keyhash on status.net / cliqset magic envelopes?

[Markus Sabadello]

Darren, James, etc.,

The Salmon Magic Envelopes spec says about the <me:sig> element:
"MUST have a keyhash attribute containing the "keyhash" value for the signature. "

status.net sends me Salmons like the following:

<?xml version="1.0" encoding="UTF-8"?>
<me:env xmlns:me="http://salmon-protocol.org/ns/magic-env">
    <me:data type="application/atom+xml">...</me:encoding>
    <me:alg>RSA-SHA256</me:alg>
  <me:sig>...</me:sig>
</me:env>

Cliqset sends me Salmons like the following:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<me:env xmlns:me="http://salmon-protocol.org/ns/magic-env">
    <me:data type="application/atom+xml">...</me:data>
    <me:encoding>base64url</me:encoding>
    <me:alg>RSA-SHA256</me:alg>
    <me:sig>...</me:sig>
</me:env>

The only difference I see is the <me:encoding> Element, but neither Salmon has a keyhash attribute on the <me:sig>.

I'm trying to use Cliqset's Java code for verifying the Salmon:
http://code.google.com/p/java-salmon/

It fails, and I think it fails because of the missing keyhash.
I get errors like the following:

01:31:02,890 DEBUG [com.cliqset.salmon.Salmon] Verifying signature with 1 keys
01:31:02,890 DEBUG [com.cliqset.salmon.Salmon] Key RSA.jniFOEiC-UNUPvz6Er60L4jhO72jVrfDBxvXqrSJEpirUhG9Pe4zY_QZSphi5am9-8vY16M08x3-ah3E68Ks31drrNoO1-mRhl_xaHphaRbngNgs9sZroZetirxCyYQwy3uez2hCjcUMrnf0z-QKYuamAcImsul3Om3kg9EI428=.AQAB with keyhash of u-IZPKUjyekAr7tnRGm9E0Y_iLhDeXO99KTBXt3g9sk= does not match signature keyhash of null
01:31:02,890  WARN [pds.endpoint.salmon.SalmonServlet] Cannot verify Salmon: Unable to verify the signature.
com.cliqset.salmon.SalmonException: Unable to verify the signature.
    at com.cliqset.salmon.Salmon.verify(Salmon.java:111)
    at com.cliqset.salmon.Salmon.verify(Salmon.java:73)

What to do?
Not verify the signatures for now?

Markus

--
blog: http://danubechannel.com
phone: +43 664 3154848

[John Panzer]

A robust solution, and one that matches the experimental branch of the Magic Signature spec, is to treat a missing keyhash as a "wildcard" that matches any available key, and loop over all available keys looking for one that verifies the signature.  Verification then succeeds if at least one key verifies the signature.  (In 99%of cases there's only one key anyway.)

--
John Panzer / Google
jpa...@google.com / abstractioneer.org / @jpanzer

[Charlie Cauthen]

Done.  Let me know how it goes.

Charlie

On Thu, Sep 16, 2010 at 8:51 PM, Charlie Cauthen <cha...@cliqset.com> wrote:

Hey Markus,

You are correct the lib is currently expecting the keyhash.

As the salmon spec has been advancing quickly, it is tough to keep the production systems on the bleeding edge and compatible.

I'll update the lib to handle this and let you know when it is done.  Let me know of anything else you run across.

Charlie

[Markus Sabadello]

Thanks Charlie, thanks for the quick fix, I just tried it..

Unfortunately, getting "Unable to verify the signature." exceptions now for both Cliqset and status.net Salmons.
Not sure how much time you have to look into this, but I'm attaching the logs for both cases.

Markus

[Charlie Cauthen]

Hey Markus,

You are correct the lib is currently expecting the keyhash.

As the salmon spec has been advancing quickly, it is tough to keep the production systems on the bleeding edge and compatible.

I'll update the lib to handle this and let you know when it is done.  Let me know of anything else you run across.

Charlie

On Thu, Sep 16, 2010 at 7:50 PM, John Panzer <jpa...@google.com> wrote:

[Charlie Cauthen]

Thanks.  I'll be able to go over this in the morning.  I think there may be a difference in what is included in the signature between the current state of the library and cliqset.

The library being most up to date.