🚧 wip: considering passphrase-protected keys

main
_ 2021-01-18 20:41:05 -06:00
parent 02b7cca354
commit 49a30866df
2 changed files with 39 additions and 0 deletions

View File

@ -19,9 +19,46 @@ using namespace std;
using nlohmann::json; using nlohmann::json;
using namespace BareMinimumCrypto; using namespace BareMinimumCrypto;
string get_passphrase_from_user () {
// In prod this would NOT be hard-coded.
return "Correct Horse Battery Staple";
}
int happy_path () { int happy_path () {
// We generate a root key and keep it somewhere safe // We generate a root key and keep it somewhere safe
// (offline, hopefully) // (offline, hopefully)
// Passphrases are mandatory for root keys, and BMC also generates
// a salt to maximize entropy.
const auto passphrase = get_passphrase_from_user ();
vector <uint8_t> seed;
seed.resize (crypto_sign_SEEDBYTES);
vector <uint8_t> salt;
salt.resize (crypto_pwhash_SALTBYTES);
randombytes_buf (salt.data (), salt.size ());
if (crypto_pwhash (
seed.data (), seed.size (),
passphrase.data (), passphrase.size (),
salt.data (),
crypto_pwhash_OPSLIMIT_INTERACTIVE, crypto_pwhash_MEMLIMIT_INTERACTIVE,
crypto_pwhash_ALG_DEFAULT
) != 0) {
return 1;
}
vector <uint8_t> pk;
pk.resize (crypto_sign_PUBLICKEYBYTES);
vector <uint8_t> sk;
sk.resize (crypto_sign_SECRETKEYBYTES);
if (crypto_sign_seed_keypair (pk.data (), sk.data (), seed.data ()) != 0) {
return 1;
}
cerr << "Passphrased root pub key " << base64_encode (pk) << endl;
SigningKey root_key; SigningKey root_key;
cerr << "Root pub key " << base64_encode (root_key.pubkey ()) << endl; cerr << "Root pub key " << base64_encode (root_key.pubkey ()) << endl;

View File

@ -17,6 +17,8 @@ namespace BareMinimumCrypto {
public: public:
SigningKey (); SigningKey ();
//static optional <SigningKey> generate_to_file
vector <uint8_t> pubkey () const; vector <uint8_t> pubkey () const;
vector <uint8_t> pub_to_msgpack () const; vector <uint8_t> pub_to_msgpack () const;