From: Matthias May <matthias.may@westermo.com>
To: Nico Schottelius <nico.schottelius@ungleich.ch>,
Adam Stiles <ajstiles@gmail.com>
Cc: <wireguard@lists.zx2c4.com>
Subject: Re: How to verify a wireguard public key?
Date: Sat, 26 Dec 2020 00:37:49 +0100 [thread overview]
Message-ID: <85fdc2c4-e9de-e5fd-bd2c-fcae80ec0211@westermo.com> (raw)
In-Reply-To: <87h7oa5k0f.fsf@ungleich.ch>
On 25/12/2020 10:10, Nico Schottelius wrote:
>
> Good morning Adam and Jason,
>
> thanks for your qualified and fast answers! It's nice to see Dan's
> website still referenced in almost 2021 and also that it can be easily
> enough verified.
>
> For reference and if anyone ever looks up this thread, I am using
> the following code within the Django Rest Framework [0]:
>
> --------------------------------------------------------------------------------
> def validate_wireguard_public_key(self, value):
> msg = _("Supplied key is not a valid wireguard public key")
>
> """
> Verify wireguard key.
> See https://urldefense.com/v3/__https://lists.zx2c4.com/pipermail/wireguard/2020-December/006221.html__;!!I9LPvj3b!XDmxiY_v3yY5wQI9GfFvshrCIUcqg4vvKg35qvL0fFajgNHTwr3LcySSqHrNgCByOzQ$
> """
>
> try:
> decoded_key = base64.standard_b64decode(value)
> except Exception as e:
> raise serializers.ValidationError(msg)
>
> if not len(decoded_key) == 32:
> raise serializers.ValidationError(msg)
>
> return value
> --------------------------------------------------------------------------------
>
> Thanks again and enjoy the quite time over Christmas!
>
> Best regards,
>
> Nico
>
> [0] https://urldefense.com/v3/__https://code.ungleich.ch/uncloud/uncloud/-/blob/master/uncloud_net/serializers.py*L37__;Iw!!I9LPvj3b!XDmxiY_v3yY5wQI9GfFvshrCIUcqg4vvKg35qvL0fFajgNHTwr3LcySSqHrNb-aKgNg$
>
>
> Adam Stiles <ajstiles@gmail.com> writes:
>
>> Hi Nico,
>>
>> WireGuard uses Curve25519 keys. A Curve25519 secret key is a random 32
>> byte value with a few special bits flipped, and a public key is
>> calculated from a secret key.
>>
>> There's some good info here (https://urldefense.com/v3/__https://cr.yp.to/ecdh.html__;!!I9LPvj3b!XDmxiY_v3yY5wQI9GfFvshrCIUcqg4vvKg35qvL0fFajgNHTwr3LcySSqHrNDoxdskk$ ), including
>> this questions and answer:
>>
>> "How do I validate Curve25519 public keys?"
>>
>> "Don't. The Curve25519 function was carefully designed to allow all
>> 32-byte strings as Diffie-Hellman public keys."
>>
>> I just saw Jason's response, and so this is a bit redundant, but the
>> reference above is a good one.
>>
>> Best,
>>
>> Adam
>>
>>
>> On Thu, Dec 24, 2020 at 3:21 PM Nico Schottelius
>> <nico.schottelius@ungleich.ch> wrote:
>>>
>>>
>>> Good morning,
>>>
>>> I am currently extending uncloud [0] to support wireguard tunnels and
>>> keys. At the moment it is not entirely clear how to verify that a
>>> certain string is a valid wireguard key.
>>>
>>> I first tried checking that it is valid base64, but not all base64
>>> strings are valid wireguard keys.
>>>
>>> Then I tried using `echo $key | wg pubkey && echo ok` - which seems to
>>> check the key format, however the intended behaviour here is misused.
>>>
>>> Does anyone have a pointer on how to reliably identify wireguard public
>>> keys?
>>>
>>> Is the wireguard key always 32 bytes when decoded from base64? Tests
>>> with a number of public keys seems to indicate that.
>>>
>>> Best regards,
>>>
>>> Nico
>>>
>>>
>>> [0] https://urldefense.com/v3/__https://code.ungleich.ch/uncloud/uncloud__;!!I9LPvj3b!XDmxiY_v3yY5wQI9GfFvshrCIUcqg4vvKg35qvL0fFajgNHTwr3LcySSqHrNE6JpRjQ$
>>>
>>> --
>>> Modern, affordable, Swiss Virtual Machines. Visit https://urldefense.com/v3/__http://www.datacenterlight.ch__;!!I9LPvj3b!XDmxiY_v3yY5wQI9GfFvshrCIUcqg4vvKg35qvL0fFajgNHTwr3LcySSqHrNmbUvisY$
>
>
> --
> Modern, affordable, Swiss Virtual Machines. Visit https://urldefense.com/v3/__http://www.datacenterlight.ch__;!!I9LPvj3b!XDmxiY_v3yY5wQI9GfFvshrCIUcqg4vvKg35qvL0fFajgNHTwr3LcySSqHrNmbUvisY$
>
Hi
On this topic, i recently implemented a check if a key is valid in cpp with the following rather crude code:
bool isValidWgKey(const string& usage, const string& key)
{
/* Wireguard keys are BASE64 encoded */
unsigned int _key_length = 44;
unsigned int _key_offset = _key_length -1;
if (key.length() != _key_length) {
log("Wireguard " + usage + " has wrong length (" + to_string(key.length()) + " instead of 44)!");
return false;
}
size_t found = key.substr(0,_key_offset).find_first_not_of("abcdefghijklmnopqrstuvwxyz"
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/");
if (found != std::string::npos) {
log("Wireguard " + usage + " contains invalid character '" + key.substr(found, 1) + "'");
return false;
}
if (key.substr(_key_offset,1) != "=") {
log("Wireguard " + usage + " ends with invalid character '" +
key.substr(found, 1) + "' instead of '='");
return false;
}
return true;
}
Maybe it's useful to someone.
BR
Matthias
next prev parent reply other threads:[~2020-12-25 23:38 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-24 16:00 Nico Schottelius
2020-12-24 23:30 ` Jason A. Donenfeld
2020-12-24 23:42 ` Adam Stiles
2020-12-25 9:10 ` Nico Schottelius
2020-12-25 23:37 ` Matthias May [this message]
2020-12-25 23:47 ` Jason A. Donenfeld
2020-12-25 22:16 ` Matthias Urlichs
2020-12-26 8:09 ` Nico Schottelius
2020-12-26 9:03 ` Matthias Urlichs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=85fdc2c4-e9de-e5fd-bd2c-fcae80ec0211@westermo.com \
--to=matthias.may@westermo.com \
--cc=ajstiles@gmail.com \
--cc=nico.schottelius@ungleich.ch \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).