Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RSA Support #88

Merged
merged 14 commits into from
Feb 7, 2025
Merged

RSA Support #88

merged 14 commits into from
Feb 7, 2025

Conversation

dscreve
Copy link
Contributor

@dscreve dscreve commented Jan 28, 2025

RSA Support

0xTim
0xTim requested changes Jan 28, 2025
View reviewed changes
Copy link
Member

@0xTim 0xTim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this! Some initial comments

Sources/WebAuthn/Ceremonies/Shared/COSE/COSEAlgorithmIdentifier.swift Outdated Show resolved Hide resolved
Sources/WebAuthn/Ceremonies/Shared/COSE/COSEAlgorithmIdentifier.swift Outdated Show resolved Hide resolved
Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift Show resolved Hide resolved
Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift Outdated Show resolved Hide resolved
Tests/WebAuthnTests/Utils/TestModels/TestRSAKeyPair.swift Outdated Show resolved Hide resolved
Tests/WebAuthnTests/Utils/TestModels/TestRSAKeyPair.swift Outdated Show resolved Hide resolved
Tests/WebAuthnTests/Utils/TestModels/TestRSAKeyPair.swift Outdated Show resolved Hide resolved
@dscreve
Copy link
Contributor Author

dscreve commented Jan 29, 2025

I just committed a new version

dscreve and others added 5 commits January 29, 2025 17:48
@dscreve @dimitribouniol
Update Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift
39df53c 
Co-authored-by: Dimitri Bouniol <dimitribouniol@mochidev.com>
@dscreve @dimitribouniol
Update Sources/WebAuthn/Ceremonies/Shared/COSE/COSEAlgorithmIdentifie…
63bc684 
…r.swift

Co-authored-by: Dimitri Bouniol <dimitribouniol@mochidev.com>
@dscreve @dimitribouniol
Update Tests/WebAuthnTests/Utils/TestModels/TestECCKeyPair.swift
f6e3159 
Co-authored-by: Dimitri Bouniol <dimitribouniol@mochidev.com>
@dscreve
Fix format stuff
2d95a7e
@0xTim
Merge branch 'main' into RSA-Support
a5921f6
@dimitribouniol dimitribouniol mentioned this pull request Feb 1, 2025
Merged
@dimitribouniol
Copy link
Collaborator

Since #99 moved everything over to Swift Testing, can we make use of parameterized tests to test both ECDSA and RSA keys in the same tests? This should help when we add more key types in the future as well, since the tests are pretty identical.

This means this PR will be blocked behind the following, but I think we can get them in quickly to unblock it:

@0xTim 0xTim mentioned this pull request Feb 2, 2025
Merged
@dscreve
Copy link
Contributor Author

dscreve commented Feb 5, 2025

I have fixed the requested issues.
Regarding the migration to Swift Testing, it's not the goal of this PR and after rebase, there's still XCTestCase. Maybe I didn't make it properly..but I prefer not to touch on this because I have not worked on this.
Feel free to make the changes to what I have pushed.

@dimitribouniol
Copy link
Collaborator

@dscreve Thanks for this! I’ll take a look at merging in the new tests in ~12h so we can get this over the finish line.

@dimitribouniol
Copy link
Collaborator

dimitribouniol commented Feb 6, 2025
edited
Loading

@dscreve I don't have write permissions to your branch, but could you pull dimitri/rsa-fixes https://github.com/swift-server/swift-webauthn/tree/dimitri/rsa-fixes from the main repo into your branch? It resolves the conflicts, and merges the tests back into one file, allowing us to add more key types easily down the line.

If this repo's remote is named upstream, you should be able to do this with:

git fetch upstream
git pull upstream dimitri/rsa-fixes
git push

@dscreve
Copy link
Contributor Author

dscreve commented Feb 6, 2025
edited
Loading 

git push

I executed the given commands while being on the main branch (not the RSA-Support branch).
Is it okay ?

@dimitribouniol
Copy link
Collaborator

The point would be to get those commits onto this branch so they resolve the conflicts — could you checkout your RSA branch and re-run them?

@dscreve
Copy link
Contributor Author

dscreve commented Feb 6, 2025

The point would be to get those commits onto this branch so they resolve the conflicts — could you checkout your RSA branch and re-run them?

Done

dimitribouniol
dimitribouniol approved these changes Feb 6, 2025
View reviewed changes
Copy link
Collaborator

@dimitribouniol dimitribouniol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @dscreve!

Package.swift
@@ -24,7 +24,7 @@ let package = Package(
],
dependencies: [
.package(url: "https://github.com/unrelentingtech/SwiftCBOR.git", from: "0.4.7"),
.package(url: "https://github.com/apple/swift-crypto.git", "2.0.0" ..< "4.0.0"),
.package(url: "https://github.com/apple/swift-crypto.git", "3.8.1" ..< "4.0.0"),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@0xTim Do you happen to know if there is an earlier version that supports RSA? My local package.resolved file initially didn't work, but I already lost the version it was locked to by the time I realized I could search from there. I think https://github.com/apple/swift-crypto/releases/tag/3.8.1 is the earliest we can go, but perhaps you know of an earlier version.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think there is

(And to be honest I'd be happy to just start with the latest release anyway)

Sources/WebAuthn/Ceremonies/Shared/CredentialPublicKey.swift
@@ -153,11 +152,12 @@ struct EC2PublicKey: PublicKey, Sendable {
.isValidSignature(ecdsaSignature, for: data) else {
throw WebAuthnError.invalidSignature
}
default:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still think we may want to list out the unsupported types here to catch new key sizes in the future, but the list may be a long one, so just a nit.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm less worried about this. The want to throw an unsupported and any new supported ones will need to be added to the switch to make tests pass

0xTim
0xTim approved these changes Feb 6, 2025
View reviewed changes
Tests/WebAuthnTests/WebAuthnManagerAuthenticationTests.swift
Comment on lines +53 to +55
@Test(arguments: [
TestKeyConfiguration.ecdsa,
TestKeyConfiguration.rsa,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🥳

@dimitribouniol dimitribouniol merged commit d906591 into swift-server:main Feb 7, 2025
14 of 15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xTim 0xTim 0xTim approved these changes

@dimitribouniol dimitribouniol dimitribouniol approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dscreve @dimitribouniol @0xTim