search

keybase / client

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
BSD 3-Clause "New" or "Revised" License
8.9k stars 1.23k forks source link

Cannot take actions on my profile, "Error in reverse signature: Failed to verify/extract sig: Message wasn't signed" #6512

Closed 00dani closed 7 years ago

00dani commented 7 years ago

I'm not sure what's happened, but I can't seem to do anything to my Keybase profile using the app now - I just get the "Message wasn't signed" response mentioned above if I try to pgp update or prove or even simply id. KBFS isn't mounting correctly and the GUI never manages to load my profile.

I've peeked at the logs - and it looks like the message that "wasn't signed" is this one:

-----BEGIN PGP MESSAGE-----
Comment: https://keybase.io/download
Version: Keybase Go 1.0.16 (darwin)

xA0DAAoBOMXdxr2k+uMBy+F0AOIAAAAA6XsiYm9keSI6eyJrZXkiOnsiZWxkZXN0
X2tpZCI6IjAxMjBiY2VkMTE4NmQwOTAzZGExZjI4ZDA3YzAwOTMwODRmYjgxZjEw
NzAyOGIyNWI0NjkxNWMzZDg0NWE1MGNkNzkzMGEiLCJob3N0Ijoia2V5YmFzZS5p
byIsImtpZCI6IjAxMjBiY2VkMTE4NmQwOTAzZGExZjI4ZDA3YzAwOTMwODRmYjgx
ZjEwNzAyOGIyNWI0NjkxNWMzZDg0NWE1MGNkNzkzMGEiLCJ1aWQiOiJmZTFlMGM5
NjY1NDYwM2M1ODgwYjNmNTcxYzg2MjkxOSIsInVzZXJuYW1lIjoiMDBkYW5pIn0s
InNpYmtleSI6eyJmaW5nZXJwcmludCI6IjdmZDc0ZWNlYTZhYzdjMDczZTdmNjAy
OTM4YzVkZGM2YmRhNGZhZTMiLCJmdWxsX2hhc2giOiJlM2ExNzAyMTIyNjgwNTAw
NDI3MWZmMWY5Y2RjMjNkZmZmZjU5MmNhNzFhYjFiZjY2MmNiZGUyMDI5M2Y0NjJm
Iiwia2V5X2lkIjoiMzhDNUREQzZCREE0RkFFMyIsImtpZCI6IjAxMDE0ODJlY2Yz
ZGNlNjU3NDNjMWY0OGYxYmI2YmQxODY4YjkwZThlNDRjOGIzOTc1MmYxNTY5ZDRk
ZmYxNTBmNDA06DBhIiwicmV2ZXJzZV9zaWciOm51bGx9LCJ0eXBlIjoic2lia2V5
IiwidmVyc2lvbiI6MX0sImNsaWVudCI6eyJuYW1lIjoia2V5YmFzZS5pbyBnbyBj
bGllbnQiLCJ2ZXJzaW9uIjoiMS4wLjE2In0sImN0aW1lIjoxNDY3MDc4NzQ0LCJl
eHBpcmVfaW4iOjUwNDU3NjAwMCwibWVya2xlX3Jvb3QiOnsiY3RpbWUiOjE0Njcw
Nzg2ODcsImhhc2giOiI0NmZjNzA3YTNhODYyZDA2M2EzNDQyMzc3NzQ1ZGQ2MWFh
Y2EwODIzMWM5YzBhNTQ0ZDU5ZmNkY2FmNDXnOGE4ZmZlNWNjYTAyODc3NGNkNmIx
YzE4ZmI4OWY4YzA4Y2U4OTBjOGEwZDhmNjIwMGNhNjI0YTM4N2Y3N2MyMDZhMWYi
LCJzZXFubyI6NTAxNTk0fSwicHJldiI6ImViNDA1YjgwMDhiNjA2NDBjMTM0MzVl
ODc3ZDk4MmQ1YzjlOGIyMzAwZGU3YmU1NTA0YWVmMmFjNjY5NTkyMWU4IizkInNl
cW5vIjo1LCJ0YWciOuMic2lnbmF0deJyZSJ9AMLBXAQAAQoAEAUCV3HYWAkQOMXd
xr2k+uMAAN5BEAAOcS9fvLdi9Q7LBeCcZiJdqmfBTxw7Rq3QtIop/vDreuQG/jzO
iBajoWI0+4ESpu9a0FgsP3GsczmtZLFNZA38rKhmK51TQQgyuFOKKUZ1KJR19+l5
UpFXx+cWnwbce2SUmGSb+AmREj0Hm3uvzXzfEr1+FzvbIl1+N1/6KxrrvMssAoUf
CyJ73fZY34grtYtv9f46tiNsd8HK9C/PHl0nCgGebhksaxrUeH0MJ3P/5liPLT00
vohA0poQfAyHgfHSwn0qoUmfwkpKuZgs5m6mUKEDIfUlvvDchC6g1vVMhw+l8oie
K1M51Dz5jJ6o0AJlKaLWi8XH8+I3deTJ1SkTTNdFsDRcqW1lPz2D+M55R2UeUdif
I26zzaePVXWwjh+T6acJ+kclupMOqoqKbqubwGz6UHLnrZoi0MITY4B+mFWmnZhA
Nx70ibDdvpk3/aVMZW3yiRal5HZ1FT9Hxj8NKXFe0fuM+4bzgX5cSBr9bHUYi88s
N+mbsYGvdSswDTrJX3XzyRo2U7QrFOB8jEVL7jKVT0/bSDwTDFhmiFbGnEdqy+qd
C7BTpKWGZCVi53eowAfzKWjxQbO87werBvC7uxxbU97vT0sRIQ5+WVZv1n8O4Bjb
RERIwHR0HKAtDXDk/bjM8wi4CjtzOK2alS7qQJXQMAHEuKDV8FPq7vdfvA==
=zM//
-----END PGP MESSAGE-----

But that message was signed, as gpg confirms:

$ # copied that message to my clipboard
$ pbpaste | gpg
{"body":{"key":{"eldest_kid":"0120bced1186d0903da1f28d07c0093084fb81f107028b25b46915c3d845a50cd7930a","host":"keybase.io","kid":"0120bced1186d0903da1f28d07c0093084fb81f107028b25b46915c3d845a50cd7930a","uid":"fe1e0c96654603c5880b3f571c862919","username":"00dani"},"sibkey":{"fingerprint":"7fd74ecea6ac7c073e7f602938c5ddc6bda4fae3","full_hash":"e3a17021226805004271ff1f9cdc23dffff592ca71ab1bf662cbde20293f462f","key_id":"38C5DDC6BDA4FAE3","kid":"0101482ecf3dce65743c1f48f1bb6bd1868b90e8e44c8b39752f1569d4dff150f4040a","reverse_sig":null},"type":"sibkey","version":1},"client":{"name":"keybase.io go client","version":"1.0.16"},"ctime":1467078744,"expire_in":504576000,"merkle_root":{"ctime":1467078687,"hash":"46fc707a3a862d063a3442377745dd61aaca08231c9c0a544d59fcdcaf458a8ffe5cca028774cd6b1c18fb89f8c08ce890c8a0d8f6200ca624a387f77c206a1f","seqno":501594},"prev":"eb405b8008b60640c13435e877d982d5c88b2300de7be5504aef2ac6695921e8","seqno":5,"tag":"signature"}gpg: Signature made Tue 28 Jun 11:52:24 2016 AEST
gpg:                using RSA key 38C5DDC6BDA4FAE3
gpg: Good signature from "Danielle McLean <gopsychonauts@gmail.com>" [ultimate]
gpg:                 aka "Danielle McLean <dani@00dani.me>" [ultimate]
gpg:                 aka "Danielle McLean <c3120668@uon.edu.au>" [ultimate]
gpg:                 aka "Danielle McLean <00dani@keybase.io>" [ultimate]
gpg:                 aka "Danielle McLean <danielle@futuragroup.com.au>" [ultimate]

What's going on here? How can I get Keybase behaving again?

my log id: cd7da7106e427847bb7bfe1c

maxtaco commented 7 years ago

I can repro, for some reason a sig in your sigchain is failing to verify. Repro with keybase id 00dani. In almost all cases, this is a shortcoming of Go's OpenPGP implementation that we have to engineer around.

