update: improve CA key format

- Save with 0400 perms so PTTH won't accidentally serve them - Save D-Bus machine ID if possible to detect when keys accidentally change machines - Add random schema version
2021-01-19 17:59:49 -06:00 · 2021-01-19 17:59:49 -06:00 · b0b6c5672c
parent d7ed2ed931
commit b0b6c5672c
4 changed files with 32 additions and 1 deletions
--- a/bare_minimum_crypto/cpp/signing_key.cpp
+++ b/bare_minimum_crypto/cpp/signing_key.cpp
@ -1,5 +1,6 @@
 #include "signing_key.h"

+#include <filesystem>
 #include <fstream>

 #include "json.hpp"
@ -8,12 +9,28 @@

 namespace BareMinimumCrypto {
 	using nlohmann::json;
+	namespace fs = std::filesystem;
+	
+	string get_machine_id () {
+		ifstream f;
+		f.open ("/etc/machine-id", ifstream::binary);
+		string machine_id;
+		if (! f.is_open ()) {
+			return machine_id;
+		}
+		
+		f >> machine_id;
+		return machine_id;
+	}
 	
 	vector <uint8_t> SigningKeyFile::to_msgpack () const {
 		const auto j = json {
+			// Breaking changes should generate a new Base32 schema.
+			{"schema", "3T6XF5DZ"},
 			{"salt", json::binary (salt)},
 			{"time_created", time_created.x},
 			{"pubkey", json::binary (pubkey)},
+			{"machine_id", machine_id},
 		};
 		return json::to_msgpack (j);
 	}
@ -55,10 +72,13 @@ namespace BareMinimumCrypto {
 			return nullopt;
 		}
 		
+		const auto machine_id = get_machine_id ();
+		
 		SigningKeyFile key_on_disk {
 			salt,
 			Instant::now (),
-			key.pk
+			key.pk,
+			machine_id,
 		};
 		const auto msg = key_on_disk.to_msgpack ();
 		
@ -67,6 +87,10 @@ namespace BareMinimumCrypto {
 		if (! f.is_open ()) {
 			return nullopt;
 		}
+		fs::permissions (file_path,
+			fs::perms::owner_read,
+			fs::perm_options::replace
+		);
 		
 		f.write ((const char *)msg.data (), msg.size ());
 		f.close ();
--- a/bare_minimum_crypto/cpp/signing_key.h
+++ b/bare_minimum_crypto/cpp/signing_key.h
@ -11,10 +11,13 @@
 namespace BareMinimumCrypto {
 	using namespace std;
 	
+	string get_machine_id ();
+	
 	struct SigningKeyFile {
 		vector <uint8_t> salt;
 		Instant time_created;
 		vector <uint8_t> pubkey;
+		string machine_id;
 		
 		vector <uint8_t> to_msgpack () const;
 		static optional <SigningKeyFile> try_from_msgpack (const vector <uint8_t> & msg);
--- a/bare_minimum_crypto/schemas.md
+++ b/bare_minimum_crypto/schemas.md
@ -0,0 +1,3 @@
+- 3T6XF5DZ
+
+3T6XF5DZ is a secret key protected by a passphrase.
--- a/bare_minimum_crypto/todo.md
+++ b/bare_minimum_crypto/todo.md
@ -1 +1,2 @@
 - Use libsodium's secure memory when handling keys / seeds / passphrases
+- Test on Windows (machine_id won't work)