Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: implement rsa signer / verifier #102

Merged
merged 27 commits into from
Oct 13, 2022
Merged

feat: implement rsa signer / verifier #102

merged 27 commits into from
Oct 13, 2022

Conversation

Gozala
Copy link
Collaborator

@Gozala Gozala commented Sep 30, 2022
edited
Loading

General overview of changes:

  1. ucanto now extends UCAN.Signer interface with toArchive(): SignerArchive method which can be used to save signers across sessions.
  2. SignerArchive is a type union that represents either binary encoded private key with multiformat code, or { did: string, key: CryptoKey } struct that can be stored in indexdb.
  3. ucanto defines new SignerImporter interface with from(archive:SignerArchive): Signer method, which can be used to import archived signer. In other words importer.from(signer.toArchive()) roundtrips.
  4. similar to SignerImporter we have PrincipalParser with parse(did:DID): Verifire method, which can be used to turn verifiers to DIDs and back parser.parse(verifier.did()).
  5. Top level @ucanto/principal now provides Signer export which is composed RSA and Ed SignerImporter.
  6. @ucanto/principal now provides Verifier export which is composed RSA and Ed PrincipalParser.

Gozala and others added 22 commits September 21, 2022 17:24
@Gozala @hugomrdias
feat: unifiy principals & signers
4a7bbe9 
Co-authored-by: Hugo Dias <hugomrdias@gmail.com>
@Gozala
fix: tests on core
8639961
@Gozala
fix: transport package
5a0b238
@Gozala
chore: update client to 0.9
a5b30e6
@Gozala
feat(validator): update to ucan 0.9
ff9c434
@Gozala
feat(server): upgrade to 0.9
15abcb5
@Gozala
fix(principal): invalid test
28f67dd
@Gozala
chore: update dag-ucan dep
2edba5e
@Gozala
feat: rename caveats to nb
b7a42d8
@Gozala
fix(server): type checks
55c5427
@Gozala
fix(validator): increase coverage
fc1d659
@Gozala
fix(docs): rename caveats to nb
3f58a66
@Gozala
chore: merge 'origin/main' into feat/v0.9
2f3a606
@Gozala
feat: improve decoders
714cc80
@Gozala
stash: need to work on diff branch
a878e04
@Gozala
stash: need to work on ucant 0.9
0ffc431
@Gozala
feat: implement rsa keys
b30eb4a
@Gozala
Merge remote-tracking branch 'origin/main' into feat/rsa
a1f8971
@Gozala
chore: remove obsolete code
c933756
@Gozala
fix: messy merge artifact
e08ea47
@Gozala
feat: add composition operators
5aca463
@Gozala
chore: disable node14
1cdec2e
Gozala
Gozala commented Oct 12, 2022
View reviewed changes
packages/principal/src/ed25519/type.ts Outdated
readonly verifier: EdVerifier<M>

readonly code: 0x1300
encode(): ByteView<EdSigner<M>>
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
encode(): ByteView<EdSigner<M>>
encode(): ByteView<EdSigner<M>>
export(): ByteView<EdSigner<M>>

Gozala
Gozala commented Oct 12, 2022
View reviewed changes
packages/principal/src/ed25519/type.ts Outdated
readonly signatureCode: CODE
readonly signatureAlgorithm: ALG

encode: () => ByteView<EdVerifier<M>>
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
encode: () => ByteView<EdVerifier<M>>
encode: () => ByteView<EdVerifier<M>>
export: () => ByteView<EdVerifier<M>>

hugomrdias
hugomrdias suggested changes Oct 12, 2022
View reviewed changes
packages/principal/src/rsa.js Outdated
}
async export() {
const pkcs8 = await webcrypto.subtle.exportKey('pkcs8', this.key)
return tagWith(code, PKCS8.decode(new Uint8Array(pkcs8)))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cache bytes in this.bytes

packages/interface/src/lib.ts Outdated
Comment on lines 398 to 399
export?: () => Await<ByteView<Signer<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
export?: () => Await<ByteView<Signer<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
exportBytes?: () => Await<ByteView<Signer<M, A>>>
exportKey?: () => Await<CryptoKey>

packages/interface/src/lib.ts Outdated
Comment on lines 404 to 405
export?: () => Await<ByteView<Verifier<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
export?: () => Await<ByteView<Verifier<M, A>>>
toCryptoKey?: () => Await<CryptoKey>
exportBytes?: () => Await<ByteView<Verifier<M, A>>>
exportKey?: () => Await<CryptoKey>

packages/principal/test/ed25519.spec.js Show resolved Hide resolved
@Gozala Gozala self-assigned this Oct 12, 2022
@Gozala
Copy link
Collaborator Author

Gozala commented Oct 13, 2022

@hugomrdias I have trimmed interface per your feedback. Now Verifier is simply a UCAN.Verifier and Signer only extends UCAN.Signer with a single toArchive method which returns either bytes (if underlying key is extractable) or {did, key} pair which can be saved into IndexedDB and later restored via Signer.from(archive). This should remove any need for try catch / or if guarding.

I hope these changes address your concerns, please have another pass and let me know whether to proceed or if there are some other concerns to be addressed.

@hugomrdias hugomrdias added this to the 0.9 milestone Oct 13, 2022
@Gozala Gozala mentioned this pull request Oct 13, 2022
Merged
hugomrdias
hugomrdias approved these changes Oct 13, 2022
View reviewed changes
Copy link
Contributor

@hugomrdias hugomrdias left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

packages/interface/src/lib.ts Outdated Show resolved Hide resolved
packages/interface/src/lib.ts Outdated Show resolved Hide resolved
packages/principal/src/rsa.js Outdated Show resolved Hide resolved
packages/principal/src/rsa/private-key.js Outdated
* @param {string|undefined} input
* @returns
*/
const base6urlDecode = (input = '') => base64url.baseDecode(input)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
const base6urlDecode = (input = '') => base64url.baseDecode(input)
const base64urlDecode = (input = '') => base64url.baseDecode(input)

@Gozala @hugomrdias
Apply suggestions from code review
265cb33 
Co-authored-by: Hugo Dias <hugomrdias@gmail.com>
@Gozala Gozala merged commit 8ed7777 into main Oct 13, 2022
hugomrdias added a commit that referenced this pull request Oct 14, 2022
@hugomrdias
Merge branch 'main' into feat/decoders-dsl
444517f 
* main:
  fix: FetchResponse type (#113)
  feat: implement rsa signer / verifier (#102)
@Gozala Gozala mentioned this pull request Dec 2, 2022
Merged
This was referenced Dec 14, 2022
Merged
Merged
This was referenced Apr 11, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hugomrdias hugomrdias hugomrdias approved these changes

Assignees

@Gozala Gozala

Labels
None yet
Projects
None yet
Milestone
0.9
Development

Successfully merging this pull request may close these issues.
2 participants
@Gozala @hugomrdias