HS v3 suggestion as to how to generate a secure service client authentication key pair
I wonder if the manual should contain an Appendix to suggest how one can create HS v3 client authorization key pairs. This is something I had to figure out for myself.
Here's what I've done: I've created myself a couple of scripts to help automate the process. While still very far from being clean and tidy, it could be a start if someone with 'release grade' scripting skills and knowledgeable of Tor could clean them up.
There's three scripts; the first one generates a blob with a private and public parts of an authorization key, and the second and third extract those parts.
Here's their content:
Key pair blob generator:
generate_x25519_key.sh: #!/bin/sh # # This generates a x25519 key pair and prints out the private and public parts # # It works like this: # 1. first call to openssl generates the key # 2. second call to openssl prints out the key contents # 3. tail discards the key contents' header # 4. the first cut discards lines not containing data # 5. the second cut discards non-data bits in the left margin # # To preserve the generated key pair, you can send the output of this script to a file # openssl genpkey -algorithm x25519 -out - \ | openssl pkey -in - -text -noout \ | tail -n 7 \ | cut -s -d : -f 1-16 \ | cut -b 5-49
The script above generates a blob like this (a trimmed down form of openssl's own output), which the other two can parse:
f8:9f:b4:2b:5c:f9:6f:dc:28:a2:1b:b2:a8:60:7c: 67:e1:5c:1f:1c:76:3c:9b:db:39:d8:64:b7:22:e7: fe:58 22:01:cc:69:f4:f7:58:8b:9a:19:0f:06:3c:36:a8: 0d:e3:35:39:28:6d:b1:f7:1c:b7:18:03:a2:bc:e4: d2:35
Here are the two parsers:
Private key extraction:
extract_x25519_private.sh: #!/bin/sh # # This extracts the private key from a x25519 key pair generated by generate_x25519_key.sh # # It works like this: # 1. head selects only the first half of a key pair file (cat of file created by the said script) # (the first half is the private key part) # 2. xxd converts hex in the private key part to binary # 3. base32 converts the binary output of xxd to base32 # 4. cut discards the = padding at the end # head -n 3 - \ | xxd -r -p \ | base32 \ | cut -b 1-52
Calling the above with blob fed into it would produce:
Public key extraction:
extract_x25519_public.sh: #!/bin/sh # # This extracts the public key from a x25519 key pair generated by generate_x25519_key.sh # # It works like this: # 1. tail selects only the second half of a key pair file (cat of file created by the said script) # (the second half is the public key part) # 2. xxd converts hex in the public key part to binary # 3. base32 converts the binary output of xxd to base32 # 4. cut discards the = padding at the end # tail -n 3 - \ | xxd -r -p \ | base32 \ | cut -b 1-52
Calling the above with the blob fed into it would produce:
I know that the commands exposed here might seem to some trivial, however it could help if someone wishes to try out HS v3 client auth and doesn't have a key generation tool that adapts to Tor's base32 format, if the Appendix is created and he reads it he could find a way to do so (and the more testers out there the better, to look for problems, so we should be doing all we can to make the process more accessible and create shortcuts).
Of course perhaps the Tor developers already have better tools to achieve this, in which case my scripts suggestion doesn't need to be used.
This ticket is related to #28026 (moved)