feat(didcomm-v2): support P-256 keyAgreement#2811
Conversation
…ture Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
|
| publicJwk: PublicJwk< | ||
| MapX25519ToEd25519 extends true ? Ed25519PublicJwk : Ed25519PublicJwk | X25519PublicJwk | P256PublicJwk | ||
| > |
There was a problem hiding this comment.
Is this correctly taking into account all variants? Can MapX25519ToEd25519 be true and also have P256PublicJwk as return type?
There was a problem hiding this comment.
No. When MapX25519ToEd25519 is true the conditional resolves to Ed25519PublicJwk only, and the runtime at line 343 drops P-256 entries (no Ed25519 birational sibling), so the returned array is Ed25519-only.
if (publicJwk.is(P256PublicJwk)) return []
There was a problem hiding this comment.
Why though? It is not clear to me why MapX25519ToEd25519 means "drop P-256 keys"? A did document can have multiple services, which mix ed25519/p-256 right?
There was a problem hiding this comment.
I was thinking of :true as "v1-compatible output" so figured P-256 had no place. Agree the flag name doesn't say that. P-256 passes through both branches now.
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
Signed-off-by: Tarun Vadde <vaddeofficial@gmail.com>
|
Hey @TimoGlastra, could you please review and add comments if any? |
genaris
merged commit 9a7a499
into
openwallet-foundation:feat/didcomm-v2
3 participants
Adds P-256 keyAgreement support for DIDComm v2. Opt in via
DidCommModuleConfig.v2KeyAgreementCurve: 'X25519' | 'P-256'(default X25519, throws at construction if 'P-256' is set without 'v2' in didcommVersions).KMS layer accepts P-256 in ECDH-1PU+A256KW with a same-curve sender/recipient invariant. Envelope service generates P-256 ephemerals, emits EC/P-256 EPK with
xandy, dispatches KDF per curve. OOB peer-DID builder emits the keyAgreement VM asJsonWebKey2020for P-256, preserving the existingX25519KeyAgreementKey2019path for X25519.resolveV2Keysand the v2 connection equality checks widen toX25519 | P-256. NewkeyAgreementsEqual(a, b)helper replacestoX25519(a).equals(toX25519(b))and only bridges Ed25519 to X25519 birationally as per RFC 7748 (P-256 is direct-compare only). Core'sDidDocument.recipientKeyswidens to include P-256 (additive; v1 paths skip P-256 via existing curve guards).