getKeyDataFromString hash validation fail

[xwiz]

I've double-checked the hex file being loaded but still getKeyDataFromString always throws Checksum validation fail.

Is this some sort of OS encoding issue? What could be the issue?

[paragonie-security]

What do you mean by "the hex file being loaded"? Can you share a code snippet and a random throw-away example key that reproduces the same issue?

Typically when we see this error, someone thought they could just bin2hex(random_bytes(32)) some random data and load it into Halite that way.

(In reality, you're supposed to generate them within Halite, which produces a key in the form of raw_key || checksum before hex-encoding. This offers two advantages: It informs you when the key has been corrupted on disk, and it prevents people from easily using hash('sha256', $password, true) as their encryption key.)

[xwiz]

Interesting. So if I already have a key pair, how do I encode them to be 'halite compatible'?

[paragonie-security]

halite/src/KeyFactory.php

Lines 769 to 778 in 7596d5c

	return new HiddenString(
	Hex::encode(
	Halite::HALITE_VERSION_KEYS . $key->getRawKeyMaterial() .
	\sodium_crypto_generichash(
	Halite::HALITE_VERSION_KEYS . $key->getRawKeyMaterial(),
	'',
	\SODIUM_CRYPTO_GENERICHASH_BYTES_MAX
	)
	)
	);

[xwiz]

OK thank you.

[xwiz]

I made a small helper as below and exported the new file to disk but it now says it's invalid (must be CRYPTO_SIGN_PUBLICKEYBYTES long).

I'm trying to load exported file as follows

\ParagonIE\Halite\KeyFactory::loadSignaturePublicKey($path);

I have attached a sample public key output from the function.

What am I doing wrong?

/**
 * Export a cryptography key file to halite compatibe file format (with a checksum)
 *
 * @param string $key_path
 * @param string $dest_path
 * @return HiddenString
 *
 * @throws CannotPerformOperation
 * @throws InvalidType
 * @throws \SodiumException
 * @throws \TypeError
 */
public static function exportRawKey($key_path, $dest_path)
{
	$rawKey = \file_get_contents($key_path);
	if ($rawKey === false) {
        // @codeCoverageIgnoreStart
        throw new \ParagonIE\Halite\Alerts\CannotPerformOperation(
            'Cannot load file: '. $key_path
        );
        // @codeCoverageIgnoreEnd
    }
	$key = new \ParagonIE\HiddenString\HiddenString(
		\ParagonIE\ConstantTime\Hex::encode(
			\ParagonIE\Halite\Halite::HALITE_VERSION_KEYS . $rawKey .
			\sodium_crypto_generichash(
				\ParagonIE\Halite\Halite::HALITE_VERSION_KEYS . $rawKey,
				'',
				\SODIUM_CRYPTO_GENERICHASH_BYTES_MAX
			)
		)
	);
	\file_put_contents($dest_path, $key->getString());
	return $key;
}

fst_rsa_halite.txt

[paragonie-security]

fst_rsa_halite.txt

You cannot use RSA keys with Halite. Please generate a new keypair within Halite and use that instead.

[xwiz]

OK thank you. I am not familiar with the key format generated by sodium.

Assuming I want to use base64 form, is it safe to save rawkey file and encode using sodium_bin2base64?

However I noticed there's already a function to save/export in KeyFactory class

Also the documentation to generate a signature keypair references the SignatureKey class instead of KeyFactory.

[paragonie-security]

Yep, the documentation for KeyFactory is available here: https://github.com/paragonie/halite/blob/master/doc/Classes/KeyFactory.md