didcomm-messaging
didcomm-messaging copied to clipboard
decentralized-identity
Create simple test messages for Interop testing
Using the Alice / Bob Identities and secrets (private keys) that already exist in the spec, encrypt the following DIDComm message:
{
type: 'https://didcomm.org/trust-ping/2.0/ping',
from: 'did:example:alice',
to: 'did:example:bob',
id: 'trust-ping-test',
body: {
responseRequested: true
}
}
Each implementation should create the encrypted message, and post it as a comment on this issue, so that other implementations can try to consume the other implementations' messages and ensure expected behavior.
For simplicity, we can restrict the key type to X25519, and use the Sender Authenticated encryption type ("authcrypt"). Implementers should use the exact DID Documents from the spec when resolving Alice / Bob.
Once we have this first shared set of test vectors, we can expand it with more combinations of key types, encryption/signing, key representation in DID Doc, etc.
Next week I will be off. But after that, I can contribute to the test vector example (with encrypted examples most almost all the messages in https://didcomm.org/search/)
Sender Authenticated Trust Ping Message using alice/bob test vectors from the spec encrypted with Veramo's DIDComm implementation.
{
message: '{"protected":"eyJ0eXAiOiJhcHBsaWNhdGlvbi9kaWRjb21tLWVuY3J5cHRlZCtqc29uIiwic2tpZCI6ImRpZDpleGFtcGxlOmFsaWNlI2tleS14MjU1MTktMSIsImVuYyI6IlhDMjBQIn0","iv":"VfXAqOwRdCqkCOXtCZmM7xRY6b2cTT5K","ciphertext":"_urtE_Pqw8rGEVkR4iKZiR9qs7U7CCiY5T5sujlSwJnI9V6l4MqXAkfQ_EmSS0bKqrpvB1kXT0vgQQUEfwUeqkXBGiNqd-lBopM1zbaUFIr8x7AobjiVlhDkoA0KVQqICuTUhmt3po5h3wTfNZtB1wiQPF3cYeXg9y6sUVAQ7DyAJdItFcYKiboB3b15nIIP1ld6Bb9r50KD3Gm_DQ","tag":"oq6URRWgtmXePhwQXLeZow","recipients":[{"encrypted_key":"iI92IB_c6z-z9OKbK6GMS54uPJrGefJ9BY5papAvc00","header":{"alg":"ECDH-1PU+XC20PKW","iv":"04K4bQO4q0-x3oiSwvx1vjfIo7DEggyl","tag":"q5DzsirJ4Qrnqr0zosx-sg","epk":{"kty":"OKP","crv":"X25519","x":"KqNpwX_5bvCFMpMwB-ww1z8mJB7jq8Sy1jSbQPHqHxA"},"kid":"did:example:bob#key-x25519-1"}},{"encrypted_key":"Z8mGUR1Q-UIOts1LxIhZNIzbcyp5vj_8ZTWuJ6CxWJE","header":{"alg":"ECDH-1PU+XC20PKW","iv":"g1LwvctMeKDtEcJKQGepuevJnho9WdnX","tag":"up_m3F6B-8RAWvlNEhD4Cg","epk":{"kty":"OKP","crv":"X25519","x":"11cPGXIykWfZBVyCIcn7CisnxXgIS988MtHYD9d3HlM"},"kid":"did:example:bob#key-x25519-2"}},{"encrypted_key":"CsnDZ8TEfeIa5Tu7XqYdxx3r5SnzQDssvhTcmkvzA8g","header":{"alg":"ECDH-1PU+XC20PKW","iv":"-2i2CV7T5ylzk7TLK81lKO1xlvRefIMW","tag":"RtaehpY4C6HxXSuy-PSd6w","epk":{"kty":"OKP","crv":"X25519","x":"nH9Pdu9RCm8znYmhCtGp9hPR_VuS6kcf5zJndTYBVzI"},"kid":"did:example:bob#key-x25519-3"}}]}'
}
Link to code that encrypts this message: https://github.com/uport-project/veramo/blob/next/packages/did-comm/src/tests/trust-ping-interop.test.ts
One question @nickreynolds, doesn't the message needs to always to have the epk field in the protected header?
