[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #33069 [Core Tor/Tor]: Init sk if loaded from service blob to be on the curve

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #33069 [Core Tor/Tor]: Init sk if loaded from service blob to be on the curve
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 28 Jan 2020 18:15:58 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 28 Jan 2020 13:16:08 -0500
In-reply-to: <047.d8c51eb227aca4c4ae140b963ca97f2d@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.d8c51eb227aca4c4ae140b963ca97f2d@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#33069: Init sk if loaded from service blob to be on the curve
--------------------------+------------------------------------
 Reporter:  saibato       |          Owner:  (none)
     Type:  enhancement   |         Status:  needs_review
 Priority:  Medium        |      Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Trivial       |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by saibato):

 **Alternative fix:**


 {{{
 diff --git a/src/ext/ed25519/donna/ed25519_tor.c
 b/src/ext/ed25519/donna/ed25519_tor.c
 index 7f5ab398d..2ca5707ef 100644
 --- a/src/ext/ed25519/donna/ed25519_tor.c
 +++ b/src/ext/ed25519/donna/ed25519_tor.c
 @@ -173,9 +173,16 @@ ed25519_donna_pubkey(unsigned char *pk, const
 unsigned char *sk)
  {
    bignum256modm a = {0};
    ge25519 ALIGN(16) A = {{0}, {0}, {0}, {0}};
 +  curved25519_key skc;
 +
 +  /* clamp */
 +  for (int i = 0; i < 32; i++) skc[i] = sk[i];
 +  skc[0] &= 248;
 +  skc[31] &= 127;
 +  skc[31] |= 64;

    /* A = aB */
 -  expand256_modm(a, sk, 32);
 +  expand256_modm(a, skc, 32);
    ge25519_scalarmult_base_niels(&A, ge25519_niels_base_multiples, a);
    ge25519_pack(pk, &A);


 }}}

 **or the tested QAD fix in hs_service.**


 {{{
 diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
 index 81b37eab4..69bd406f6 100644
 --- a/src/feature/hs/hs_service.c
 +++ b/src/feature/hs/hs_service.c
 @@ -3548,6 +3548,12 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk,
 smartlist_t *ports,

    /* Handle the keys. */
    memcpy(&service->keys.identity_sk, sk,
 sizeof(service->keys.identity_sk));
 +
 +  /*QAD make sure the key is clamped */
 +  service->keys.identity_sk.seckey[0] &= 248;
 +  service->keys.identity_sk.seckey[31] &= 127;
 +  service->keys.identity_sk.seckey[31] |= 64;
 +
    if (ed25519_public_key_generate(&service->keys.identity_pk,
                                    &service->keys.identity_sk) < 0) {
      log_warn(LD_CONFIG, "Unable to generate ed25519 public key"

 }}}


 **Or just check and return error**



 {{{
 diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
 index 81b37eab4..4e47d0560 100644
 --- a/src/feature/hs/hs_service.c
 +++ b/src/feature/hs/hs_service.c
 @@ -3548,6 +3548,15 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk,
 smartlist_t *ports,

    /* Handle the keys. */
    memcpy(&service->keys.identity_sk, sk,
 sizeof(service->keys.identity_sk));
 +
 +  /* Make sure the key is clamped */
 +  if ((sk->seckey[0] & 7) || (sk->seckey[31] & 128) || !(sk->seckey[31] &
 64)) {
 +    log_warn(LD_CONFIG, "Unable to generate ed25519 public key, key is
 not clamped "
 +                        "for v3 service.";
 +    ret = RSAE_BADPRIVKEY;
 +    goto err;
 +  }
 +
    if (ed25519_public_key_generate(&service->keys.identity_pk,
                                    &service->keys.identity_sk) < 0) {
      log_warn(LD_CONFIG, "Unable to generate ed25519 public key"


 }}}

 ----------------------------------------------------------------------------

 Anyway there is always a better way.
 But some change should be done timely,
 Pls mail ping for deeper reasoning that lead to this PR-

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33069#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #33069 [Core Tor/Tor]: Init sk if loaded from service blob to be on the curve
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #32726 [Metrics/Cloud]: Automate the selection of SSH key in the CloudFormation templates
Next by Author: Re: [tor-bugs] #24526 [Core Tor/Tor]: Make it clear that multi-relay operators are expected to set a working ContactInfo and proper MyFamily
Previous by thread: Re: [tor-bugs] #33069 [Core Tor/Tor]: Init sk if loaded from service blob to be on the curve
Next by thread: Re: [tor-bugs] #33069 [Core Tor/Tor]: Init sk if loaded from service blob to be on the curve
Index(es):
- Author
- Thread