public
/
keyfork
5
0
Fork 0
Code Issues 16 Pull Requests 1 Packages Projects Releases Wiki Activity

Compare commits

base: public:f96ad114220c7519559a26fa950d318ea914246c
Branches Tags
public:main
public:ryansquared/staging-since-latest
public:ryansquared/quick-and-dirty-prompt
public:ryansquared/keyfork-mnemonic-refactors
public:ryansquared/bottoms-up
public:anton/require-min-entropy
public:anton/chore/update-readme
public:anton/feat/min_bit_req
public:ryan/shard-improvements
public:ryan/harden-derivation-on-highest-level-keys
public:ryan/use-instant-time-qrcode
public:stagex-build
public:ryan/old-static-retain-for-stagex
public:ryan/recover-shardholder-hardware
public:ryan/keyfork-prompt/steel
public:ryan/keyfork-shard/reuse-prompt-handler
public:ryan/keyfork-shard-reuse-prompt-handler
public:keyfork-shard-traitify
public:ryan/fearless-conversions
public:ryan/optimize-hunk
public:ryan/cargo-update
public:ryansquared/keyfork-shard/openpgp-card
public:keyfork-shard-v0.2.2
public:keyfork-v0.2.3
public:keyfork-derive-openpgp-v0.1.2
public:keyfork-v0.2.2
public:keyforkd-models-v0.2.0
public:keyforkd-client-v0.2.0
public:keyforkd-v0.1.1
public:keyfork-shard-v0.2.0
public:keyfork-qrcode-v0.1.1
public:keyfork-prompt-v0.1.1
public:keyfork-mnemonic-util-v0.3.0
public:keyfork-entropy-v0.1.1
public:keyfork-derive-util-v0.2.0
public:keyfork-derive-path-data-v0.1.1
public:keyfork-derive-openpgp-v0.1.1
public:keyfork-derive-key-v0.1.1
public:keyfork-v0.2.0
public:keyfork-v0.1.0
public:smex-v0.1.0
public:keyfork-bug-v0.1.0
public:keyfork-bin-v0.1.0
public:keyfork-slip10-test-data-v0.1.0
public:keyfork-derive-util-v0.1.0
public:keyfork-frame-v0.1.0
public:keyforkd-models-v0.1.0
public:keyforkd-client-v0.1.0
public:keyfork-derive-openpgp-v0.1.0
public:keyfork-entropy-v0.1.0
public:keyfork-crossterm-v0.27.1
public:keyfork-prompt-v0.1.0
public:keyfork-zbar-sys-v0.1.0
public:keyfork-zbar-v0.1.0
public:keyfork-qrcode-v0.1.0
public:keyfork-shard-v0.1.0
public:keyfork-derive-path-data-v0.1.0
public:keyforkd-v0.1.0
public:keyfork-derive-key-v0.1.0
public:keyfork-mnemonic-util-v0.2.0
public:keyfork-mnemonic-util-v0.1.0
..
compare: public:71b6e4ed0c9aa4bc81d230eeabac31b9cbe55633
Branches Tags
public:main
public:ryansquared/staging-since-latest
public:ryansquared/quick-and-dirty-prompt
public:ryansquared/keyfork-mnemonic-refactors
public:ryansquared/bottoms-up
public:anton/require-min-entropy
public:anton/chore/update-readme
public:anton/feat/min_bit_req
public:ryan/shard-improvements
public:ryan/harden-derivation-on-highest-level-keys
public:ryan/use-instant-time-qrcode
public:stagex-build
public:ryan/old-static-retain-for-stagex
public:ryan/recover-shardholder-hardware
public:ryan/keyfork-prompt/steel
public:ryan/keyfork-shard/reuse-prompt-handler
public:ryan/keyfork-shard-reuse-prompt-handler
public:keyfork-shard-traitify
public:ryan/fearless-conversions
public:ryan/optimize-hunk
public:ryan/cargo-update
public:ryansquared/keyfork-shard/openpgp-card
public:keyfork-shard-v0.2.2
public:keyfork-v0.2.3
public:keyfork-derive-openpgp-v0.1.2
public:keyfork-v0.2.2
public:keyforkd-models-v0.2.0
public:keyforkd-client-v0.2.0
public:keyforkd-v0.1.1
public:keyfork-shard-v0.2.0
public:keyfork-qrcode-v0.1.1
public:keyfork-prompt-v0.1.1
public:keyfork-mnemonic-util-v0.3.0
public:keyfork-entropy-v0.1.1
public:keyfork-derive-util-v0.2.0
public:keyfork-derive-path-data-v0.1.1
public:keyfork-derive-openpgp-v0.1.1
public:keyfork-derive-key-v0.1.1
public:keyfork-v0.2.0
public:keyfork-v0.1.0
public:smex-v0.1.0
public:keyfork-bug-v0.1.0
public:keyfork-bin-v0.1.0
public:keyfork-slip10-test-data-v0.1.0
public:keyfork-derive-util-v0.1.0
public:keyfork-frame-v0.1.0
public:keyforkd-models-v0.1.0
public:keyforkd-client-v0.1.0
public:keyfork-derive-openpgp-v0.1.0
public:keyfork-entropy-v0.1.0
public:keyfork-crossterm-v0.27.1
public:keyfork-prompt-v0.1.0
public:keyfork-zbar-sys-v0.1.0
public:keyfork-zbar-v0.1.0
public:keyfork-qrcode-v0.1.0
public:keyfork-shard-v0.1.0
public:keyfork-derive-path-data-v0.1.0
public:keyforkd-v0.1.0
public:keyfork-derive-key-v0.1.0
public:keyfork-mnemonic-util-v0.2.0
public:keyfork-mnemonic-util-v0.1.0

