Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

getKeyDataFromString hash validation fail #166

Open
xwiz opened this issue May 13, 2021 · 8 comments
Open

getKeyDataFromString hash validation fail #166

xwiz opened this issue May 13, 2021 · 8 comments

Comments

@xwiz
Copy link

xwiz commented May 13, 2021

I've double-checked the hex file being loaded but still getKeyDataFromString always throws Checksum validation fail.

Is this some sort of OS encoding issue? What could be the issue?

@paragonie-security
Copy link
Contributor

What do you mean by "the hex file being loaded"? Can you share a code snippet and a random throw-away example key that reproduces the same issue?

Typically when we see this error, someone thought they could just bin2hex(random_bytes(32)) some random data and load it into Halite that way.

(In reality, you're supposed to generate them within Halite, which produces a key in the form of raw_key || checksum before hex-encoding. This offers two advantages: It informs you when the key has been corrupted on disk, and it prevents people from easily using hash('sha256', $password, true) as their encryption key.)

@xwiz
Copy link
Author

xwiz commented May 13, 2021

Interesting. So if I already have a key pair, how do I encode them to be 'halite compatible'?

@paragonie-security
Copy link
Contributor

halite/src/KeyFactory.php

Lines 769 to 778 in 7596d5c

return new HiddenString(
Hex::encode(
Halite::HALITE_VERSION_KEYS . $key->getRawKeyMaterial() .
\sodium_crypto_generichash(
Halite::HALITE_VERSION_KEYS . $key->getRawKeyMaterial(),
'',
\SODIUM_CRYPTO_GENERICHASH_BYTES_MAX
)
)
);

@xwiz
Copy link
Author

xwiz commented May 13, 2021

OK thank you.

@xwiz xwiz closed this as completed May 13, 2021
@xwiz
Copy link
Author

xwiz commented May 13, 2021

I made a small helper as below and exported the new file to disk but it now says it's invalid (must be CRYPTO_SIGN_PUBLICKEYBYTES long).

I'm trying to load exported file as follows

\ParagonIE\Halite\KeyFactory::loadSignaturePublicKey($path);

I have attached a sample public key output from the function.

What am I doing wrong?

/**
 * Export a cryptography key file to halite compatibe file format (with a checksum)
 *
 * @param string $key_path
 * @param string $dest_path
 * @return HiddenString
 *
 * @throws CannotPerformOperation
 * @throws InvalidType
 * @throws \SodiumException
 * @throws \TypeError
 */
public static function exportRawKey($key_path, $dest_path)
{
	$rawKey = \file_get_contents($key_path);
	if ($rawKey === false) {
        // @codeCoverageIgnoreStart
        throw new \ParagonIE\Halite\Alerts\CannotPerformOperation(
            'Cannot load file: '. $key_path
        );
        // @codeCoverageIgnoreEnd
    }
	$key = new \ParagonIE\HiddenString\HiddenString(
		\ParagonIE\ConstantTime\Hex::encode(
			\ParagonIE\Halite\Halite::HALITE_VERSION_KEYS . $rawKey .
			\sodium_crypto_generichash(
				\ParagonIE\Halite\Halite::HALITE_VERSION_KEYS . $rawKey,
				'',
				\SODIUM_CRYPTO_GENERICHASH_BYTES_MAX
			)
		)
	);
	\file_put_contents($dest_path, $key->getString());
	return $key;
}

fst_rsa_halite.txt

@xwiz xwiz reopened this May 13, 2021
@paragonie-security
Copy link
Contributor

fst_rsa_halite.txt

You cannot use RSA keys with Halite. Please generate a new keypair within Halite and use that instead.

@xwiz
Copy link
Author

xwiz commented May 13, 2021

OK thank you. I am not familiar with the key format generated by sodium.

Assuming I want to use base64 form, is it safe to save rawkey file and encode using sodium_bin2base64?

However I noticed there's already a function to save/export in KeyFactory class

Also the documentation to generate a signature keypair references the SignatureKey class instead of KeyFactory.

@paragonie-security
Copy link
Contributor

Yep, the documentation for KeyFactory is available here: https://github.com/paragonie/halite/blob/master/doc/Classes/KeyFactory.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants