search

walt-id / waltid-ssikit

All-In-One SSI infrastructure toolkit
https://docs.walt.id/v/ssikit/
Apache License 2.0
106 stars 35 forks source link

did:key base58 public key not working -- Multiformats import on node.js #161

Closed jiraky closed 1 year ago

jiraky commented 2 years ago

Hello!

We are testing the usage of did:key and did:ebsi public keys, both in base58 and JWK formats. As such please refer to the end for the example keys and data used in the issue.

To test them, we are importing the private key, then signing a random text and verifying the signature with both the public key derived from the private at runtime and the ones retrieved from the generated DID documents.

For did:ebsi, the JWK public key works fine. For did:key we seems not capable to properly import the base58 public key.

We have crawled the docs and the code up to the HD Key implementation of BIP32 which however is still incapable of decoding and properly loading the string itself.

The code is:

import {base58btc} from "multiformats/bases/base58";
let decodedBase58 = base58btc.decode(...here_goes_the_pubkey_base58_string...)

import HDKey from "hdkey";
var hdkey : HDKey = new HDKey
hdkey.publicKey = Buffer.from(decodedBase58)

We have identified the encoding functions starting from here, but it appears that the characters in the encoded string do not reflect the correct encoding?

Data

Private RSA Key (JWK)

{
  "p": "xWXWou8R4-b0MsljW91IGBmcl1kevwUMiw7g3pWZboL7gGq29ES_QSceC-Yej6zEJfDkCViV4KKNMOYV3JKO1QnU2txUQkQEOu0s3q0ERjsUfpK3_GB3GGlWTf-7gMqSdesFbdf_QUfwEDaduKToymHT4SniR8UZHzXemp2frmE",
  "kty": "RSA",
  "q": "_DFIxyv_1u2D9VxjDeJhhiO1NhxWyH0n-Y6Cc6a46zl5Zuz47LDVlBrA6kWwfehOumNlPp7S9CSkdF4epss5nXHkfsYiWAWtcoi8LQESTpMB9Dx-NaZ-v8ngOOeWL2Gv5yODD5YCSwmeqMOzlRhUbA8yppyq0WUANcjZLemQAd0",
  "d": "K-gRoJPiEuoUYAraZU4Hs5PRioz8sW1zXCqlEbHuV1n2qdpAwM-O1HZnR7s_3SXjj1j8K4nZjCNzZFNHSj277iCz-gL4SlIz19S8XhUciLHivNcJIZh9Dn3DdTIVkTzu3pkG_rNwXn9mT1Bg7zFOaY3s6EquhsCff6O195coX0glYQHopcTTg2BwzOGMRKdz64t38ienJ7fjb4Lsjqlpeg7vrKlLrhE6HFsAYnX3ou84bTXeQqQ2-n_P5Ioqle77hK7bXkBb1aatT9-vfkdPRxF2BUGZroLxi8x9GlC-5J23habU9HbPmlFhcuAVx4kPXQgv1CGOr4blpjHTrJZnIQ",
  "e": "AQAB",
  "use": "sig",
  "kid": "89b09658bee249ebbba612784dc6d207",
  "qi": "wdRaw6B33b0J5na82xBc8wQu89UQL2cQrOy_gw2EINJr7XLgdtUua-QRQQaqAK89OYmU-6nj372OhDRR-Sfv2Di6X4nqxeLr7qBRCCnPh837_dDlPz5w6duGHpuokWwwN69RqF8eFQCYMHisP4EyNrViAkivB-GBrXV6YtfDF7c",
  "dp": "PH49DKmfHeyFIZs968UgduJCbs9M8NUnRuZEW3IVFxzk3jHV53257smCF7tp2jXj1ozAFW0kYTbvdfDM-k-fngHpTTkASV52vWg5u_Phv3QTj8Z-w8T8Omrtm_GnEI0D3Ucs3sC25Naa5x0VsKQ5Aux_9hzTz5LDZCEqGs_7Q4E",
  "alg": "RS256",
  "dq": "4wqXo8AH5v4T07wl7SUGeZYCGUHwGzUZ3QEgjm_lgNdQZYooHCajUV-4l_C_kMqovgKn7nVcI7ItYBov7Cd_qjAT7tH_r1EFMtzI1JdnXNfaZYBke3Z2G8HqHDDaM7P1gdilsE1zqQxzCyqMrUinEFWqWvcmjbcpNkKoyz2_iP0",
  "n": "wnY_5LD6a-FHgDR_UTP3bfDWkT0AYipkJ5nYNL_PuBq2Ved8rEQ-iq0hY1O7V1VBlgSRUOkXXlOhllTX_ROeDzWe06UXTfOf07iAG236H4UoE4LUjm20hrLcRy8F5F7_vJhtge4WJvckpFCbfVVZfSLYzhx3ABxXs2oMtmJYF9seSOhiXM1WTNmP0D9R_oceLCWYZEKApHTjImjAHfM531d1OchWw8e-LO9YUy6k9uSGm4sjq44SlWQKQ6XxGdPob81Dj6CAbrM2XV-0BaSHU2jZGAOsKpn_Qpkbn8HZ2ygFg49Y3anwghFfO0OpGvUg2iCCTjPXf1t4eKWtEhfqvQ"
}