5 Commits
f96ad11422 ... 71b6e4ed0c

Author SHA1 Message Date
Ryan Heywood 71b6e4ed0c
Merge branch 'ryan/use-instant-time-qrcode' 2024-04-10 15:35:50 -04:00
Ryan Heywood 4f4e3cfc65
Merge branch 'ryan/harden-derivation-on-highest-level-keys' 2024-04-10 15:35:40 -04:00
Ryan Heywood 194d475d59
keyfork-shard: validate signatures using shard-specific validation requirements 2024-04-10 15:17:30 -04:00
Ryan Heywood 40551a5c26
keyforkd: require hardened derivation on two highest indexes 2024-04-09 20:14:59 -04:00
Ryan Heywood fa125e7cbe
keyfork-qrcode: prefer Instant over SystemTime for infallible time comparison 2024-04-09 19:54:11 -04:00
10 changed files with 71 additions and 25 deletions
Show Stats Expand all files Collapse all files

4
Cargo.lock generated
View File

@ -1818,7 +1818,7 @@ dependencies = [
[[package]] [[package]]
name = "keyfork-qrcode" name = "keyfork-qrcode"
version = "0.1.0" version = "0.1.1"
dependencies = [ dependencies = [
"image", "image",
"keyfork-bug", "keyfork-bug",
@ -1879,7 +1879,7 @@ dependencies = [
[[package]] [[package]]
name = "keyforkd" name = "keyforkd"
version = "0.1.0" version = "0.1.1"
dependencies = [ dependencies = [
"bincode", "bincode",
"hex-literal", "hex-literal",

3
crates/daemon/keyforkd-client/src/tests.rs
View File

@ -25,6 +25,9 @@ fn secp256k1_test_suite() {
if chain_len < 2 { if chain_len < 2 {
continue; continue;
} }
if chain.iter().take(2).any(|index| !index.is_hardened()) {
continue;
}
// Consistency check: ensure the server and the client can each derive the same // Consistency check: ensure the server and the client can each derive the same
// key using an XPrv, for all but the last XPrv, which is verified after this // key using an XPrv, for all but the last XPrv, which is verified after this
for i in 2..chain_len { for i in 2..chain_len {

4
crates/daemon/keyforkd-models/src/lib.rs
View File

@ -43,6 +43,10 @@ pub enum DerivationError {
#[error("Invalid derivation length: Expected at least 2, actual: {0}")] #[error("Invalid derivation length: Expected at least 2, actual: {0}")]
InvalidDerivationLength(usize), InvalidDerivationLength(usize),
/// The derivation request did not use hardened derivation on the 2 highest indexes.
#[error("Invalid derivation paths: expected index #{0} (1) to be hardened")]
InvalidDerivationPath(usize, u32),
/// An error occurred while deriving data. /// An error occurred while deriving data.
#[error("Derivation error: {0}")] #[error("Derivation error: {0}")]
Derivation(String), Derivation(String),

2
crates/daemon/keyforkd/Cargo.toml
View File

@ -1,6 +1,6 @@
[package] [package]
name = "keyforkd" name = "keyforkd"
version = "0.1.0" version = "0.1.1"
edition = "2021" edition = "2021"
license = "AGPL-3.0-only" license = "AGPL-3.0-only"

15
crates/daemon/keyforkd/src/service.rs
View File

@ -69,6 +69,18 @@ impl Service<Request> for Keyforkd {
return Err(DerivationError::InvalidDerivationLength(len).into()); return Err(DerivationError::InvalidDerivationLength(len).into());
} }
if let Some((i, unhardened_index)) = req
.path()
.iter()
.take(2)
.enumerate()
.find(|(_, index)| {
!index.is_hardened()
})
{
return Err(DerivationError::InvalidDerivationPath(i, unhardened_index.inner()).into())
}
#[cfg(feature = "tracing")] #[cfg(feature = "tracing")]
if let Some(target) = guess_target(req.path()) { if let Some(target) = guess_target(req.path()) {
info!("Deriving path: {target}"); info!("Deriving path: {target}");
@ -110,6 +122,9 @@ mod tests {
if chain.len() < 2 { if chain.len() < 2 {
continue; continue;
} }
if chain.iter().take(2).any(|index| !index.is_hardened()) {
continue;
}
let req = DerivationRequest::new(DerivationAlgorithm::Secp256k1, &chain); let req = DerivationRequest::new(DerivationAlgorithm::Secp256k1, &chain);
let response: DerivationResponse = keyforkd let response: DerivationResponse = keyforkd
.ready() .ready()

11
crates/daemon/keyforkd/src/test_util.rs
View File

@ -61,7 +61,7 @@ where
)); ));
let socket_dir = tempfile::tempdir().expect(bug!("can't create tempdir")); let socket_dir = tempfile::tempdir().expect(bug!("can't create tempdir"));
let socket_path = socket_dir.path().join("keyforkd.sock"); let socket_path = socket_dir.path().join("keyforkd.sock");
rt.block_on(async move { let result = rt.block_on(async move {
let (tx, mut rx) = tokio::sync::mpsc::channel(1); let (tx, mut rx) = tokio::sync::mpsc::channel(1);
let server_handle = tokio::spawn({ let server_handle = tokio::spawn({
let socket_path = socket_path.clone(); let socket_path = socket_path.clone();
@ -87,8 +87,13 @@ where
let result = test_handle.await; let result = test_handle.await;
server_handle.abort(); server_handle.abort();
result result
}) });
.expect(bug!("runtime could not join all threads")) if let Err(e) = result {
if e.is_panic() {
std::panic::resume_unwind(e.into_panic());
}
}
Ok(())
} }
#[cfg(test)] #[cfg(test)]

14
crates/keyfork-shard/src/openpgp/keyring.rs
View File

@ -84,13 +84,23 @@ impl<P: PromptHandler> VerificationHelper for &mut Keyring<P> {
aead_algo, aead_algo,
} => {} } => {}
MessageLayer::SignatureGroup { results } => { MessageLayer::SignatureGroup { results } => {
for result in results { match &results[..] {
if let Err(e) = result { [Ok(_)] => {
return Ok(());
}
_ => {
// FIXME: anyhow leak: VerificationError impl std::error::Error // FIXME: anyhow leak: VerificationError impl std::error::Error
// return Err(e.context("Invalid signature")); // return Err(e.context("Invalid signature"));
return Err(anyhow::anyhow!("Error validating signature; either multiple signatures were passed or the single signature was not valid"));
}
}
/*
for result in results {
if let Err(e) = result {
return Err(anyhow::anyhow!("Invalid signature: {e}")); return Err(anyhow::anyhow!("Invalid signature: {e}"));
} }
} }
*/
} }
} }
} }

