Signatory-cli import on azure - error: The property "key" must be a valid JsonWebKey object

[colossus-digital]

I cannot import an spsk private key (secp256k1) on azure key vault. The result is: Error: The property "key" must be a valid JsonWebKey object.
Any solution / workaround ?

tnks

[AbineshECAD]

I'm looking into this now and will update ASAP.

[AbineshECAD]

I got the issue reproduced. I'm still debugging, will update once I get a workaround or fix.

% ./signatory-cli import -c ./azure.yaml --base-dir ./ --vault azure spsk
INFO[0000] Initializing vault vault=azure vault_name=azure INFO[0000] Requesting import operation pkh=tz2PeYw5zJS3Q2aXd2zuQbjs4MTbwmvCQ6tg vault=Azure vault_name="https://forimport.vault.azure.net/" Error: (Azure/https://forimport.vault.azure.net/): The property "key" must be a valid JsonWebKey object.

[AbineshECAD]

Found the cause of the issue. For p256k alone "curve:" parameter is empty when filling in the fields of the key in JWK format. It is filled with the return value of key.Params().Name
Once I fill in the curve parameter statically when key.Params().Name is empty the import succeeds without any issue.

Code:

signatory/pkg/jwk/jwk.go

Line 202 in bb2c241

j.Curve = key.Params().Name

If you are building signatory from the source you can add the workaround here for now.
j.Curve = key.Params().Name
if j.Curve == "" {
j.Curve = "P-256K"
}

For the fix, I have to figure out things as the crypto library doesn't support this curve yet.

[jevonearth]

Fixed in #256, @AbineshECAD to verify.