Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: default to uncompressed keys #2165

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

feat: default to uncompressed keys #2165

wants to merge 9 commits into from

Conversation

berendsliedrecht
Copy link
Contributor

@berendsliedrecht berendsliedrecht commented Jan 30, 2025
edited
Loading

Default to uncompressed keys where possible.

Later TODO's:

  • more length validation when the wallet implementation returns key (should always be uncompressed length).
  • Use Uint8Array for byte representation instead of buffer. Uint8Array is native and buffer does not really add value above the toString method. This also makes API easier for users and when you accidentally pass in a buffer/uint8array incorrectly the type system will be happy but the function will error.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Jan 30, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 30ff14a

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 15 packages
Name Type
@credo-ts/anoncreds Patch
@credo-ts/askar Patch
@credo-ts/core Patch
@credo-ts/cheqd Patch
@credo-ts/indy-sdk-to-askar-migration Patch
@credo-ts/indy-vdr Patch
@credo-ts/action-menu Patch
@credo-ts/bbs-signatures Patch
@credo-ts/didcomm Patch
@credo-ts/drpc Patch
@credo-ts/node Patch
@credo-ts/openid4vc Patch
@credo-ts/question-answer Patch
@credo-ts/react-native Patch
@credo-ts/tenants Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@berendsliedrecht berendsliedrecht force-pushed the key-compression branch 2 times, most recently from 3a5b77f to 7075bbc Compare February 3, 2025 10:09
@berendsliedrecht berendsliedrecht marked this pull request as ready for review February 3, 2025 10:16
@berendsliedrecht berendsliedrecht requested a review from a team as a code owner February 3, 2025 10:16
TimoGlastra
TimoGlastra approved these changes Feb 4, 2025
View reviewed changes
Copy link
Contributor

@TimoGlastra TimoGlastra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Changes look good overall. Left multiple comments regarding changesets. Can you also add one for the general change of this pr?

packages/core/src/crypto/jose/jwk/ecCompression.ts Outdated Show resolved Hide resolved
packages/core/src/crypto/jose/jwk/ecCompression.ts Outdated Show resolved Hide resolved
tests/InMemoryWallet.ts Outdated
@@ -13,6 +13,7 @@ import BigNumber from 'bn.js'

import { convertToAskarKeyBackend } from '../packages/askar/src/utils/askarKeyBackend'
import { didcommV1Pack, didcommV1Unpack } from '../packages/askar/src/wallet/didcommV1'
import { expandIfPossible } from '../packages/core/src/crypto/jose/jwk/ecCompression'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this method be available as export? Or on a key instance or something?

E.g. a getter with compressedPubliKey that optionally returns null?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The key instance public get publicKey returns the uncompressed public key

packages/core/src/crypto/Key.ts
import { isEncryptionSupportedForKeyType, isSigningSupportedForKeyType } from './keyUtils'
import { getKeyTypeByMultiCodecPrefix, getMultiCodecPrefixByKeyType } from './multiCodecKey'

export class Key {
public readonly publicKey: Buffer
public readonly publicKey: Uint8Array
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is quite a big breaking change. Can you add the needed changeset entry?

