Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Request] Support JWK & JWS representation and secp256r1 & secp256k1 encryption #939

Open
4 tasks
Aconitin opened this issue Jul 11, 2022 · 6 comments
Open
4 tasks
Labels
Request Request a feature

Comments

@Aconitin
Copy link
Collaborator

Aconitin commented Jul 11, 2022

Description

Add support for JWK & JWS representations as well as secp256r1 & secp256k1 encryption and verification.

Motivation

We parse DID Documents and VCs byte-wise in hardware. In order for our hardware to be compatible with identity.rs, we need to be able to represent keys as JWK/JWS instead of JCS, and to encrypt/verify using secp256r1 & secp256k1.

Note that all of this is of course supported by the W3C DID/VC Standards.

Requirements

Encoding types

Encryption types

  • secp256r1 aka P-256
  • secp256k1

Are you planning to do it yourself in a pull request?

No, as of now.

@Aconitin Aconitin added the Request Request a feature label Jul 11, 2022
@Aconitin Aconitin changed the title [Request] Support JWK & JWS representation and secp256r1 & secp256k1 encryption [Request] Support JWK & JWS representation and secp256r1 & secp256k1 encryption Jul 11, 2022
@Aconitin Aconitin changed the title [Request] Support JWK & JWS representation and secp256r1 & secp256k1 encryption [Request] Support JWK & JWS representation and secp256r1 & secp256k1 encryption Jul 11, 2022
@cycraig
Copy link
Contributor

cycraig commented Jul 11, 2022

It is unlikely that we will be able to add full JWK and/or secp256* support for encrypting, signing or verifying any time SoonTM, especially since those features would need to be integrated into and exposed by Stronghold too.

We will, however, look into allowing arbitrary verification method types and public key material (including JWK) in DID Documents. No timeframes are promised though.

Would you require the top-level signature/proof on published DID Documents to use those methods too, as opposed to Ed25519+JCS?

@Aconitin
Copy link
Collaborator Author

Would you require the top-level signature/proof on published DID Documents to use those methods too, as opposed to Ed25519+JCS?

Yes.

since those features would need to be integrated into and exposed by Stronghold too

Why would Stronghold need to support this as well?

@cycraig
Copy link
Contributor

cycraig commented Jul 11, 2022

Why would Stronghold need to support this as well?

For secure key management and operations, Stronghold has to expose the cryptographic operations required for us to call via the Account when used as the backing key storage.

It probably won't affect you if you're using specialised hardware and not going through Stronghold or the Account, but we are unlikely to add half-baked features that are not fully supported by default in a secure manner. Particularly if we have to rush them, as that may lead to inconsistencies hindering interoperability with other libraries or insecurities at worst.

Would you require the top-level signature/proof on published DID Documents to use those methods too, as opposed to Ed25519+JCS?

Yes.

I speak for myself but I would be opposed to changing the protocol to support both Ed25519 and secp256*/JWS for the DID Document itself, since that affects the DID tag identifier (which is derived from the public key).

Supporting them in verification methods for encrypting/signing/verifying external data is far simpler as it would not require changing the DID method specification.

@Aconitin
Copy link
Collaborator Author

features that are not fully supported by default in a secure manner

That makes sense, thank you 👍

@eike-hass
Copy link
Collaborator

I speak for myself but I would be opposed to changing the protocol to support both Ed25519 and secp256*/JWS for the DID Document itself, since that affects the DID tag identifier (which is derived from the public key).

Supporting them in verification methods for encrypting/signing/verifying external data is far simpler as it would not require changing the DID method specification.

I agree, changing the top-level proof would change the DID method quite significantly, while also making backwards- and forwards-compatibility difficult.

@eike-hass
Copy link
Collaborator

General cryptographic agility is now tracked in #1037.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Request Request a feature
Projects
None yet
Development

No branches or pull requests

3 participants