tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

fidocrypt(1): `storing' cgd keys on U2F/FIDO keys

[bcc tech-crypto@ tech-security@, followups to tech-userlevel@]

I would like to import the fidocrypt(1) utility into base:

fidocrypt(1) is a small program that lets you `store' a secret on
U2F/FIDO keys, with a little state on disk that enables you to
register or unregister keys without changing the secret, so that any
one of the registered keys can be used to open the secret.  Example:

    $ export
    $ fidocrypt enroll -N Falken -u falken -n yubi5nano example.crypt
    tap key to enroll; waiting...
    tap key again to verify; waiting...
    $ fidocrypt enroll -N Falken -u falken -n redsolokey example.crypt
    tap a key that's already enrolled; waiting...
    tap key to enroll; waiting...
    tap key again to verify; waiting...
    $ fidocrypt list example.crypt
    2 redsolokey
    1 yubi5nano
    $ fidocrypt get -F base64 example.crypt
    tap key; waiting...

The secret might be, for instance, a cgd(4) disk encryption key --
fidocrypt(1) can be used in a shell_cmd keygen block of a cgdconfig(8)
parameters file.  For this to work, fidocrypt(1) has to be available
early at boot time before any file systems on cgd(4) volumes have been
mounted -- this is why I suggest putting it in base and not just, say,
in pkgsrc.

The fidocrypt(1) program and associated library are
reasonably small, a couple hundred kilobytes on amd64, although having
/bin/fidocrypt would require us to move and
into /lib, adding a megabyte or two in total to / (not counting
/rescue where it might also be worthwhile to add fidocrypt):

   text    data     bss     dec     hex filename
  52160    2042    1864   56066    db02 fidocrypt
  69332    1544       0   70876   114dc
 144480    2048      32  146560   23c80
1136213   22504    1368 1160085  11b395

(Of course, sqlite3 in /lib might be useful for other purposes too!)


(The `-N Falken -u falken' names, and the FIDOCRYPT_RPID relying party
id, are required by the FIDO protocol, but have no significance to
fidocrypt(1) itself -- other than that the relying party id can't be
changed without creating a new fidocrypt file to encapsulate the same
secret.  The `-n yubi5nano' just gives a nickname to each registered
key in case you want to revoke it later.)

Home | Main Index | Thread Index | Old Index