Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: implement rsa signer / verifier #102

Merged
merged 27 commits into from
Oct 13, 2022
Merged

feat: implement rsa signer / verifier #102

merged 27 commits into from
Oct 13, 2022

Conversation

Gozala
Copy link
Collaborator

@Gozala Gozala commented Sep 30, 2022

General overview of changes:

  1. ucanto now extends UCAN.Signer interface with toArchive(): SignerArchive method which can be used to save signers across sessions.
  2. SignerArchive is a type union that represents either binary encoded private key with multiformat code, or { did: string, key: CryptoKey } struct that can be stored in indexdb.
  3. ucanto defines new SignerImporter interface with from(archive:SignerArchive): Signer method, which can be used to import archived signer. In other words importer.from(signer.toArchive()) roundtrips.
  4. similar to SignerImporter we have PrincipalParser with parse(did:DID): Verifire method, which can be used to turn verifiers to DIDs and back parser.parse(verifier.did()).
  5. Top level @ucanto/principal now provides Signer export which is composed RSA and Ed SignerImporter.
  6. @ucanto/principal now provides Verifier export which is composed RSA and Ed PrincipalParser.

readonly verifier: EdVerifier<M>

readonly code: 0x1300
encode(): ByteView<EdSigner<M>>
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
encode(): ByteView<EdSigner<M>>
encode(): ByteView<EdSigner<M>>
export(): ByteView<EdSigner<M>>

readonly signatureCode: CODE
readonly signatureAlgorithm: ALG

encode: () => ByteView<EdVerifier<M>>
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
encode: () => ByteView<EdVerifier<M>>
encode: () => ByteView<EdVerifier<M>>
export: () => ByteView<EdVerifier<M>>

}
async export() {
const pkcs8 = await webcrypto.subtle.exportKey('pkcs8', this.key)
return tagWith(code, PKCS8.decode(new Uint8Array(pkcs8)))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cache bytes in this.bytes

Comment on lines 398 to 399
export?: () => Await<ByteView<Signer<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
export?: () => Await<ByteView<Signer<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
exportBytes?: () => Await<ByteView<Signer<M, A>>>
exportKey?: () => Await<CryptoKey>

Comment on lines 404 to 405
export?: () => Await<ByteView<Verifier<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
export?: () => Await<ByteView<Verifier<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
exportBytes?: () => Await<ByteView<Verifier<M, A>>>
exportKey?: () => Await<CryptoKey>

packages/principal/test/ed25519.spec.js Show resolved Hide resolved
@Gozala Gozala self-assigned this Oct 12, 2022
@Gozala
Copy link
Collaborator Author

Gozala commented Oct 13, 2022

@hugomrdias I have trimmed interface per your feedback. Now Verifier is simply a UCAN.Verifier and Signer only extends UCAN.Signer with a single toArchive method which returns either bytes (if underlying key is extractable) or {did, key} pair which can be saved into IndexedDB and later restored via Signer.from(archive). This should remove any need for try catch / or if guarding.

I hope these changes address your concerns, please have another pass and let me know whether to proceed or if there are some other concerns to be addressed.

@hugomrdias hugomrdias added this to the 0.9 milestone Oct 13, 2022
Copy link
Contributor

@hugomrdias hugomrdias left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

packages/interface/src/lib.ts Outdated Show resolved Hide resolved
packages/interface/src/lib.ts Outdated Show resolved Hide resolved
packages/principal/src/rsa.js Outdated Show resolved Hide resolved
* @param {string|undefined} input
* @returns
*/
const base6urlDecode = (input = '') => base64url.baseDecode(input)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
const base6urlDecode = (input = '') => base64url.baseDecode(input)
const base64urlDecode = (input = '') => base64url.baseDecode(input)

@Gozala Gozala merged commit 8ed7777 into main Oct 13, 2022
hugomrdias added a commit that referenced this pull request Oct 14, 2022
* main:
  fix: FetchResponse type (#113)
  feat: implement rsa signer / verifier (#102)
@Gozala Gozala mentioned this pull request Dec 2, 2022
This was referenced Dec 14, 2022
This was referenced Apr 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants