Hey Mike (et al),
It's true, the signing message format has changed (I apparently missed
On Tue, Oct 26, 2010 at 6:46 PM, Mike Macgirvin <mi...@macgirvin.com> wrote:
> During some of my compatibility testing w/mistpark, I've discovered
> that several projects are using incorrect implementations of salmon
> magic signatures. In fact, I have not yet found one that is
> compliant.
it getting promoted from 'experimental').
Agreed it's a hassle, but it's the nature of the beast when
> This creates a huge mess because one must send two slaps to each of
> these providers - the first using the correct implementation, and then
> if that fails - repeat using the incorrect format. These have to be
> verified in the same way, falling back to the incorrect format if the
> correct one fails.
>
> Unfortunately, this means that each of you who wishes to provide
> federated services must also implement this duplication of effort
> until such time as everybody has upgraded and the broken
> implementations begin to fade from existence (this could take a few
> years - which is why everybody needs to start fixing it today(!)).
implementing draft specs that are still under heavy revision. I
believe Salmon is getting "real close now"(tm) - but I'll let John
provide official word there.
That said, I can speak for StatusNet and say - thanks for bringing
this to our attention, I'll be rolling out a fix ASAP.
Good catch. Thanks again!
> The crux of the problem is in section 8 of draft-panzer-magicsig-00
> (section 9.1 if you're working off the trunk).
>
> The implementations I've encountered are only signing the
> base64url_encoded data itself. The correct method is to append the
> string ".YXBwbGljYXRpb24vYXRvbSt4bWw=.YmFzZTY0dXJs.UlNBLVNIQTI1Ng=="
> to the armoured data and use that both for signing and verification.
> (This is a simplification, you should calculate this string yourself
> to allow for future revisions).
>
--
James Walker :: http://walkah.net/ :: http://james.status.net/
Cons: Nonstandard
That pretty well sums it up for me. With all due respects John - salmon magic envelopes already require the addition of a lot of bloat to support its unique way of doing things - at least on the php platform.
I understand the reasoning and appreciate the mechanisms. But couldn't some of this stuff be done with standard libraries and not require special salmon flavours of everything (e.g. encryption libs, key formats, base64 encoders, etc.)?
Plenty - but that's PHP's problem ... lack of quality libraries. (imnsho).
That said - it was an issue when we first started implementing salmon,
but the phpseclib library that StatusNet is using has proven to be
reliable since. Thought, the PHP gmp extension makes a *world* of
difference for performance (but that's true of *any* crypto -
diffe-hellman for openid, et al has the same issue).
I think the only "non standard" bit is the base64url encoding but it's
a single line to implement in PHP on top of the standard
base64_encode/decode.
> (Note that the reason for not requiring certificates, and using a simple RSA
> keypair format, is that you end up needing to install compiled C libraries
> to parse ASN.1 stuff for a lot (all?) non-Java languages, which in some
> environments is a nonstarter.)
>
> --
> John Panzer / Google
> jpa...@google.com / abstractioneer.org / @jpanzer
>
>
> On Fri, Oct 29, 2010 at 2:27 PM, Mike Macgirvin <mi...@macgirvin.com> wrote:
>>>
>>> Cons: Nonstandard
>>
>> That pretty well sums it up for me. With all due respects John - salmon
>> magic envelopes already require the addition of a lot of bloat to support
>> its unique way of doing things - at least on the php platform.
>>
>> I understand the reasoning and appreciate the mechanisms. But couldn't
>> some of this stuff be done with standard libraries and not require special
>> salmon flavours of everything (e.g. encryption libs, key formats, base64
>> encoders, etc.)?
>>
>
>
--
On Fri, Oct 29, 2010 at 6:00 PM, John Panzer <jpa...@google.com> wrote:Plenty - but that's PHP's problem ... lack of quality libraries. (imnsho).
> We're using bog-standard encryption libraries for RSA-SHA256. I'm curious
> as to what encryption problems PHP brings to the table?
That said - it was an issue when we first started implementing salmon,
but the phpseclib library that StatusNet is using has proven to be
reliable since. Thought, the PHP gmp extension makes a *world* of
difference for performance (but that's true of *any* crypto -
diffe-hellman for openid, et al has the same issue).
I think the only "non standard" bit is the base64url encoding but it's
a single line to implement in PHP on top of the standard
base64_encode/decode.