feat: add signature agent

[archandatta]

Note

Introduces signature-agent support and key handling improvements for building the Cloudflare web-bot-auth extension.

• Adds --signature-agent flag to extensions build-web-bot-auth in cmd/extensions.go; passes through to extensions.BuildWebBotAuth and exports SIGNATURE_AGENT_URL during npm run build:chrome and bundle:chrome.
• Enhances build to accept JWK or PEM keys, converts as needed (util.ConvertPEMToJWK/ConvertJWKToPEM), writes private_key.pem, and replaces the background key import with an inline jwk via injectJWKIntoBackgroundTs.
• Switches web-bot-auth download to Kernel fork and updates pinned commit (pkg/extensions/webbotauth.go).
• Adds ConvertPEMToJWK in pkg/util/crypto.go with comprehensive tests, including roundtrip PEM↔JWK in pkg/util/crypto_test.go.
• Minor: updates policy/build file rewrites and success output remain; artifacts copying unchanged.

^{Written by Cursor Bugbot for commit 69437a1. This will update automatically on new commits. Configure here.}

[tembo]

A couple edge cases in the new signature-agent/JWK wiring that might bite users:

• pkg/extensions/webbotauth.go: injectJWKIntoBackgroundTs() interpolates jwkData straight into TS (fmt.Sprintf("const jwk = %s;", jwkData)). Since --key accepts PEM or JWK, this will generate invalid TS for PEM inputs (and also makes it easy to inject arbitrary code if the file isn’t strict JSON). It seems worth validating/normalizing as JSON before writing, and ensuring the injected value is always a JWK.

  // before building, ensure we have a JWK string to inject
  jwkData := keyData
  if util.IsPEMKey(keyData) {
      return "", fmt.Errorf("--key is PEM, but background.ts injection expects JWK")
  }
  
  // in injectJWKIntoBackgroundTs
  var jwk any
  if err := json.Unmarshal([]byte(jwkData), &jwk); err != nil {
      return fmt.Errorf("invalid JWK JSON: %w", err)
  }
  normalized, _ := json.Marshal(jwk)
  replacement := fmt.Sprintf("const jwk = %s;", normalized)
  

• pkg/extensions/webbotauth.go: SIGNATURE_AGENT_URL is set even when the flag is empty (SIGNATURE_AGENT_URL=). If the JS build has its own defaulting logic based on “env var present”, this can change behavior unexpectedly. Consider only appending the env var when non-empty.

  env := os.Environ()
  if strings.TrimSpace(signatureAgentURL) != "" {
      env = append(env, "SIGNATURE_AGENT_URL="+strings.TrimSpace(signatureAgentURL))
  }
  npmBuild.Env = env
  

• pkg/extensions/webbotauth.go: webBotAuthDownloadURL now tracks kernel/web-bot-auth main.zip. That’s convenient, but it also makes builds non-reproducible and can break CLI builds when main changes. If stability matters, pinning to a tag/commit (or making the source configurable) would help.

• cmd/extensions.go: minor UX: if --signature-agent needs to be a URL, a quick url.ParseRequestURI validation (when non-empty) could catch typos early.

[archandatta]

We could just support JWK keys lol so we wouldn't need converting pack and forth

[cursor]

Raw JWK input injected without re-serialization

Low Severity

When a user provides a JWK file, jwkData = keyData uses the raw file contents directly for JavaScript injection, while ConvertJWKToPEM only validates the JSON structure. Go's json.Unmarshal ignores trailing data after valid JSON, so a malicious JWK file containing {"kty":"OKP"...}; malicious_code(); would pass validation but inject the trailing code into background.ts. The PEM path safely uses re-serialized JSON from ConvertPEMToJWK, but the JWK path lacks this sanitization.

 

[rgarcia]

nit: the description is vague. consider something like: "Base URL of the signature agent (e.g., https://agent.example.com). Verifiers will look up /.well-known/http-message-signatures-directory at this URL."

[rgarcia]

Looks good! Solid implementation of the PEM↔JWK conversion and signature agent support.

One minor nit on the flag description.

[ulziibay-kernel]

perhaps we should add that kernel is explicitly add to the helper that Kernel is expecting a ed25519 key. This reason being that ConvertPEMToJWK validates that

[archandatta]

That is mentioned in the --key flag

extensionsBuildWebBotAuthCmd.Flags().String("key", "", "Path to Ed25519 private key file (JWK or PEM format)")

[ulziibay-kernel]

This part seems kinda flakey. We are basically writing typescript code from Go to make a one line replacement.
Perhaps in later edits to https://github.com/kernel/web-bot-auth, we can maybe templatizes this file so that using https://pkg.go.dev/text/template in go we can easily replace the jwkData

[ulziibay-kernel]

i wish there was easy util to make this, but it seems no. So looks good to me

[ulziibay-kernel]

Maybe we wanna rename it so that it is explicit that it only converts Ed25519 PEM to JWK format

[ulziibay-kernel]

Looks good to me. Some minor comments. I tested it end to end. It seems good to 🚢

1. Compile this
2. Create an extension for Kernel
3. Upload that extension to a locally running docker
4. Go to https://crawltest.com/cdn-cgi/web-bot-auth on that browser
5. Inspect the HTTP headers that are injected on the request.
6. Observe that Signature-Agent is as specified
7. Observe that keyid matches the published https://www.kernel.sh/.well-known/http-message-signatures-directory