search

tfpauly / privacy-proxy

Specifications for Privacy Proxy Implementations
Other
29 stars 11 forks source link

TokenRequest signature should include everything on the wire #202

Closed chris-wood closed 2 years ago

chris-wood commented 2 years ago

The signature is currently:

struct {
   uint16_t token_type = 0x0003;
   uint8_t token_key_id;
   uint8_t issuer_encap_key_id[32];
   uint8_t encrypted_token_request<1..2^16-1>;
   uint8_t request_signature[Nsig]; // signature over concat(token_type, token_key_id, issuer_encap_key_id, enc_token_req without length prefix)
} TokenRequest;

But we should do:

struct {
   uint16_t token_type = 0x0003;
   uint8_t token_key_id;
   uint8_t issuer_encap_key_id[32];
   uint8_t encrypted_token_request<1..2^16-1>;
   uint8_t request_signature[Nsig]; // sign everything above verbatim
} TokenRequest;

It's just good practice to sign everything and it costs us nothing to do so.