-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: add API to retrieve key type OID #26709
Conversation
This was my thinking when making the suggestion. Using ec curves as an example, RFC 4492 calls out between 1 and 3 different names for a curve, depending on whether a standards body picked it up, plus whatever colloquial variations may exist (p256 vs P-256 vs NIST P-256). With that in mind, I don't know how Node chooses which name to expose in a props object. Fortunately the OIDs largely (if not totally) satisfy the desirable information for ec/ed keys, but obviously rsa keys are still stuck with exposing key size separately. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it make sense to add EC key tests too?
We would have to rely on OpenSSL. Developers would still have to look up the specific strings, so I don't think the names would do us much good there.
Added, also for DSA. |
@tniessen I might've misunderstood this a bit, the OID returned for all EC keys is I'm guessing that the discussed |
Ah yes, that makes a lot of sense. The OID I was thinking of is buried a bit more.
Wasn't even thinking about the "ECC" algorithm OID that occurs earlier. So, my fault. This OID could be used in lieu of "rsa", "ec" and "DSA" provided by |
Right, all EC curves use the same OID for the key. The OID of the curve is part of the algorithm parameters which are not exposed as part of this PR. After clearing this misunderstanding, is there any use for the OID? There certainly is if we decide to use a single |
💯 Right, if ed25519 and ed448 become 'okp' or similar the OID helps. Maybe for RSA-PSS keys as well, but those i assume would be their own asymmetricKeyType. NB. How would |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure this is useful. The OID doesn't tell people anything they don't already know from the type. Also, OIDs are famous for being many to 1, the right OID to use when encoding a key might depend on the context. I can see this going in .fields, as part of the "bag of info" that OpenSSL API can return about a key (with no warranty from us on its usefulness), but I'm not sure its worth having at the top-level here. Its not the curve identifier some were hoping for. So, I guess I'm -0.5
unless someone speaks up with a use-case.
It doesn't sound like anyone is a fan of that. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed. The only thing that would sway me is not having ed* as key type. |
I am going to land #26554 with separate key types soon. Closing this based on the feedback and my own opinion that this does not help (right now). If we ever have key types with multiple OIDs, we can reopen this. |
🤔 coming back to my question above about
|
I guess the question is what the
I have only seen this name as part of JSON crypto specs, never in actual cryptography. If we use it, it means that the
This is fine for storing keys, but what information does "okp" give to a user who wishes to use the key? |
I think discussing key types shouldn't be an abstract taxonomical discussion, it has to take into account what the key type will be used for, specifically, what In EVP, the key type is used when doing something that can't be done with an abstract API. Interacting with underlying key data is the main thing (generating key pairs, pulling key data out to encode it or display it to the user, creating key API objects from raw data, etc). We try to hide a lot of that in the node API, so until we expose the key .fields, it looks to me that generation is the main thing that requires knowlege of the key type. I think that the key type should map directly to the OpenSSL EVP_PKEY_XXX values, because when OpenSSL's non-abstract APIs need to be called, its based on the EVP_PKEY_XXX values. It won't really help us to try to make our own key type that isn't 1-1 with OpenSSL key types, not as far as I can see. I'd have to be convinced be seeing a set of |
my $.02 prior knowledge of openssl APIs and types should not be a pre-requisite to using/understanding the node I'm fine leaving it like this if it makes sense to others. Just wanted to offer an alternative POV. |
JOSE and JWK are probably the only frameworks that use OKP, though, at least I have not been able to find any other frameworks. As I said before, OKP sounds reasonable to store and encode keys, but I don't see any value for a user who wants to use the key. What does |
you have me convinced no worries :) |
@panva To be clear, I agree with you on that. But while I don't expect node.js users to know how the OpenSSL API works, we know (or should :-), and I think our API objects should reflect OpenSSL's, and the methods on them should reflect theirs (though probably simplified, and we can drop legacy cruft they themselves regret, and obviously our API would use js idioms, not C). Or, at least that should be the default API design. Going our own way risks making an API that is gratuitously different, but not actually better, and that may require an ever deepening mountain of code to maintain as new capabilities are added to OpenSSL (EdDSA...) and we have to figure out how to add them to our own reimagining of a crypto API. |
@sam-github, @tniessen in light of #27181, shall we reopen this? |
I think we should reopen. @tniessen? |
Some users suggested that it would be helpful to have access to the OID of
KeyObject
s. Luckily, OpenSSL does manage OIDs, so there is little to do on our side.What do you think? Should we expose the OID? And if so, is this the right name for such a property?
OpenSSL also provides nice names for most OIDs, but as far as I know, these are not standardized and not guaranteed to exist for all OIDs, and there are sometimes two variants (a short and a long name), so I am not sure whether it would be a good idea to expose these. Maybe someone else knows more.
cc @nodejs/crypto, @panva, @omsmith.
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes