Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add RSA did:key #277

Merged
merged 1 commit into from
Jan 26, 2022
Merged

Add RSA did:key #277

merged 1 commit into from
Jan 26, 2022

Conversation

clehner
Copy link
Contributor

@clehner clehner commented Jan 19, 2022

RSA test vectors were added to the did:key specification in w3c-ccg/did-method-key#41.

DIDKit got support for RSA did:key via spruceid/ssi#309.

This PR updates UR's config to try to use DIDKit for resolving RSA did:key DIDs. The 2048-bit test vector from the specification is added as a test identifier.

I did not find a way to match a RSA did:key with a regex for a key of arbitrary length - only for specific lengths (e.g. z4MX for 2048-bit, z2W for 3072-bit, zgg for 4096-bit - as seen in the specification draft). So this PR matches based on length instead. The length of 200 or greater after the "z" should match a key with modulus of 1024-bits or longer. This is also longer than the other longest did:key seen so far, the uncompressed P-521 (which was removed in w3c-ccg/did-method-key#36 in favor of the compressed one; DIDKit doesn't yet support P-521 in any case). JsonWebSignature2020 and JWS specifications recommend or require 2048-bit modulus for RSA, so this length minimum of 1024 should be compatible with practical usage.

@BernhardFuchs
Copy link
Member

The resolver throws a 404 error with these logs:

2022-01-19T15:48:45,638 WARN  [qtp872306601-25] u.w.s.ResolveServlet: Resolve problem for did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i: 404 Not Found (notFound)
uniresolver.ResolutionException: 404 Not Found (notFound)
	at uniresolver.driver.http.HttpDriver.resolveRepresentation(HttpDriver.java:143)
	at uniresolver.local.LocalUniResolver.resolveOrResolveRepresentationWithDrivers(LocalUniResolver.java:161)
	at uniresolver.local.LocalUniResolver.resolveOrResolveRepresentation(LocalUniResolver.java:114)
	at uniresolver.local.LocalUniResolver.resolveRepresentation(LocalUniResolver.java:64)
	at uniresolver.web.WebUniResolver.resolveRepresentation(WebUniResolver.java:55)
	at uniresolver.web.servlet.ResolveServlet.doGet(ResolveServlet.java:82)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:497)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:584)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
	at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)
	at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:228)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
	at org.eclipse.jetty.server.Server.handle(Server.java:516)
	at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)
	at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
	at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
	at java.base/java.lang.Thread.run(Unknown Source)

@peacekeeper
Copy link
Member

peacekeeper commented Jan 20, 2022
edited
Loading

@clehner @BernhardFuchs I just tried it as well with the new example DID, and it didn't work for me either:

docker pull ghcr.io/spruceid/didkit-http
docker run -e HOST=0.0.0.0 -e PORT=8080 -it -p 8080:8080 ghcr.io/spruceid/didkit-http:latest
curl -v -H "Accept: application/did+ld+json" "http://localhost:8080/identifiers/did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i"

Gives:

< HTTP/1.1 404 Not Found
< content-length: 8
< date: Thu, 20 Jan 2022 11:56:18 GMT
< 
* Connection #0 to host localhost left intact
notFound⏎

Maybe DockerHub doesn't have the latest DIDKit driver image?

@BernhardFuchs
Copy link
Member

The latest image is about 15 days old https://github.com/spruceid/didkit/pkgs/container/didkit-http
This might be the issue.
Other than that, there are no logs inside the driver besides the startup Listening on http://0.0.0.0:8080/ log.

@clehner
Copy link
Contributor Author

clehner commented Jan 21, 2022

Sorry about that. Marking this as draft until the Docker image is updated.

@clehner clehner marked this pull request as draft January 21, 2022 04:30
@clehner
Copy link
Contributor Author

clehner commented Jan 26, 2022

The didkit-http Docker image has been updated, so I think this should work now.

@clehner clehner marked this pull request as ready for review January 26, 2022 14:08
@peacekeeper
Copy link
Member

Great, @BernhardFuchs could you try it?

@BernhardFuchs BernhardFuchs merged commit e36eb2e into decentralized-identity:main Jan 26, 2022
@clehner clehner mentioned this pull request Apr 12, 2022
Open
@sbihel sbihel deleted the feat/did-key-rsa branch April 29, 2024 09:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@clehner @BernhardFuchs @peacekeeper