Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Sun, Jun 21, 2020 at 7:01 PM David Gwynne wrote:
>
> libc has undocumented base64 encoding and decoding funtionality. this
> cuts ifconfig over to using it instead of the code in libcrypto.
>
> whether the libc functionality should be "blessed" and documented is a
> separate issue.
>
> ok?
OK zx2c4
But, if you really want to get mega-crypto-nerd on this, we could
replace it with the constant time base64 functions from
wireguard-tools (I'm happy to s/gpl/mit/):
https://git.zx2c4.com/wireguard-tools/tree/src/encoding.c key_{to,from}_base64
Bitsliced fixed-length base64 like this prevents potential cache
timing attacks from the usual lookup table-based implementation.
However, by most reasonable measures from most reasonable people, it's
totally overkill.
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Sun, Jun 21, 2020 at 07:15:15PM -0600, Theo de Raadt wrote:
> In that case you can also delete:
>
> ifconfig.c:#include
indeed i can.
Index: Makefile
===
RCS file: /cvs/src/sbin/ifconfig/Makefile,v
retrieving revision 1.16
diff -u -p -r1.16 Makefile
--- Makefile21 Jun 2020 12:20:06 - 1.16
+++ Makefile22 Jun 2020 01:22:20 -
@@ -4,7 +4,7 @@ PROG= ifconfig
SRCS= ifconfig.c brconfig.c sff.c
MAN= ifconfig.8
-LDADD= -lutil -lm -lcrypto
+LDADD= -lutil -lm
DPADD= ${LIBUTIL}
.include
Index: ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.422
diff -u -p -r1.422 ifconfig.c
--- ifconfig.c 21 Jun 2020 12:20:06 - 1.422
+++ ifconfig.c 22 Jun 2020 01:22:20 -
@@ -94,7 +94,6 @@
#include
#include
-#include
#include
#include
@@ -5673,14 +5672,12 @@ setifpriority(const char *id, int param)
* space.
*/
#define WG_BASE64_KEY_LEN (4 * ((WG_KEY_LEN + 2) / 3))
-#define WG_TMP_KEY_LEN (WG_BASE64_KEY_LEN / 4 * 3)
#define WG_LOAD_KEY(dst, src, fn_name) do {\
- uint8_t _tmp[WG_TMP_KEY_LEN]; \
+ uint8_t _tmp[WG_KEY_LEN]; int _r; \
if (strlen(src) != WG_BASE64_KEY_LEN) \
errx(1, fn_name " (key): invalid length"); \
- if (EVP_DecodeBlock(_tmp, src, \
- WG_BASE64_KEY_LEN) != WG_TMP_KEY_LEN) \
- errx(1, fn_name " (key): invalid base64"); \
+ if ((_r = b64_pton(src, _tmp, sizeof(_tmp))) != sizeof(_tmp))
\
+ errx(1, fn_name " (key): invalid base64 %d/%zu", _r,
sizeof(_tmp)); \
memcpy(dst, _tmp, WG_KEY_LEN); \
} while (0)
@@ -5899,13 +5896,15 @@ wg_status(void)
if (wg_interface->i_flags & WG_INTERFACE_HAS_RTABLE)
printf("\twgrtable %d\n", wg_interface->i_rtable);
if (wg_interface->i_flags & WG_INTERFACE_HAS_PUBLIC) {
- EVP_EncodeBlock(key, wg_interface->i_public, WG_KEY_LEN);
+ b64_ntop(wg_interface->i_public, WG_KEY_LEN,
+ key, sizeof(key));
printf("\twgpubkey %s\n", key);
}
wg_peer = _interface->i_peers[0];
for (i = 0; i < wg_interface->i_peers_count; i++) {
- EVP_EncodeBlock(key, wg_peer->p_public, WG_KEY_LEN);
+ b64_ntop(wg_peer->p_public, WG_KEY_LEN,
+ key, sizeof(key));
printf("\twgpeer %s\n", key);
if (wg_peer->p_flags & WG_PEER_HAS_PSK)
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Mon, 22 Jun 2020 11:01:05 +1000
David Gwynne wrote:
> libc has undocumented base64 encoding and decoding funtionality. this
> cuts ifconfig over to using it instead of the code in libcrypto.
>
> whether the libc functionality should be "blessed" and documented is a
> separate issue.
>
> ok?
>
> Index: Makefile
> ===
> RCS file: /cvs/src/sbin/ifconfig/Makefile,v
> retrieving revision 1.16
> diff -u -p -r1.16 Makefile
> --- Makefile 21 Jun 2020 12:20:06 - 1.16
> +++ Makefile 21 Jun 2020 23:15:34 -
> @@ -4,7 +4,7 @@ PROG= ifconfig
> SRCS=ifconfig.c brconfig.c sff.c
> MAN= ifconfig.8
>
> -LDADD= -lutil -lm -lcrypto
> +LDADD= -lutil -lm
> DPADD= ${LIBUTIL}
>
> .include
> Index: ifconfig.c
> ===
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> retrieving revision 1.422
> diff -u -p -r1.422 ifconfig.c
> --- ifconfig.c21 Jun 2020 12:20:06 - 1.422
> +++ ifconfig.c21 Jun 2020 23:15:35 -
> @@ -5673,14 +5673,12 @@ setifpriority(const char *id, int param)
> * space.
