[Cryptech Tech] CLI changes

Paul Selkirk paul at psgd.org
Wed Sep 5 17:44:14 UTC 2018


I just made a couple of small changes to the CLI command set, which
shouldn't affect most users.

1) For the 'masterkey set' command, I changed the way the key value is
displayed, as well as how it is parsed.

Previously, it was displayed as a raw hexdump, e.g.

  cryptech> masterkey set
  Random key:
  00 -- 34 EF E4 3B BE E2 A9 DC EA BF 28 4C F2 FB 92 00
  10 -- 3B 0F 26 39 C6 F9 10 2C BD F6 1C 8C 0C F0 51 5D

But, to re-enter the key (e.g. after a power interruption without
battery backup), you'd have to enter 8 32-bit hex values, in
little-endian order, e.g.

  cryptech> masterkey set 3BE4EF34 DCA9E2BE 4C28BFEA 0092FBF2 39260F3B
2C10F9C6 8C1CF6BD 5D51F00C
  Parsed key:
  00 -- 34 EF E4 3B BE E2 A9 DC EA BF 28 4C F2 FB 92 00
  10 -- 3B 0F 26 39 C6 F9 10 2C BD F6 1C 8C 0C F0 51 5D

This was less than ideal, but it got the job done for the Berlin
workshop, and no one complained.

Now it displays a bytestring, broken into 8 groups of 8 characters, e.g.

  cryptech> masterkey set
  Random key:
  34EFE43B BEE2A9DC EABF284C F2FB9200 3B0F2639 C6F9102C BDF61C8C 0CF0515D

And it parses a bytestring, broken up however you want it, so the
following commands are equivalent (ignoring line-breaks inserted by my
mailer):

  masterkey set 34 EF E4 3B BE E2 A9 DC EA BF 28 4C F2 FB 92 00 3B 0F 26
39 C6 F9 10 2C BD F6 1C 8C 0C F0 51 5D
  masterkey set 34EFE43B BEE2A9DC EABF284C F2FB9200 3B0F2639 C6F9102C
BDF61C8C 0CF0515D
  masterkey set
34efe43bbee2a9dceabf284cf2fb92003b0f2639c6f9102cbdf61c8c0cf0515d

2) For the 'keystore erase' command, I added an optional 'preservePINs'
argument.

The login PINs (passwords) are stored in the flash-based keystore, as a
different block type than keys. So if you erase the keystore, you will
then need to log in as wheel with the "last-gasp" default PIN, and reset
all the PINs, which isn't hard, but isn't ideal either.

With the 'preservePINs' argument, the erase command will effectively
only erase the keys, but leave the PINs. Without the 'preservePINs'
argument, it behaves exactly as before, and is effectively a "factory
reset".

The motivation for this came when I was working on the hashsig
implementation, and would sometimes end up with hundreds of orphaned
LM-OTS keys on the device, and the easiest way to deal with them was to
erase the whole keystore.

As with 'masterkey set', you may never need this, but it's there if you do.

Note that these changes are in the master branch of the repository, not
yet in the releng binaries.

				paul


More information about the Tech mailing list