packages/bbs-signatures/tests/bbs-signing-provider.test.ts Outdated
@@ -52,7 +52,7 @@ describeSkipNode18('BBS Signing Provider', () => {
key,
})
).rejects.toThrow(
'Error signing data with verkey AeAihfn5UFf7y9oesemKE1oLmTwKMRv7fafTepespr3qceF4RUMggAbogkoC8n6rXgtJytq4oGy59DsVHxmNj9WGWwkiRnP3Sz2r924RLVbc2NdP4T7yEPsSFZPsWmLjgnP1vXHpj4bVXNcTmkUmF6mSXinF3HehnQVip14vRFuMzYVxMUh28ofTJzbtUqxMWZQRu. Unsupported keyType: bls12381g1g2'
'Error signing data with key associated with AeAihfn5UFf7y9oesemKE1oLmTwKMRv7fafTepespr3qceF4RUMggAbogkoC8n6rXgtJytq4oGy59DsVHxmNj9WGWwkiRnP3Sz2r924RLVbc2NdP4T7yEPsSFZPsWmLjgnP1vXHpj4bVXNcTmkUmF6mSXinF3HehnQVip14vRFuMzYVxMUh28ofTJzbtUqxMWZQRu. Unsupported keyType: bls12381g1g2'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
'Error signing data with key associated with AeAihfn5UFf7y9oesemKE1oLmTwKMRv7fafTepespr3qceF4RUMggAbogkoC8n6rXgtJytq4oGy59DsVHxmNj9WGWwkiRnP3Sz2r924RLVbc2NdP4T7yEPsSFZPsWmLjgnP1vXHpj4bVXNcTmkUmF6mSXinF3HehnQVip14vRFuMzYVxMUh28ofTJzbtUqxMWZQRu. Unsupported keyType: bls12381g1g2'
'Error signing data with key associated with publicKeyBase58 AeAihfn5UFf7y9oesemKE1oLmTwKMRv7fafTepespr3qceF4RUMggAbogkoC8n6rXgtJytq4oGy59DsVHxmNj9WGWwkiRnP3Sz2r924RLVbc2NdP4T7yEPsSFZPsWmLjgnP1vXHpj4bVXNcTmkUmF6mSXinF3HehnQVip14vRFuMzYVxMUh28ofTJzbtUqxMWZQRu. Unsupported keyType: bls12381g1g2'

packages/askar/src/wallet/AskarBaseWallet.ts Outdated
@@ -349,7 +352,9 @@ export abstract class AskarBaseWallet implements Wallet {
if (!isError(error)) {
throw new CredoError('Attempted to throw error, but it was not of type Error', { cause: error })
}
throw new WalletError(`Error signing data with verkey ${key.publicKeyBase58}. ${error.message}`, { cause: error })
throw new WalletError(`Error signing data with key associated with ${key.publicKeyBase58}. ${error.message}`, {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
throw new WalletError(`Error signing data with key associated with ${key.publicKeyBase58}. ${error.message}`, {
throw new WalletError(`Error signing data with key associated with publicKeyBase58 ${key.publicKeyBase58}. ${error.message}`, {

packages/askar/src/wallet/AskarBaseWallet.ts Outdated
@@ -28,6 +28,7 @@ import {
KeyBackend,
KeyType,
utils,
expandIfPossible,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we export i think we should have a more unique name. expandPublicKeyIfPossible maybe?

@berendsliedrecht
feat: default to uncompressed keys
042e184 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
fix(x509): parse compressed and uncompressed correctly
d06d931 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
fix: tests compare uint8array with uint8array
87d47a7 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
chore: run linter
b52ec3d 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
chore: return uint8array for coordinates in JWK
c499267 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
chore: convert buffer into uint8array
9ff76c6 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
chore: remove usage of bn libraries
d037fbc 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
chore: resolve feedback
4758e8b 
Signed-off-by: Berend Sliedrecht <berend@animo.id>
@berendsliedrecht
docs(changeset): - Remove usage of Big Number libraries and rely on n…
30ff14a 
…ative implementations

- By default rely on uncompressed keys instead of compressed (for P256, P384, P521 and K256)
- Utilze Uint8Array more instead of Buffer (i.e. for internally representing a key)

Signed-off-by: Berend Sliedrecht <berend@animo.id>
TimoGlastra
TimoGlastra reviewed Feb 6, 2025
View reviewed changes
.changeset/cyan-parents-relax.md
Comment on lines +8 to +9
- By default rely on uncompressed keys instead of compressed (for P256, P384, P521 and K256)
- Utilze Uint8Array more instead of Buffer (i.e. for internally representing a key)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These two should be marked as minor (due to breaking changes)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TimoGlastra TimoGlastra TimoGlastra approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@berendsliedrecht @TimoGlastra