P256, P384, P512 multicodec uvarint encodings

[troyronda]

To clarify, I think I see most of the encodings in this spec using the Multicodec uvarint encoding. This turns out to mean concatenating 0x01 after the code for most of the curves.

• Ed25519: uvarint(0xED) = 0xED 0x01
• X25519: uvarint(0xEC) = 0xEC 0x01
• BLS 12-381: uvarint(0xEB) = 0xEB 0x01
• Secp256k1: uvarint(0xE7) = 0xE7 0x01

The NIST curves examples also seem to be concatenating 0x01 after the code, but uvarint has a different pattern for those curve's codes.

• P-256: uvarint(0x1200) = 0x80 0x24. But I observe 0x12 0x00 0x01 when I decode the spec example.
• P-384: uvarint(0x1201) = 0x81 0x24. But I observe 0x12 0x01 0x01 when I decode the spec example.
• P-512: uvarint(0x1202) = 0x82 0x24. But I observe 0x12 0x02 0x01 when I decode the spec example.

[troyronda]

@OR13 @msporny Applying uvarint to the P curve codes, the examples would look like the following:

P-256 examples:

• did:key:zrurwcJZss4ruepVNu1H3xmSirvNbzgBk9qrCktB6kaewXnJAhYWwtP3bxACqBpzjZdN7TyHNzzGGSSH5qvZsSDir9z
• did:key:zrusAFgBbf84b8mBz8Cmy8UoFWKV52EaeRnK86vnLo4Z5QoRypE6hXVPN2urevZMAMtcTaCDFLWBaE1Q3jmdb1FHgve

P-384 examples:

• did:key:zFwfeyrSyWdksRYykTGGtagWazFB5zS4CjQcxDMQSNmCTQB5QMqokx2VJz4vBB2hN1nUrYDTuYq3kd1BM5cUCfFD4awiNuzEBuoy6rZZTMCsZsdvWkDXY6832qcAnzE7YGw43KU
• did:key:zFwepbBSaPFjt5T1zWptHaXugLNxHYABfJrDoAZRYxKjNkpdfrniF3pvYQAXwxVB7afhmsgzYtSCzTVZQ3F5SPHzP5PuHgtBGNYucZTSrnA7yTTDr7WGQZaTTkJWfiH47jW5ahU

P-521 examples:

• did:key: zWGhj2NTyCiehTPioanYSuSrfB7RJKwZj6bBUDNojfGEA21nr5NcBsHme7hcVSbptpWKarJpTcw814J3X8gVU9gZmeKM27JpGA5wNMzt8JZwjDyf8EzCJg5ve5GR2Xfm7d9Djp73V7s35KPeKe7VHMzmL8aPw4XBniNej5sXapPFoBs5R8m195HK
• did:key: zWGhiwzmESrRykvUMCSNCadMyhzgAMVXST3KLSxY5unckUdYaGBZs59WMkMggeenMFAr938YxbEesbQ7myxmqDYo3m7xgFu8ppYDx2waz2Lw6eD9aADLn6Cw6Q6gTrH6sry211Z16nvVW25dsY6bZKhGKt4DeB1gGfvBk8bxwKuxTUtZrgwrMm1S

[OR13]

@troyronda AFAIK, nobody has checked my work on these yet :)

I am trying to follow: https://github.com/multiformats/multicodec/blob/master/table.csv#L123

https://github.com/transmute-industries/did-key.js/blob/master/packages/did-key-web-crypto/src/constants/index.ts#L21

[troyronda]

@OR13 - I took the values from that table and then apply uvarint to it with the results listed above.

[OR13]

Seems like the spec tests vectors are incorrect, glad we caught this.

[OR13]

@dlongley @dmitrizagidulin I don't think you guys support the NIST curves yet... but looks like the test vectors I added are not correct.

[msporny]

@dlongley @dmitrizagidulin I don't think you guys support the NIST curves yet... but looks like the test vectors I added are not correct.

Ed25519 is an accepted NIST curve now. :P

But yes, we don't support the legacy P-* NIST curves.

We don't have an ETA on when we would given their legacy nature.

[msporny]

This turns out to mean concatenating 0x01 after the code for most of the curves.

This is a common mistake and has bitten me many times. You can't assume "oh, I just concatenate" anything with the varint stuff... you have to always go through the bitwise encoding. In other words, I hope you're using a varint library to do this and not just concatenating bytes. :)

[dlongley]

The "simple" rule is: if the multicodec for the hash/key/whatever is >= 128 (>= 0x80), then you need to append 0x01 when encoding as a varint ... of course, if the value is even larger than 255 you need to do more: https://github.com/multiformats/unsigned-varint#format

[troyronda]

if the value is even larger than 255 you need to do more

Yup. Hence the update to the P curve examples and test vectors. PR #30 @dlongley