IETF Logo Mail Archive

Re: [jose] JWK glitches in deployment

Mike Jones <Michael.Jones@microsoft.com> Tue, 23 September 2014 23:47 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E09EF1A88AB for <jose@ietfa.amsl.com>; Tue, 23 Sep 2014 16:47:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8gpUkAPp0WK for <jose@ietfa.amsl.com>; Tue, 23 Sep 2014 16:47:16 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0743.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::743]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 857661A6F40 for <jose@ietf.org>; Tue, 23 Sep 2014 16:47:15 -0700 (PDT)
Received: from CO2PR03CA0021.namprd03.prod.outlook.com (10.141.194.148) by BY1PR0301MB1208.namprd03.prod.outlook.com (25.161.203.16) with Microsoft SMTP Server (TLS) id 15.0.1034.13; Tue, 23 Sep 2014 23:46:52 +0000
Received: from BN1BFFO11FD026.protection.gbl (2a01:111:f400:7c10::1:190) by CO2PR03CA0021.outlook.office365.com (2a01:111:e400:1414::20) with Microsoft SMTP Server (TLS) id 15.0.1034.13 via Frontend Transport; Tue, 23 Sep 2014 23:46:52 +0000
Received: from mail.microsoft.com (131.107.125.37) by BN1BFFO11FD026.mail.protection.outlook.com (10.58.144.89) with Microsoft SMTP Server (TLS) id 15.0.1029.15 via Frontend Transport; Tue, 23 Sep 2014 23:46:50 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.23]) by TK5EX14HUBC104.redmond.corp.microsoft.com ([157.54.80.25]) with mapi id 14.03.0195.002; Tue, 23 Sep 2014 23:46:14 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Chuck Mortimore <cmortimore@salesforce.com>, "Manger, James" <James.H.Manger@team.telstra.com>
Thread-Topic: [jose] JWK glitches in deployment
Thread-Index: Ac/A+eKYNRa6AT3ORduHKtSlXvbGfAAVNPiAA2XPkdACKKIH8A==
Date: Tue, 23 Sep 2014 23:46:14 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439BA6F745@TK5EX14MBXC286.redmond.corp.microsoft.com>
References: <255B9BB34FB7D647A506DC292726F6E127C6DE46FD@WSMSG3153V.srv.dir.telstra.com> <CA+wnMn_PO5i-A4AK2CYG-XHOgUti5R6yMPMiTH4yoH7M=iXdEA@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AEC345E@TK5EX14MBXC292.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739439AEC345E@TK5EX14MBXC292.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.78]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439BA6F745TK5EX14MBXC286r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(438002)(189002)(377454003)(43544003)(24454002)(57704003)(199003)(15975445006)(76482002)(77096002)(95666004)(84676001)(19300405004)(4396001)(20776003)(71186001)(66066001)(106466001)(83322001)(19625215002)(21056001)(104016003)(31966008)(69596002)(92566001)(19580405001)(77982003)(44976005)(99396002)(68736004)(79102003)(80022003)(86612001)(84326002)(85806002)(19580395003)(83072002)(6806004)(107046002)(55846006)(2656002)(74662003)(81542003)(81342003)(74502003)(86362001)(50986999)(90102001)(92726001)(85306004)(15202345003)(64706001)(54356999)(46102003)(85852003)(81156004)(76176999)(87936001)(97736003)(19617315012)(120916001)(512874002)(16236675004)(33656002)(10300001); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0301MB1208; H:mail.microsoft.com; FPR:; MLV:sfv; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:BY1PR0301MB1208;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0343AC1D30
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/Rpvm0-6us_yxa-1YYyd13UlZUx0
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] JWK glitches in deployment
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Sep 2014 23:47:19 -0000

This note to implementers has been added to the -32 draft.

                                                                -- Mike

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Mike Jones
Sent: Friday, September 12, 2014 5:05 PM
To: Chuck Mortimore; Manger, James
Cc: jose@ietf.org
Subject: Re: [jose] JWK glitches in deployment

I propose that we add this note to the text describing the RSA modulus representation to help implementers, as Chuck suggested below:

                      Note that implementers have found that some cryptographic libraries
                      prefix an extra zero-valued octet to the modulus representations they return,
                      for instance, returning 257 octets for a 2048 bit key, rather than 256.
                      Implementations using such libraries will need to take care to omit
                      the extra octet from the base64url encoded representation.

                                                                -- Mike

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Chuck Mortimore
Sent: Tuesday, August 26, 2014 9:57 AM
To: Manger, James
Cc: jose@ietf.org<mailto:jose@ietf.org>
Subject: Re: [jose] JWK glitches in deployment

We probably could have benefited from language in the spec calling out the leading zero byte as an area of concern.    That said our ecosystem detected it pretty quickly and after some collaborate with Microsoft, we have a fix due out this week, so the growing pains are sorting themselves out rather quickly.

-cmort

On Mon, Aug 25, 2014 at 11:49 PM, Manger, James <James.H.Manger@team.telstra.com<mailto:James.H.Manger@team.telstra.com>> wrote:
In March, Google’s JWK file https://www.googleapis.com/oauth2/v2/certs (used for OpenID Connect) had 3 bugs: base64 instead of base64url; 1024-bit instead of >=2048-bit; leading zero byte on moduli.
Today Google’s JWK file has 1 different bug: the base64url encoding has a trailing “=”.
Salesforce’s JWK file https://login.salesforce.com/id/keys has 1 bug: a leading zero byte on the RSA moduli.

Are these just teething problems, or do we need a stronger warning in the spec. These bugs also change the JWK’s thumbprint (another reminder not to base security on thumbprints being unique for a given key).

--
James Manger

v2.23.0 | Report a Bug | By Email