Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

problems importing PEM from Httb Bis WGs Signatures 13 draft #330

Open
bblfish opened this issue Nov 6, 2022 · 1 comment
Open

problems importing PEM from Httb Bis WGs Signatures 13 draft #330

bblfish opened this issue Nov 6, 2022 · 1 comment

Comments

@bblfish
Copy link

bblfish commented Nov 6, 2022
edited
Loading

The HTTP WG's draft-ietf-httpbis-message-signatures-13 is in final call. It is publishing the keys it is using in its examples in PEM format.

I am having a particular problem loading the Appendix B.1.2 Example RSA PSS Key with the WebCrypto API. I adapted the import-key example from MDN and attached it here as import-key.zip. The adaptation consists of adding two more keys to the import example giving us a total of three keys:

  1. The first key '0' is the one from the MDN example,
  2. the second '1' is the one that I got to work in v07 and that correctly signs the examples from v13 spec,
  3. the third one is taken directly from the v013 spec. This one throws an exception.

I have opened this as httpwg/http-extensions#2290 .

I prefer the JWK formats as there is no hiding of the data in magical difficult to read formats. But if they are to use PEM can I point them to something that explains what format those PEMs need to have and why the given key (that I have no problem loading in the JVM) does not function with the webcrypto api? Having keys in the spec that load nicely into the browser using the WebCrypto API would help implementers test their code and explain problems by pointing to the spec without needing layers of transformations that may be difficult to explain.
@panva
Copy link
Member

panva commented Nov 6, 2022
edited
Loading

The keys in appendix-B.1.1 are in PKCS1, which isn't accepted by webcrypto at all. Recommend using rsaEncryption OID PKCS8 and SPKI PEM or JWK if they ought to be imported as CryptoKey reliably.

The private key in appendix-B.1.2 is 1.2.840.113549.1.1.10 (id-RSASSA-PSS). WebCryptoAPI implementations only generally accept 1.2.840.113549.1.1.1 (rsaEncryption) keys. Recommend using rsaEncryption OID PKCS8 PEM or JWK if they ought to be imported as CryptoKey reliably.

The private key in appendix-B.1.3 is in SEC1 format, which isn't accepted by webcrypto at all. Recommend using id-ecPublicKey OID PKCS8 PEM or JWK if they ought to be imported as CryptoKey reliably.

The keys in appendix-B.1.4 are fine but currently only Node.js and Deno runtimes implement Ed25519 as per Secure Curves in the Web Cryptography API.

Hope this helps inform the WG. I would propose to keep the PEM keys as is and add their JWK representation.

@bblfish bblfish mentioned this issue Nov 6, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bblfish @panva