joshuakarp
commented
3 years ago There's a current open PR on the node-forge repo regarding ed25519 in PEM: https://github.com/digitalbazaar/forge/pull/851. This will make this transition much easier.
Closed joshuakarp closed 1 year ago
joshuakarp
commented
3 years ago There's a current open PR on the node-forge repo regarding ed25519 in PEM: https://github.com/digitalbazaar/forge/pull/851. This will make this transition much easier.
CMCDragonkai
commented
3 years ago Resolving this issue requires us to fully plan out #155. Because if we modify or change our underlying crypto library which is currently node-forge, we have to be aware of cross-platform deployments in the future. No point swapping libraries if it just preventing us from being able to use it on mobile phones.
CMCDragonkai
commented
3 years ago Webcrypto issue has been moved to #270.
CMCDragonkai
commented
2 years ago Another library worth checking out noble-ed25519.
Other libraries here: https://paulmillr.com/noble/
CMCDragonkai
commented
2 years ago We successfully did this in several stages:
After exploring each of the 4 stages above. At this point we have a fully implemented src/keys/utils using a combination of 2., 3.
However after realising libsodium is the standard for ECIES and other elliptic curve algos (the non-NIST ones), I've come to the decision to revisit the keys/utils and replace 2. with 4. We still have to use webcrypto for the moment in order to support @peculiar/x509 and panva/jose. These 2 libraries still expect webcrypto interfaces and capabilities. Later in the future we can replace jose with something more minimal, a hand-selected set of algorithms specific to our usecases, which can allow us to use libsodium directly instead of jose. (Note that PASETO and PASERK is like JOSE but on top of libsodium, but I don't want to use these because they are not very web-popular). While for @peculiar/x509 it will be limited to signing and verification over ed25519 keys, therefore it should be possible to monkey patch a webcrypto object that satisfies these specifically just for @peculiar/x509. At that point we would have no need of webcrypto, nor node's crypto, and we would only have libsodium which is a cross platform library.
Due to our initial work on integration 2., 3. into src/keys/utils, we have already refactored the tests/keys/utils to test the new interface (it has changed quite a bit from node-forge). Moving to libsodium will not impact the API significantly, in fact it is likely to simplify the interface because we are not going to be using CryptoKey much.
In terms of work, it should 2 days to migrate the existing src/keys/utils in #446 to using the libsodium algorithms. I have already spent 1 day prototyping many of the changes in test-sodium.ts.
Downstream impact is on KeyRing and CertificateManager. These will be addressed in a separate issue #472.
CMCDragonkai
commented
2 years ago I suspect only 2 points of ETA left here.
Created by robert-cronin
This issue is about specifying how we actually intend to use asymmetric crypto to:
The 2 modern algorithms for signing and encryption/decryption are:
AKA: "Ed25519" or "X25519".
See: https://crypto.stackexchange.com/questions/27866/why-curve25519-for-encryption-but-ed25519-for-signatures
We currently use node-forge's implementation of RSA keys, with a 4096 bit keypair. In doing so, we're limited in how transferable our public keys are. For example, the node ID of a keynode is required to be translated to a 'public key fingerprint' (a base64 encoding of a sha256 sum of the ASN.1
SubjectPublicKeyInfoencoding of the RSA public key) in order to be transferable as an ID Once we transition to ed25519, we can simply use the public key (256 bits) as the node ID. This would also simplify the process of #148.