search

PeculiarVentures / PKI.js

PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
http://pkijs.org
Other
1.25k stars 204 forks source link

Parsing ECDSA CSR is not working #308

Open sfuser16 opened 3 years ago

sfuser16 commented 3 years ago

Attaching screenshot to demonstrate this. CSR parsing for ECC is not working. The Public Key Size (Bits) shows < unknown > Please advice.

Screen Shot 2021-03-12 at 10 26 54 PM
microshine commented 3 years ago

That example supports RSA mechanisms only.

https://github.com/PeculiarVentures/PKI.js/blob/master/examples/PKCS10ComplexExample/es6.js#L215-L230

We need to update our example script and support ECC mechanisms

sfuser16 commented 3 years ago

That example supports RSA mechanisms only.

https://github.com/PeculiarVentures/PKI.js/blob/master/examples/PKCS10ComplexExample/es6.js#L215-L230

We need to update our example script and support ECC mechanisms

Thanks @microshine for your response. I was just trying to add code for that but it doesn't seem to work. Is there somewhere I can refer this and fix? Would appreciate any help.

else if (pkcs10.subjectPublicKeyInfo.algorithm.algorithmId.indexOf("1.2.840.10045.2.1") !== -1) {
      var asn1PublicKey = fromBER(pkcs10.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHex);
      var ecPublicKeySimple = new ECPublicKey({
        schema: asn1PublicKey.result
      });
      var modulusView = new Uint8Array(ecPublicKeySimple.modulus.valueBlock.valueHex);
      var modulusBitLength = 0;
      if (modulusView[0] === 0x00) modulusBitLength = (ecPublicKeySimple.modulus.valueBlock.valueHex.byteLength - 1) * 8;else modulusBitLength = ecPublicKeySimple.modulus.valueBlock.valueHex.byteLength * 8;
      publicKeySize = modulusBitLength.toString();
    }
microshine commented 3 years ago

EC key doesn't have modulus. Use algorithm parameters to get information about named curve. Try to use ECPublicKey.namedCurve

image

For that public key KeyChain shows key size 256bits

sfuser16 commented 3 years ago

@microshine I tried the following code to get that value but it doesn't seem to work and fails at creating ecPublicKeySimple. Not sure what wrong am I doing. Appreciate if you could help suggest the fix here.

    var ecPublicKey = fromBER(pkcs10.subjectPublicKeyInfo.algorithm.algorithmParams.valueBeforeDecode);
    var ecPublicKeySimple = new ECPublicKey({
      schema: ecPublicKey.result
    });
    publicKeySize = ecPublicKeySimple.namedCurve;
}

Thank you!!

MuthuSelviC commented 1 year ago

Hi, Anyone, please suggest how to get the named curve of the ECDSA public key?

Thanks in advance.