Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

importing secp256k1 #36

Open
InoMurko opened this issue Mar 30, 2022 · 0 comments
Open

importing secp256k1 #36

InoMurko opened this issue Mar 30, 2022 · 0 comments

Comments

@InoMurko
Copy link

seed.yml


Keys:
  Asymmetric:
    Ecc:
      - Metadata:
          KeyId: 73a7f626-67eb-4b4c-aaaf-ac91b6aea43b
          KeyUsage: SIGN_VERIFY
          Description: ECC key with curve secp256k1
        PrivateKeyPem: |
          -----BEGIN EC PRIVATE KEY-----
          MHQCAQEEINMXSNwP0WbqumEgo0m3HPwB66aneeUIxVqj3uvOERU8oAcGBSuBBAAK
          oUQDQgAEt49ajeJo+cBu2nI8Gi2mxm0LRguz/MpvkTKw+YVffDbhkGMDmKpjRoOQ
          W8zBgVIFtF+ty+zoPfPesdhybjYK2A==
          -----END EC PRIVATE KEY-----


docker-compose up kms
Starting ops_kms_1 ... done
Attaching to ops_kms_1
kms_1                        | 2022/03/30 12:23:09 build started
kms_1                        | Building ....
kms_1                        | go build: -i flag is deprecated
kms_1                        | 2022/03/30 12:23:09 build completed
kms_1                        | Running ...
kms_1                        | INFO[2022-03-30 12:23:09.719] Local KMS Version Unknown (Commit Hash Unknown) 
kms_1                        | WARN[2022-03-30 12:23:09.728] Error parsing YAML at path /init/seed.yaml: Error unmarshaling YAML: Unable to decode pem of key 73a7f626-67eb-4b4c-aaaf-ac91b6aea43b, Ensure it is in PKCS8 format with no password: x509: unknown elliptic curve.
kms_1                        | ; attempting to parse legacy format. 
kms_1                        | ERRO[2022-03-30 12:23:09.728] Error parsing YAML at path /init/seed.yaml: yaml: unmarshal errors:
kms_1                        |   line 3: cannot unmarshal !!map into []cmk.AesKey; skipping. 
kms_1                        | INFO[2022-03-30 12:23:09.728] Data will be stored in /data                 
kms_1                        | INFO[2022-03-30 12:23:09.728] Local KMS started on 0.0.0.0:8080

  kms:
    image: local-kms_kms:latest
    volumes:
      - type: bind
        source: ./seed.yaml
        target: /init/seed.yaml
    ports:
      - 8080:8080

keys generated with:

function ecckey(){
local curve=$1
if ! [[ "$curve" =~ ^(secp256r1|secp384r1|secp521r1|secp256k1)$ ]];
then
   echo "Curve must be one of: secp256r1 secp384r1 secp521r1 secp256k1"
   return
fi
keyId=$(uuidgen | tr '[:upper:]' '[:lower:]')

echo "
Keys:
  Asymmetric:
    Ecc:
      - Metadata:
          KeyId: ${keyId}
          KeyUsage: SIGN_VERIFY
          Description: ECC key with curve ${curve}
        PrivateKeyPem: |
$(openssl ecparam -name ${curve} -genkey -noout | sed 's/^/          /')
"
}

The claim is that secp256k1 is supported: https://github.com/nsmithuk/local-kms/blob/1cd79814ca22aec2b54eca17968ef1ab039a9e8d/src/x509/README.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@InoMurko