10
45
Fork
You've already forked doipjs
28

Defensive protection for ClaimFormat.FINGERPRINT scenario #64

Merged
Ryuno-Ki merged 1 commit from aspensmonster/doipjs:issue/63 into dev 2025年07月11日 18:34:33 +02:00
Contributor
Copy link

See Issue #63 for context.

See Issue #63 for context.
Defensive protection for ClaimFormat.FINGERPRINT scenario
Some checks are pending
ci/woodpecker/pull_request_closed/test Pipeline is pending approval
699a8ac1b0
Issue #63 
First-time contributor
Copy link
@yarmo please review! https://community.keyoxide.org/d/250-keybase-claim-fails-even-though-fingerprint-matches
@ -64,6 +64,9 @@ export function generateClaim (fingerprint, format) {
}
return `openpgp4fpr:${fingerprint}`
case ClaimFormat.FINGERPRINT:
if (fingerprint.match(/^(openpgp4fpr|aspe):/)) {
Member
Copy link

Just a quick thing I am noticing: we should also strip the ASPE server domain out of this too. Given a URI aspe:keyoxide.org:5E3VMLXIKAN4H4RRZZC7TEXHNY, this function will return the string keyoxide.org:5E3VMLXIKAN4H4RRZZC7TEXHNY even though 5E3VMLXIKAN4H4RRZZC7TEXHNY is the correct fingerprint.

As per https://ariadne.id/related/ariadne-signature-profile-0/ section 2.2 (ASP fingerprint):

The fingerprint (or thumbprint) for an ASP follows the method defined in [RFC7638] for computing JWK thumbprints and is obtained as follows:

  • construct a JSON object with the "crv", "kty", "x" and "y" (when present) properties in that specific order obtained from the signing key,
  • stringify the JSON object,
  • hash the string using SHA512,
  • take the first 16 bytes of the resulting hash,
  • encode them using BASE32 (no padding).

The resulting string is the fingerprint for the ASP and will be used as proof to verify the identity claims.

As the spec states, the correct "fingerprint" used for proof verification is the raw hashed version of the key, and doesn't include the ASPE server it is hosted on.

EDIT: I now realize that the current code only returns keyoxide.org rather than including the fingerprint at all, but the point still stands: the code currently doesn't work, and we need to strip everything until the last : as @vladimyr stated.

Just a quick thing I am noticing: we should also strip the ASPE server domain out of this too. Given a URI `aspe:keyoxide.org:5E3VMLXIKAN4H4RRZZC7TEXHNY`, this function will return the string `keyoxide.org:5E3VMLXIKAN4H4RRZZC7TEXHNY` even though `5E3VMLXIKAN4H4RRZZC7TEXHNY` is the correct fingerprint. As per https://ariadne.id/related/ariadne-signature-profile-0/ section 2.2 (ASP fingerprint): > The fingerprint (or thumbprint) for an ASP follows the method defined in [RFC7638] for computing JWK thumbprints and is obtained as follows: > > - construct a JSON object with the "crv", "kty", "x" and "y" (when present) properties in that specific order obtained from the signing key, > - stringify the JSON object, > - hash the string using SHA512, > - take the first 16 bytes of the resulting hash, > - encode them using BASE32 (no padding). > > The resulting string is the fingerprint for the ASP and will be used as proof to verify the identity claims. As the spec states, the correct "fingerprint" used for proof verification is the raw hashed version of the key, and doesn't include the ASPE server it is hosted on. EDIT: I now realize that the current code only returns `keyoxide.org` rather than including the fingerprint at all, but the point still stands: the code currently doesn't work, and we need to strip everything until the last `:` as @vladimyr stated.
Member
Copy link

Just a quick thing I am noticing: we should also strip the ASPE server domain out of this too. Given a URI aspe:keyoxide.org:5E3VMLXIKAN4H4RRZZC7TEXHNY, ...

