Upgrade DID RSA Key format #573

matheus23 · 2022-01-25T13:19:24Z

Ported over most changes from #550 but adapted to the format with the prefix bytes 0x85 0x24 which is the unsigned varint encoding of 0x1204.
Also, instead of storing the ASN1 DER SubjectPublicKeyInfo, it stores ASN1 DER encoded RSAPublicKeys (which are part of SubjectPublicKeyInfos with RSA public keys) as per the DID spec (w3c-ccg/did-method-key#41).

Depends on #571. Currently that's the "branch this will merge into" for better diffs on github, but I'll change this to the branch that #571 will merge into once that's merged.

matheus23 · 2022-01-27T09:50:03Z

Branch shenanigans resolved!
This PR leaves the whole monorepo in compiling state, so we can merge it into main. The ucan-upgrade branch will be initiated later.

expede · 2022-01-29T19:51:44Z

fission-core/library/Fission/Internal/Orphanage/RSA2048.hs

@@ -7,5 +7,7 @@ import qualified System.IO.Unsafe      as Unsafe

 import           Fission.Prelude

+
+-- Wait. This is weird. How did this end up in this module?
 instance Arbitrary Ed25519.SecretKey where


Yup that is weird! It's probably me being confused, but the compiler warning is turned off because {-# OPTIONS_GHC -fno-warn-orphans #-}. All the more reason for us to just bite the bullet and newtype everything. The more that I think about it, the more I'm in favour of just doing that.

Maybe to clarify: let's make this change in this PR. This line should not be in this module!

hs-ucan/library/Web/UCAN/Internal/Orphanage/RSA2048/Public.hs

hs-ucan/test/Test/Prelude.hs

hs-ucan/library/Web/UCAN/Internal/Orphanage/RSA2048/Public.hs

hs-ucan/library/Crypto/Key/Asymmetric/Public.hs

nix/sources.json

shell.nix

fission-web-server/library/Fission/Web/Server/Handler/User/Verify.hs

This reverts commit 3a11d68.

I'm pretty sure I need this? https://github.com/fission-suite/fission/runs/5005311975

matheus23 · 2022-02-01T11:26:48Z

@expede Github Actions continues making my life hard by being somewhat flakey:

/home/runner/.stack/setup-exe-cache/x86_64-linux-nix/Cabal-simple_mPHDZzAJ_3.2.1.0_ghc-8.10.7: startProcess: exec: invalid argument (Bad file descriptor)

This only happened in the "🏺 Artifacts (Nix) / 🖥️ ubuntu-latest ❄️ Nix (pull_request)" action. All other actions are running through (including tests now!).

So I think this is ready for another round of review 👍 (no rush but just to make sure you don't think this blocked on me getting the tests working or something)

expede

Just move that orphan, and then 🚀 🚀 🚀 🚀 🚀 🚀 🚀

matheus23 · 2022-02-04T09:23:07Z

😂 Thanks for the enthusiasm.

I need to change/revert one thing, which is the RSA DID encoding should be rolled back to the old format for now, because - as you've experienced - it breaks e.g. the AWAKE protocol, as long as the auth lobby doesn't understand the new DID format.

I'll merge it later today! (Let's not have another PR hanging like the last one 😱 )

The rest of the system needs to understand the new format first! Still, we can now *consume* the new format in the server/CLI.

matheus23 mentioned this pull request Jan 25, 2022

Updated RSA DID multiformat #550

Closed

3 tasks

Base automatically changed from matheus23/hs-ucan to ucan-upgrade January 26, 2022 15:29

Base automatically changed from ucan-upgrade to main January 27, 2022 07:56

matheus23 added 10 commits January 27, 2022 10:39

Write DID signature verification & tests

a6602a1

Write failing rsa DID test

de68f1c

Move over DID tests

0b63aca

Manually import core changes from ##550

e74f98d

Niv update

3a11d68

Remove redundant test

c542e43

Parse ASN1 DER RSAPublicKeys

90297f8

Adjust test fixture to use new format

9263ab4

Fix fission-cli type errors

42c7b60

Get everything compiling

9bcd52a

matheus23 force-pushed the matheus23/upgrade-did-key-rsa branch from c94705f to 9bcd52a Compare January 27, 2022 09:42

matheus23 requested a review from expede January 27, 2022 09:43

Fix one remaining type error

263269a

Fix type error

2edd6ab

expede assigned matheus23 Jan 29, 2022