Support building OpenVPN with AWS-LC

[smittals2]

Hello,

I’m an engineer at AWS working on AWS Libcrypto (AWS-LC), AWS’s open-source cryptographic library maintained for AWS and their customers. We have patch sets to OpenVPN 2.6.x through tip-of-main that build OpenVPN against AWS-LC’s libssl and libcrypto. We are committed to backwards compatibility and have CI jobs (here and here) asserting every change’s compatibility with many different open-source projects. We use these tests to catch compatibility regressions before they’re merged and have already added OpenVPN to our CI here.

AWS-LC supports CPU-specific performance optimizations for AWS Graviton 2, AWS Graviton 3, and Intel x86-64 with AVX-512 instructions. We’ve formally verified a subset of AWS-LC’s cryptographic primitives, and continue to invest in expanding this coverage. AWS-LC has been FIPS validated by NIST and we have 140-3 certificates for both dynamic and static builds. To give OpenVPN users a well-documented and supported way to take advantage of these investments in performance, correctness, and compliance, we would like to upstream support for AWS-LC into mainline OpenVPN. We believe that this would provide the best experience for users wishing to build OpenVPN against AWS-LC. It would also allow users to skip the (often brittle) process of maintaining and applying their own patch sets to build OpenVPN with AWS-LC.

To ensure comprehensive support for OpenVPN, we have added several key features to AWS-LC, including functionality necessary for the remote management interface. The patches provided add support for all features of OpenVPN except exposing TLS1_PRF through the EVP_PKEY API. Instead we offer an alternative codepath which is part of the patch file. If you folks agree that this integration would be useful for upstream OpenVPN, I’d be happy to put together a PR.

[schwabe]

The changes look small enough that we can pick them up.

We know the painpoint of TLS1 PRF. This is currently only needed for compability with older version as we are trying to move to TLS EKM instead. I am kind of surprised that you are able to offer TLS1 PRF with FIPS as OpenSSL does not support the SHA1-MD5 PRF with FIPS mode anymore.

As for PR, we generally prefer patches on the mailing list or in our gerrit.openvpn.net but a PR can be used for a discussionof the code in question.

What would be good for the patch is to have something like a README.aws-lc (or similar) that explains what AWS LC is and how users can build OpenVPN with it (like the README.mbedtls). Having a build in the .github/workflows/build.yaml would be also great.

[smittals2]

Thank you for the feedback, its greatly appreciated! With regards to your FIPS question, AWS-LC implements a service indicator (per section 2.4 C of the FIPS 140-3 IG - link) that indicates whether a given operation is FIPS approved. This allows us to offer both FIPS approved and non-approved algorithms in our library. This is different from OpenSSL where they disable algorithms that are not approved. For more details on the service indicator you can review our implementation here.

The focus for this PR is to add support for AWS-LC, we can look into a follow up PR to add support for the AWS-LC-FIPS build.

I have submitted 2 PRs, one with the code changes and README (link) and another to add AWS-LC to your CI (link). Once we reach consensus on the contents, I will contribute these changes via gerrit.openvpn.net. Thank you!