-
Notifications
You must be signed in to change notification settings - Fork 276
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Misleading function name DecodingKey::from_ed_der
.
#362
Comments
DecodingKey::from_ed_der
](https://docs.rs/jsonwebtoken/latest/jsonwebtoken/struct.DecodingKey.html#method.from_ed_der).DecodingKey::from_ed_der
.
Thank you for this, I 100% agree, and you just saved me 30 minutes of debugging. |
It would be a breaking change but it doesn't do what it says it does it should be more of a bug fix? How hard is it to to actually have a |
Maybe it can be called a bugfix, but I think a lot of people already depend on the current behaviour and their code would crash at runtime if implementation changed, no compiler warning, so maybe it would be a good idea to somehow check in the body of Regarding how hard it is to implement a DER pubkey (I think we actually need SPKI?) decoding I don't know, I don't think this crate depends on anything that can do that ( |
Oh it seems #318 adds |
Yes #318 is an interesting one. Can you try it if you have time? |
You mean implement a proper |
I meant the branch in general. |
Oh okay, I'll take a look later then. |
I have just spent hours checking why my openssl DER key was not being accepted until I found this 😢 |
I'll happily accept a PR fixing it |
It seems like
DecodingKey::from_ed_der
function actually expects raw 32 bytes public key, which ring'sEd25519KeyPair::public_key
returns.Also running
openssl asn1parse -inform der -in file-with-pubkey
shows again that these 32 bytes are not DER encoded. I've also additionally checked it usinged25519-dalek
crate.So essentially it seems
DecodingKey::from_ed_der
name is just misleading andDecodingKey
doesn't yet support DER encoded ed25519 public keys. Maybe it would be a good idea to add a new method likeDecodingKey::from_ed
behaving exactly the same as existingDecodingKey::from_ed_der
, but specified in the descrition that it expects raw 32 bytes public key.What to do with existing misleading name of
DecodingKey::from_ed_der
I'm not sure, changing implementation would be a (potentially) quite annoying breaking change.Originally posted by @tokarevart in #244 (comment)
The text was updated successfully, but these errors were encountered: