[pbs-devel] [PATCH proxmox-backup 09/13] paperkey: add short key ID to subject

Fabian Grünbichler f.gruenbichler at proxmox.com
Mon Nov 23 09:16:43 CET 2020 

On November 23, 2020 8:07 am, Dietmar Maurer wrote:
> 
>> +            Ok(mut key_config) => {
>> +                // add display version of fingerprint to subject and strip from key data
>> +                let subject = match (subject, key_config.fingerprint.take()) {
>> +                    (Some(mut subject), Some(fingerprint)) => {
>> +                        subject.push_str(&format!(" ({})", fingerprint));
>> +                        Some(subject)
>> +                    },
>> +                    (None, Some(fingerprint)) => Some(format!("Fingerprint: {}", fingerprint)),
>> +                    (subject, _) => subject,
>> +                };
>> +
> 
> I still don't get why we need a 32byte fingerprint - this is the same length as the key itself!

the key (on disk) is 8 + 8 + 8 + 32 (key derivation) + 64 (encrypted key 
data) + 8 + 8 (timestamps), totalling 136 bytes. serialized it's a bit 
more, although there the fingerprint skews the numbers more heavily 
(because I opted for a readable serialization, not one optimized for 
size). even in-memory, the key is not 32-byte long, but 32+32+however 
long the PKey struct from openssl is.

I want to have the "full" fingerprint because we persist this in places 
where we can't (easily) update it, so it's more future-proof to keep the 
full value there. it also makes it possible to use the full value for 
the actual comparison done on manifest load/check (where we not only 
have to think about collisions for a single user, but potentially 
hundreds/thousands if they share a datastore!).

> I want to avoid having keys with different content (strip fingerprint), because this only
> confuse people.

I originally wanted to keep the full fingerprint in, but conceded to 
your space arguments here and only included the short version.. I also 
don't really buy the confusion, since unless the user has manually 
looked inside the key file they don't even know that or how the 
fingerprint is stored there - in the user-facing parts we only ever show 
the short key ID. furthermore we already paperkey the pretty-printed 
version so if the user restores that the checksum of the keyfile is 
different anyhow.

More information about the pbs-devel mailing list