Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Attempt to verify reverse engineered keys failing #127

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[WIP] Attempt to verify reverse engineered keys failing #127

wants to merge 2 commits into from

Conversation

Divide-By-0
Copy link
Member

No description provided.

Divide-By-0
Divide-By-0 commented Nov 30, 2024
View reviewed changes
src/util/pubkey_finder/email_sigs_gcd.py
logging.info(f'Expected: {hex(message)}')
logging.info(f'Got: {hex(decrypted)}')

if pow(signature, rsa_key.e, rsa_key.n) == message:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This fails and am not sure why. Calling RSA verification directly also fails. I didn't understand how the bytes just don't match

foolo
foolo reviewed Dec 11, 2024
View reviewed changes
src/util/pubkey_finder/email_sigs_gcd.py
if sig1.timestamp and first_seen <= sig1.timestamp <= last_seen:
timestamp_1_covered = True
try:
logging.info(f"Validating correct signature {sig1.id} with key {key['keyData']}")
Copy link
Contributor

@foolo foolo Dec 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems that key doesn't have a field called keyData,
it only has what is included here: https://github.com/zkemail/archive.zk.email/blob/main/src/app/api/key/route.ts#L31

so we will always get a value exception when accessing key["keyData"] and validate_signature never gets called

for me, the following seems to fix it, and i get successful validations:

after for key in matching_keys:, add:

key_value = key["value"]  # 'v=DKIM1; k=rsa; p=MIIBIjA...'}
keyBase64 = decode_dkim_tag_value_list(key_value).get('p')
if not keyBase64:
	logging.error(f"Key data not found in {key_value}")
	continue

replace all key["keyData"] with keyBase64

and in the import section at the beginning of the file add:

sys.path.append(str(Path(__file__).absolute().parent.parent))
from dkim_util import decode_dkim_tag_value_list

foolo
foolo reviewed Dec 11, 2024
View reviewed changes
src/util/pubkey_finder/email_sigs_gcd.py
continue
# logging.info(f"might theoretically run gcd solver for {dsp} and timestamps {sig1.timestamp} and {sig2.timestamp}")
shouldFindMatch = await check_for_matching_key_period(dsp, sig1, sig2)
if shouldFindMatch:
Copy link
Contributor

@foolo foolo Dec 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if i remove the call to check_for_matching_key_period and also remove the if shouldFindMatch condition here,
and thus always run find_key_for_signature_pair, then i actually reach a successful validation in validate_signature, (via find_key_for_signature_pair > check_adjacent_sigs > validate_signature)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@foolo foolo foolo left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Divide-By-0 @foolo