From 40df0fe9d2a0a7648a111ca03de16f7a740cf5ad Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Tue, 22 Apr 2014 15:25:37 +0300 Subject: [PATCH] Longer default PKCS keys This commit changes the default PKCS key length from 2048 bits to 4096 bits. It adds warnings to both SILC client and SILC server in start up in case the existing key is shorter than 4096 to encourage people to generate new key longer key pair. This commit also changes the default SKE DH group from 1024 to 1536 bits. The old group is still supported. --- apps/irssi/src/silc/core/clientutil.c | 9 +++++++ apps/irssi/src/silc/core/silc-core.h | 2 +- apps/silcd/server_query.c | 2 +- apps/silcd/serverconfig.c | 13 ++++++++-- apps/silcd/silcd.c | 10 ++++++-- lib/silcapputil/silcapputil.c | 4 +-- lib/silcapputil/silcapputil.h | 2 +- lib/silcclient/client_attrs.c | 2 +- lib/silcclient/tests/test_silcclient.c | 4 +-- lib/silccore/silcauth.c | 2 +- lib/silccore/silcmessage.c | 4 +-- lib/silccore/tests/test_silcmessage.c | 4 +-- lib/silccrypt/silcpk.h | 4 +-- lib/silccrypt/silcpkcs1.c | 12 ++++----- lib/silccrypt/tests/test_silcpkcs.c | 4 +-- lib/silcserver/tests/test_silcserver.c | 2 +- lib/silcske/groups.c | 34 +++++++++++++------------- lib/silcske/silcske.c | 4 +-- 18 files changed, 71 insertions(+), 47 deletions(-) diff --git a/apps/irssi/src/silc/core/clientutil.c b/apps/irssi/src/silc/core/clientutil.c index 66c8eb9a..9717d393 100644 --- a/apps/irssi/src/silc/core/clientutil.c +++ b/apps/irssi/src/silc/core/clientutil.c @@ -367,6 +367,15 @@ int silc_client_load_keys(SilcClient client) if (!ret) SILC_LOG_ERROR(("Could not load key pair")); + if (silc_pkcs_private_key_get_len(irssi_privkey) < 4096) { + fprintf(stdout, + "warning: Your private key %s length is under 4096 bits. It is " + "recommended to use at least 4096 bits. Consider generating a " + "new key pair.\n", prv); + printf("Press to continue...\n"); + getchar(); + } + return ret; } diff --git a/apps/irssi/src/silc/core/silc-core.h b/apps/irssi/src/silc/core/silc-core.h index 1f6365a3..f1f1541f 100644 --- a/apps/irssi/src/silc/core/silc-core.h +++ b/apps/irssi/src/silc/core/silc-core.h @@ -23,7 +23,7 @@ /* Default settings for creating key pair */ #define SILC_CLIENT_DEF_PKCS "rsa" -#define SILC_CLIENT_DEF_PKCS_LEN 2048 +#define SILC_CLIENT_DEF_PKCS_LEN 4096 extern SilcClient silc_client; extern SilcHash sha1hash; diff --git a/apps/silcd/server_query.c b/apps/silcd/server_query.c index 5cc2decf..15a536ac 100644 --- a/apps/silcd/server_query.c +++ b/apps/silcd/server_query.c @@ -2005,7 +2005,7 @@ SilcBuffer silc_server_query_reply_attrs(SilcServer server, SilcAttributeObjPk pk; SilcAttributeObjService service; unsigned char *tmp; - unsigned char sign[2048 + 1]; + unsigned char sign[65536 + 1]; SilcUInt32 sign_len; SILC_LOG_DEBUG(("Constructing Requested Attributes")); diff --git a/apps/silcd/serverconfig.c b/apps/silcd/serverconfig.c index 6a3cbf05..187f5e98 100644 --- a/apps/silcd/serverconfig.c +++ b/apps/silcd/serverconfig.c @@ -2,9 +2,10 @@ serverconfig.c - Author: Giovanni Giacobbi + Authors: Giovanni Giacobbi + Pekka Riikonen - Copyright (C) 1997 - 2007 Pekka