Re: [Curdle] FW: New Version Notification for draft-ietf-curdle-pkix-04.txt

Brian Smith <brian@briansmith.org> Sun, 07 May 2017 23:46 UTC

Return-Path: <brian@briansmith.org>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66A64126C83 for <curdle@ietfa.amsl.com>; Sun, 7 May 2017 16:46:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=briansmith-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H6VrApycqIBh for <curdle@ietfa.amsl.com>; Sun, 7 May 2017 16:46:05 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BD07126BF0 for <curdle@ietf.org>; Sun, 7 May 2017 16:46:05 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id k91so40968649ioi.1 for <curdle@ietf.org>; Sun, 07 May 2017 16:46:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=briansmith-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=QnInNA7pWKDgXbFQLVkHN5hppRAfogpXx4BOcuEu/wQ=; b=AMr1i/9pECuzvT4qe8wC4euKqH2BOLfLtiOud/2nNQn8St+pLvb5mmyfG/45mvJeMP YgWtKF6mU76UwxErf2b7LZOn5KgAiFA8SpvHab58K6icUi2+3fYJuvwdS709Q+3nn8j7 uhQEIdnYgFbZ0G2I7nMYZ3Zqe/Ab6Bm6GAC0yyFyEIklVALRJqrN//fnP4HMFMqlM+fY DciDy8iGbYpxxe7fXbvaY6U80gLO9NFXWxkNNmaqpzDgeTlHmUUb+oBMYoQucW7tbQ37 VW0MFhb6WnAVotIFvdOKTtz7nd3mzeghC2UK3Z04VsZ4763A9EbhlmLEKefGAtlVy/Ue C8NA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=QnInNA7pWKDgXbFQLVkHN5hppRAfogpXx4BOcuEu/wQ=; b=EglIOe7WZYnMb4uONbewguSu4sSo8ZmskvQilK+pE7E690OY5RGePBDCP8ZFwAUFrE +Dv4eua3Gctunw/2JlHa74sJPXfjQed3xznJjNq3wHQeYyucaLfA05kVy2e2xAoHG9/A fGvUWkBlow8EHgjGBSqpb/eeG+XBx7LnjOXi8dj9TfVDL7di7tsYr77iV1z3FVCDmrue nsC0h3RpOQKbs2KqZM6PGUewlsA1nHxHapDvJza7uI7mTSc4ZaEhQ29IMT9HfS9ORYgU znL7n/3qyf3XjlnaovJuQF5zDZGa6De6Cbj95luNubWzR5JBVhSj2spnqT/uzS/YfqRV V0qQ==
X-Gm-Message-State: AODbwcAPX660ljhEZIXT6qiSseTUnPoDLkFL6hppBsHq42WlYqAqoAKW V77+59DbKCaU4yIf/Ac0VlbSpI+dVuVR
X-Received: by 10.107.12.28 with SMTP id w28mr15212999ioi.209.1494200764528; Sun, 07 May 2017 16:46:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.36.77.84 with HTTP; Sun, 7 May 2017 16:46:03 -0700 (PDT)
In-Reply-To: <CAFewVt7iuyzY-VkQn7V7PjEOWyk0k7-KLsmpEGjhSdTh7JW2Og@mail.gmail.com>
References: <149073663013.1172.4888065212435317707.idtracker@ietfa.amsl.com> <051401d2a80b$e9bdea90$bd39bfb0$@augustcellars.com> <CAFewVt6-0WSqmwD7xVvKWDg3P9vNpFZDqB-n61hiU9qQp1c2cw@mail.gmail.com> <006d01d2c194$0e99b280$2bcd1780$@augustcellars.com> <CAFewVt7iuyzY-VkQn7V7PjEOWyk0k7-KLsmpEGjhSdTh7JW2Og@mail.gmail.com>
From: Brian Smith <brian@briansmith.org>
Date: Sun, 7 May 2017 13:46:03 -1000
Message-ID: <CAFewVt5v_bqQMo7ZpnnUWa2c41Xy-SkUWw63sh8Yn-UWskKdmw@mail.gmail.com>
To: Jim Schaad <ietf@augustcellars.com>
Cc: curdle <curdle@ietf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/2FfK8AB_rHDN64QE1FyE0nemOdc>
Subject: Re: [Curdle] FW: New Version Notification for draft-ietf-curdle-pkix-04.txt
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 May 2017 23:46:06 -0000

Let me try again, this time using the same encoding that is used in
the RFC (Base64):

Here are 5 examples of v2 PKCS#8 Ed25519 private keys, with the public
key included, that I'd like to have included in the RFC as test
vectors. The first four examples are valid (I hope!) and 5th example
is invalid.

Ed25519 PKCS#8 v2. The first byte of the private key is zero:
-----BEGIN PRIVATE KEY-----
MFMCAQEwBQYDK2VwBCIEIACxp8ILK07Zx482htuC+FRzTNyVvlHe8wTZjgzTC/SQoS
MDIQBjRXzU390OmKU3liZYMdRqxqWmhfKlTJaXo4ssgA1gug==
-----END PRIVATE KEY-----

Ed25519 PKCS#8 v2. The last byte of the private key is zero:
-----BEGIN PRIVATE KEY-----
MFMCAQEwBQYDK2VwBCIEIKIu/bcT8OFgDSpc6UjjIco6GBN8R/FQkaEscSbBdJoAoS
MDIQAa644+5bpa/ZERNGbRn06nf6D+/72MWty0mZJ/ElNfdw==
-----END PRIVATE KEY-----

Ed25519 PKCS#8 v2. The first byte of the public key is zero:
-----BEGIN PRIVATE KEY-----
MFMCAQEwBQYDK2VwBCIEIC3GfeUYbZGTAhwLEE2cbvJL7ivTlcy17VottfN6L8HwoS
MDIQAAwX5Ni7/yfB+2GMI/zpiHA8fvo81ZCqysEtPx48kMjA==
-----END PRIVATE KEY-----

Ed25519 PKCS#8 v2. The last byte of the public key is zero:
-----BEGIN PRIVATE KEY-----
MFMCAQEwBQYDK2VwBCIEILJXn1VaLqvausjUaZexwI/ozmOFjfEk78KcYN+7hsNJoS
MDIQCdQhJwzi/MCGcsQeQnIUh2JFybDxSrZxuLudJmpJLkAA==
-----END PRIVATE KEY-----

INVALID Ed25519 PKCS#8 v2. The last byte of the public key has
had its high bit flipped. (In Ed25519 the high bit of the public key is
not masked as in X25519.)
-----BEGIN PRIVATE KEY-----
MFMCAQEwBQYDK2VwBCIEILJXn1VaLqvausjUaZexwI/ozmOFjfEk78KcYN+7hsNJoS
MDIQCdQhJwzi/MCGcsQeQnIUh2JFybDxSrZxuLudJmpJLkgA==
-----END PRIVATE KEY-----

Cheers,
Brian