The default Thumbprints digest is SHA-1, even though RFC 7638 recommends at least SHA256 about jose HOT 8 CLOSED

Yes, my comment was in support of a change in default, as in "we use sha256 in latchset/jwcrypto and it gave no problems so far"

from jose.

I am okay with changing the default. However, care should be taken to validate that this doesn't break clevis or tang.

from jose.

I submitted a PR for clevis, to have it handle a different default hash for the thumbprints. tang would not be affected by such a change.

from jose.

As a data point, we use sha256 by default in jwcrypto:
https://github.com/latchset/jwcrypto/blob/787f69a82e2e9d9a425c75c4ac729e52461db4fb/jwcrypto/jwk.py#L927

from jose.

Right, but if somebody calls jose directly, he will get SHA-1. For example as when verifying key hash from cockpit, which has this just this in the last part:

jose jwk thp -i-

https://github.com/cockpit-project/cockpit/blob/master/pkg/storaged/crypto-keyslots.jsx#L322

or from tang's tang-show-keys:

https://github.com/latchset/tang/blob/master/src/tang-show-keys#L35

from jose.

I am okay with changing the default as well. I will do some investigation beforehand on how clevis/tang would behave with it.

from jose.

@sergio-correia Thanks for looking into that. The above change is probably a first step, but more changes will need to follow, including changes to the tang (tang-show-keys now uses default sha1 thumbprints) and cockpit (calls the tang-show-keys or jose directly without specifying which hash to use either).

from jose.

@sergio-correia Thanks for looking into that. The above change is probably a first step, but more changes will need to follow, including changes to the tang (tang-show-keys now uses default sha1 thumbprints) and cockpit (calls the tang-show-keys or jose directly without specifying which hash to use either).

tang-show-keys displays the thumbprints using the jose's default hash algorithm (SHA1 as of now). If that default changes, the thumbprints will change, naturally, but they should still work with clevis -- I just added a second commit to that PR updating the encryption path as well.

So, for instance (tang-show-keys slightly modified):

$ tang-show-keys
S1 -> Ocx3bX2P9myWZ2gwgV1mWN1CjLk
S224 -> OivRmo86_m9j1fcAGXmZP-b8NYPWVAEn6jFGqw
S256 -> W9hOYnHQAgDjNIYk4ChKjNgh07vO3OyJ6du61o8metU
S384 -> nymK5nTbNxNSPsaak1JjbKU7wV5CGHaOIsyrqhWpGu01QGpkQe112dquUMfeceOY
S512 -> ZFfbUo4qRRfc0J65yc_9U43YrYNU2BmL4jco4vvxZSDrqoR-boXHq4teL3pXt2EqZgvll8HJxHg93c6B1CUXiw

Using any of these thumbprints should be fine, e,g:

echo foo | clevis encrypt tang '{"url":"localhost", "thp":"Ocx3bX2P9myWZ2gwgV1mWN1CjLk"}' 
echo foo | clevis encrypt tang '{"url":"localhost", "thp":"ZFfbUo4qRRfc0J65yc_9U43YrYNU2BmL4jco4vvxZSDrqoR-boXHq4teL3pXt2EqZgvll8HJxHg93c6B1CUXiw"}' 

I am not sure about cockpit, but if they are using the thumbprint from tang-show-keys with clevis, it should be good.

from jose.