Unable to pack encrypted didcomm message for certain 25519 keys #1067

nickreynolds · 2022-11-22T04:07:44Z

Bug severity
2

Describe the bug
Discovered during IIW interop session, veramo failed to correctly pack a DIDCommV2Message for a DID that expressed its X25519 key with publicKeyBase58 or publicKeyMultibase. It appears that veramo's implementation only works correctly when the key is expressed in publicKeyHex format.

To Reproduce
Steps to reproduce the behaviour:

Attempt to pack message where recipient is DID that resolves a DIDDocument with an X25519 key that uses publicKeyBase58 representation
See Error

Expected behaviour
Should be able to pack encrypted message no matter which representation X25519 key uses

Details
Might not be remembering details 100% correctly, will have to double check once I can reproduce again

Versions (please complete the following information):

Veramo: 4.11

The text was updated successfully, but these errors were encountered:

nickreynolds · 2022-11-22T04:29:11Z

/**
 * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)
 *
 * @param pk - the VerificationMethod to be converted
 * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs
 * @returns the hex encoding of the public key
 *
 * @beta This API may change without a BREAKING CHANGE notice.
 */
export function extractPublicKeyHex(pk: _ExtendedVerificationMethod, convert: boolean = false): string {
  let keyBytes: Uint8Array
  if (pk.publicKeyHex) {
    keyBytes = u8a.fromString(pk.publicKeyHex, 'base16')
  } else if (pk.publicKeyBase58) {
    keyBytes = u8a.fromString(pk.publicKeyBase58, 'base58btc')
  } else if (pk.publicKeyBase64) {
    keyBytes = u8a.fromString(pk.publicKeyBase64, 'base64pad')
  } else return ''
  if (convert) {
    if (['Ed25519', 'Ed25519VerificationKey2018'].includes(pk.type)) {
      keyBytes = convertPublicKeyToX25519(keyBytes)
    } else if (!['X25519', 'X25519KeyAgreementKey2019'].includes(pk.type)) {
      return ''
    }
  }
  return u8a.toString(keyBytes, 'base16')
}

it's possible that the issue is restricted to the publicKeyMultibase case since that's the only one that doesn't seem covered

nickreynolds · 2022-11-22T05:53:20Z

it's possible that this is fixed by: #1030 (which wasn't deployed on IIW demo agent)

but need to add integration test to confirm

nickreynolds · 2022-11-23T23:11:03Z

branch with unit tests that expose the issue:

https://github.com/uport-project/veramo/compare/nickreynolds/add-packing-unit-test?expand=1

…#1076) fixes #1067

nickreynolds added the bug Something isn't working label Nov 22, 2022

nickreynolds closed this as completed Nov 22, 2022

nickreynolds reopened this Nov 22, 2022

mirceanis added the pinned don't close this just for being stale label Nov 23, 2022

nickreynolds mentioned this issue Nov 27, 2022

fix(utils): correctly extract publicKeyHex from [Ed/X]25519 2020 keys #1076

Merged

6 tasks

mirceanis closed this as completed in #1076 Nov 28, 2022

mirceanis pushed a commit that referenced this issue Nov 28, 2022

fix(utils): correctly extract publicKeyHex from [Ed/X]25519 2020 keys (…

c73002c

…#1076) fixes #1067

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Unable to pack encrypted didcomm message for certain 25519 keys #1067

Unable to pack encrypted didcomm message for certain 25519 keys #1067

nickreynolds commented Nov 22, 2022

nickreynolds commented Nov 22, 2022 •

edited

Loading

nickreynolds commented Nov 22, 2022

nickreynolds commented Nov 23, 2022

Unable to pack encrypted didcomm message for certain 25519 keys #1067

Unable to pack encrypted didcomm message for certain 25519 keys #1067

Comments

nickreynolds commented Nov 22, 2022

nickreynolds commented Nov 22, 2022 • edited Loading

nickreynolds commented Nov 22, 2022

nickreynolds commented Nov 23, 2022

nickreynolds commented Nov 22, 2022 •

edited

Loading