Change self-signed cert fingerprint to 80 bits of SHA-256.

More secondary preimage resistance. Also better docs and less vague and less promoted Android UI. Feedback from Adam Langley, but likely misinterpreted. Change-Id: I3bf1029b6fc07c0b8dab2af44926aa87b0d4cbad
2014-01-04 16:37:33 -08:00 · 2014-01-04 16:37:33 -08:00 · 3e725e2a98
parent 4c61927147
commit 3e725e2a98
9 changed files with 23 additions and 21 deletions
--- a/.gitignore
+++ b/.gitignore
@ -26,3 +26,4 @@ server/camlistored/newui/all.js
 server/camlistored/newui/all.js.map
 server/camlistored/newui/zembed_all.js.go
 server/appengine/source_root/
+config/selfgen_pem*
--- a/clients/android/res/values/strings.xml
+++ b/clients/android/res/values/strings.xml
@ -4,7 +4,7 @@
    <string name="app_name">Camlistore Uploader</string>
    <string name="settings_host_title">Camlistore server</string>
    <string name="settings_host_summary">e.g. https://foo.example.com or &quot;example.com:3179&quot;</string>
-    <string name="settings_trusted_cert_title">Self-signed certificate</string>
+    <string name="settings_trusted_cert_title">Self-signed cert fingerprint</string>
    <string name="settings_trusted_cert_summary">The fingerprint of your self-signed certificate. Not needed for commercial certs.</string>
    <string name="settings_username_title">Username</string>
    <string name="settings_password_title">Password</string>
@ -30,4 +30,4 @@
    <string name="browse">Browse</string>
    <string name="results">Results</string>

-</resources>
+</resources>
--- a/clients/android/res/xml/preferences.xml
+++ b/clients/android/res/xml/preferences.xml
@ -7,11 +7,6 @@
        android:persistent="true"
        android:summary="@string/settings_host_summary"
        android:title="@string/settings_host_title" />
-    <EditTextPreference
-        android:key="camli.trusted_cert"
-        android:persistent="true"
-        android:summary="@string/settings_trusted_cert_summary"
-        android:title="@string/settings_trusted_cert_title" />
    <EditTextPreference
        android:key="camli.username"
        android:persistent="true"
@ -62,6 +57,12 @@
        android:singleLine="true"
        android:title="@string/settings_max_cache_size_title" />

+    <EditTextPreference
+        android:key="camli.trusted_cert"
+        android:persistent="true"
+        android:summary="@string/settings_trusted_cert_summary"
+        android:title="@string/settings_trusted_cert_title" />
+
    <EditTextPreference
        android:key="camli.dev_ip"
        android:phoneNumber="true"
@ -69,4 +70,4 @@
        android:singleLine="true"
        android:title="@string/settings_dev_ip" />
    
-</PreferenceScreen>
+</PreferenceScreen>
--- a/clients/android/src/org/camlistore/SettingsActivity.java
+++ b/clients/android/src/org/camlistore/SettingsActivity.java
@ -230,7 +230,7 @@ public class SettingsActivity extends PreferenceActivity {
        if (value != null && value.length() > 0) {
            trustedCertPref.setSummary(value);
        } else {
-            trustedCertPref.setSummary("<unset>");
+            trustedCertPref.setSummary("<unset; optional 20 hex SHA-256 prefix>");
        }
    }

--- a/clients/android/src/org/camlistore/UploadThread.java
+++ b/clients/android/src/org/camlistore/UploadThread.java
@ -56,7 +56,7 @@ public class UploadThread extends Thread {
    public UploadThread(UploadService uploadService, HostPort hp, String trustedCert, String username, String password) {
        mService = uploadService;
        mHostPort = hp;
-        mTrustedCert = trustedCert;
+        mTrustedCert = trustedCert != null ? trustedCert.toLowerCase().trim() : "";
        mUsername = username;
        mPassword = password;
    }
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@ -794,7 +794,7 @@ func (c *Client) DialFunc() func(network, addr string) (net.Conn, error) {
 		if certs == nil || len(certs) < 1 {
 			return nil, errors.New("Could not get server's certificate from the TLS connection.")
 		}
-		sig := misc.SHA1Prefix(certs[0].Raw)
+		sig := misc.SHA256Prefix(certs[0].Raw)
 		for _, v := range trustedCerts {
 			if v == sig {
 				return conn, nil
--- a/pkg/misc/misc.go
+++ b/pkg/misc/misc.go
@ -20,14 +20,14 @@ limitations under the License.
 package misc

 import (
-	"crypto/sha1"
+	"crypto/sha256"
 	"fmt"
 )

-// SHA1Prefix computes the SHA-1 digest of data and returns
-// the first ten digits of its lowercase hex string.
-func SHA1Prefix(data []byte) string {
-	h := sha1.New()
+// SHA256Prefix computes the SHA-256 digest of data and returns
+// its first twenty lowercase hex digits.
+func SHA256Prefix(data []byte) string {
+	h := sha256.New()
 	h.Write(data)
-	return fmt.Sprintf("%x", h.Sum(nil))[:10]
+	return fmt.Sprintf("%x", h.Sum(nil))[:20]
 }
--- a/server/camlistored/camlistored.go
+++ b/server/camlistored/camlistored.go
@ -176,7 +176,7 @@ func genSelfTLS(listen string) error {
 	if err != nil {
 		return fmt.Errorf("Failed to parse certificate: %v", err)
 	}
-	sig := misc.SHA1Prefix(cert.Raw)
+	sig := misc.SHA256Prefix(cert.Raw)
 	hint := "You must add this certificate's fingerprint to your client's trusted certs list to use it. Like so:\n" +
 		`"trustedCerts": ["` + sig + `"],`
 	log.Printf(hint)
@ -365,8 +365,8 @@ func setupTLS(ws *webserver.Server, config *serverconfig.Config, listen string)
 	if err != nil {
 		exitf("Failed to parse certificate: %v", err)
 	}
-	sig := misc.SHA1Prefix(certif.Raw)
-	log.Printf("TLS enabled, with certificate fingerprint: %v", sig)
+	sig := misc.SHA256Prefix(certif.Raw)
+	log.Printf("TLS enabled, with SHA-256 certificate fingerprint: %v", sig)
 	ws.SetTLS(cert, key)
 }

--- a/website/content/docs/client-config
+++ b/website/content/docs/client-config
@ -19,7 +19,7 @@ If the server is not on the same host, it is highly recommended to use TLS or an

 <li><b><code>identitySecretRing</code></b>: Optional. If non-empty, it specifies the location of your GPG secret keyring. Defaults to <b>$HOME/.config/camlistore/identity-secring.gpg</b>. See <code>camput init</code> for help on how to generate a new keypair.</li>

-<li><b><code>trustedCerts</code></b>: Optional. The list of TLS server certificates fingerprints (truncated at 10 digits) that the client will trust blindly when using https. It is required when the server is using a self-signed certificate. Example: "trustedCerts": ["ffc7730f4b"].</li>
+<li><b><code>trustedCerts</code></b>: Optional. This is the list of TLS server certificate fingerprints that the client will trust when using HTTPS. It is required when the server is using a self-signed certificate (as Camlistore generates by default) instead of a Root Certificate Authority-signed cert (sometimes known as a "commercial SSL cert"). The format of each item is the first 20 hex digits of the SHA-256 digest of the cert. Example: <code>"trustedCerts": ["ffc7730f4bf00ba4bad0"]</code></li>

 <li><b><code>ignoredFiles</code></b>: Optional. The list of of files that camput should ignore and not try to upload when using -filenodes.</li>