ECDSA implementation

Question

ECDSA implementation

stevencedro opened this issue a year ago · comments

Steven Cedro commented a year ago

Implementation of ECDSA operations as per W3C specification at https://www.w3.org/TR/WebCryptoAPI/#ecdsa

Philipp Grosswiler · Answer 1 · Sun Apr 07 2024 02:31:15 GMT+0800 (China Standard Time)

@stevencedro did this get merged? I can't find the implementation anywhere :(

Steven Cedro · Answer 2 · Sun Apr 07 2024 06:37:26 GMT+0800 (China Standard Time)

@trancee I haven't had a chance to implement this yet. I was waiting for someone to start requesting these features due to time constraints. I'll start working on it today and comment back here when it's done.

Thanks!

Steven Cedro · Answer 3 · Thu Apr 11 2024 18:19:07 GMT+0800 (China Standard Time)

@trancee ECDSA implementation completed. I added quite a considerable amount of tests however as with any pre-release libraries, some bugs/implementation errors might slip through. If you come across anything, please raise an issue and I'll look into it.

What I'm mainly concerned with is the cross-compatibility between this library and the actual WebCrypto browser/node implementations which are the main motivations for this library (e.g. sending keys/signatures from browser client to a server written in Go ). If you're using this library to communicate with a frontend application that uses the WebCrypto API and come across any incompatibilities, do let me know also until #31 is completed.

Finally, the next ticket I'll be working on is a slight refactor in the way algorithm params are passed into the subtle functions. Monitor #29 for upcoming changes. For now, follow the example here for the current implementation, and I'll update it once #29 is completed.

Thanks and happy coding!

Philipp Grosswiler · Answer 4 · Thu Apr 11 2024 19:52:24 GMT+0800 (China Standard Time)

@stevencedro Wow, that was quite fast work! Thank you very much for the implementation, I will try to use it within my project, and let you know if I hit any issues on the way.

One thing I have noticed is that you only use PKCS8 and JWK for exporting/importing. I prefer to use Raw (compressed) to save bytes. Is that something you would consider as well? Or should I create a PR for this?

Steven Cedro · Answer 5 · Fri Apr 12 2024 15:22:45 GMT+0800 (China Standard Time)

@trancee I added an issue #32 for the exportKey raw support. I'll get onto that after I finish #29. Do note though that it seems the WebCrypto spec states that exported ECDSA keys in raw format will only export public keys so if you wish to save your private key, according to the spec, it looks like only JWK and PKCS8 are supported. See https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations under Export Key.

Thanks!