Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Sun, Jun 21, 2020 at 7:01 PM David Gwynne wrote: > > libc has undocumented base64 encoding and decoding funtionality. this > cuts ifconfig over to using it instead of the code in libcrypto. > > whether the libc functionality should be "blessed" and documented is a > separate issue. > > ok? OK zx2c4 But, if you really want to get mega-crypto-nerd on this, we could replace it with the constant time base64 functions from wireguard-tools (I'm happy to s/gpl/mit/): https://git.zx2c4.com/wireguard-tools/tree/src/encoding.c key_{to,from}_base64 Bitsliced fixed-length base64 like this prevents potential cache timing attacks from the usual lookup table-based implementation. However, by most reasonable measures from most reasonable people, it's totally overkill.
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Sun, Jun 21, 2020 at 07:15:15PM -0600, Theo de Raadt wrote: > In that case you can also delete: > > ifconfig.c:#include indeed i can. Index: Makefile === RCS file: /cvs/src/sbin/ifconfig/Makefile,v retrieving revision 1.16 diff -u -p -r1.16 Makefile --- Makefile21 Jun 2020 12:20:06 - 1.16 +++ Makefile22 Jun 2020 01:22:20 - @@ -4,7 +4,7 @@ PROG= ifconfig SRCS= ifconfig.c brconfig.c sff.c MAN= ifconfig.8 -LDADD= -lutil -lm -lcrypto +LDADD= -lutil -lm DPADD= ${LIBUTIL} .include Index: ifconfig.c === RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v retrieving revision 1.422 diff -u -p -r1.422 ifconfig.c --- ifconfig.c 21 Jun 2020 12:20:06 - 1.422 +++ ifconfig.c 22 Jun 2020 01:22:20 - @@ -94,7 +94,6 @@ #include #include -#include #include #include @@ -5673,14 +5672,12 @@ setifpriority(const char *id, int param) * space. */ #define WG_BASE64_KEY_LEN (4 * ((WG_KEY_LEN + 2) / 3)) -#define WG_TMP_KEY_LEN (WG_BASE64_KEY_LEN / 4 * 3) #define WG_LOAD_KEY(dst, src, fn_name) do {\ - uint8_t _tmp[WG_TMP_KEY_LEN]; \ + uint8_t _tmp[WG_KEY_LEN]; int _r; \ if (strlen(src) != WG_BASE64_KEY_LEN) \ errx(1, fn_name " (key): invalid length"); \ - if (EVP_DecodeBlock(_tmp, src, \ - WG_BASE64_KEY_LEN) != WG_TMP_KEY_LEN) \ - errx(1, fn_name " (key): invalid base64"); \ + if ((_r = b64_pton(src, _tmp, sizeof(_tmp))) != sizeof(_tmp)) \ + errx(1, fn_name " (key): invalid base64 %d/%zu", _r, sizeof(_tmp)); \ memcpy(dst, _tmp, WG_KEY_LEN); \ } while (0) @@ -5899,13 +5896,15 @@ wg_status(void) if (wg_interface->i_flags & WG_INTERFACE_HAS_RTABLE) printf("\twgrtable %d\n", wg_interface->i_rtable); if (wg_interface->i_flags & WG_INTERFACE_HAS_PUBLIC) { - EVP_EncodeBlock(key, wg_interface->i_public, WG_KEY_LEN); + b64_ntop(wg_interface->i_public, WG_KEY_LEN, + key, sizeof(key)); printf("\twgpubkey %s\n", key); } wg_peer = &wg_interface->i_peers[0]; for (i = 0; i < wg_interface->i_peers_count; i++) { - EVP_EncodeBlock(key, wg_peer->p_public, WG_KEY_LEN); + b64_ntop(wg_peer->p_public, WG_KEY_LEN, + key, sizeof(key)); printf("\twgpeer %s\n", key); if (wg_peer->p_flags & WG_PEER_HAS_PSK)
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Mon, 22 Jun 2020 11:01:05 +1000 David Gwynne wrote: > libc has undocumented base64 encoding and decoding funtionality. this > cuts ifconfig over to using it instead of the code in libcrypto. > > whether the libc functionality should be "blessed" and documented is a > separate issue. > > ok? > > Index: Makefile > === > RCS file: /cvs/src/sbin/ifconfig/Makefile,v > retrieving revision 1.16 > diff -u -p -r1.16 Makefile > --- Makefile 21 Jun 2020 12:20:06 - 1.16 > +++ Makefile 21 Jun 2020 23:15:34 - > @@ -4,7 +4,7 @@ PROG= ifconfig > SRCS=ifconfig.c brconfig.c sff.c > MAN= ifconfig.8 > > -LDADD= -lutil -lm -lcrypto > +LDADD= -lutil -lm > DPADD= ${LIBUTIL} > > .include > Index: ifconfig.c > === > RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v > retrieving revision 1.422 > diff -u -p -r1.422 ifconfig.c > --- ifconfig.c21 Jun 2020 12:20:06 - 1.422 > +++ ifconfig.c21 Jun 2020 23:15:35 - > @@ -5673,14 +5673,12 @@ setifpriority(const char *id, int param) > * space. > */ > #define