EAB with pebble 2.5.x about pebble HOT 12 CLOSED

That seems like my fault during the go-jose v4 upgrade with supported algorithms. It should be straightforward to fix. I’m out today but I can do that this week.

from pebble.

Yes, we will tag a new release soon. There’s a few other changes in progress I’d like to get in, such as the ARI PR, and a few docker container changes. That should all be done in the next week or two.

from pebble.

yes, but there’s several other higher priority things we’re working on elsewhere. It’ll get fixed soon.

from pebble.

It's not quite that simple, but not much more complicated either.

Fix PR opened - #459

The big thing I need is a test still, as this functionality was clearly broken.

from pebble.

OK, writing an integration test was actually not that bad, so it's done now :)

We'll tag a new release with this fix, too.

from pebble.

I pushed a v2.5.2 tag now. We will do another release with ARI etc later.

from pebble.

When testing with certbot main and latest pebble running in docker with the EAB config, I get the reported failure. (Technically you'll need to volume mount - ./test/config:/test/config to work around the container not having the EAB config inside it.)

$ certbot_test certonly --standalone -d test.example.com --eab-kid zWNDZM6eQGHWpSRTPal5eIUYFTu7EajVIoguysqZ9wG44nMEtx3MUAsUDkMTQ12W --eab-hmac-key phil

https://localhost:14000 "POST /sign-me-up HTTP/1.1" 400 240
Received response:
HTTP 400
Cache-Control: public, max-age=0, no-cache
Content-Type: application/problem+json; charset=utf-8
Link: <https://localhost:14000/dir>;rel="index"
Replay-Nonce: V-GoNIeXrRUXYE7jD52Fhw
Date: Mon, 08 Apr 2024 16:54:33 GMT
Content-Length: 240

{
   "type": "urn:ietf:params:acme:error:malformed",
   "detail": "failed to decode external account binding: go-jose/go-jose: unexpected signature algorithm \"HS256\"; expected [\"RS256\" \"ES256\" \"ES384\" \"ES512\"]",
   "status": 400
}

from pebble.

RFC 8555 says about EAB in 7.3.4: The "alg" field MUST indicate a MAC-based algorithm, so the current set of algorithms in Pebble (ES*, RS*) is straightforwardly incorrect

from pebble.

Hi.

Is there a planned fix for this, or instruction on how to generate and use suitable keys ?

from pebble.

I guess that mean the fix is a bit more involved than adding jose.HS256 to goodJWSSignatureAlgorithms then (ie not fixable by someone with limited knowledge about JWS like me).

Would you happen to know ressources that explain how to generate new kid with a supported algorithm ?

from pebble.

Thanks for the fast fix @mcpherrinm 🙏

from pebble.

@mcpherrinm do you think a new tagged release that include the fix could be possible ?

from pebble.