2017-04-05T18:44:21.482729-04:00 ▶ [DEBU keybase log.go:30] 0c4 Failing key----------
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFdxohABEACwl75EoOZoib/hYvhuysPRXtz8iJeqJSj58+/XBnknzgb9HxVA
zDB0mEovKiHb4Zkmph8kWip+xX60atXrMu1dCgxveCHCkJiZ0D1Z9sbJNMgfw6Ke
5GUepaCvB4XIk30ocrE6JQGy8jCbu4br9Wgewn2mzKlRo2xqIpW8Pzl3XujBhzRi
tiKJnEPF1bQyW4Hz60qvaE6i6JXWMTdd1bU7lMMFo06vhi+Xu1MkNE8bVz8fog8y
4/rFTlThZM6TPX7YpqxGCFBMMv42e3Y88ciBMhATO+nnUrCzpXXgL/6+6GfvdLTR
nFDN4sHKs+QMb1G98EV7s0sdDCVqVd0XeXSLMYmkgRcmrIJZdc+PyJxU7ae0W/KY
Q/sNGNj8qybNfh1MDFD89DtnvYmZC47DtW98VofLqxqYl81UHvlpscI55EKR2g1w
fwwoe6SgqRlvJB6qkY6C5S+zWWH7Nt8J9Xz0JquhzHfOIdYIs6czxwzSoHawskQL
UCMqW4Gh+msgH6g9M5irKymcWuGfKjGCrXLbtIX//tM115BnPJeocqbgcLkGdWKD
Y+2gfGDUMBO2cMiQ0NrNqd5U5oNUlcsxJFI6kRCAf7Q9OdnAzGKB1BpIFcG7r9r2
2G1RN0ViszO+UqTJHZmu06yB/t2P7YNQrAsoKhtBP//RpoWgJiCHjVY5MQARAQAB
tClEYW5pZWxsZSBNY0xlYW4gPGdvcHN5Y2hvbmF1dHNAZ21haWwuY29tPokCOAQT
AQIAIgUCV3GiEAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQOMXdxr2k
+uNfBQ/6A/Xs73yGjNfeNLSMlV4WZP/NEOiDy/am0NmPxjNi5JPcJ30WISdjDYE0
gEZhAIeG10NzZNGCWsjl0e8xjWCHpmg9IjSXXjMeR6vC0PDOV91bKFex3Zsbw2gH
qXGQvIdBNOathDrcMNipQkrXvkLJkBO/xt3B6IhxTuiRUAyaNhDU7v4zoLHCs7VE
pK7zazRFlaEgM7J+1o6c9WBN5DhN7mLSScUsfAzrUQ/jDwHbPkX47mH/Gyjl7K/A
xY0MBOVJtJcvpIvrwh54vKE1Rw27+QTT25xtQfItErWD2wLdnRi/4zq55h8FCAbk
V0xqpKHiXxXSJjrdZsjnTABZ9oPG7zb25RRkXA+tBe8fM8j1lwo0a4Zb3AJNPZ84
SS/nzBBKzLIqp456wVIs1zlakuNl1h4nVG2wnEHVlP0eT5PiZL7ICiOaM4UcxH8j
BUQIVpN9SUVnKRTrOxx3yxWawInNRm8xm19Y5oR8ZsTd0yb8nI7cP0KncVSiGckq
mw2oz1ND+BgA25eTc6/pWirNn8CnBIh8PmHxkmxkGmWakFQKzdCvpOva+4YgNQxc
gglGcrM38DM4Tfdqp7NUG9Z+Jc2EM7PvwaBA5h6/5Rn0VjaL6xZwcAdMjkWo/QMn
Fkfbyocyk2zHn5wCE2uTHo9XuQ6e9wER6uXLdi8l8X/r2lhIf6a5Ag0EV3GiEAEQ