29
crates/keyfork-shard/src/openpgp/smartcard.rs
View File

@ -193,12 +193,23 @@ impl<P: PromptHandler> VerificationHelper for &mut SmartcardManager<P> {
aead_algo, aead_algo,
} => {} } => {}
MessageLayer::SignatureGroup { results } => { MessageLayer::SignatureGroup { results } => {
for result in results { match &results[..] {
if let Err(e) = result { [Ok(_)] => {
// FIXME: anyhow leak return Ok(());
return Err(anyhow::anyhow!("Verification error: {}", e.to_string())); }
_ => {
// FIXME: anyhow leak: VerificationError impl std::error::Error
// return Err(e.context("Invalid signature"));
return Err(anyhow::anyhow!("Error validating signature; either multiple signatures were passed or the single signature was not valid"));
} }
} }
/*
for result in results {
if let Err(e) = result {
return Err(anyhow::anyhow!("Invalid signature: {e}"));
}
}
*/
} }
} }
} }
@ -264,11 +275,11 @@ impl<P: PromptHandler> DecryptionHelper for &mut SmartcardManager<P> {
} else { } else {
format!("Unlock card {card_id} ({cardholder_name})\n{rpea}: {attempts}\n\nPIN: ") format!("Unlock card {card_id} ({cardholder_name})\n{rpea}: {attempts}\n\nPIN: ")
}; };
let temp_pin = let temp_pin = self
self.pm .pm
.lock() .lock()
.expect(bug!(POISONED_MUTEX)) .expect(bug!(POISONED_MUTEX))
.prompt_validated_passphrase(&message, 3, &pin_validator)?; .prompt_validated_passphrase(&message, 3, &pin_validator)?;
let verification_status = transaction.verify_user_pin(temp_pin.as_str().trim()); let verification_status = transaction.verify_user_pin(temp_pin.as_str().trim());
match verification_status { match verification_status {
#[allow(clippy::ignored_unit_patterns)] #[allow(clippy::ignored_unit_patterns)]

2
crates/qrcode/keyfork-qrcode/Cargo.toml
View File

@ -1,6 +1,6 @@
[package] [package]
name = "keyfork-qrcode" name = "keyfork-qrcode"
version = "0.1.0" version = "0.1.1"
repository = "https://git.distrust.co/public/keyfork" repository = "https://git.distrust.co/public/keyfork"
edition = "2021" edition = "2021"
license = "MIT" license = "MIT"

12
crates/qrcode/keyfork-qrcode/src/lib.rs
View File

@ -5,7 +5,7 @@ use keyfork_bug as bug;
use image::io::Reader as ImageReader; use image::io::Reader as ImageReader;
use std::{ use std::{
io::{Cursor, Write}, io::{Cursor, Write},
time::{Duration, SystemTime}, time::{Duration, Instant},
process::{Command, Stdio}, process::{Command, Stdio},
}; };
use v4l::{ use v4l::{
@ -110,11 +110,10 @@ pub fn scan_camera(timeout: Duration, index: usize) -> Result<Option<String>, QR
fmt.fourcc = FourCC::new(b"MPG1"); fmt.fourcc = FourCC::new(b"MPG1");
device.set_format(&fmt)?; device.set_format(&fmt)?;
let mut stream = Stream::with_buffers(&device, Type::VideoCapture, 4)?; let mut stream = Stream::with_buffers(&device, Type::VideoCapture, 4)?;
let start = SystemTime::now(); let start = Instant::now();
while SystemTime::now() while Instant::now()
.duration_since(start) .duration_since(start)
.unwrap_or(Duration::from_secs(0))
< timeout < timeout
{ {
let (buffer, _) = stream.next()?; let (buffer, _) = stream.next()?;
@ -141,12 +140,11 @@ pub fn scan_camera(timeout: Duration, index: usize) -> Result<Option<String>, QR
fmt.fourcc = FourCC::new(b"MPG1"); fmt.fourcc = FourCC::new(b"MPG1");
device.set_format(&fmt)?; device.set_format(&fmt)?;
let mut stream = Stream::with_buffers(&device, Type::VideoCapture, 4)?; let mut stream = Stream::with_buffers(&device, Type::VideoCapture, 4)?;
let start = SystemTime::now(); let start = Instant::now();
let mut scanner = keyfork_zbar::image_scanner::ImageScanner::new(); let mut scanner = keyfork_zbar::image_scanner::ImageScanner::new();
while SystemTime::now() while Instant::now()
.duration_since(start) .duration_since(start)
.unwrap_or(Duration::from_secs(0))
< timeout < timeout
{ {
let (buffer, _) = stream.next()?; let (buffer, _) = stream.next()?;