FYI we had brief discussion on Matrix channel about aspe: URIs. I'm about to open an issue specifically for addressing that but the current consensus on the matter is that:

  1. in the future we are going to use URIs without authority section aka aspe:5E3VMLXIKAN4H4RRZZC7TEXHNY
  2. existing URIs are actually malformed and need to be rewritten into aspe://keyoxide.org/5E3VMLXIKAN4H4RRZZC7TEXHNY

so please make sure to strip everything until last : or /!

> Just a quick thing I am noticing: we should also strip the ASPE server domain out of this too. Given a URI `aspe:keyoxide.org:5E3VMLXIKAN4H4RRZZC7TEXHNY`, ... FYI we had brief [discussion](https://matrix.to/#/!dEfJkFpQpwvbzcegRX:matrix.org/$n0MW8mm0HLn0b8dJkfwIPTdv-HxZzbXKHh6a__TZ9u8?via=matrix.org&via=mackenba.ch&via=tchncs.de) on Matrix channel about `aspe:` URIs. I'm about to open an issue specifically for addressing that but the current consensus on the matter is that: 1. in the future we are going to use URIs without authority section aka `aspe:5E3VMLXIKAN4H4RRZZC7TEXHNY` 2. existing URIs are actually malformed and need to be rewritten into `aspe://keyoxide.org/5E3VMLXIKAN4H4RRZZC7TEXHNY` so please make sure to strip everything until last `:` or `/`!
First-time contributor
Copy link

Would be amazing to get this moving. I'm also affected. It's the single high-priority PR open. Let me know if you'd like me to make a new PR for this.

Would be amazing to get this moving. I'm [also affected](https://keyoxide.org/B26995E310250568). It's the single high-priority PR open. Let me know if you'd like me to make a new PR for this.
First-time contributor
Copy link

@aspensmonster please rebase this!

@aspensmonster please rebase this!
Ryuno-Ki left a comment
Copy link

@aspensmonster Would you be willing to accept the little suggestion?

@aspensmonster Would you be willing to accept the little suggestion?
@ -65,2 +65,4 @@
return `openpgp4fpr:${fingerprint}`
case ClaimFormat.FINGERPRINT:
if (fingerprint.match(/^(openpgp4fpr|aspe):/)) {
return fingerprint.split(':')[1]
Owner
Copy link

From what I gather this could be:

- return fingerprint.split(':')[1]
+ return fingerprint.split(':').at(-1)
From what I gather this could be: ```patch - return fingerprint.split(':')[1] + return fingerprint.split(':').at(-1) ```

🤦

My bad.
Let me open a PR.

🤦 My bad. Let me open a PR.
#172
Sign in to join this conversation.
No reviewers
tyy
Labels
Clear labels
bug
Something is not working

Archived

enhancement
New feature

Archived

Contribution welcome
Get started contributing here
Good first issue
Good if you are new to the project or to open source contributions
Impact
External
Affects the people using the project
Impact
Internal
Affects on the people working on the project
Priority
Critical
Work on right now
Priority
High
Work on at earliest convenience
Priority
Low
Work on in spare time
Priority
Medium
Work on regularly
Review
Duplicate
Already exists
Review
Off Topic
Does not fall within the scope of the repo/project
Status
Backlog
Is not being worked on yet
Status
Blocked
Is waiting on something or someone
Status
Completed
Is done
Status
In Progress
Is being worked on
Status
Investigating
Is waiting on research or questions
Status
Needs Decision
Is waiting on a decision by the devs/contributors
Status
Needs Info
Is waiting on additional information before it can be solved
Status
Needs Triage
Is new issue that needs reviewing
Status
Testing
Is being checked and verified
Status
Waiting For Review
Is waiting on reviewers to approve
Status
Won't Fix
Won't be fixed
Type
Bug
Related to something not working as intended
Type
CI
Related to continuous integration
Type
Documentation
Related to documentation
Type
Enhancement
Related to a new feature or an improved one
Type
New Claim
Related to a new identity claim/proof
Type
Security
Related to security
Type
Tests
Related to code tests
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
7 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
keyoxide/doipjs!64
Reference in a new issue
keyoxide/doipjs
No description provided.
Delete branch "aspensmonster/doipjs:issue/63"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?