AK60kJkiggXXQ/BgPIA/v63X+TJpZ0W7LBrzOB6LPAA0fML/U0rB3X5r5+OqO34e
2TAxrJ6w3hiyo5efa0uvSwtasPXmwWDaWih7vJq7Zvl1rJJuQyVSBEfHaPpeykJb
DgLVw+sv8FIpb5/BLEyM85L5btnahXHKoi4W6htfGeGeukc9qxfLhGBSLDJi1Hhm
PXmOx3GLrDQtYZQ0GZESO7qFd+wLPDw8I2UZJv4OsU0YF6M3GXCRlotBV5rZcT4j
wW9rjYxHYOVkAaMrmd4SUzAgMcNemjCklL3DzntO7XKw63L4s4hiRFkCAjA/jXBv
eU33Aqymfr5FpBwOOmxeRH7sjL0eC4RfqPTsMBfOYVOHawZnyL5YF/VkpwHHzYFI
5dTku6jLD+/9PnEeysq5kpy6t3qz9l+O4EDRfDdKtTQDMcl5n01HeWbYxzTpvuu1
WoLdxn9K3wot3a1O4riN5IncZFZeIfC0HqtWLRjdcUj4J16HeIFBznlf1vrAGXx7
9NHzDzNK26r+A2FeyqTSKJ1SIaEXVBPwI4Qbc4Si1L9PxReX8S3dead2dLUzK8oN
qNIhd7ULcfPEnEHmW6gDzGsn8Q98ABVjlCvi/p7RfVJAyGMbyz3ouUbE7ehkkeQg
H3tRmzlemM1A+DCIrdjlcHnvSN+zJ94XCa/vQQrqbkDpABEBAAGJAh8EGAECAAkF
AldxohACGwwACgkQOMXdxr2k+uPUwg//QlOiNdRu28dOG+DIJaxZfRZgxzoMLjTN
LcEx8eGw94lG7bw0y93XAtYYZZ+1k6tWvmTVR4G3qm4FKKQuE8bZ65bqxJR0lYcY
mRJB0TgL9rmg26I44BeuGk0hJa6wpo/zko4OqT0UtqbLVxiOEEHYebQ9MBXbKUh0
5FKiuwBbkGHRA7M0a2+0L+NxQlVeotZ6w6iPrSHQDLZENVC5pmJHDIQankSUrDfh
xotiau5Z/egc9dm9b9Lc1miku5ZNLWKw81rs19XA3+n2on7zTcCZWlmk3IWLU5dE
5BoRf5r7F6VGIdt0jlva9p90BusWUhX9ZYrt/f6UsQmvgtKhGafdnTWtQdo/04xH
DmtuWiTf3SnbF5HVIrGkIoCo3GdKdbidyJbGNiaTiMKz1kKJ990His8FBUY/q0Mf
Gkdhm6TxzsFXquERWKIK4R3aLd2z9nF5p1kGFEqo6ALpjKv15vHzKWPdC4a0HZ/P
uliwsu6agptXrbiVMx3OGXmIEub3nZIS3MMkGDJAKgF61lAkjfwmX5lfjilBp/Oc
nbhflK5yQan9V4SO0cOT+q7o/SVnMpJZqgfgYJjShq2MZpBCa2hQJY+P23hhHqdJ
OJOT/P65kijAMqiSdPCwrL3aC0hBJTDuq0IN0DFIHZ96tumWniHVrgQ7gzufcQMy
UFuuPUiMTC0=
=plqs
-----END PGP PUBLIC KEY BLOCK----- [tags:ID2=BTIkbg_ZYKX5,LU=QJMBEZ0GaPKU]
2017-04-05T18:44:21.483014-04:00 ▶ [DEBU keybase log.go:30] 0c5 Failing sig----------
-----BEGIN PGP MESSAGE-----
Comment: https://keybase.io/download
Version: Keybase Go 1.0.16 (darwin)

