-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Retrieve long term static key for Conn #4
Changes from 4 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,6 +17,8 @@ type Conn struct { | |
// handshake | ||
config *Config // configuration passed to constructor | ||
hs handshakeState | ||
remotePub [32]byte // remote static public key | ||
remotePubSet bool // true when remote public key is set in remotePub | ||
handshakeComplete bool | ||
handshakeMutex sync.Mutex | ||
|
||
|
@@ -239,7 +241,7 @@ func (c *Conn) Handshake() error { | |
var remoteKeyPair *KeyPair | ||
if c.config.RemoteKey != nil { | ||
if len(c.config.RemoteKey) != 32 { | ||
return errors.New("Noise: the provided remote key is not 32-byte.") | ||
return errors.New("noise: the provided remote key is not 32-byte") | ||
} | ||
remoteKeyPair = &KeyPair{} | ||
copy(remoteKeyPair.PublicKey[:], c.config.RemoteKey) | ||
|
@@ -319,6 +321,8 @@ ContinueHandshake: | |
if !c.config.PublicKeyVerifier(hs.rs.PublicKey[:], receivedPayload) { | ||
return errors.New("Noise: the received public key could not be authenticated") | ||
} | ||
copy(c.remotePub[:], hs.rs.PublicKey[:]) | ||
c.remotePubSet = true | ||
} | ||
} | ||
|
||
|
@@ -351,6 +355,18 @@ func (c *Conn) IsRemoteAuthenticated() bool { | |
return c.isRemoteAuthenticated | ||
} | ||
|
||
// StaticKey returns the static key of the remote peer. It is useful in case the | ||
// static key is only transmitted during the handshake. | ||
func (c *Conn) StaticKey() ([]byte, error) { | ||
if !c.handshakeComplete { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. is it important that the handshake has to be finished? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Mhhhh I wanna make sure that the key I get when calling |
||
return nil, errors.New("noise: handshake not completed") | ||
} | ||
if !c.remotePubSet { | ||
return nil, errors.New("noise: no remote static key given") | ||
} | ||
return c.remotePub[:], nil | ||
} | ||
|
||
// | ||
// input/output functions | ||
// | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So. Can we think of good reasons for
clear()
to clear the public keys? If not, I'd rather have us modify the behavior ofclear()
rather than adding new fields here :oThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The reasons to clear a key from memory is to avoid an attacker being able to read it (either because he's on the same machine or by using heartbleed style attacks, etc). Usually we clear a private key because that's what is most urgent to keep secret.
In a far far fetched scenario, we might also want to clear up the static public key to be able to deny later that we were participating in the communication ? (if we load the key via Yubikey on a computer which got compromised just after we used it so it still has the memory kept ? )
Lol this seems way too far fetched from me. So if you also can't find a realistic scenario, then let me know and I'll modify
clear()
so it only clears the private key.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah I'm not particularly interested in the deniability property which Noise doesn't provide in any case. I think a better idea would be to stop
clear()
from removing the public keys. If you can make this change I'll accept your PR! Thanks again for the initial PR and the changes :) you rock