RSA keygen in preparation to asking /id from ipfs #95
Conversation
in preparation for making the library outside configurable without a configuration file.
this should hopefully lead to ConfigFile not being needed anymore
taking on the openssl dependency is used for: - rsa key generation - from/to `pkcs#1` and `pkcs#8` transformations Crate `rsa` was also considered but it does not support exporting keys in any format at the moment and it's import code looks different from `ring`s (this could be the case of not importing the "precomputed" values in `rsa`). The `pkcs#1` is (hopefully) used with go-ipfs-config/go-libp2p compatible key storage but rust-libp2p/ring need the key in `pkcs#8` der format. PEM parsing and PEM to DER was implemented by hand as it looked like the existingly depended on crates are not compatible as much as possible.
this might need to be changed silently to 2048 if the tests use 1024 bit keys.
copied openssl vcpkg magic from https:/actix/actix-web/blob/53ff3ad0998ccbe9fdbf2398ca32b795149254fa/.github/workflows/windows.yml
| // strings from go-ipfs | ||
| eprintln!("Error: ipfs configuration file already exists!"); | ||
| eprintln!("Reinitializing would override your keys."); | ||
| std::process::exit(1); |
There was a problem hiding this comment.
are the go ipfs error messages checked in the compliance test suite?
There was a problem hiding this comment.
I don't think so but I tried to include the ones I found. These might be presented in the conformance test assertion failures, at least if it happens during preparation.
|
Is there no other way to do it except using openssl? |
|
Sadly I cannot see a way. I wrote more/different notes on aae24e1. The windows github actions |
|
@dvc94ch asking to make sure you saw the
|
|
I agree that it makes sense to make the configuration the responsibility of the user, in this case http |
To elaborate on others than the
Great! Thanks for the another look. Still no luck with the build however, there are some open issues like sfackler/rust-openssl#1062 but strange not to find examples on this. |
apparently these images have the openssl installed on some hosts.
this is because I don't know how to install openssl in a cross compilable way with brew/apt-get.
|
Trying to disable http on cross builds as I have no idea on how to start building openssl or downloading any prebuilts for the cross compilation with either apt or brew. I'll create an issue for this, I'm sure someone knows how to fix this. |
In addition to typoing the http crate name again I managed to remove cross compilation on the non-android cross compilation targets.
Sorry for the refactoring with the http being here as well, I created a config module with configuration file handling there. The
rsakeygen and following import/export thing was a lot more difficult than I thought.I made some questionable changes to
ipfs::configas well, I removed it from theifps::IpfsOptions. I made this because looking back at theipfs::config::KeyMaterialit seems like a bad idea to extend it withPkcs8Bufferor something similar, I am not so sure if the mutability throughOptions makes a lot of sense. If this solution feels worse I can present theKeyMaterialextension as well. I also thought that the "library initialization through configuration file" might not be so important use case after all, as most likely you'd like to bring your application configuration file and turn that into theipfs::IpfsOptions.This could be mergeable as is. I'll continue from here into spawning the background task and exposing the
ipfs::Ipfsto the filters, but hopefully on a different PR.