certbot / josepy

JOSE protocol implementation in Python using cryptography
https://josepy.readthedocs.io/en/latest/
Other
38 stars 27 forks source link

Support Ed25519 #45

Open James-E-A opened 5 years ago

James-E-A commented 5 years ago

In preparation for this, can we get support for those keys?

Doesn't seem to be present in 1.1.0:

$ python3
Python 3.6.7 (default, Oct 22 2018, 11:32:17) 
[GCC 8.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from cryptography.hazmat.backends import default_backend
>>> from cryptography.hazmat.primitives import serialization
>>> from cryptography.hazmat.primitives.asymmetric import rsa,x25519
>>> from josepy import jwk
>>> jwk.JWK.load(
...     rsa.generate_private_key(
...      public_exponent=0xFFFF+2,
...      key_size=2048,
...      backend=default_backend()
...     ).private_bytes(
...      encoding=serialization.Encoding.PEM,
...      format=serialization.PrivateFormat.PKCS8,
...      encryption_algorithm=serialization.NoEncryption()
...     )
... )
JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey object at 0xffff90832080>)>)
>>> jwk.JWK.load(
...     x25519.X25519PrivateKey.generate(
...     ).private_bytes(
...      encoding=serialization.Encoding.PEM,
...      format=serialization.PrivateFormat.PKCS8,
...      encryption_algorithm=serialization.NoEncryption()
...     )
... )
Traceback (most recent call last):
  File "<stdin>", line 6, in <module>
  File "/home/james/.local/lib/python3.6/site-packages/josepy/jwk.py", line 120, in load
    raise errors.Error('Unsupported algorithm: {0}'.format(key.__class__))
josepy.errors.Error: Unsupported algorithm: <class 'cryptography.hazmat.backends.openssl.x25519._X25519PrivateKey'>
>>>

(Yes I know there are shortcuts for the RSA keygen but I'm doing the verbose form to show exact comparability in the generation)

bmw commented 5 years ago

Getting support added would be great!

I think there may have been some progress made in #8, however, the PR hasn't been updated in quite a while. If anyone is interested in continuing this work, we'd love to see a PR!

atombrella commented 3 years ago

There are details in this RFC https://tools.ietf.org/html/rfc8037