Check-in [211b96e714]
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add new method for vault key exchange
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 211b96e714f107d787b164ba7677129b1b0e0828
User & Date: bernd 2019-06-05 22:15:40
Context
2019-06-06
16:10
Fix typo check-in: 44cc61b6df user: bernd tags: trunk
2019-06-05
22:15
Add new method for vault key exchange check-in: 211b96e714 user: bernd tags: trunk
2019-06-04
23:30
A threefish-based approach at vault key storage check-in: ae70f6a3f5 user: bernd tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to crypt.fs.

    46     46       $100      uvar keydump-buf  \ buffer for dumping keys
    47     47       state2#   uvar vkey \ maximum size for session key
    48     48       state2#   uvar voutkey \ for keydump
    49     49       keysize   uvar keygendh
    50     50       keysize   uvar vpk
    51     51       keysize   uvar vsk
    52     52       tf_ctx_256 uvar tf-key
    53         -    keysize   uvar tf-in
    54     53       keysize   uvar tf-out
    55     54       $10       uvar tf-hashout
    56     55       1 64s     uvar last-mykey
    57     56       cell      uvar keytmp-up
    58     57   end-class keytmp-c
    59     58   
    60     59   user-o keybuf \ storage for secure permanent keys
................................................................................
   626    625       gen>host "host" >delete +sig$ ;
   627    626   
   628    627   \ Vault support code (generic and more compact)
   629    628   
   630    629   \ principle: use Threefish_256.
   631    630   \ block layout:
   632    631   \ 1. 32 byte ephemeral key -> use for DHE.
   633         -\ 2. 16 byte IV, used for all blocks as tweak
          632  +\ 2. 16 byte IV, used for all blocks as incrementing tweak
   634    633   \ 3. 16 byte hash, to check for success
   635         -\ 4. 32 byte each blocks, decrypted by DHE+tweak
          634  +\ 4. 32 byte each blocks, decrypted by DHE+tweak in ECB mode
   636    635   
   637    636   : >vdhe ( addr -- )  sk@ drop swap tf-key tf_ctx_256-key ed-dh 2drop ;
   638    637   : >viv  ( addr -- )  tf-key tf_ctx_256-tweak $10 move ;
   639    638   : v-dec-loop ( addr u -- session-key u / 0 0 )
   640    639       over { chk } $10 /string  $C { mode }
   641    640       bounds U+DO
   642    641   	tf-key I tf-out mode tf_decrypt_256
   643    642   	c:0key tf-out keysize c:hash tf-hashout $10 c:hash@
   644    643   	tf-hashout $10 chk over str= IF
   645    644   	    tf-out keysize  unloop  EXIT  THEN
   646         -	0 to mode
          645  +	tf-key tf_tweak256++
          646  +	4 to mode
   647    647       keysize +LOOP  0 0 ;
   648    648   : v-dec$ ( addr u -- session-key u / 0 0 )
   649    649       over >vdhe keysize /string
   650    650       over >viv  $10 /string
   651    651       v-dec-loop ;
   652    652   
   653    653   : vdhe ( -- )  vsk vpk ed-keypair  vpk keysize type ;
   654    654   : viv  ( -- )  $10 rng$ 2dup type  tf-key tf_ctx_256-tweak swap move ;
   655    655   : vsessionkey ( -- )
   656         -    keysize rng$ tf-in swap move
   657         -    c:0key tf-in keysize c:hash tf-hashout $10 2dup c:hash@ type ;
          656  +    keysize rng$ vkey state# move-rep
          657  +    c:0key vkey keysize c:hash tf-hashout $10 2dup c:hash@ type ;
   658    658   : v-enc-loop ( keylist -- )
   659    659       [:  drop vsk swap tf-key tf_ctx_256-key ed-dh 2drop
   660         -	tf-key tf-in tf-out $C tf_encrypt_256
          660  +	tf-key vkey tf-out $C tf_encrypt_256
   661    661   	tf-out keysize type
          662  +	tf-key tf_tweak256++
   662    663       ;] $[]map ;
   663    664   : v-enc-gen ( keylist -- )
   664    665       vdhe viv vsessionkey v-enc-loop ;
   665    666   : v-enc$ ( keylist -- addr u )
   666    667       ['] v-enc-gen $tmp ;
   667    668   
   668    669   \\\

Changes to debugging.fs.

