Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jwx command-line tool does not support PEM output for secp256k1 #1118

Closed
excavador opened this issue Apr 21, 2024 · 2 comments
Closed

jwx command-line tool does not support PEM output for secp256k1 #1118

excavador opened this issue Apr 21, 2024 · 2 comments
Assignees
@lestrrat

Comments

@excavador
Copy link

Describe the bug

I have installed the latest available version

➜ git log -1
commit 6471369d0fdb6d396f8c845bf78290ca3ebff205 (HEAD -> develop/v2, origin/develop/v2, origin/HEAD)
Author: lestrrat <[email protected]>
Date:   Fri Apr 19 22:44:47 2024 +0900

    Implement ability to handle PEM-formatted secp256k1 keys (#1117)
    
    * Work with secp256k1 keys in PEM format
    
    * Add missing files
    
    * tweak bazel files
    
    * guard against go < 1.20
    
    * protect the test from go < 1.20
    
    * Fix import path
    
    * Override ParsePKCS8PrivateKey
    
    * Make this feature available through a separate build tag
    
    * Add lots of warnings about the feature
    
    * Add missing rules

I have built it with build tags jwx_es256k,jwx_secp256k1_pem

➜ go build -tags=jwx_es256k,jwx_secp256k1_pem  .

Generate secp256k1 in JWK format works fine

➜ ./jwx jwk generate --type EC --curve secp256k1; echo
{
  "crv": "secp256k1",
  "d": "GsE8bvrK5PbjM3D2FFcx13qG3FfMQb5fXnhAlGJVNyM",
  "kty": "EC",
  "x": "-cVbwyBIFzZki9q6xpBjcIDr3pWzLUL-FEmlwoSvXVw",
  "y": "3X2imUY14UwRF-fCEeAS0WbAhKe2SEQ3g16kuxl2IjE"
}

Generate secp256k1 in PEM format failed

➜ ./jwx jwk generate --type EC --curve secp256k1 -O pem; echo
failed to format key in PEM format: failed to encode content for key #0: failed to marshal PKCS8: x509: unknown curve while marshaling to PKCS#8
@lestrrat
Copy link
Collaborator

lestrrat commented Apr 21, 2024
edited
Loading

That's because cmd/jwx does not automatically pick up the jwx library it sits in.

re: cmd/jwx: this is from a separate issue, but my take on cmd/jwx is this:

TBH I don't see cmd/jwx (sic) as the main dish of this module -- it's more like "Hey, you could do this if you want" type of tool.

One thing that I want to stress is that my requirements basically boil down to ">>I<< don't want to do maintenance".

It will eventually get properly pinned to v2.0.22, but I have no intentions of always keeping them in sync, as I don't consider them to be a first class citizen of this module. I'd rather delete the command than having to keep them always in sync, or do any active maintenance.

So, thanks for the report, but this is a WONTFIX, except that it will eventually be fixed when I get around to it after v2.0.22 is released.

@excavador
Copy link
Author

Thank you for clarification!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lestrrat lestrrat

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lestrrat @excavador