search

digitalbazaar / ecdsa-multikey

Javascript library for generating and working with EcdsaMultikey key pairs.
BSD 3-Clause "New" or "Revised" License
0 stars 1 forks source link

Test need for bitstring compression #2

Open kezike opened 1 year ago

kezike commented 1 year ago

Problem: Address FIXME comment about potentially moving leading zeros for bitstring compression

Reference: Comment from PR #1

kezike commented 1 year ago

Hi @dlongley, could you elaborate on this FIXME comment? Are you suggesting that we somehow exploit the fact that the first byte of all public and secret PKCS8 and SPKI prefixes is 48, which only requires 6 bits?

dlongley commented 1 year ago

@kezike,

could you elaborate on this FIXME comment?

I probably should have said "may need to remove any leading zeros for bitstring compression", not "move".

Are you suggesting that we somehow exploit the fact that the first byte of all public and secret PKCS8 and SPKI prefixes is 48, which only requires 6 bits?

No, nothing that exotic :). IIRC, the issue was related to differences in implementations and how they handle possible leading zeros in key material. At the time I was writing the code there were some differences in implementations, e.g., perhaps some would export keys that removed the leading zeros and others would not. I think I found that, however, all the implementations I was able to test could import zero-padded keys, so I just normalized the code to do that. I was not able to test any WebKit browsers (like Safari) to see if there was any issue with this. Ideally there is no additional complexity needed in the code.

So, I'd recommend just removing the FIXME -- and getting some testing on Safari. If that works, we can close the issue.