    78     78   debug: quicksig( \ quick check for sigs
    79     79   debug: slurp( \ debug slurp&spit
    80     80   debug: wallet( \ debug wallet stuff
    81     81   debug: qr( \ qr code stuff
    82     82   debug: deprecated( \ deprecated stuff
    83     83   debug: unhandled( \ unhandled commands
    84     84   debug: syncfile( \ synchronous file operations
           85  +debug: newvault( \ new style vault keys
    85     86   
    86     87   -db profile( \ don't profile by default )
    87     88   +db ipv6( \ ipv6 should be on by default )
    88     89   +db ipv4( \ ipv4 should be on by default )
           90  +-db newvault( \ new vault disabled for now )
    89     91   +db syncfile( \ disable async file operations for now )
    90     92   
    91     93   \ key debugging task
    92     94   
    93     95   : toggle ( addr -- )  dup @ 0= swap ! ;
    94     96   
    95     97   0 Value debug-task

Changes to ed25519-donnalib.fs.

    29     29   \c }
    30     30   
    31     31   c-function raw>sc25519 expand_raw256_modm a a -- void ( sc char[32] -- )
    32     32   c-function nb>sc25519 expand256_modm a a n -- void ( sc char[64] n -- )
    33     33   c-function sc25519>32b contract256_modm a a -- void ( char[32] sc -- )
    34     34   c-function sc25519* mul256_modm a a a -- void ( r x y -- )
    35     35   c-function sc25519+ add256_modm a a a -- void ( r x y -- )
           36  +c-function sc25519/ invert256_modm a a -- void ( recip s -- )
    36     37   
    37     38   c-function ge25519*base ge25519_scalarmult_base a a -- void ( ger x -- )
    38     39   c-function ge25519-pack ge25519_pack a a -- void ( r ger -- )
    39     40   c-function ge25519+ ge25519_add a a a -- void ( a a a -- )
    40     41   c-function ge25519-unpack- ge25519_unpack_negative_vartime a a -- n ( r p -- flag )
    41     42   c-function ge25519*+ ge25519_double_scalarmult_vartime a a a a -- void ( r p s1 s2 -- )
    42     43   c-function ge25519*v ge25519_scalarmult_vartime a a a -- void ( r p s -- )
    43     44   c-function ge25519* ge25519_scalarmult a a a -- void ( r p s -- )
    44     45   c-function 32b= str32eq a a -- n ( addr1 addr2 -- flag )
    45     46   c-variable ge25519-basepoint ge25519_basepoint ( --  addr )
    46     47   c-value ge25519 sizeof(ge25519) -- u
    47     48   \ c-variable ge25519-niels*[] ge25519_niels_sliding_multiples ( -- addr )

Changes to n2o.fs.

   202    202       \U keysearch|searchkey 85string1 .. 85stringn
   203    203       \G keysearch: search for keys prefixed with base85 strings,
   204    204       \G keysearch: and import them into the key chain
   205    205       ?get-me init-client
   206    206       keys>search search-keys insert-keys save-pubkeys
   207    207       ?cr keylist ;
   208    208   
          209  +: whoami ( -- )
          210  +    \U whoami
          211  +    \G whoami: print your own key
          212  +    ?get-me pk@ key>o ..key-list ;
          213  +
   209    214   : perm ( -- )
   210    215       \U perm @user1 .. @usern permissions ..
   211    216       \G perm: Change or set permissions. permission starts with
   212    217       \G perm: + for adding permissions
   213    218       \G perm: - for taking away permissions
   214    219       \G perm: = sets defaults, add or subtract permissions afterwards
   215    220       \G perm: no prefix for setting permissions exactly

Changes to threefishlib.fs.

    30     30   \c   int flags=flags1;
    31     31   \c   while(n>=64) {
    32     32   \c     tf_decrypt_512(ctx, c, c, flags);
    33     33   \c     flags=flags2; c+=8; n-=64;
    34     34   \c     ctx->tweak[1] += !++(ctx->tweak[0]);
    35     35   \c   }
    36     36   \c }
           37  +\c void tf_tweak256_pp(struct tf_ctx_256 *ctx)
           38  +\c {
           39  +\c   ctx->tweak[1] += !++(ctx->tweak[0]);
           40  +\c }
           41  +\c void tf_tweak512_pp(struct tf_ctx_512 *ctx)
           42  +\c {
           43  +\c   ctx->tweak[1] += !++(ctx->tweak[0]);
           44  +\c }
    37     45   \ -------===< structs >===--------
    38     46   \ tf_ctx_256
    39     47   begin-structure tf_ctx_256
    40     48       drop 0 40 +field tf_ctx_256-key
    41     49       drop 40 24 +field tf_ctx_256-tweak
    42     50       drop 64 end-structure
    43     51   \ tf_ctx
................................................................................
    49     57   \ ------===< functions >===-------
    50     58   c-function tf_encrypt tf_encrypt_512 a a a n -- void
    51     59   c-function tf_decrypt tf_decrypt_512 a a a n -- void
    52     60   c-function tf_encrypt_256 tf_encrypt_256 a a a n -- void
    53     61   c-function tf_decrypt_256 tf_decrypt_256 a a a n -- void
    54     62   c-function tf_encrypt_loop tf_encrypt_loop a a n n n -- void
    55     63   c-function tf_decrypt_loop tf_decrypt_loop a a n n n -- void
           64  +c-function tf_tweak256++ tf_tweak256_pp a -- void
           65  +c-function tf_tweak512++ tf_tweak512_pp a -- void

