Any way to serialize/deserialize embedded JWK?

openwallet-foundation / askar

Secure storage designed for Hyperledger Aries agents.

Apache License 2.0

63 stars 51 forks source link

Any way to serialize/deserialize embedded JWK? #22

Open vimmerru opened 3 years ago

vimmerru commented 3 years ago

Hello,

ECDH-EC, ECDH-1PU specifications require EPK to be presented as embedded object. For example, ECDH-1PU protected header will be

{
      "alg":"ECDH-1PU",
      "enc":"A256GCM",
      "apu":"QWxpY2U",
      "apv":"Qm9i",
      "epk":  {
        "kty":"EC",
        "crv":"P-256",
        "x":"gI0GAILBdu7T53akrFmMyGcsF3n5dO7MmwNBHKW5SV0",
        "y":"SLW_xSffzlPWrHEVI30DHM_4egVwt3NQqeUD7nMFpps"
       }
   }

With current approach for JWKParts serialisation it will be quite hard to serialize/de-serialize such structure without intermediate conversion to Value. I understand nostd targeting, but it significantly affects std option.

andrewwhitehead commented 3 years ago

I believe this could be added as part of the std support. I'm away this week, but something to investigate.

andrewwhitehead commented 3 years ago

PR #25 has some improvements here, it adds a JwkSerialize wrapper which implements Serialize. For deserialization I believe JwkParts can be nested in another structure, or deserialized directly from a serde_json::Value. It doesn't look like std is necessary.

vimmerru commented 3 years ago

For deserialization I believe JwkParts can be nested in another structure, or deserialized directly from a serde_json::Value.

Nesting is most probably possible, but there is no way to serialize from Value due obvious problems with lifetime. I am still trying to write serialization/de-serialization of JWE and seems i have 2 options:

Use different structures for se and de
Serialize JwkParts to intermediate string and de-serialize to value. It obviously requires allocation.