Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate key sizes and allow signing with empty public keys #159

Merged
merged 3 commits into from
Jul 19, 2023
Merged

Validate key sizes and allow signing with empty public keys #159

merged 3 commits into from
Jul 19, 2023

Conversation

qmuntal
Copy link
Contributor

@qmuntal qmuntal commented Jul 12, 2023

This PR adds the following features:

  • Validate that the x, y and d parameters for OKP and EC2 keys have the right size.
  • Recompute the x and y for OKP and EC in case they are omitted, which is allowed by the COSE spec.

@codecov
Copy link

codecov bot commented Jul 12, 2023
edited
Loading

Codecov Report

Merging #159 (fae3330) into main (bfe4717) will decrease coverage by 0.11%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main     #159      +/-   ##
==========================================
- Coverage   93.48%   93.38%   -0.11%     
==========================================
  Files          11       11              
  Lines        1658     1678      +20     
==========================================
+ Hits         1550     1567      +17     
- Misses         75       78       +3     
  Partials       33       33
Impacted Files Coverage Δ
key.go 95.90% <100.00%> (+0.13%) ⬆️

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

setrofim
setrofim approved these changes Jul 12, 2023
View reviewed changes
Copy link
Contributor

@setrofim setrofim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome!

thomas-fossati
thomas-fossati approved these changes Jul 13, 2023
View reviewed changes
Copy link
Contributor

@thomas-fossati thomas-fossati left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

key.go Outdated Show resolved Hide resolved
Base automatically changed from keyapinew to main July 13, 2023 06:07
@qmuntal
validate key sizes and allow empty public keys
377ee80 
Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
@qmuntal
consolidate Key.validate errors
f02809a 
Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
@OR13
Copy link
Contributor

OR13 commented Jul 14, 2023

I looked at this, I agree its important to do, seems to be done correctly, but I am not a reliable CR for golang.

@SteveLasker
Copy link
Contributor

@yogeshbdeshpande, @shizhMSFT can you PTAL

shizhMSFT
shizhMSFT reviewed Jul 17, 2023
View reviewed changes
key.go Outdated Show resolved Hide resolved
key.go Outdated Show resolved Hide resolved
key.go
if len(x) == 0 {
return nil, ErrOKPNoPub
return ed25519.NewKeyFromSeed(d), nil
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a general question here: What does d mean for Ed25519 in terms of OKP? Is it private key or seed?

RFC 8152 13.2 says that

d: This contains the private key.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

d is a private key component of a crv, but my understanding of the specs is that it can be anything sufficiently random... so in the case that you derive a seed from a mnemonic or other details, you might use the seed as the private key... thats all super dangerous stuff... and I don't think any of it is relevant to COSE.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The function name is a little misleading. Its documentation is more interesting:

NewKeyFromSeed calculates a private key from a seed. It will panic if len(seed) is not SeedSize. This function is provided for interoperability with RFC 8032. RFC 8032's private keys correspond to seeds in this package.

RFC8152 8.2 says that EdDSA curves should be implemented following RFC8032, so my understanding is that it is safe to use NewKeyFromSeed here.

@qmuntal
set EC2 key x/y capacity when marshaling
fae3330 
Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
yogeshbdeshpande
yogeshbdeshpande approved these changes Jul 19, 2023
View reviewed changes
Copy link
Contributor

@yogeshbdeshpande yogeshbdeshpande left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@SteveLasker SteveLasker merged commit ec64bcb into main Jul 19, 2023
6 checks passed
@qmuntal qmuntal deleted the keyapiimpr branch July 19, 2023 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OR13 OR13 OR13 approved these changes

@shizhMSFT shizhMSFT shizhMSFT left review comments

@setrofim setrofim setrofim approved these changes

@thomas-fossati thomas-fossati thomas-fossati approved these changes

@yogeshbdeshpande yogeshbdeshpande yogeshbdeshpande approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@qmuntal @OR13 @SteveLasker @setrofim @thomas-fossati @yogeshbdeshpande @shizhMSFT