Closed sigaloid closed 3 years ago
Glad to hear that you caught that bug 😀
That sounds like it could be a useful addition. How would you use the method; could you provide some example code?
var key1 = Key.Create(KeyExchange.X25519 /*pretend we don't know this*/);
var key1Bytes = key1.Export(KeyFormat.NSecPrivateKey);
var importkey = Key.Import(NSec.Autodetect, key1Bytes, NSec.PrivateKey);
I found out I could simply inspect the bytes of a key and find out what type of key it was, that's what let me find the bug. I looked for documentation on the format of NSec.* keys but couldn't find any.
Thanks a lot for the example! The implementation of the autodetect method would be roughly like this:
foreach (var algorithm in AllAlgorithms)
{
if (algorithm.TryImport(algorithm, blob, KeyFormat.NSecPrivateKey, out var key))
{
return key;
}
}
return null;
Is it worth adding that to NSec or would it be better to provide this e.g. as an example for using NSec? (I'm asking because I guess that users might want to customize the subset of algorithms and the format. Then the API could become quite complex.)
Documenting the key formats is indeed something that should be useful; I haven't got around to do it yet.
(Apologies if this is going a bit slow...)
What about this?
public static Key Import(
- Algorithm algorithm,
+ Algorithm? algorithm,
ReadOnlySpan<byte> blob,
KeyBlobFormat format,
in KeyCreationParameters creationParameters = default)
So it's the same method that already exists, except that, if algorithm
is null
, it would attempt to auto-detect algorithm
.
It seems this is not as simple as it seems: For foreach (var algorithm in AllAlgorithms)
to work, NSec need to know the list of all algorithms. But some algorithms are in NSec.Experimental.
What we could do instead is this:
public static Key Import(
Algorithm[] algorithms,
ReadOnlySpan<byte> blob,
KeyBlobFormat format,
in KeyCreationParameters creationParameters = default)
{
foreach (var algorithm in algorithms ?? Array.Empty<Algorithm>())
{
if (TryImport(algorithm, blob, format, out Key? key, in creationParameters) && key != null)
{
return key;
}
}
throw Error.Format_InvalidBlob();
}
So it's a new function that takes an array of algorithms as input and then tries to import using each of them. Thoughts?
I was initially thinking of a function that would just inspect the beginning bytes and determine based on that (that's how I figured it out). It's a nitpicky edge case though, and if it would be too complicated to implement, that's okay with me.
Dealt with a bug for 3 days because of a single typo of an X25519 key being imported as an Ed25519 key. Would be nice to input a byte[40] and get the key type, if it's valid.