search

parallaxsecond / parsec

Platform AbstRaction for SECurity service
https://parsec.community/
Apache License 2.0
471 stars 68 forks source link

Add parsing of ECC key pairs #438

Open hug-dev opened 3 years ago

hug-dev commented 3 years ago

Depending on the provider and how they use ECC keys, it might be useful to have a way to parse the ECC key pairs. This is specially useful for the ImportKey/ExportKey operations.

See this comment for details:

For the ECC key pairs, the format is explained here and is the ASN.1 type ECPrivateKey:

   ECPrivateKey ::= SEQUENCE {
     version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
     privateKey     OCTET STRING,
     parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
     publicKey  [1] BIT STRING OPTIONAL
   }

We are using the picky crates to do ASN.1 parsing/serialization and before we were also defining our own ASN.1 types, like for RSA keys. See #201 for example. As an initial step, we should make a PR to add support for ECPrivateKey in picky-asn1-x509 crate.

hug-dev commented 3 years ago

This is also so that we can add an end-to-end test to check that the format of the ECC key exported is correct.