Skip to content

Key fixes #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
qmuntal merged 6 commits into from
Jul 5, 2023
Merged

Key fixes #154

qmuntal merged 6 commits into from
Jul 5, 2023
+158 −92

Conversation

@setrofim
Copy link
Contributor

@setrofim setrofim commented Jul 3, 2023

A number of spec compliance fixes and interface adjustements for COSE_Key.

This address points 1, 3, 4, and 5 in #151 (comment)

@setrofim setrofim requested review from qmuntal and shizhMSFT July 3, 2023 12:01
@setrofim
Copy link
Contributor Author

setrofim commented Jul 3, 2023

This sits on top of #153

@codecov
Copy link

codecov bot commented Jul 3, 2023
edited
Loading

Codecov Report

Merging #154 (f83d377) into main (a579021) will increase coverage by 0.42%.
The diff coverage is 100.00%.

❗ Current head f83d377 differs from pull request most recent head 7c18bbe. Consider uploading reports for the commit 7c18bbe to get more accurate results

@@            Coverage Diff             @@
##             main     #154      +/-   ##
==========================================
+ Coverage   90.87%   91.30%   +0.42%     
==========================================
  Files          12       12              
  Lines        1611     1633      +22     
==========================================
+ Hits         1464     1491      +27     
+ Misses        109      104       -5     
  Partials       38       38
Impacted Files Coverage Δ
key.go 89.71% <100.00%> (+2.21%) ⬆️

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@setrofim setrofim force-pushed the setrofim branch 3 times, most recently from 2de9dd1 to efc9cd7 Compare July 3, 2023 12:19
thomas-fossati
thomas-fossati reviewed Jul 3, 2023
View reviewed changes
@setrofim setrofim requested a review from thomas-fossati July 3, 2023 13:54
qmuntal
qmuntal reviewed Jul 3, 2023
View reviewed changes
Copy link
Member

@qmuntal qmuntal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see that this PR fixes my first point from #151 (comment).

@setrofim
Copy link
Contributor Author

setrofim commented Jul 3, 2023

I don't see that this PR fixes my first point from #151 (comment).

This is addressed by d591f36

Validate() is changed to only check that a know curve is used with an appropriate key type (.e.g that CurveEd25519 with KeyTypeEC2 results in an error). However, unknown curves are no longer reported as errors.

@setrofim setrofim requested a review from qmuntal July 3, 2023 14:31
thomas-fossati
thomas-fossati approved these changes Jul 3, 2023
View reviewed changes
Copy link
Contributor

@thomas-fossati thomas-fossati left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks!

yogeshbdeshpande
yogeshbdeshpande approved these changes Jul 3, 2023
View reviewed changes
Copy link
Contributor

@yogeshbdeshpande yogeshbdeshpande left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

setrofim added 6 commits July 4, 2023 09:11
@setrofim
Remove alg parameter from NewKeyFrom(Private|Public)
c4775e3 
The alg parameter is unnecessary, and makes these functions more awkward
to use. The input PublicKey/PrivateKey is now identified via a type
switch, and the algorithm is derived from it.

Signed-off-by: setrofim <[email protected]>
@setrofim
Relax curve validation
498bae1 
RFC8152 allows for unregistered curves, therefore we should not fail key
validation if a curve is not recognised when marshalling. We should only
fail when a known curve is used with an incorrect key type.

Signed-off-by: setrofim <[email protected]>
@setrofim
Ensure correct KeyType/Curve combo when creating crypto keys
00a6654 
Ensure that the KeyType is the expected one for the Curve when creating
crypto.PublicKey or crypto.PrivateKey.

Signed-off-by: setrofim <[email protected]>
@setrofim
Error if public parts missing on PrivateKey creation
cf9b1a0 
RFC8152 allows public parts to be omitted from private keys, as they
could be derived (though it recommends that they are present).
crypto.PrivateKey implementations require for them to be present.

Signed-off-by: setrofim <[email protected]>
@setrofim
Add String() tests
f47f912 
Add test for String() calls not exercised by other test cases to placate
Codecov.

Signed-off-by: setrofim <[email protected]>
@setrofim
tidy: use raw strings to avoid escaping quotes
7c18bbe 
Signed-off-by: setrofim <[email protected]>
@qmuntal qmuntal merged commit cebef14 into main Jul 5, 2023
@qmuntal qmuntal deleted the setrofim branch July 5, 2023 11:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qmuntal qmuntal qmuntal approved these changes

@thomas-fossati thomas-fossati thomas-fossati approved these changes

@yogeshbdeshpande yogeshbdeshpande yogeshbdeshpande approved these changes

@shizhMSFT shizhMSFT Awaiting requested review from shizhMSFT shizhMSFT is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@setrofim @qmuntal @thomas-fossati @yogeshbdeshpande