-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update to latest RSA did:key #30
Comments
I'm trying to understand this whole thing better: So, there exist multiple ways to byte-encode RSA public keys. Two popular ways are called RSAPublicKey:
SubjectPublicKeyInfo:
To me it makes a lot of sense to use > rsaRaw = u.fromString("MIIBCgKCAQEAsbX82NTV6IylxCh7MfV4hlyvaniCajuP97GyOqSvTmoEdBOflFvZ06kR/9D6ctt45Fk6hskfnag2GG69NALVH2o4RCR6tQiLRpKcMRtDYE/thEmfBvDzm/VVkOIYfxu+Ipuo9J/S5XDNDjczx2v+3oDh5+CIHkU46hvFeCvpUS+L8TJSbgX0kjVk/m4eIb9wh63rtmD6Uz/KBtCo5mmR4TEtcLZKYdqMp3wCjN+TlgHiz/4oVXWbHUefCEe8rFnX1iQnpDHU49/SaXQoud1jCaexFn25n+Aa8f8bc5Vm+5SeRwidHa6ErvEhTvf1dz6GoNPp2iRvm+wJ1gxwWJEYPQIDAQAB", "base64")
> const { webcrypto } = require("one-webcrypto")
// importing using "raw" and RSA doesn't work in general
> await webcrypto.subtle.importKey("raw", rsaRaw, { name: "RSA-OAEP", hash: "SHA-256" }, true, ["encrypt"])
Uncaught:
DOMException [NotSupportedError]: Unable to import RSA key with format raw
at __node_internal_ (node:internal/util:477:10)
at Object.rsaImportKey (node:internal/crypto/rsa:324:13)
at SubtleCrypto.importKey (node:internal/crypto/webcrypto:479:10)
at REPL153:1:47
// and importing this RSAPublicKey using SPKI obviously also doesn't work
> await webcrypto.subtle.importKey("spki", rsaRaw, { name: "RSA-OAEP", hash: "SHA-256" }, true, ["encrypt"])
Uncaught Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
at createPublicKey (node:internal/crypto/keys:595:12)
at Object.rsaImportKey (node:internal/crypto/rsa:261:19)
at SubtleCrypto.importKey (node:internal/crypto/webcrypto:479:10)
at REPL154:1:47 {
opensslErrorStack: [
'error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error',
'error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error'
],
library: 'asn1 encoding routines',
function: 'asn1_check_tlen',
reason: 'wrong tag',
code: 'ERR_OSSL_ASN1_WRONG_TAG'
} Importing raw keys also doesn't work in the browser. Maybe the fix is to take the I'll probably try that to fix this issue. I also read something about the |
TL;DR the W3C spec is going to use
Thanks for digging in! Yup this is confusing in the main doc at present. There's a whole conversation about this across the multiformats, W3C DID repos, and I think Twitter and Discord. It's going to be specified as From Multiformats (updated since the initial comment): "RSA public key. DER-encoded ASN.1 type RSAPublicKey according to IETF RFC 8017 (PKCS #1)"
Yup. Not sure if this is helpful: https://www.npmjs.com/package/asn1.js Here's a few relevant links: |
Alright. After some more investigation it looks like SPKIs are just 24 extra bytes of header info prefixed to RSAPublicKeys. That means going back and forth is really easy.
These represent exactly this ASN1 DER structure:
(In my above comment you can see how the contained RSAPublicKey starts at byte 24) I'm pretty sure that they're always the same, no matter what RSAPublicKey you have at hand. And since it's always the same, I'm also pretty sure that it's always 24 bytes. |
What do we do with the old RSA prefix bytes? Technically, those bytes now "exist". We could try to specify them as spki in the multiformats table? |
@matheus23 Do you mean The old version that we used? We're going to maintain that as a backwards compatibility for our users, but IIRC we used the "raw bytes" section from the table. This means that our parser needs to be able to switch on both of these, and if it gets the raw bytes + length-indicating bytes, it should try to match the signature against RSA. This is what I did in my initial [never to be merged] PR at updating the byte sequence before the further changes to the spec. No one else uses our old DID format, and no one should. Consider it a quirk of our system from the very early days that we're maintaining for those early users because it's very low effort to do so, but that will be phased out eventually. |
Fixed by #42 |
New format RSA PK multicodec made its way over to the
did:key
spec: https://github.com/w3c-ccg/did-method-key/blob/main/index.html#L362-L381The text was updated successfully, but these errors were encountered: