Opened 12 months ago

Last modified 12 months ago

#28186 new enhancement

HS v3 suggestion as to how to generate a secure service client authentication key pair

Reported by: jchevali Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.3.5.3-alpha
Severity: Normal Keywords: tor-hs
Cc: asn Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I wonder if the manual should contain an Appendix to suggest how one can create HS v3 client authorization key pairs. This is something I had to figure out for myself.

Here's what I've done: I've created myself a couple of scripts to help automate the process. While still very far from being clean and tidy, it could be a start if someone with 'release grade' scripting skills and knowledgeable of Tor could clean them up.

There's three scripts; the first one generates a blob with a private and public parts of an authorization key, and the second and third extract those parts.

Here's their content:

Key pair blob generator:

generate_x25519_key.sh:

#!/bin/sh
#
# This generates a x25519 key pair and prints out the private and public parts
#
# It works like this:
# 1. first call to openssl generates the key
# 2. second call to openssl prints out the key contents
# 3. tail discards the key contents' header
# 4. the first cut discards lines not containing data
# 5. the second cut discards non-data bits in the left margin
#
# To preserve the generated key pair, you can send the output of this script to a file
#
openssl genpkey -algorithm x25519 -out - \
        | openssl pkey -in - -text -noout \
        | tail -n 7 \
        | cut -s -d : -f 1-16 \
        | cut -b 5-49

The script above generates a blob like this (a trimmed down form of openssl's own output), which the other two can parse:

f8:9f:b4:2b:5c:f9:6f:dc:28:a2:1b:b2:a8:60:7c:
67:e1:5c:1f:1c:76:3c:9b:db:39:d8:64:b7:22:e7:
fe:58

22:01:cc:69:f4:f7:58:8b:9a:19:0f:06:3c:36:a8:
0d:e3:35:39:28:6d:b1:f7:1c:b7:18:03:a2:bc:e4:
d2:35

Here are the two parsers:

Private key extraction:

extract_x25519_private.sh:

#!/bin/sh
#
# This extracts the private key from a x25519 key pair generated by generate_x25519_key.sh
#
# It works like this:
# 1. head selects only the first half of a key pair file (cat of file created by the said script)
#    (the first half is the private key part)
# 2. xxd converts hex in the private key part to binary
# 3. base32 converts the binary output of xxd to base32
# 4. cut discards the = padding at the end
#
head -n 3 - \
        | xxd -r -p \
        | base32 \
        | cut -b 1-52

Calling the above with blob fed into it would produce:

7CP3IK247FX5YKFCDOZKQYD4M7QVYHY4OY6JXWZZ3BSLOIXH7ZMA

Public key extraction:

extract_x25519_public.sh:

#!/bin/sh
#
# This extracts the public key from a x25519 key pair generated by generate_x25519_key.sh
#
# It works like this:
# 1. tail selects only the second half of a key pair file (cat of file created by the said script)
#    (the second half is the public key part)
# 2. xxd converts hex in the public key part to binary
# 3. base32 converts the binary output of xxd to base32
# 4. cut discards the = padding at the end
#
tail -n 3 - \
        | xxd -r -p \
        | base32 \
        | cut -b 1-52

Calling the above with the blob fed into it would produce:

EIA4Y2PU65MIXGQZB4DDYNVIBXRTKOJINWY7OHFXDAB2FPHE2I2Q

I know that the commands exposed here might seem to some trivial, however it could help if someone wishes to try out HS v3 client auth and doesn't have a key generation tool that adapts to Tor's base32 format, if the Appendix is created and he reads it he could find a way to do so (and the more testers out there the better, to look for problems, so we should be doing all we can to make the process more accessible and create shortcuts).

Of course perhaps the Tor developers already have better tools to achieve this, in which case my scripts suggestion doesn't need to be used.

This ticket is related to #28026

Child Tickets

Change History (1)

comment:1 Changed 12 months ago by dgoulet

Cc: asn added
Keywords: tor-hs added
Milestone: Tor: unspecified

We do have a plan to create a tool for client auth key generation within the tor.git repository and thus shipped by our packages.

We are also floating the idea of doing a blog post about this feature. Stay tune!

Note: See TracTickets for help on using tickets.