[Request] Add a procedure that executes the concat KDF

Question

[Request] Add a procedure that executes the concat KDF

Closed this issue 2 years ago · 1 comments

PhilippGackstatter commented 2 years ago

Description

For DIDComm communication, the identity team requires the use of ECDH-ES in combination with some key wrapping algorithm like A256KW. The latter was requested in #338, while the former requires #339 as well as the concat KDF, defined in NIST SP 800-56A section 5.8.1. As an example context, this will be used according to RFC 7518: JSON Web Algorithms.

An implementation, that should be copyable, can be found here: https://github.com/iotaledger/identity.rs/blob/4287c9834de8dc42fd4ff0c0e8b3a2bc822d0ec4/libjose/src/utils/crypto/concat_kdf.rs.

This needs to be a stronghold procedure, because this KDF works on secrets which were previously created through diffie hellman or concatenation (#339).

Motivation

Implementing DIDComm encryption in identity.rs.

Requirements

Write a list of what you want this feature to do.

Expose a procedure that implements the concat KDF.

Are you planning to do it yourself in a pull request?

I'm open to it, just let me know.

Answer 1 · 2022-05-04T15:48:44.000Z

Implemented in #347.