xA0DAAoBOMXdxr2k+uMBy+F0AOIAAAAA6XsiYm9keSI6eyJrZXkiOnsiZWxkZXN0
X2tpZCI6IjAxMjBiY2VkMTE4NmQwOTAzZGExZjI4ZDA3YzAwOTMwODRmYjgxZjEw
NzAyOGIyNWI0NjkxNWMzZDg0NWE1MGNkNzkzMGEiLCJob3N0Ijoia2V5YmFzZS5p
byIsImtpZCI6IjAxMjBiY2VkMTE4NmQwOTAzZGExZjI4ZDA3YzAwOTMwODRmYjgx
ZjEwNzAyOGIyNWI0NjkxNWMzZDg0NWE1MGNkNzkzMGEiLCJ1aWQiOiJmZTFlMGM5
NjY1NDYwM2M1ODgwYjNmNTcxYzg2MjkxOSIsInVzZXJuYW1lIjoiMDBkYW5pIn0s
InNpYmtleSI6eyJmaW5nZXJwcmludCI6IjdmZDc0ZWNlYTZhYzdjMDczZTdmNjAy
OTM4YzVkZGM2YmRhNGZhZTMiLCJmdWxsX2hhc2giOiJlM2ExNzAyMTIyNjgwNTAw
NDI3MWZmMWY5Y2RjMjNkZmZmZjU5MmNhNzFhYjFiZjY2MmNiZGUyMDI5M2Y0NjJm
Iiwia2V5X2lkIjoiMzhDNUREQzZCREE0RkFFMyIsImtpZCI6IjAxMDE0ODJlY2Yz
ZGNlNjU3NDNjMWY0OGYxYmI2YmQxODY4YjkwZThlNDRjOGIzOTc1MmYxNTY5ZDRk
ZmYxNTBmNDA06DBhIiwicmV2ZXJzZV9zaWciOm51bGx9LCJ0eXBlIjoic2lia2V5
IiwidmVyc2lvbiI6MX0sImNsaWVudCI6eyJuYW1lIjoia2V5YmFzZS5pbyBnbyBj
bGllbnQiLCJ2ZXJzaW9uIjoiMS4wLjE2In0sImN0aW1lIjoxNDY3MDc4NzQ0LCJl
eHBpcmVfaW4iOjUwNDU3NjAwMCwibWVya2xlX3Jvb3QiOnsiY3RpbWUiOjE0Njcw
Nzg2ODcsImhhc2giOiI0NmZjNzA3YTNhODYyZDA2M2EzNDQyMzc3NzQ1ZGQ2MWFh
Y2EwODIzMWM5YzBhNTQ0ZDU5ZmNkY2FmNDXnOGE4ZmZlNWNjYTAyODc3NGNkNmIx
YzE4ZmI4OWY4YzA4Y2U4OTBjOGEwZDhmNjIwMGNhNjI0YTM4N2Y3N2MyMDZhMWYi
LCJzZXFubyI6NTAxNTk0fSwicHJldiI6ImViNDA1YjgwMDhiNjA2NDBjMTM0MzVl
ODc3ZDk4MmQ1YzjlOGIyMzAwZGU3YmU1NTA0YWVmMmFjNjY5NTkyMWU4IizkInNl
cW5vIjo1LCJ0YWciOuMic2lnbmF0deJyZSJ9AMLBXAQAAQoAEAUCV3HYWAkQOMXd
xr2k+uMAAN5BEAAOcS9fvLdi9Q7LBeCcZiJdqmfBTxw7Rq3QtIop/vDreuQG/jzO
iBajoWI0+4ESpu9a0FgsP3GsczmtZLFNZA38rKhmK51TQQgyuFOKKUZ1KJR19+l5
UpFXx+cWnwbce2SUmGSb+AmREj0Hm3uvzXzfEr1+FzvbIl1+N1/6KxrrvMssAoUf
CyJ73fZY34grtYtv9f46tiNsd8HK9C/PHl0nCgGebhksaxrUeH0MJ3P/5liPLT00
vohA0poQfAyHgfHSwn0qoUmfwkpKuZgs5m6mUKEDIfUlvvDchC6g1vVMhw+l8oie
K1M51Dz5jJ6o0AJlKaLWi8XH8+I3deTJ1SkTTNdFsDRcqW1lPz2D+M55R2UeUdif
I26zzaePVXWwjh+T6acJ+kclupMOqoqKbqubwGz6UHLnrZoi0MITY4B+mFWmnZhA
Nx70ibDdvpk3/aVMZW3yiRal5HZ1FT9Hxj8NKXFe0fuM+4bzgX5cSBr9bHUYi88s
N+mbsYGvdSswDTrJX3XzyRo2U7QrFOB8jEVL7jKVT0/bSDwTDFhmiFbGnEdqy+qd
C7BTpKWGZCVi53eowAfzKWjxQbO87werBvC7uxxbU97vT0sRIQ5+WVZv1n8O4Bjb
RERIwHR0HKAtDXDk/bjM8wi4CjtzOK2alS7qQJXQMAHEuKDV8FPq7vdfvA==
=zM//
-----END PGP MESSAGE-----
 [tags:ID2=BTIkbg_ZYKX5,LU=QJMBEZ0GaPKU]
2017-04-05T18:44:21.483250-04:00 ▶ [DEBU keybase log.go:30] 0c6 | Failure in VerifyReverseSig: Error in reverse signature: Failed to verify/extract sig: Message wasn't signed [tags:ID2=BTIkbg_ZYKX5,LU=QJMBEZ0GaPKU]
2017-04-05T18:44:21.483444-04:00 ▶ [DEBU keybase log.go:30] 0c7 - verifySubchain -> false, ERROR: Error in reverse signature: Failed to verify/extract sig: Message wasn't signed [tags:ID2=BTIkbg_ZYKX5,LU=QJMBEZ0GaPKU]