Changes to vault.fs.

    87     87   +net2o: vault-auth ( $:auth -- )
    88     88       \g block authentication, 64 byte block
    89     89       c-state @ 7 <> !!no-data!!
    90     90       \ otherwise would expose some data
    91     91       $> v-kstate c:key> v-kstate $40 str= 0= !!vault-auth!!
    92     92       write-decrypt \ write a chunk out
    93     93       4 c-state xor! ; \ step back to allow fault-file
    94         -
           94  ++net2o: vault-dhe-keys ( $:dhe+keys -- )  c-state @ !!inv-order!!
           95  +    $> v-dec$ 2dup d0= !!unknown-key!!  v-key state# move-rep
           96  +    3 c-state or! ;
    95     97   
    96     98   vault-table $save
    97     99   ' context-table is gen-table
    98    100   
    99    101   also }scope
   100    102   
   101    103   $80 Constant min-align#
................................................................................
   121    123   : vdhe, ( -- )   vsk vpk ed-keypair vpk keysize $, dhe ;
   122    124   : vkeys, ( key-list -- )
   123    125       vaultkey $100 erase
   124    126       enc-mode @ $FF and $20 - rng$ vkey state# move-rep
   125    127       vkey( ." vkey key: " vkey state# 85type forth:cr )
   126    128       enc-mode @ dup ulit, vault-crypt 8 rshift $FF and >crypt
   127    129       [: [: drop vsk swap keygendh ed-dh 2>r
   128         -	vkey vaultkey $10 + enc-mode @ $FF and $20 - move
   129         -	vaultkey enc-mode @ $FF and 2r> encrypt$
   130         -	vaultkey enc-mode @ $FF and forth:type ;] $[]map ;] $tmp
          130  +	    vkey vaultkey $10 + enc-mode @ $FF and $20 - move
          131  +	    vaultkey enc-mode @ $FF and 2r> encrypt$
          132  +	    vaultkey enc-mode @ $FF and forth:type ;] $[]map ;] $tmp
   131    133       $, vault-keys 0 >crypt ;
          134  +: vdhe-keys, ( key-list -- )
          135  +    v-enc$ $, vault-dhe-keys  0 >crypt ;
   132    136   : vfile-in ( -- )
   133    137       enc-filename $@ enc-file $slurp-file ;
   134    138   : vfile-pad ( -- )
   135    139       enc-file $@len dup >r vault-aligned enc-file $!len
   136    140       enc-file $@ r> /string dup enc-padding ! erase ;
   137    141   : vfile-enc ( -- )
   138    142       vkey( ." vkey file: " vkey state# 85type forth:cr )
................................................................................
   149    153       0 >crypt
   150    154       vkey( ." vkey sig: " vkey state# 85type forth:cr )
   151    155       2dup vkey state# encrypt$ $, vault-sig ;
   152    156   
   153    157   : encfile-rest ( key-list -- ) >vault >r
   154    158       code-buf$ cmdreset init-reply
   155    159       pk@ key| r@ $+[]! \ encrypt for ourself
   156         -    "v2o" 4cc, vdhe, r> vkeys, vfile, vsig,
          160  +    "v2o" 4cc,
          161  +    newvault( r> vdhe-keys, )else( vdhe, r> vkeys, )
          162  +    vfile, vsig,
   157    163       s" .v2o" enc-filename $+!
   158    164       enc-filename $@ [: >r cmd$ $@ r> write-file throw ;] new-file
   159    165       code0-buf dispose n:o> ;
   160    166   
   161    167   : encrypt-file ( filename u key-list -- )
   162    168       >r enc-filename $! vfile-in r> encfile-rest ;
   163    169