search

swicg / activitypub-http-signature

Repository for a SocialCG report on how HTTP Signature is used with ActivityPub
https://swicg.github.io/activitypub-http-signature/
11 stars 1 forks source link

Identify the PEM file format #7

Closed evanp closed 7 months ago

evanp commented 9 months ago

AFAICT most systems only support PKCS-8; PKCS-1 fails a lot.

aumetra commented 8 months ago

PKCS#8 is pretty much the only encoding type that makes sense in this setup since the publicKey field in the actor doesn't really have an algorithm negotiation field.
Without that kind of field, the defined crypto-agility in the HTTP signature standards isn't really possible.

With the absence of any algorithm negotiation, omitting the PKCS#8 algorithm identifier would also have the issue that decoding a new key (if anything else besides RSA was more widely supported) would be a weird trial and error decoding logic which would just waste resources (and could potentially lead to wrongly identified keys; but that's less of a concern since the RSA parameters inside the RSA PKCS#1 and the, let's say, Ed25519 parameters have a very different byte structure)

snarfed commented 7 months ago

@aumetra that does makes sense! In practice though, the fediverse doesnt really seem to have much crypto-agility or negotiate algorithms much. Most implementations only support rsa-sha256, either explicitly or via hs2019. More background in https://arewehs2019yet.vpzom.click/ and https://github.com/swicg/activitypub-http-signature/issues/17#issuecomment-2002202313 .

On the plus side, I sampled a few users across a few implementations just now, and they're all PKCS-8, no PKCS-1.

snarfed commented 7 months ago

Incorporated into https://github.com/swicg/activitypub-http-signature/issues/8#issuecomment-2026362974.