Re: get public key as non-root

2020-07-03 Thread Jason A. Donenfeld
On Fri, Jul 3, 2020 at 11:47 AM Klemens Nanni  wrote:
> Is there any particular reason why an interface's *public* key is only
> shown to the root user in ifconfig?

Yes, there is a reason for this.

The WireGuard protocol has a property called "identity hiding". See
section 3.4 and 4.3.4 lemma 7 of

or section 7.8 of
. The mac1
value also relies on this identity hiding property. In other words,
public keys should not be easily broadcasted and should not be
accessible to unprivileged users.



wg: get public key as non-root

2020-07-03 Thread Klemens Nanni
Is there any particular reason why an interface's *public* key is only
shown to the root user in ifconfig?

Similar to `wgport', I'd like to see the public key as non-root user as
well for convenience:

$ ifconfig wg0
wg0: flags=80c3 mtu 1420
index 5 priority 0 llprio 3
wgport 1078
wgpubkey mrtNB07tzEJKyJDvhaov7QYt487BXLK3hnnZB+pDIhM=
groups: wg
inet6 ... prefixlen 126

This makes the SIOCGWG ioctl return the public key to unprivileged users
such ifconfig read it.

Feedback? Objections? OK?

diff --git a/sys/net/if_wg.c b/sys/net/if_wg.c
index 3f59681fe..f9a145b37 100644
--- a/sys/net/if_wg.c
+++ b/sys/net/if_wg.c
@@ -2374,12 +2374,14 @@ wg_ioctl_get(struct wg_softc *sc, struct wg_data_io 
*data)
iface_o.i_flags |= WG_INTERFACE_HAS_RTABLE;
}
 
+   if (noise_local_keys(>sc_local, iface_o.i_public, NULL) == 0) {
+   iface_o.i_flags |= WG_INTERFACE_HAS_PUBLIC;
+   }
+
if (!is_suser)
goto copy_out_iface;
 
-   if (noise_local_keys(>sc_local, iface_o.i_public,
-   iface_o.i_private) == 0) {
-   iface_o.i_flags |= WG_INTERFACE_HAS_PUBLIC;
+   if (noise_local_keys(>sc_local, NULL, iface_o.i_private) == 0) {
iface_o.i_flags |= WG_INTERFACE_HAS_PRIVATE;
}