cryptography
cryptography copied to clipboard
Published
20 hours ago •
dint-dev
dint-dev
ECDSA JWK Missing y, Ed25519 kty may be incorrect
ECDSA JWK Missing y
Should also include y:
https://github.com/dint-dev/cryptography/blob/master/jwk/lib/jwk.dart#L577
static Jwk fromPublicKey(PublicKey publicKey) {
if (publicKey is EcPublicKey) {
final crv = const <KeyPairType, String>{
KeyPairType.p256: 'P-256',
KeyPairType.p384: 'P-384',
KeyPairType.p521: 'P-521',
}[publicKey.type];
if (crv != null) {
return Jwk(
kty: 'EC',
crv: crv,
x: publicKey.x,
);
}
This looks correct: toPublicKey takes in (x, y):
https://github.com/dint-dev/cryptography/blob/master/jwk/lib/jwk.dart#L413
case 'EC':
final type = const <String, KeyPairType>{
'P-256': KeyPairType.p256,
'P-384': KeyPairType.p384,
'P-521': KeyPairType.p521,
}[crv];
if (type == null) {
throw StateError('Unsupported "crv": "$crv"');
}
return EcPublicKey(
x: List<int>.unmodifiable(x ?? const <int>[]),
y: List<int>.unmodifiable(y ?? const <int>[]),
type: type,
);
Ed25519 kty May Be Incorrect
Should kty be OKP?
https://github.com/dint-dev/cryptography/blob/master/jwk/lib/jwk.dart#L545
} else if (keyPair is SimpleKeyPairData) {
final crv = const <KeyPairType, String>{
KeyPairType.ed25519: 'Ed25519',
KeyPairType.x25519: 'X25519',
}[keyPair.type];
if (crv != null) {
return Jwk(
kty: 'EC',
crv: crv,
x: keyPair.bytes,
);
}
https://github.com/dint-dev/cryptography/blob/master/jwk/lib/jwk.dart#L587
} else if (publicKey is SimplePublicKey) {
final crv = <KeyPairType, String>{
KeyPairType.ed25519: 'Ed25519',
KeyPairType.x25519: 'X25519',
}[publicKey.type];
if (crv != null) {
return Jwk(
kty: 'EC',
crv: crv,
x: publicKey.bytes,
);
}
Reference for OKP: https://datatracker.ietf.org/doc/html/rfc8037#appendix-A.1
