search

apple / swift-crypto

Open-source implementation of a substantial portion of the API of Apple CryptoKit suitable for use on Linux platforms.
https://apple.github.io/swift-crypto
Apache License 2.0
1.47k stars 165 forks source link

extras: Provide initializers for RSA keys from RSA parameters #247

Closed simonjbeaumont closed 4 months ago

simonjbeaumont commented 4 months ago

Motivation

We currently offer APIs to construct RSA keys from PEM and DER representations but we have no way of constructing they key from its constituent RSA parameters: n and e for public keys, and n, e, d, p, and q for private keys. Sometimes these are what you have to hand, e.g. in a JSON Web Key.

Modifications

Provide initializers for RSA keys from RSA parameters for all the RSA key types.

To implement this, we leverage the fact that we are making use of BoringSSL in _CryptoExtras on all platforms. We need this because there are no APIs to construct the underlying key type on Darwin platforms from these parameters. So we do this by first creating a BoringSSL key, serializing it to PEM format, and then constructing a platform-specific key from the PEM representation.

Result

New APIs to construct RSA keys from RSA parameters.

0xTim commented 4 months ago

cc @ptoffy since we've implemented that ourselves in JWTKit - we should either wait for this or ensure our APIs are internal so we can switch over without an API break

ptoffy commented 4 months ago

@0xTim we have our own key wrapping SwiftCrypto's so we should be fine. We can switch to this without breaking anything

simonjbeaumont commented 4 months ago

@swift-server-bot test this please