Can RSA keys be expressed as did:key ?

[bblfish]

It's a bit difficult to work out from the spec if this is possible or not. If there is a way to express an RSA key as a did:key is there any other information in that key? In particular the Signing HTTP Messages requires one not just to pass a keyId for a key but for it to refer to a subset of the product cryptographic key × signatureAlgorithm where the second part involves the hashing function needed. This would suggest that a did:key could not be used directly as a URL for Signing HTTP Messages as discussed in Issue 31.

[clehner]

I think it depends on this issue to assign a multicodec entry for RSA keys: https://github.com/multiformats/multicodec/pull/195 That should allow using a RSA public key encoded as DER in a did:key.

[bblfish]

Thanks. Would that then also contain information about the hashing algorithm to use? ie. rsaSha512, rsaSha384, etc... see RsaTest.

[clehner]

@bblfish If the DID just has the RSA public key, I don't think that would include the hash algorithm, or whether to use PSS or PKCS1-v1_5. did:key could specify some specific algorithm, or to represent it in the DID with some additional fields.

There is also a question of what linked data signature suite to use for the verification methods in the resulting DID document. If the key size is 2048, for JWS algorithm RS256 (PKCS1-v1_5 + SHA256) there is RSA Signature Suite 2018; for PS256 (PSS and SHA256), there is JSON Web Signature 2020. For other parameters, I'm not aware of existing linked data proof signature suite that could be used.

[clehner]

RSA public key (X.509 encoded) is now in multicodec: https://github.com/multiformats/multicodec/pull/226

[OR13]

@clehner you should provide test vectors for RSA here.

[clehner]

@OR13 Test vector proposed in #41.

I'm unsure, however, if it is the correct use of the registered multicodec value. Feedback on that and/or here would be welcome: https://github.com/multiformats/multicodec/issues/230.

I assumed that like the other listed did:key types, the DID should encode the public key value. However it does result in a somewhat long DID (381 chars for a 2048-bit key). But if the value is a digest, we could not use simply use JsonWebKey2020 in the DID document, right?

[OR13]

@clehner your test vectors look correct, and as long as you provide the JWK values for the multiformat encoding, they will be sufficient for proving interop.

You should add a 4096 key for the sake of completness.

[clehner]

@OR13 thanks for reviewing it. A 4096 key has been added. The PR is still in draft, pending changes in multicodec.

[clehner]

This was done in https://github.com/w3c-ccg/did-method-key/pull/41, https://github.com/multiformats/multicodec/pull/233, and https://github.com/w3c-ccg/did-method-key/pull/45.

@bblfish does this answer you question(s)?