> */
> #define WG_BASE64_KEY_LEN (4 * ((WG_KEY_LEN + 2) / 3))
> -#define WG_TMP_KEY_LEN (WG_BASE64_KEY_LEN / 4 * 3)
> #define WG_LOAD_KEY(dst, src, fn_name) do {
> \
> - uint8_t _tmp[WG_TMP_KEY_LEN];
> \
> + uint8_t _tmp[WG_KEY_LEN]; int _r;
> \ if (strlen(src) != WG_BASE64_KEY_LEN)
> \ errx(1, fn_name " (key): invalid length");
> \
> - if (EVP_DecodeBlock(_tmp, src,
> \
> - WG_BASE64_KEY_LEN) != WG_TMP_KEY_LEN)
> \
> - errx(1, fn_name " (key): invalid base64");
> \
> + if ((_r = b64_pton(src, _tmp, sizeof(_tmp))) !=
> sizeof(_tmp)) \
> + errx(1, fn_name " (key): invalid base64 %d/%zu", _r,
> sizeof(_tmp));\ memcpy(dst, _tmp, WG_KEY_LEN);
> \ } while (0)
>
> @@ -5899,13 +5897,15 @@ wg_status(void)
> if (wg_interface->i_flags & WG_INTERFACE_HAS_RTABLE)
> printf("\twgrtable %d\n", wg_interface->i_rtable);
> if (wg_interface->i_flags & WG_INTERFACE_HAS_PUBLIC) {
> - EVP_EncodeBlock(key, wg_interface->i_public,
> WG_KEY_LEN);
> + b64_ntop(wg_interface->i_public, WG_KEY_LEN,
> + key, sizeof(key));
> printf("\twgpubkey %s\n", key);
> }
>
> wg_peer = _interface->i_peers[0];
> for (i = 0; i < wg_interface->i_peers_count; i++) {
> - EVP_EncodeBlock(key, wg_peer->p_public, WG_KEY_LEN);
> + b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> + key, sizeof(key));
> printf("\twgpeer %s\n", key);
>
> if (wg_peer->p_flags & WG_PEER_HAS_PSK)
looks good to me.
- Matt
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
In that case you can also delete: ifconfig.c:#include
Re: use libc base64 code instead of libcrypt for ifconfig wg key handling
On Mon, 22 Jun 2020 11:01:05 +1000, David Gwynne wrote: > libc has undocumented base64 encoding and decoding funtionality. this > cuts ifconfig over to using it instead of the code in libcrypto. > > whether the libc functionality should be "blessed" and documented is a > separate issue. OK millert@ - todd
use libc base64 code instead of libcrypt for ifconfig wg key handling
libc has undocumented base64 encoding and decoding funtionality. this
cuts ifconfig over to using it instead of the code in libcrypto.
whether the libc functionality should be "blessed" and documented is a
separate issue.
ok?
Index: Makefile
===
RCS file: /cvs/src/sbin/ifconfig/Makefile,v
retrieving revision 1.16
diff -u -p -r1.16 Makefile
--- Makefile21 Jun 2020 12:20:06 - 1.16
+++ Makefile21 Jun 2020 23:15:34 -
@@ -4,7 +4,7 @@ PROG= ifconfig
SRCS= ifconfig.c brconfig.c sff.c
MAN= ifconfig.8
-LDADD= -lutil -lm -lcrypto
+LDADD= -lutil -lm
DPADD= ${LIBUTIL}
.include
Index: ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.422
diff -u -p -r1.422 ifconfig.c
--- ifconfig.c 21 Jun 2020 12:20:06 - 1.422
+++ ifconfig.c 21 Jun 2020 23:15:35 -
@@ -5673,14 +5673,12 @@ setifpriority(const char *id, int param)
* space.
*/
#define WG_BASE64_KEY_LEN (4 * ((WG_KEY_LEN + 2) / 3))
-#define WG_TMP_KEY_LEN (WG_BASE64_KEY_LEN / 4 * 3)
#define WG_LOAD_KEY(dst, src, fn_name) do {\
- uint8_t _tmp[WG_TMP_KEY_LEN]; \
+ uint8_t _tmp[WG_KEY_LEN]; int _r; \
if (strlen(src) != WG_BASE64_KEY_LEN) \
errx(1, fn_name " (key): invalid length"); \
- if (EVP_DecodeBlock(_tmp, src, \
- WG_BASE64_KEY_LEN) != WG_TMP_KEY_LEN) \
- errx(1, fn_name " (key): invalid base64"); \
+ if ((_r = b64_pton(src, _tmp, sizeof(_tmp))) != sizeof(_tmp))
\
+ errx(1, fn_name " (key): invalid base64 %d/%zu", _r,
sizeof(_tmp)); \
memcpy(dst, _tmp, WG_KEY_LEN); \
} while (0)
@@ -5899,13 +5897,15 @@ wg_status(void)
if (wg_interface->i_flags & WG_INTERFACE_HAS_RTABLE)
printf("\twgrtable %d\n", wg_interface->i_rtable);
if (wg_interface->i_flags & WG_INTERFACE_HAS_PUBLIC) {
- EVP_EncodeBlock(key, wg_interface->i_public, WG_KEY_LEN);
+ b64_ntop(wg_interface->i_public, WG_KEY_LEN,
+ key, sizeof(key));
printf("\twgpubkey %s\n", key);
}
wg_peer = _interface->i_peers[0];
for (i = 0; i < wg_interface->i_peers_count; i++) {
- EVP_EncodeBlock(key, wg_peer->p_public, WG_KEY_LEN);
+ b64_ntop(wg_peer->p_public, WG_KEY_LEN,
+ key, sizeof(key));
printf("\twgpeer %s\n", key);
if (wg_peer->p_flags & WG_PEER_HAS_PSK)