From the specs I see: JWE messages MUST use common epk, apu, apv and alg headers for all recipient keys. They MUST be set in the protected JWE section.
I was also thinking in organize the examples into folders and files. More or less like this https://github.com/FabioPinheiro/scala-did/pull/109
@FabioPinheiro we're (mostly @mirceanis , probably) looking into this sometime this week. Haven't gotten too deep into it yet, but we might be using a non-standard content encryption alg. We'll do a little investigating and hopefully get it sorted out soon.
I also agree that we should eventually get a better structure for these messages. I'd like to be able to render a table that shows which implementations support which curves/algs/KW combinations
Using the python scipa library implementation and the secrets from Alice and Bob from https://identity.foundation/didcomm-messaging/spec/#appendix-a-secrets-for-test-vectors it generated the below
{'protected':'eyJ0eXAiOiJhcHBsaWNhdGlvbi9kaWRjb21tLWVuY3J5cHRlZCtqc29uIiwiYWxnIjoiRUNESC0xUFUrQTI1NktXIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsImFwdSI6IlpHbGtPbVY0WVcxd2JHVTZZV3hwWTJVamEyVjVMWGd5TlRVeE9TMHgiLCJhcHYiOiJRQkhMSUxyTklCR1E3TnJtb1NnQk40VXZUdUJXN0kzQUJBOV9NT1NDbnl3Iiwic2tpZCI6ImRpZDpleGFtcGxlOmFsaWNlI2tleS14MjU1MTktMSIsImVwayI6eyJjcnYiOiJYMjU1MTkiLCJ4IjoidHVrN2FPVGNCNVo0R0RVMEh2NnU4Ujc1SVB4VGJSUkhYeGhzRWlPOEpYQSIsImt0eSI6Ik9LUCJ9fQ', 'recipients': [{'header': {'kid': 'did:example:bob#key-x25519-1'}, 'encrypted_key': 'mZTVUX_Zir3g8D4ZRvkGapOsS9eJjTv9VYahMYEgfozTcsF8pJ5DjzN-odUOzYydG520r-8qaIFyCAdz7dWM9hOyzawEB7mN'}], 'iv': 'uaVKf-Vc96aO4CCNG5Saew', 'ciphertext': 'BO1umotiHfg1Pi6FiU9wT4D8AOVQDHYktNtPGPhEC3hftHZdQMj5EwWYzf63JHz0RWXpp2i-hSCDI9u7Z1vuKWBKKTi0JVfwQBPOrVJPi-3cYlx-KhDrlbPmHGYzSgrfdXtPLYbrYf6cvjrAF5sDPdeEujyj4luf_U5xh43tBc_jMdt4hnlTt1fAn8hoyTIo1c2vxp7avL_5E6mAD4F6OxmYJtEBGus6HMEboZliqNqFidON_VAVmpSudzM0O7Uivqks17DwrqJKJvqweonJjbMgbruFjqeRNWkz_yYBBLW8gP9QrY8LUapLxPemvUf4KP5DPNAS-KNBGteR8zNr9WMEJ0kuWp9LRXacw7B8Ijw', 'tag': 'zebEPstcir4jebXQLNQJHkJqZpB-mmKqYZbX5z11BcM'}
Using the python scipa library implementation and the secrets from Alice and Bob from https://identity.foundation/didcomm-messaging/spec/#appendix-a-secrets-for-test-vectors it generated the below
Wonderful! I'll add it to our test suite
@AlexAndrei98 I think to be a valid JSON you can not use a single quote. The field 'custom_headers' is not part of the specs. The field 'typ' is also not part of the specs.
{
"id":"39bbef40-d757-4b29-8a62-3f735a027432",
"type":"https://didcomm.org/trust-ping/2.0/ping",
"body":{"response_requested":true},
"to":["did:example:bob"],
"custom_headers":[{"return_route":"all"}],
"from":"did:example:alice",
"typ":"application/didcomm-plain+json"
}
So libs MUST will only take into consideration the following fields:
{
"id" : "39bbef40-d757-4b29-8a62-3f735a027432",
"type" : "https://didcomm.org/trust-ping/2.0/ping",
"to" : ["did:example:bob"],
"from" : "did:example:alice",
"body" : {"response_requested" : true}
}