Open CMCDragonkai opened 1 year ago
I've updated your example. You should convert your privateKey
variable into the OctetString
class from @peculiar/asn1-schema
package.
PrivateKeyInfo.PrivateKey
keeps private key data. It's OCTET STRING
for ED25519, but SEQUENCE
for RSA. So you should create and serialize the correct data for the PrivateKey
field
const crypto = require('crypto').webcrypto
const asn1 = require('@peculiar/asn1-schema');
const asn1Pkcs8 = require('@peculiar/asn1-pkcs8');
const asn1X509 = require('@peculiar/asn1-x509');
const algorithm = new asn1X509.AlgorithmIdentifier({
algorithm: '1.3.101.112',
});
// ED private key data
const raw = crypto.getRandomValues(new Uint8Array(32))
// CurvePrivateKey ::= OCTET STRING
const curvePrivateKey = new asn1.OctetString(raw.byteLength);
// copy raw
const edPrivateKeyVew = new Uint8Array(curvePrivateKey.buffer);
edPrivateKeyVew.set(raw);
const pkcs8 = new asn1Pkcs8.PrivateKeyInfo({
privateKeyAlgorithm: algorithm,
privateKey: new asn1Pkcs8.PrivateKey(asn1.AsnConvert.serialize(curvePrivateKey)),
});
console.log(asn1.AsnConvert.toString(pkcs8));
console.log();
console.log("HEX:", Buffer.from(asn1.AsnConvert.serialize(pkcs8)).toString("hex"));
Console
SEQUENCE :
INTEGER : 0
SEQUENCE :
OBJECT IDENTIFIER : 1.3.101.112
OCTET STRING :
OCTET STRING : 5d50746f08d85888ab2ec91d0bd14b92a96e24e5d90f7d7265a33ac9c1d08413
HEX: 302e020100300506032b6570042204205d50746f08d85888ab2ec91d0bd14b92a96e24e5d90f7d7265a33ac9c1d08413
I'm trying to use
asn1-pkcs8
to construct aPrivateKeyInfo
for Ed25519 private key.I noticed that during construction the serialized buffer looks different from the one that is produced by
@peculiar/webcrypto
. It turns out that it's missing0x04 0x20
prefix on the key.If I don't concatenate
0x04 0x20
, the resulting key size is 46 bytes.But if I use webcrypto, I get 48 bytes.
The interface for
PrivateKeyInfo
requiresPrivateKey
which extendsOctetString
.I'm trying to reconcile the difference here, it seems webcrypto is more correct here. So I'm wondering if something was missing about how
PrivateKeyInfo
should be constructed.I noticed that
PrivateKeyInfo
inwebcrypto-core
is not the same as the one inasn1-pkcs8
.