Riikonen + Copyright (C) 1997 - 2014 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -655,6 +656,14 @@ SILC_CONFIG_CALLBACK(fetch_serverinfo) SILC_SERVER_LOG_ERROR(("Error: Could not load private key file.")); return SILC_CONFIG_EPRINTLINE; } + + /* Warn if key length is < 4096 (some versions created 4095 bit keys). */ + if (silc_pkcs_private_key_get_len(server_info->private_key) < 4095) { + fprintf(stderr, + "warning: Your server private key %s length is under 4096 bits. " + "It is recommended to use at least 4096 bits. Consider " + "generating a new server key pair.\n", file_tmp); + } } else return SILC_CONFIG_EINTERNAL; diff --git a/apps/silcd/silcd.c b/apps/silcd/silcd.c index de4ad03a..529af0b4 100644 --- a/apps/silcd/silcd.c +++ b/apps/silcd/silcd.c @@ -4,7 +4,7 @@ Author: Pekka Riikonen - Copyright (C) 1997 - 2007 Pekka Riikonen + Copyright (C) 1997 - 2014 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -60,7 +60,7 @@ static struct option long_opts[] = static char *opt_keypath = NULL; static char *opt_pkcs = "rsa"; static char *opt_identifier = NULL; -static int opt_bits = 2048; +static int opt_bits = 4096; /* Prints out the usage of silc client */ @@ -702,6 +702,12 @@ int main(int argc, char **argv) silc_pkcs_register_default(); silc_hash_register_default(); silc_hmac_register_default(); + + if (opt_bits < 4096) + fprintf(stderr, + "warning: You have specified key length under 4096 bits. It is " + "recommended to use at least 4096 bits.\n"); + if (!silc_create_key_pair(opt_pkcs, opt_bits, pubfile, prvfile, opt_identifier, "", NULL, NULL, FALSE)) exit(1); diff --git a/lib/silcapputil/silcapputil.c b/lib/silcapputil/silcapputil.c index 833f40e2..9c7f136f 100644 --- a/lib/silcapputil/silcapputil.c +++ b/lib/silcapputil/silcapputil.c @@ -108,13 +108,13 @@ New pair of keys will be created. Please, answer to following questions.\n\ if (!key_len_bits) { if (interactive) { char *length = NULL; - length = silc_get_input("Key length in key_len_bits [2048]: ", FALSE); + length = silc_get_input("Key length in key_len_bits [4096]: ", FALSE); if (length) key_len_bits = atoi(length); silc_free(length); } if (!key_len_bits) - key_len_bits = 2048; + key_len_bits = 4096; } if (!identifier) { diff --git a/lib/silcapputil/silcapputil.h b/lib/silcapputil/silcapputil.h index f4858d2a..fa1c750f 100644 --- a/lib/silcapputil/silcapputil.h +++ b/lib/silcapputil/silcapputil.h @@ -54,7 +54,7 @@ * This routine can be used to generate new public key and private key * pair. The `pkcs_name' is the name of public key algorithm, or if * NULL it defaults to "rsa". The `key_len_bits' is the key length - * in bits and if zero (0) it defaults to 2048 bits. The `pub_filename' + * in bits and if zero (0) it defaults to 4096 bits. The `pub_filename' * and `prv_filename' is the public key and private key filenames. * The `pub_identifier' is the public key identifier (for example: * "UN=foobar, HN=hostname"), or if NULL the routine generates it diff --git a/lib/silcclient/client_attrs.c b/lib/silcclient/client_attrs.c index a7825270..58eed455 100644 --- a/lib/silcclient/client_attrs.c +++ b/lib/silcclient/client_attrs.c @@ -83,7 +83,7 @@ SilcBuffer silc_client_attributes_process(SilcClient client, SilcAttribute attribute; SilcAttributePayload attr; SilcAttributeObjPk pk; - unsigned char sign[2048 + 1]; + unsigned char sign[65536 + 1]; SilcUInt32 sign_len; SILC_LOG_DEBUG(("Process Requested Attributes")); diff --git a/lib/silcclient/tests/test_silcclient.c b/lib/silcclient/tests/test_silcclient.c index 19ccbb98..72cf2d57 100644 --- a/lib/silcclient/tests/test_silcclient.c +++ b/lib/silcclient/tests/test_silcclient.c @@ -111,9 +111,9 @@ int mybot_start(void) &mybot->public_key, &mybot->private_key)) { /* The keys don't exist. Let's generate us a key pair then! There's - nice ready routine for that too. Let's do 2048 bit RSA key pair. */ + nice ready routine for that too. Let's do 4096 bit RSA key pair. */ fprintf(stdout, "MyBot: Key pair does not exist, generating it.\n"); - if (!silc_create_key_pair("rsa", 2048, "mybot.pub", "mybot.prv", NULL, "", + if (!silc_create_key_pair("rsa", 4096, "mybot.pub", "mybot.prv", NULL, "", &mybot->public_key, &mybot->private_key, FALSE)) { perror("Could not generated key pair"); diff --git a/lib/silccore/silcauth.c b/lib/silccore/silcauth.c index da2a502f..fca36ad4 100644 --- a/lib/silccore/silcauth.c +++ b/lib/silccore/silcauth.c @@ -274,7 +274,7 @@ silc_auth_public_key_auth_generate_wpub(SilcPublicKey public_key, SilcHash hash, const void *id, SilcIdType type) { - unsigned char auth_data[2048 + 1]; + unsigned char auth_data[65536 + 1]; SilcUInt32 auth_len; unsigned char *tmp; SilcUInt32 tmp_len; diff --git a/lib/silccore/silcmessage.c b/lib/silccore/silcmessage.c index d1b43ee5..1d70256b 100644 --- a/lib/silccore/silcmessage.c +++ b/lib/silccore/silcmessage.c @@ -4,7 +4,7 @@ Author: Pekka Riikonen - Copyright (C) 1997 - 2007 Pekka Riikonen + Copyright (C) 1997 - 2014 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -180,7 +180,7 @@ silc_message_signed_payload_encode(const unsigned char *message_payload, SilcHash hash) { SilcBuffer buffer, sign; - unsigned char auth_data[2048 + 1]; + unsigned char auth_data[65536 + 1]; SilcUInt32 auth_len; unsigned char *pk = NULL; SilcUInt32 pk_len = 0; diff --git a/lib/silccore/tests/test_silcmessage.c b/lib/silccore/tests/test_silcmessage.c index 1f7d5052..ea7695e5 100644 --- a/lib/silccore/tests/test_silcmessage.c +++ b/lib/silccore/tests/test_silcmessage.c @@ -16,7 +16,7 @@ int main(int argc, char **argv) SilcMessagePayload message; SilcBuffer buf; const char *msg = "FOOBAR MESSAGE"; - unsigned char *data, tmp[1023], *tmp2; + unsigned char *data, tmp[8192], *tmp2; SilcUInt32 data_len; SilcUInt16 flags; int i, n; @@ -36,7 +36,7 @@ int main(int argc, char **argv) if (!silc_load_key_pair("pubkey.pub", "privkey.prv", "", &public_key, &private_key)) { SILC_LOG_DEBUG(("Create keypair")); - if (!silc_create_key_pair("rsa", 2048, "pubkey.pub", "privkey.prv", + if (!silc_create_key_pair("rsa", 4096, "pubkey.pub", "privkey.prv", NULL, "", &public_key, &private_key, FALSE)) goto err; } diff --git a/lib/silccrypt/silcpk.h b/lib/silccrypt/silcpk.h index f62c628c..1308c64a 100644 --- a/lib/silccrypt/silcpk.h +++ b/lib/silccrypt/silcpk.h @@ -114,8 +114,8 @@ typedef struct SilcSILCPrivateKeyStruct { * * EXAMPLE * - * // Generate RSA key pair with 2048 bit key length - * silc_pkcs_silc_generate_key("rsa", 2048, ident_string, rng, + * // Generate RSA key pair with 4096 bit key length + * silc_pkcs_silc_generate_key("rsa", 4096, ident_string, rng, * &public_key, &private_key); * ***/ diff --git a/lib/silccrypt/silcpkcs1.c b/lib/silccrypt/silcpkcs1.c index 514e6a21..f516d741 100644 --- a/lib/silccrypt/silcpkcs1.c +++ b/lib/silccrypt/silcpkcs1.c @@ -4,7 +4,7 @@ Author: Pekka Riikonen - Copyright (C) 2003 - 2007 Pekka Riikonen + Copyright (C) 2003 - 2014 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -491,7 +491,7 @@ SilcBool silc_pkcs1_encrypt(void *public_key, RsaPublicKey *key = public_key; SilcMPInt mp_tmp; SilcMPInt mp_dst; - unsigned char padded[2048 + 1]; + unsigned char padded[65536 + 1]; SilcUInt32 len = (key->bits + 7) / 8; if (sizeof(padded) < len) @@ -534,7 +534,7 @@ SilcBool silc_pkcs1_decrypt(void *private_key, RsaPrivateKey *key = private_key; SilcMPInt mp_tmp; SilcMPInt mp_dst; - unsigned char *padded, unpadded[2048 + 1]; + unsigned char *padded, unpadded[65536 + 1]; SilcUInt32 padded_len; if (dst_size < (key->bits + 7) / 8) @@ -591,7 +591,7 @@ SilcBool silc_pkcs1_sign(void *private_key, SilcHash hash) { RsaPrivateKey *key = private_key; - unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN]; + unsigned char padded[65536 + 1], hashr[SILC_HASH_MAXLEN]; SilcMPInt mp_tmp; SilcMPInt mp_dst; SilcBufferStruct di; @@ -802,7 +802,7 @@ SilcBool silc_pkcs1_sign_no_oid(void *private_key, RsaPrivateKey *key = private_key; SilcMPInt mp_tmp; SilcMPInt mp_dst; - unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN]; + unsigned char padded[65536 + 1], hashr[SILC_HASH_MAXLEN]; SilcUInt32 len = (key->bits + 7) / 8; SILC_LOG_DEBUG(("Sign")); @@ -859,7 +859,7 @@ SilcBool silc_pkcs1_verify_no_oid(void *public_key, SilcBool ret = FALSE; SilcMPInt mp_tmp2; SilcMPInt mp_dst; - unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN]; + unsigned char *verify, unpadded[65536 + 1], hashr[SILC_HASH_MAXLEN]; SilcUInt32 verify_len, len = (key->bits + 7) / 8; SILC_LOG_DEBUG(("Verify signature")); diff --git a/lib/silccrypt/tests/test_silcpkcs.c b/lib/silccrypt/tests/test_silcpkcs.c index 2e5f34e8..8a07c0ba 100644 --- a/lib/silccrypt/tests/test_silcpkcs.c +++ b/lib/silccrypt/tests/test_silcpkcs.c @@ -1,7 +1,7 @@ /* Tests API in silcpkcs.h */ #include "silc.h" -int key_len = 2048; +int key_len = 4096; const unsigned char p[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"; int p_len = 32; @@ -16,7 +16,7 @@ int test() SilcPublicKeyIdentifier ident; SilcPrivateKey privkey; SilcBuffer buf; - unsigned char d[4096], d2[4096]; + unsigned char d[8192], d2[8192]; SilcUInt32 dlen, d2len; SilcHash sha1; diff --git a/lib/silcserver/tests/test_silcserver.c b/lib/silcserver/tests/test_silcserver.c index a1953a64..2b74d411 100644 --- a/lib/silcserver/tests/test_silcserver.c +++ b/lib/silcserver/tests/test_silcserver.c @@ -52,7 +52,7 @@ int main(int argc, char **argv) if (!silc_load_key_pair("test.pub", "test.prv", "", &info->public_key, &info->private_key)) { - if (!silc_create_key_pair("rsa", 2048, "test.pub", "test.prv", NULL, "", + if (!silc_create_key_pair("rsa", 4096, "test.pub", "test.prv", NULL, "", &info->public_key, &info->private_key, FALSE)) { goto err; diff --git a/lib/silcske/groups.c b/lib/silcske/groups.c index dd6e6873..f6333e8f 100644 --- a/lib/silcske/groups.c +++ b/lib/silcske/groups.c @@ -23,47 +23,47 @@ /* Fixed and public Diffie Hellman Groups defined by the SKE protocol. These are equivalent to the OAKLEY Key Determination - protocol groups (taken from RFC 2412). */ + protocol groups. */ const struct SilcSKEDiffieHellmanGroupDefStruct silc_ske_groups[] = { - /* 1024 bits modulus (Mandatory group) */ - { 1, "diffie-hellman-group1", + /* 1536 bits modulus (Optional group) (RFC 3526). */ + { 2, "diffie-hellman-group2", "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" - "FFFFFFFFFFFFFFFF", + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", "7FFFFFFFFFFFFFFFE487ED5110B4611A62633145C06E0E68" "948127044533E63A0105DF531D89CD9128A5043CC71A026E" "F7CA8CD9E69D218D98158536F92F8A1BA7F09AB6B6A8E122" "F242DABB312F3F637A262174D31BF6B585FFAE5B7A035BF6" - "F71C35FDAD44CFD2D74F9208BE258FF324943328F67329C0" - "FFFFFFFFFFFFFFFF", + "F71C35FDAD44CFD2D74F9208BE258FF324943328F6722D9E" + "E1003E5C50B1DF82CC6D241B0E2AE9CD348B1FD47E9267AF" + "C1B2AE91EE51D6CB0E3179AB1042A95DCF6A9483B84B4B36" + "B3861AA7255E4C0278BA36046511B993FFFFFFFFFFFFFFFF", "2" }, - /* 1536 bits modulus (Optional group) */ - { 2, "diffie-hellman-group2", + /* 1024 bits modulus (Mandatory group) (RFC 2412). */ + { 1, "diffie-hellman-group1", "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" - "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" + "FFFFFFFFFFFFFFFF", "7FFFFFFFFFFFFFFFE487ED5110B4611A62633145C06E0E68" "948127044533E63A0105DF531D89CD9128A5043CC71A026E" "F7CA8CD9E69D218D98158536F92F8A1BA7F09AB6B6A8E122" "F242DABB312F3F637A262174D31BF6B585FFAE5B7A035BF6" - "F71C35FDAD44CFD2D74F9208BE258FF324943328F6722D9E" - "E1003E5C50B1DF82CC6D241B0E2AE9CD348B1FD47E9267AF" - "C1B2AE91EE51D6CB0E3179AB1042A95DCF6A9483B84B4B36" - "B3861AA7255E4C0278BA36046511B993FFFFFFFFFFFFFFFF", + "F71C35FDAD44CFD2D74F9208BE258FF324943328F67329C0" + "FFFFFFFFFFFFFFFF", "2" }, { 0, NULL, NULL, NULL } diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c index 43a68438..36d36ac8 100644 --- a/lib/silcske/silcske.c +++ b/lib/silcske/silcske.c @@ -1457,7 +1457,7 @@ SILC_FSM_STATE(silc_ske_st_initiator_phase2) /* Compute signature data if we are doing mutual authentication */ if (ske->private_key && ske->prop->flags & SILC_SKE_SP_FLAG_MUTUAL) { - unsigned char hash[SILC_HASH_MAXLEN], sign[2048 + 1]; + unsigned char hash[SILC_HASH_MAXLEN], sign[65536 + 1]; SilcUInt32 hash_len, sign_len; SILC_LOG_DEBUG(("We are doing mutual authentication")); @@ -2294,7 +2294,7 @@ SILC_FSM_STATE(silc_ske_st_responder_phase5) SilcSKE ske = fsm_context; SilcSKEStatus status; SilcBuffer payload_buf; - unsigned char hash[SILC_HASH_MAXLEN], sign[2048 + 1], *pk; + unsigned char hash[SILC_HASH_MAXLEN], sign[65536 + 1], *pk; SilcUInt32 hash_len, sign_len, pk_len; SILC_LOG_DEBUG(("Start")); -- 2.24.0