Signatory-cli import on azure - error: The property "key" must be a valid JsonWebKey object

[colossus-digital]

I cannot import an spsk private key (secp256k1) on azure key vault. The result is: Error: The property "key" must be a valid JsonWebKey object. Any solution / workaround ?

tnks

[AbineshECAD]

I'm looking into this now and will update ASAP.

[AbineshECAD]

I got the issue reproduced. I'm still debugging, will update once I get a workaround or fix.

% ./signatory-cli import -c ./azure.yaml --base-dir ./ --vault azure spsk INFO[0000] Initializing vault vault=azure vault_name=azure INFO[0000] Requesting import operation pkh=tz2PeYw5zJS3Q2aXd2zuQbjs4MTbwmvCQ6tg vault=Azure vault_name="https://forimport.vault.azure.net/" Error: (Azure/https://forimport.vault.azure.net/): The property "key" must be a valid JsonWebKey object.

[AbineshECAD]

Found the cause of the issue. For p256k alone "curve:" parameter is empty when filling in the fields of the key in JWK format. It is filled with the return value of key.Params().Name Once I fill in the curve parameter statically when key.Params().Name is empty the import succeeds without any issue.

Code: https://github.com/ecadlabs/signatory/blob/bb2c2417845db73645fec2ab589158ec92d98792/pkg/jwk/jwk.go#L202

If you are building signatory from the source you can add the workaround here for now. j.Curve = key.Params().Name if j.Curve == "" { j.Curve = "P-256K" }

For the fix, I have to figure out things as the crypto library doesn't support this curve yet.

[jevonearth]

Fixed in #256, @AbineshECAD to verify.