Skip to content

p2p: store private keys as PKCS#8 ASN.1 DER PEM#6119

Merged
algorandskiy merged 1 commit intoalgorand:masterfrom
algorandskiy:pavel/p2p-pem-priv-key
Sep 3, 2024
Merged

p2p: store private keys as PKCS#8 ASN.1 DER PEM#6119
algorandskiy merged 1 commit intoalgorand:masterfrom
algorandskiy:pavel/p2p-pem-priv-key

Conversation

@algorandskiy
Copy link
Copy Markdown
Contributor

@algorandskiy algorandskiy commented Sep 3, 2024

Summary

Before: p2p private key is stored raw in *.pem file. It is misleading since it does not contain an expected PEM content.
After: ED25519 key encoded as PKCS#8 ASN.1 DER and stored in PEM format, block type "PRIVATE KEY" in a *.key file.

Note: this implementation relies libp2p/crypto's implementation details that it uses golang's standard crypto.ed25519.PrivateKey underlying representation. It looks OK since we already have the same assumption in PeerIDChallengeSigner implementation.

Test Plan

Existing tests passed
Checked openssl understand this key

goal node -d . generate-p2pid
[Data Directory: /data]
PeerID: 12D3KooWLwzibGo6GkGVnyasbfQxxcjng3QJEAqXgMTPm7VtG9TG
Private key saved to /data/peerIDPrivKey.key

goal node -d . generate-p2pid
[Data Directory: /data]
PeerID: 12D3KooWLwzibGo6GkGVnyasbfQxxcjng3QJEAqXgMTPm7VtG9TG
Used existing key /data/peerIDPrivKey.key

openssl pkey -in peerIDPrivKey.key -text -noout
ED25519 Private-Key:
priv:
    34:10:37:ef:9e:31:38:e0:e8:89:28:b1:28:28:6f:
    80:17:48:20:ee:1e:dc:59:5f:3d:8e:16:2f:44:7e:
    ca:5a
pub:
    a5:64:f2:b2:e4:4f:b9:2d:25:74:84:61:1a:b4:71:
    5b:d1:ef:a7:81:59:2d:53:e7:5d:a6:bf:3f:18:3b:
    64:9b

@algorandskiy algorandskiy self-assigned this Sep 3, 2024
@algorandskiy algorandskiy force-pushed the pavel/p2p-pem-priv-key branch from c2f7769 to fda04b3 Compare September 3, 2024 16:47
cce
cce reviewed Sep 3, 2024
View reviewed changes
Comment thread network/p2p/peerID.go Outdated
cce
cce previously approved these changes Sep 3, 2024
View reviewed changes
@algorandskiy algorandskiy force-pushed the pavel/p2p-pem-priv-key branch from fda04b3 to 52027bd Compare September 3, 2024 17:02
@algorandskiy algorandskiy requested a review from cce September 3, 2024 17:02
@codecov
Copy link
Copy Markdown

codecov bot commented Sep 3, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 50.00000% with 12 lines in your changes missing coverage. Please review.

Project coverage is 56.18%. Comparing base (81edd96) to head (52027bd).
Report is 2 commits behind head on master.

Files with missing lines Patch % Lines
network/p2p/peerID.go 50.00% 6 Missing and 6 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #6119      +/-   ##
==========================================
- Coverage   56.20%   56.18%   -0.03%     
==========================================
  Files         492      492              
  Lines       69829    69851      +22     
==========================================
- Hits        39248    39244       -4     
- Misses      27915    27924       +9     
- Partials     2666     2683      +17

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@algorandskiy algorandskiy merged commit d105841 into algorand:master Sep 3, 2024
@Algo-devops-service Algo-devops-service mentioned this pull request Sep 17, 2024
Merged
@Algo-devops-service Algo-devops-service mentioned this pull request Sep 26, 2024
Merged
@algorandskiy algorandskiy deleted the pavel/p2p-pem-priv-key branch March 16, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cce cce cce approved these changes

@gmalouf gmalouf gmalouf approved these changes

@onetechnical onetechnical Awaiting requested review from onetechnical

Assignees

@algorandskiy algorandskiy

Labels

Enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@algorandskiy @cce @gmalouf