js-did-ipid icon indicating copy to clipboard operation
js-did-ipid copied to clipboard

Published 20 hours ago verified publisher icon ipfs-shipyard

Using a secp256k1 private key to generate the DID document

Open lemoustachiste opened this issue 3 years ago • 0 comments

Hi,

so I've been exploring using a secp256k1 private for architectural reasons. I managed to get as far as generating the DID with a couple of tweaks in the code.

However I am struggling with the publishing. I am curious what is the purpose of this method: https://github.com/ipfs-shipyard/js-did-ipid/blob/master/src/index.js#L96, and how I can adapt things to work with secp256k1 as it expects RSA only (from libp2p-crypto).

I did go to the extent of converting the private key to pem with key-encoder-js, but that still fails since it's not RSA, but EC.

Here is the stacktrace, more for reference than anything:

Error: Invalid PEM formatted message.
    at Object.pem.decode (/Users/julien/work/did-blockcerts-poc/node_modules/libp2p/node_modules/node-forge/lib/pem.js:188:11)
    at Object.pki.decryptRsaPrivateKey (/Users/julien/work/did-blockcerts-poc/node_modules/libp2p/node_modules/node-forge/lib/pbe.js:540:23)
    at Object.importKey [as import] (/Users/julien/work/did-blockcerts-poc/node_modules/libp2p/node_modules/libp2p-crypto/src/keys/index.js:119:25)
    at Keychain.importKey (/Users/julien/work/did-blockcerts-poc/node_modules/libp2p/src/keychain/index.js:423:20)
    at Ipid.value (/Users/julien/work/js-did-ipid/lib/index.js:78:9)
    at Ipid.value (/Users/julien/work/js-did-ipid/lib/index.js:40:9)
(node:66147) UnhandledPromiseRejectionWarning: Error: Cannot read the key, most likely the password is wrong
    at Keychain.importKey (/Users/julien/work/did-blockcerts-poc/node_modules/libp2p/src/keychain/index.js:426:35)
    at Ipid.value (/Users/julien/work/js-did-ipid/lib/index.js:78:9)
    at Ipid.value (/Users/julien/work/js-did-ipid/lib/index.js:40:9)

And my pem key (which is actually a EC PRIVATE KEY - but I am replacing EC to nothing to avoid an early failure):

 -----BEGIN PRIVATE KEY-----
MHQCAQEEIOcqsPHevRXRga8fCRTu87mDb0mIV1wGoWLy98+9IRhIoAcGBSuBBAAK
oUQDQgAEwfIKzOidXUlhpq7E9Htu5cgj4b5Gu94UqHKkyLwOO6Ew36elS0dnrbDl
sBPNQbG1vPGYNTFibKCSAcBGI7Tv6A==
-----END PRIVATE KEY-----

I understand that I am trying to open a square with a circle and that's why it does not work. I believe I would also need to modify the #importKey method to work with secp256k1 natively (maybe just unmarshal my key from there)? IPFS to allows existing keys to be passed: https://docs.ipfs.io/how-to/use-existing-private-key/#javascript, and in the options when creating one can also set the algorithm to be secp256k1. That does not help when importing the key.

Any guidance is welcome,

thanks a lot

lemoustachiste avatar Jun 04 '21 16:06 lemoustachiste