Open shrugs opened 5 years ago
Thanks for the example!
Just wondering which package/tool are you using to read/decode public and private keys in your project? I used rsa_pkcs
but it's not maintained anymore, unfortunately.
😅 I just wrote my own super hackily; private keys are just bigints, so .toString
/.parse
and for public keys I encode them as uncompressed octet strings like
const String kUncompressedPrefix = "4";
/// serializes public key as uncompressed octect string
String serializePublicKey(ECPublicKey publicKey) {
return kUncompressedPrefix +
bigIntToHexString(publicKey.Q.x.toBigInteger(), 64) +
bigIntToHexString(publicKey.Q.y.toBigInteger(), 64);
}
String bigIntToHexString(BigInt n, int length) => n.toRadixString(16).padLeft(length, '0');
which is all I need for my app (using them as identifiers for auth). But I was very annoyed at the lack of an obvious mechanism of encoding them for use with other libraries; I had to dig into the ruby openssl source docs to see what it expected and reverse engineer it from there.
I've written an ES256 signer that I'm using in a personal project. Unfortunately I don't have the time to write a full pull request with tests, but I'd like to make the code available for searchers or a future implementor.
The signature encode/decode comes from crypto_keys, which might have additional LICENSE restrictions.