frasertweedale
commented
6 years ago @CaptJakk what type are you starting with?
Closed ProofOfKeags closed 2 years ago
frasertweedale
commented
6 years ago @CaptJakk what type are you starting with?
ProofOfKeags
commented
6 years ago PEM encoded elliptic curve public keys, so I can extract the x,y coordinates myself or with another library, but then I need to be able to form a JWK with the coordinates and curve parameters, so that I can do claims packet validation.
ecthiender
commented
5 years ago I too have the same issue. I want to eventually get JWK from a PEM encoded bytestring.
I have been able to do this for RSA, by using fromKeyMaterial. Now, even if your KeyMaterial can be a ECKeyMaterial ECKeyParameters, there is no way for me to construct a ECKeyParameters. Any help would be much appreciated.
ProofOfKeags
commented
5 years ago I put in a PR that looks like it was verbally accepted yesterday but not merged. I forked the repo and made the change if you need it ASAP. But otherwise it looks like it will be merged soon On Tue, Jul 31, 2018 at 5:28 PM Anon Ray notifications@github.com wrote:
I too have the same issue. I want to eventually get JWK from a PEM encoded bytestring.
I have been able to do this for RSA, by using fromKeyMaterial. Now, even if your KeyMaterial can be a ECKeyMaterial ECKeyParameters, there is no way for me to construct a ECKeyParameters. Any help would be much appreciated.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/frasertweedale/hs-jose/issues/61#issuecomment-409400207, or mute the thread https://github.com/notifications/unsubscribe-auth/AD2Mc90VLQ5tbxX8tGonH92MPtBLSCVXks5uMOgIgaJpZM4T3Rwq .
ecthiender
commented
5 years ago Thanks! I will look into your PR if it doesn't get merged soon.
ProofOfKeags
commented
5 years ago My changes to this library: https://github.com/tekul/jose-jwt/tree/master/Jose were added yesterday. This should do the exports that you need.
ecthiender
commented
5 years ago @frasertweedale what are your plans/ideas for exposing the constructor ECKeyParameters ? Do you have any particular reservation?
diogob
commented
4 years ago @frasertweedale am I missing something or this means that I cannot validate a ES512 JWT having only it's public key? I was going to build a JWK but got stuck on the fromKeyMaterial just like described above. Is there a different path that I'm overlooking to do it, considering my public key is base64 encoded?
diogob
commented
4 years ago For future reference, the simplest way I found to accomplish the above was to use a JWK representation and the FromJSON instance. Doing so made it very simple to produce the JWK type for both the keypair and the public key alone.
frasertweedale
commented
2 years ago ECKeyParameters constructor is not exported due to the possibility of constructing a value where the point is not on the given curve. Signature forgery attacks are possible if you can induce the verifier to use such an invalid key for verification.
We now have Crypto.JOSE.JWA.JWK.ecParametersFromX509, which deals with the ASN.1 serialisation of EC keys used in X.509. Crypto.JOSE.JWK.fromX509Certificate also supports ECDSA keys.
I think this use case is covered, but if not, please re-open with more details about the data you want to convert from.
It appears there is no way to create a Public Key for ECDSA because none of the constructors are exported. Is there a way around this. I'm willing to put in a PR if you have a vague idea for how you'd like to do this.