Public RSA Key (JWK)

{
  "kty": "RSA",
  "e": "AQAB",
  "use": "sig",
  "kid": "89b09658bee249ebbba612784dc6d207",
  "alg": "RS256",
  "n": "wnY_5LD6a-FHgDR_UTP3bfDWkT0AYipkJ5nYNL_PuBq2Ved8rEQ-iq0hY1O7V1VBlgSRUOkXXlOhllTX_ROeDzWe06UXTfOf07iAG236H4UoE4LUjm20hrLcRy8F5F7_vJhtge4WJvckpFCbfVVZfSLYzhx3ABxXs2oMtmJYF9seSOhiXM1WTNmP0D9R_oceLCWYZEKApHTjImjAHfM531d1OchWw8e-LO9YUy6k9uSGm4sjq44SlWQKQ6XxGdPob81Dj6CAbrM2XV-0BaSHU2jZGAOsKpn_Qpkbn8HZ2ygFg49Y3anwghFfO0OpGvUg2iCCTjPXf1t4eKWtEhfqvQ"
}

Generated did:key DID document using the key above

{
    "assertionMethod": [
        "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex#zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex"
    ],
    "authentication": [
        "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex#zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex"
    ],
    "capabilityDelegation": [
        "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex#zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex"
    ],
    "capabilityInvocation": [
        "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex#zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex"
    ],
    "@context": [
        "https://www.w3.org/ns/did/v1"
    ],
    "id": "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex",
    "verificationMethod": [
        {
            "controller": "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex",
            "id": "did:key:zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex#zTL5kCGeFa3dV3BFivNeWnZKQ3PFpvPdQ6E33iyGDwkupLFbgbzYUTN4ZEfPufkkv3N84CrjP1NAAhaFtQEPCMp3DTyTeLNGyawSGaeLcwBvCgsqcHVnPueEk8RM1RZu9JKyhLbLYHGxVoxmL7F6y7CfWUx2KuQx5r1BjQAK3HzeVd5JWjjMJWY7X9PSsAFZSwxjrCr3x6BiADuJvz1kStbrMoLXUYoruwDy4qfMrNNUhg6EPrMGPYFHbnMdFFouG91EdKZv5cdQCrFXn3kThmULMwJyFNyXehNuHzKeVJRwzrsYpTVnzRBDXcdtHRx64x7vzfD2JXGkJ7iMMdbtk1PzWDnifgnFr7dT2ZTmLMoVprU3W5Ex",
            "publicKeyBase58": "4e1BUTgGBfqVWw6tTyqDjHbewCtUSyUnsdUXBChHw3PA5pG4p1hGLpbo4FU3zwH25c19Vd7uhV2qLSP2uf7hth8EBisZc1hzycHagx9UuAp25YVHDyxoU8gMk6YJ9V37vkST6BxzWVzs8wE26kzi6AjtTi18scYRzdRrhBvoPPWux6R13Y9m1AWeEzJdyCFYCLCtxpvFotzQqkbADXn8uuAr5mNKX1QLjVNfw6DZaS7fTGnoVmFsaC8UwsQCVfr1AknNd7AuA2rpeqrnSKxViYkMWLAaeGcsXEAGKHs5hcwMGQGsWQTRjxwJHyohPiY7DLiSg4iVQ1qDMM1Mo3SWhmSXR7FVi3scQqTj1C2yNTJTfdx4Q",
            "type": "RsaVerificationKey2018"
        }
    ]
}

Generated did:ebsi DID document using the key above

{
  "authentication": [
    "did:ebsi:zfQEzFoWLCLS6QX9ep3Cb4Z#89b09658bee249ebbba612784dc6d207"
  ],
  "@context": [
    "https://www.w3.org/ns/did/v1"
  ],
  "id": "did:ebsi:zfQEzFoWLCLS6QX9ep3Cb4Z",
  "verificationMethod": [
    {
      "controller": "did:ebsi:zfQEzFoWLCLS6QX9ep3Cb4Z",
      "id": "did:ebsi:zfQEzFoWLCLS6QX9ep3Cb4Z#89b09658bee249ebbba612784dc6d207",
      "publicKeyJwk": {
        "alg": "RS256",
        "kid": "89b09658bee249ebbba612784dc6d207",
        "kty": "RSA",
        "use": "sig"
      },
      "type": "RsaVerificationKey2018"
    }
  ]
}
severinstampler commented 1 year ago

Hi @jiraky The problem was due to a bug in our multicodec implementation for did:key. It was fixed recently: https://github.com/walt-id/waltid-ssikit/commit/41edcdc3bc617aff50e18994d3ef38dd12df2212 Please try again with the latest build of ssikit and let me know if it works. Thanks, br Severin