This project aims to implement DIDComm message encryption using the X25519 elliptic curve for key agreement. The project is based on the DIDComm Messaging specification, which provides guidelines for encrypting messages with the keys of a single DID.
We are implementing Anonymous Sender Encryption ("anoncrypt") for DIDComm messages. This form of encryption ensures that the message is encrypted to the recipient DID, but does not provide direct assurances of who the sender is.
The encrypted form of a JWM (JSON Web Message) is a JWE (JSON Web Encryption) in General JSON Format. We are using the JOSE (JavaScript Object Signing and Encryption) family of standards, specifically the jose library, to create and manage these structures.
-
Message Encryption: We are encrypting DIDComm Messages with the keys of a single DID. If a message is being sent to multiple DIDs, it must be encrypted for each DID independently.
-
Key Agreement: We are using the X25519 elliptic curve for key agreement. This curve is used in the context of Diffie-Hellman for key exchange.
-
Content Encryption: For content encryption of the message, we are using AES 256-bit keys.
-
Key Wrapping: We are using ECDH-ES+A256KW for key wrapping, using a key with X25519 to create a 256 bits key.
-
Key Representation: Keys are represented in JWK (JSON Web Key) format.
-
Key Import: We are importing JWKs using the
joselibrary's.importJWKfunction. -
SHA256 Hashing: We are using SHA256 hashing for certain operations, and encoding the hash in base64 URL format.
-
Key Derivation: We need to determine how to derive the "d" (private key) value for a JWK from a Uint8Array private key.
-
Code Implementation: We need to implement the encryption and decryption functions in TypeScript, using the
joselibrary for JOSE operations and the chosen alternative library for other cryptographic operations. -
Testing: Once the implementation is complete, we need to test it thoroughly to ensure it works correctly and securely.