-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implementing JWE for P256 #295
Conversation
…p into files by curve
…les as suggested by linter
…ithms, add a not for secp256r1 support of in src/VerifierAlgorithm.common.ts
…ted for u8a, temporarily commiting for now
update removal of unused imports and prefixToDriverMap prototypes
…names in a256gcmEncrpytion and tests and export functions in index
…cm and @stablelib/aes-kw which fits
// changes X25519 to P256 | ||
describe('ECDH-ES+A256KW (P-256) Dir Auth, Key Wrapping Mode with A256GCM content encryption', () => { | ||
describe('One recipient', () => { | ||
let cleartext: Uint8Array, recipientKey: any, senderKey: any, decrypter: Decrypter, sharedSecret: Uint8Array | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment after DIF Hacakthon: It seems like unauthenticated encryption is the default for JWE with ECDH-ES+A256KW, so I should throw out any code that is ''.Auth.'' and just keep '''.Anon.''?
i.e.: Keep AnonEncrypter, AnonDecrypter, AnonDirEncrypter and AnonDirDecrypter..
"JSON Object Signing and Encryption (JOSE) defines a number of
encryption (JWE) [RFC7516] and digital signature (JWS) [RFC7515]
algorithms. When symmetric cryptography is used, JWE provides
authenticated encryption that ensures both confidentiality and sender
authentication. However, for public key cryptography the existing
JWE encryption algorithms provide only confidentiality and some level
of ciphertext integrity. When sender authentication is required,
users must resort to nested signed-then-encrypted structures, which
increases the overhead and size of resulting messages. This document
describes an alternative encryption algorithm called ECDH-1PU that
provides public key authenticated encryption, allowing the benefits
of authenticated encryption to be enjoyed for public key JWE as it
currently is for symmetric cryptography."
https://datatracker.ietf.org/doc/html/draft-madden-jose-ecdh-1pu-03
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, only -1PU
is auth, -ES
is anon
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, I took the Auth Encrypters and Decrypters out.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to-do: make sure https://github.com/decentralized-identity/did-jwt/blob/master/src/__tests__/jwe-vectors.ts is up to date to cover these changes.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
not stale. still working on. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
I am starting to work through #225 and the first file that I changed was ECDH.ts. Please forgive my deletion of yarn.lock. If this is an issue, perhaps I can address it later. This does not have tests yet, but neither does the prexisting x25519 function. I do need to make sure that when I get a compressed P256 public key as input to getSharedSecret I get the correct results.