How to verify a wireguard public key?

Nico Schottelius nico.schottelius at ungleich.ch
Fri Dec 25 10:10:08 CET 2020


Good morning Adam and Jason,

thanks for your qualified and fast answers! It's nice to see Dan's
website still referenced in almost 2021 and also that it can be easily
enough verified.

For reference and if anyone ever looks up this thread, I am using
the following code within the Django Rest Framework [0]:

--------------------------------------------------------------------------------
    def validate_wireguard_public_key(self, value):
        msg = _("Supplied key is not a valid wireguard public key")

        """
        Verify wireguard key.
        See https://lists.zx2c4.com/pipermail/wireguard/2020-December/006221.html
        """

        try:
            decoded_key = base64.standard_b64decode(value)
        except Exception as e:
            raise serializers.ValidationError(msg)

        if not len(decoded_key) == 32:
            raise serializers.ValidationError(msg)

        return value
--------------------------------------------------------------------------------

Thanks again and enjoy the quite time over Christmas!

Best regards,

Nico

[0] https://code.ungleich.ch/uncloud/uncloud/-/blob/master/uncloud_net/serializers.py#L37


Adam Stiles <ajstiles at gmail.com> writes:

> Hi Nico,
>
> WireGuard uses Curve25519 keys. A Curve25519 secret key is a random 32
> byte value with a few special bits flipped, and a public key is
> calculated from a secret key.
>
> There's some good info here (https://cr.yp.to/ecdh.html), including
> this questions and answer:
>
> "How do I validate Curve25519 public keys?"
>
> "Don't. The Curve25519 function was carefully designed to allow all
> 32-byte strings as Diffie-Hellman public keys."
>
> I just saw Jason's response, and so this is a bit redundant, but the
> reference above is a good one.
>
> Best,
>
> Adam
>
>
> On Thu, Dec 24, 2020 at 3:21 PM Nico Schottelius
> <nico.schottelius at ungleich.ch> wrote:
>>
>>
>> Good morning,
>>
>> I am currently extending uncloud [0] to support wireguard tunnels and
>> keys. At the moment it is not entirely clear how to verify that a
>> certain string is a valid wireguard key.
>>
>> I first tried checking that it is valid base64, but not all base64
>> strings are valid wireguard keys.
>>
>> Then I tried using `echo $key | wg pubkey && echo ok` - which seems to
>> check the key format, however the intended behaviour here is misused.
>>
>> Does anyone have a pointer on how to reliably identify wireguard public
>> keys?
>>
>> Is the wireguard key always 32 bytes when decoded from base64? Tests
>> with a number of public keys seems to indicate that.
>>
>> Best regards,
>>
>> Nico
>>
>>
>> [0] https://code.ungleich.ch/uncloud/uncloud
>>
>> --
>> Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch


--
Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch


More information about the WireGuard mailing list