Open OR13 opened 2 years ago
Zeitgeist! I was going to raise an equivalent FR myself :-)
We use JWK a lot as an interchange format and we have been writing the same adapter code again and again. Having an off-the-shelf SignerFromJWK
provided by go-cose would be very handy.
Also in scope, an equivalent adapter around COSE_Key.
@thomas-fossati Is that the common components of extracting signer and public key from JWK Key, which we use heavily in Veraison code base testing ?
@thomas-fossati Is that the common components of extracting signer and public key from JWK Key, which we use heavily in Veraison code base testing ?
yes, and in the various CLIs too.
Yes, best that the code be part of go-cose componentry and every user invokes consistently the same set of methods! 100% with you on this.
This is not blocking any release but a very useful enhancement to have! Needs to review which is the correct location!
You could use https://github.com/MicahParks/keyfunc to import JWKS
Example in their test that converts JSON to a set of keys https://github.com/MicahParks/keyfunc/blob/master/jwks_test.go#L228 via keyfunc.NewJSON([]byte(jwksJSON))
There is yet another library for working with JSON representation of the keys https://github.com/lestrrat-go/jwx
@thomas-fossati, any thoughts on this one?
In order to cross test, we need the ability to import keys generated from other libraries, sign with this library, verify with this library, export the key, make sure it serializes the same way... then test the other library in a similar manner.
AFAIk, this library does not expose any key import / export functionality.
Example key I would like to import:
Example interfaces I would like supported: