Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: ESSR protected client APIs #351

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

feat: ESSR protected client APIs #351

wants to merge 4 commits into from

Conversation

iFergal
Copy link
Collaborator

@iFergal iFergal commented Jan 15, 2025

This replaces the current RFC-9421 signed headers between Signify and KERIA with ESSR. Beyond confidentiality, it also resolves other issues from before such as unsigned query params and bodies. (#287)

The unsigned HTTP request from the client is converted to a HTTP bytestream and embedded in an ESSR payload. This payload becomes the body of a wrapper HTTP request for the "/" path - so tunneled via ESSR. The wrapper could be handled by pure TCP but for now this works quite nicely in the Falcon middlewares with minimal changes.

Like the keripy ESSR parser, the commitment to unsigned HTTP request is done by taking a digest:

payload = dict(
    src=<sender>,
    dest=<receiver>,
    d=coring.Diger(ser=cipher, code=MtrDex.Blake3_256).qb64,
    dt=dt,
)

I have written the corresponding code in Signify and all integration tests pass. I will create a Signify PR tomorrow. They should probably merge together.

@iFergal iFergal self-assigned this Jan 15, 2025
@iFergal iFergal changed the title feat: ESSR client authentication feat: ESSR protected client APIs Jan 16, 2025
@iFergal iFergal mentioned this pull request Jan 17, 2025
Open
@iFergal
Copy link
Collaborator Author

iFergal commented Jan 17, 2025

WebOfTrust/signify-ts#304 created on Signify side

2byrds
2byrds reviewed Jan 17, 2025
View reviewed changes
src/keria/core/authing.py
}

for key, value in headers.items():
key = "HTTP_" + key.replace("-", "_").upper()
Copy link
Collaborator

@2byrds 2byrds Jan 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why does it need this replacement, is it a fix for another issue with the headers we're producing/receiving?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's how WSGI (falcon) expects it in the environ that builds the request. The headers in the actual HTTP request still have dashes like normal.

hio also does it: https://github.com/ioflo/hio/blob/main/src/hio/core/http/serving.py#L737-L740

@iFergal iFergal mentioned this pull request Jan 20, 2025
Open
2byrds
2byrds reviewed Jan 20, 2025
View reviewed changes
src/keria/core/authing.py
if not ckever.verfers[0].verify(sig=cig.raw, ser=json.dumps(payload, separators=(",", ":")).encode("utf-8")):
raise kering.AuthNError("Signature invalid")

plaintext = agent.agentHab.decrypt(ser=cipher).decode("utf-8")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename to httpRequest for clarity

@codecov Codecov
Copy link

codecov bot commented Jan 23, 2025

Codecov Report

Attention: Patch coverage is 99.12281% with 2 lines in your changes missing coverage. Please review.

Project coverage is 93.92%. Comparing base (ab20766) to head (3b080f8).
Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
src/keria/core/authing.py 98.09% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #351      +/-   ##
==========================================
+ Coverage   93.71%   93.92%   +0.20%     
==========================================
  Files          37       37              
  Lines        8293     8491     +198     
==========================================
+ Hits         7772     7975     +203     
+ Misses        521      516       -5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

iFergal
iFergal commented Jan 23, 2025
View reviewed changes
src/keria/core/authing.py Outdated
body = response.data.decode("utf-8") if response.data else ""

if response.text:
body = response.text.strip()
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

text sometimes used for e.g. 404 responses. None of the signify tests caught this. Need to at least expand the tests in this PR to cover different all the cases for bodies. todo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@2byrds 2byrds 2byrds left review comments

@pfeairheller pfeairheller Awaiting requested review from pfeairheller

@lenkan lenkan Awaiting requested review from lenkan

@kentbull kentbull Awaiting requested review from kentbull

At least 1 approving review is required to merge this pull request.

Assignees

@iFergal iFergal

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@iFergal @2byrds