WG_BASE64_KEY_LEN (4 * ((WG_KEY_LEN + 2) / 3)) > -#define WG_TMP_KEY_LEN (WG_BASE64_KEY_LEN / 4 * 3) > #define WG_LOAD_KEY(dst, src, fn_name) do { > \ > - uint8_t _tmp[WG_TMP_KEY_LEN]; > \ > + uint8_t _tmp[WG_KEY_LEN]; int _r; > \ if (strlen(src) != WG_BASE64_KEY_LEN) > \ errx(1, fn_name " (key): invalid length"); > \ > - if (EVP_DecodeBlock(_tmp, src, > \ > - WG_BASE64_KEY_LEN) != WG_TMP_KEY_LEN) > \ > - errx(1, fn_name " (key): invalid base64"); > \ > + if ((_r = b64_pton(src, _tmp, sizeof(_tmp))) != > sizeof(_tmp)) \ > + errx(1, fn_name " (key): invalid base64 %d/%zu", _r, > sizeof(_tmp));\ memcpy(dst, _tmp, WG_KEY_LEN); > \ } while (0) > > @@ -5899,13 +5897,15 @@ wg_status(void) > if (wg_interface->i_flags & WG_INTERFACE_HAS_RTABLE) > printf("\twgrtable %d\n", wg_interface->i_rtable); > if (wg_interface->i_flags & WG_INTERFACE_HAS_PUBLIC) { > - EVP_EncodeBlock(key, wg_interface->i_public, > WG_KEY_LEN); > + b64_ntop(wg_interface->i_public, WG_KEY_LEN, > + key, sizeof(key)); > printf("\twgpubkey %s\n", key); > } > > wg_peer = &wg_interface->i_peers[0]; > for (i = 0; i < wg_interface->i_peers_count; i++) { > - EVP_EncodeBlock(key, wg_peer->p_public, WG_KEY_LEN); > + b64_ntop(wg_peer->p_public, WG_KEY_LEN, > + key, sizeof(key)); > printf("\twgpeer %s\n", key); > > if (wg_peer->p_flags & WG_PEER_HAS_PSK) looks good to me. - Matt
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
In that case you can also delete: ifconfig.c:#include
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Mon, 22 Jun 2020 11:01:05 +1000, David Gwynne wrote: > libc has undocumented base64 encoding and decoding funtionality. this > cuts ifconfig over to using it instead of the code in libcrypto. > > whether the libc functionality should be "blessed" and documented is a > separate issue. OK millert@ - todd
use libc base64 code instead of libcrypt for ifconfig wg key handling
libc has undocumented base64 encoding and decoding funtionality. this cuts ifconfig over to using it instead of the code in libcrypto. whether the libc functionality should be "blessed" and documented is a separate issue. ok? Index: Makefile === RCS file: /cvs/src/sbin/ifconfig/Makefile,v retrieving revision 1.16 diff -u -p -r1.16 Makefile --- Makefile21 Jun 2020 12:20:06 - 1.16 +++ Makefile21 Jun 2020 23:15:34 - @@ -4,7 +4,7 @@ PROG= ifconfig SRCS= ifconfig.c brconfig.c sff.c MAN= ifconfig.8 -LDADD= -lutil -lm -lcrypto +LDADD= -lutil -lm DPADD= ${LIBUTIL} .include Index: ifconfig.c === RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v retrieving revision 1.422 diff -u -p -r1.422 ifconfig.c --- ifconfig.c 21 Jun 2020 12:20:06 - 1.422 +++ ifconfig.c 21 Jun 2020 23:15:35 - @@ -5673,14 +5673,12 @@ setifpriority(const char *id, int param) * space. */ #define WG_BASE64_KEY_LEN (4 * ((WG_KEY_LEN + 2) / 3)) -#define WG_TMP_KEY_LEN (WG_BASE64_KEY_LEN / 4 * 3) #define WG_LOAD_KEY(dst, src, fn_name) do {\ - uint8_t _tmp[WG_TMP_KEY_LEN]; \ + uint8_t _tmp[WG_KEY_LEN]; int _r; \ if (strlen(src) != WG_BASE64_KEY_LEN) \ errx(1, fn_name " (key): invalid length"); \ - if (EVP_DecodeBlock(_tmp, src, \ - WG_BASE64_KEY_LEN) != WG_TMP_KEY_LEN) \ - errx(1, fn_name " (key): invalid base64"); \ + if ((_r = b64_pton(src, _tmp, sizeof(_tmp))) != sizeof(_tmp)) \ + errx(1, fn_name " (key): invalid base64 %d/%zu", _r, sizeof(_tmp)); \ memcpy(dst, _tmp, WG_KEY_LEN); \ } while (0) @@ -5899,13 +5897,15 @@ wg_status(void) if (wg_interface->i_flags & WG_INTERFACE_HAS_RTABLE) printf("\twgrtable %d\n", wg_interface->i_rtable); if (wg_interface->i_flags & WG_INTERFACE_HAS_PUBLIC) { - EVP_EncodeBlock(key, wg_interface->i_public, WG_KEY_LEN); + b64_ntop(wg_interface->i_public, WG_KEY_LEN, + key, sizeof(key)); printf("\twgpubkey %s\n", key); } wg_peer = &wg_interface->i_peers[0]; for (i = 0; i < wg_interface->i_peers_count; i++) { - EVP_EncodeBlock(key, wg_peer->p_public, WG_KEY_LEN); + b64_ntop(wg_peer->p_public, WG_KEY_LEN, + key, sizeof(key)); printf("\twgpeer %s\n", key); if (wg_peer->p_flags & WG_PEER_HAS_PSK)