C daemon does not work with APKAM atKeys

Question

C daemon does not work with APKAM atKeys

Closed this issue 2 months ago · 3 comments

cconstab commented 3 months ago

Describe the bug

Daemon unable to authenticate to atServer if using an APKAM key

Steps to reproduce

First create a new APKAM key for an atSign and confirm it works with Dart SSHNPD Daemon
Start a C daemon with normal atKey then APKAM key and see the failure to authenticate

Expected behavior

APKAM keys should work - important also with the C version of at_activate

Screenshots

root@GL-MT2500:~/.local/bin# ./sshnpd -a @ssh_1 -m @cconstab -d brune2 -k /root/.atsign/keys/@ssh_1_key.atKeys
@cconstab,
[INFO] 2024-09-07 22:51:31.493833 | sshnpd | Starting main loop
[INFO] 2024-09-07 22:51:31.493899 | E2E TESTS | Monitor .*monitor started
[INFO] 2024-09-07 22:51:31.494022 | refresh_device_entry | Saving username entries for this device
[INFO] 2024-09-07 22:51:32.005456 | refresh_device_entry | Refreshing device info entries for this device
^C[WARN] 2024-09-07 22:51:35.374839 | exit_handler | Received signal: 0
[WARN] 2024-09-07 22:51:35.374879 | exit_handler | Received SIGINT, attempting a safe exit
[INFO] 2024-09-07 22:51:35.466035 | sshnpd | Exited main loop
root@GL-MT2500:~/.local/bin# ./sshnpd -a @ssh_1 -m @cconstab -d brune2 -k /root/.atsign/keys/@ssh_1_brune2.atKeys
[ERRO] 2024-09-07 22:51:42.602545 | atclient | recv was "error:AT0401-Exception: pkam authentication failed" and did not have prefix "data:success"
root@GL-MT2500:~/.local/bin#

Smartphones

APKAM key cut with v5.6.1
C daemon (arm64musl Version : 0.1.0 bin that was given to Nate at Digi)

Were you using an atApplication when the bug was found?

No response

Additional context

This may be already fixed in 0.1.11 ?

cconstab commented 3 months ago

Wow TY

Answer 1 · 2024-09-07T23:37:37.000Z

atsign-foundation/at_c#287

The C SDK currently does not support enrollmentId: checking in the .atKeys file

I can be assigned to this

Answer 2 · 2024-09-08T01:19:58.000Z

Just opened 2 PRs pending reviews

one in at_c: atsign-foundation/at_c#400

one in noports: #1328

Here is a snippet of the enrollmentId being fed into the pkam command

[DEBG] 2024-09-08 01:11:19.396515 | connection |        SENT: "from:smoothalligator"
[DEBG] 2024-09-08 01:11:19.433962 | connection |        RECV: "data:_e6ccdf47-799b-48cc-b5e4-8e6fb0931312@smoothalligator:9caa4969-b94a-448a-a1b4-5dbe36386c9d"
[DEBG] 2024-09-08 01:11:19.448474 | connection |        SENT: "pkam:enrollmentId:f4bdc0a1-2f76-479f-ae41-84275638ee95:HWdfenQp9ut7L3GROTDec066GAaWEasHnNu/mOuM+UDoqLHrIgNO30PYUOV8aQZJ8Ccqml0MIWBGHt0U9lF/OQtBnYlWSPrv6Vbwrp9xGk7QXceSj4GndieWmjjqwKO8DRegdeUKEvlOu+t4pxS4Q2bHBEhfJ+5SdzwkLwVAEPXGXmidiPPRMvJkS8xKL0GvRhpB9WqWIWH3cj082geD/sohHB0NH0GDPJ0MMf6H6L1ctgRJvxAFEEKh6P1e3VJSi0+ffhkHrkYef8wDshMGHRZ7DevqzjuMHsmwDYR36ech31Zv3YlSDGtD74BC+BLt3KZXdLrsniPJj/amPqw8ug=="
[DEBG] 2024-09-08 01:11:19.486879 | connection |        RECV: "data:success"

I also did my own full end-to-end test of noports which can be found in the noports PR.