search

iotaledger / stronghold.rs

Stronghold is a secret management engine written in rust.
https://wiki.iota.org/stronghold.rs/getting_started
Apache License 2.0
545 stars 59 forks source link

[Request] Support AES key wrapping #338

Closed cycraig closed 2 years ago

cycraig commented 2 years ago

Description

Add support for key wrapping algorithms such as AES: A128KW, A192KW, A256KW. https://datatracker.ietf.org/doc/html/rfc3394

These are available under the aes-kw feature in the iota-crypto crate: https://github.com/iotaledger/crypto.rs/blob/dev/src/ciphers/aes_kw.rs

Motivation

The ECDH-1PU algorithm for encrypting data using secrets derived by eliptic-curve Diffie-Hellman has two "modes". A "Direct" mode which uses a concatenated derived secret as the content encryption key directly, and a "Key Wrapping" mode which applies one of A128KW, A192KW, or A256KW to the concatenated secret, using the result as the content encryption key.

See the following RFCs for reference:

~As far as I am aware, it is currently only possible to use the "Direct" mode with Stronghold's exposed procedures for Diffie-Hellman and AES256 encryption.~ Edit: without secret concatenation it doesn't look like we can implement the "Direct" mode either.

The IOTA Identity team requires the above-mentioned key wrapping algorithms to satisfy the DIDComm specification when using Stronghold, which requires A256KW specifically for X25519 keys: https://identity.foundation/didcomm-messaging/spec/#key-wrapping-algorithms

Requirements

Write a list of what you want this feature to do.

  1. Expose a procedure or mode to use A128KW, A192KW, or A256KW to wrap a derived secret for encryption/decryption.

Open questions (optional)

Are you planning to do it yourself in a pull request?

If you want me to.

felsweg-iota commented 2 years ago

@cycraig @PhilippGackstatter Can this issued be closed?

PhilippGackstatter commented 2 years ago

Yes, it should've been closed by #355.