@zapu can you take a look?

maxtaco commented 7 years ago

BTW, @00dani, did this fail after a software update? @zapu I think this might be a regression, but just a guess. The failing signature I think dates from June 2016, and therefore previously worked.

00dani commented 7 years ago

@maxtaco No, this wasn't caused by an update, as far as I can tell. It's happening identically on both the MacOS and Windows apps, and they've both been updated to Keybase 1.0.20-20170317000044+73c5db6 since the day it was released.

(I can't access my Windows box right now so I can't send another log from it or confirm the version number, but it definitely has been on the latest version since its release.)

maxtaco commented 7 years ago

Right, I think the regression is in 1.0.20-20170317 failing to digest your sigchain.

maxtaco commented 7 years ago

Hmm I went back a bunch of revisions, and the same. I think your key just expired is a better theory.

00dani commented 7 years ago

Hmm, there's no expiration set on my master key (7FD74ECEA6AC7C073E7F602938C5DDC6BDA4FAE3), but one of my subkeys does expire today so maybe that's related. How should I go about getting Keybase to behave again, given that I can't pgp update to update expirations and such?

maxtaco commented 7 years ago

Yeah, that explains it. It's our bug, we'll fix it. We shouldn't be using today's date to check the expiration of the subkey, but rather, should be using the date of the time of the signature. We'll fix it but can't get to it immediately.

00dani commented 7 years ago

Update: turns out the problem wasn't expiration at all. The real issue was some very hacky usage of GnuPG on my part which I didn't mention (sorry!). In particular, the key BDA4FAE3 was originally generated (by Keybase, in fact) with the usage flags SC - however the primary key really only needs C, since a subkey can be given S instead, and so I re-self-signed BDA4FAE3 with only the C flag set.

Keybase's OpenPGP implementation, it seems, doesn't know how to cope with this - since a key that doesn't have S can't have been used to sign a message. However, this sort of nonsense can only be done in GnuPG by hacking its source anyway, so Keybase probably doesn't need to spend time working on supporting it - although I'd suggest that generally, messing up your sigchain in some way probably shouldn't entirely break the Keybase app.

Using similar hackery, I've just put the S flag back on my key and then used the cURL + GnuPG approach to push the updated key to Keybase. It's instantly fixed the issue. Sorry for the trouble!

zapu commented 7 years ago

Wow, thanks for resolving this. We got this far in our investigation as well - in general we are more strict about the flags than gpg is. Also our sigchain does a bit of key merging magic, and in the end the primary key wasn't considered when trying to verify the signature. I'm now working to get go-crypto to mimic gpg2 in that regard. In general, if the key is fine, we want to do extra work to use it for verification, locking somebody out of keybase because of key update is a big no.

zapu commented 7 years ago

I'm reopening until we roll our fix, because a few other people are also affected.

Thank you again for trying Keybase!

zapu commented 7 years ago

Fixed in https://github.com/keybase/client/pull/6597 Should be available on all platforms now.