the private server cert that Chromium does recognize when connecting to OQS test server on HA Proxy? I.e., is there a way for us to download that from y'all directly to upload to our HA proxy?

About cert-interaction points:

Alternatively when you said changing cert-interaction points, that would require us to build Chromium from scratch (following directions on repo), Correct? We have been using the binary

from oqs-demos.

Would we be able to use the private server cert that Chromium does recognize when connecting to OQS test server on HA Proxy? I.e., is there a way for us to download that from y'all directly to upload to our HA proxy?

I'm not sure I understand: The CA cert at the OQS test server is plain, boring classic crypto: You can create such cert (incl. private key) yourself (and subsequently import to HAproxy, Chromium, whatever). Also, you can create CA-signed private server certs (of any kind, incl. QSC) also yourself (e.g., using the oqs-curl docker image): Why would you thus need "our" server certs?

that would require us to build Chromium from scratch (following directions on repo), Correct?

Yes (after mod'ing the source suitably). Just takes a day -- or a good many-core machine :-)

from oqs-demos.

On it :)

from oqs-demos.

@taylormadehdz : Any news on the above? I'd further suggest changing the title to "Add OQS to libnss" (tagged as future-work, help-wanted)

from oqs-demos.

Like #52 this issue is due to Chromium not using openssl but libnss for certificate management. Until there is wider or libnssupstream interest in this feature (any inside insight about this, @jschanck ?) close this issue pointing to oqs-epiphany if someone wants to use QSC certificates with a browser.

from oqs-demos.

Hello, I just wanted to reopen this issue since @taylormadehdz and I have plans to try and adjust NSS to accommodate for PQC certificates on Chromium. @baentsch, since last year have you heard of any developments to updates libnss for this feature? We've done some basic exploration of the libnss codebase, but I wanted to check with you to see if anybody has gotten anywhere so we don't replicate other efforts.

from oqs-demos.

No, I'm not aware of activities to add OQS code to libnss (but would be glad to see that happen --if only for selfish reasons of not having to add another column to the IETF PQ cert hackathon interop test matrix :). And obviously I much less know whether anyone is adding any (other) PQ cert code to libnss. In sum, by all means, let's reopen this. Thanks, @takao8 @taylormadehdz to suggest this.

from oqs-demos.

For OQS in NSS, I'm aware of this.

from oqs-demos.

For OQS in NSS, I'm aware of this.

Thanks for the information, @xvzcf ! I'm not entirely sure how to read this: Is this an integration of the OQS APIs (that would enable PQ certs, too) or rather a Cloudflare-specific code integration supporting their x25519_kyber768 KEM (only)?

If the latter, it doesn't help this issue. If the former, would it be helpful/possible for @takao8 @taylormadehdz to contribute there to move things forward more quickly?

from oqs-demos.

The PR indeed does not involve liboqs, but Robert Relyea in that comment stated that he's currently working on liboqs integration, which will give us all the NIST kyber variants [...] as well as the PQ signing algorithms, so it might be worthwhile contacting him.

from oqs-demos.

so it might be worthwhile contacting him

Absolutely. Do you know him/could touch base with him? Or do you know his github handle we could post here to get his input to this discussion?

from oqs-demos.

Absolutely. Do you know him/could touch base with him? Or do you know his github handle we could post here to get his input to this discussion?

I emailed him.

from oqs-demos.

Since Chromium is using its own root store, you may try to hard code your root CA into the Chromium source code

from oqs-demos.

Since Chromium is using its own root store, you may try to hard code your root CA into the Chromium source code

Thanks for the pointer. How would this solve the issue of quantum safe server certificates/chains not being verifiable in Chromium, though? Isn't libnss still providing the code for this logic? If this code is not PQ-enabled, shouldn't verification fail right away -- before even hitting the root cert?

from oqs-demos.

Thanks for the pointer. How would this solve the issue of quantum safe server certificates/chains not being verifiable in Chromium, though? Isn't libnss still providing the code for this logic? If this code is not PQ-enabled, shouldn't verification fail right away -- before even hitting the root cert?

The webpage I linked above explicitly mentions

Historically, Chrome integrated certificate verification processes with
the platform on which it was running. This resulted in inconsistent user
experiences across platforms, while also making it difficult for
developers to understand Chrome's expected behavior. ... Once complete,
the launch of the Chrome Certificate Verifier will ensure users have a
consistent experience across platforms, that developers have a
consistent understanding of Chrome‘s behavior, and that Chrome better
protects the security and privacy of users’ connections to websites.

So I think if the root certificate is in Chrome Root Store, then libnss is not providing the code for this logic; instead, the Chrome Certificate Verifier will build and verify the certificate chain.

In PR #210 , we provided a way to make Chrome Certificate Verifier able to verify quantum safe server certificates/chains.

from oqs-demos.

@xvzcf @baentsch Should we close this issue since Chrome is using Chrome Certificate Verifier and Chrome Root Store now? Especially Chrome dropped libnss chromium/chromium@9942b74

from oqs-demos.

is there a new issue recently with acceptance of CA certs in Chrome 124.0.6367.91
Im getting the error: [29771:29771:0429/142921.004838:ERROR:nsNSSCertificateDB.cpp(95)] PK11_ImportCert failed with error -8168

from oqs-demos.

is there a new issue recently with acceptance of CA certs in Chrome 124.0.6367.91 Im getting the error: [29771:29771:0429/142921.004838:ERROR:nsNSSCertificateDB.cpp(95)] PK11_ImportCert failed with error -8168

Are you importing a CA that uses quantum-safe algorithms? If yes, then this is expected.

from oqs-demos.