IETF Logo Mail Archive

[jose] HPKE Compact JWE Demo

Orie Steele <orie@transmute.industries> Sat, 10 February 2024 14:39 UTC

Return-Path: <orie@transmute.industries>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDB87C151081 for <jose@ietfa.amsl.com>; Sat, 10 Feb 2024 06:39:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.085
X-Spam-Level:
X-Spam-Status: No, score=-2.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Joicms8wXyDo for <jose@ietfa.amsl.com>; Sat, 10 Feb 2024 06:39:20 -0800 (PST)
Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABACCC14F6FC for <jose@ietf.org>; Sat, 10 Feb 2024 06:39:20 -0800 (PST)
Received: by mail-pj1-x102b.google.com with SMTP id 98e67ed59e1d1-296c562ac70so1422223a91.2 for <jose@ietf.org>; Sat, 10 Feb 2024 06:39:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1707575960; x=1708180760; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=m2bUHebZEXthOZImYSL1z1hd9nKzfOEsvy1SyzLooj4=; b=TDnoVjCZzNoBGZZ9Ojfb2RlSXLyxZpOIzt3AqNBmaS7M7tuLNbQ3eJjXQtAsXDx7sJ TzK5vMHWaAO2iy1CnBHG6IYKPxKgImcQ7vEtjQ/Px0PJpipj+6lpZX27DD++TVKr2BiM xMhioOhxro8jMT8eFTUYxjSKMPnMLKnCkya9K6s1JSE1CwIquZdNCql/dPJqu16d9L19 9U0aQcMcBCvpWocPbYUtF7Rzyfn7tYZHE4Z3JoCj27VaQPMZcOPhDgcbcIVO/GuYpv/3 Zr7E/I3UOK3trib5+hHDJzyANRhDdudSoJ4M0vEXHWZuFyz9I7BhBRu1W6XwrJdgbScM Xtgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707575960; x=1708180760; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=m2bUHebZEXthOZImYSL1z1hd9nKzfOEsvy1SyzLooj4=; b=rpC5keQveUvdVFntnzN3dRCjOO5QjbyBr5UspJE2bwsSVl4E0fkxnAQu4faeeQLYj0 vhstUwnpUftwHuJp+TOY+v2w5ubatNg/sCKLS1CDGx7f0OUPn3OgSqX+9SCL2Tev9D0K KYxr3swrBb4ElDQhAz1AtYO9ou6rE800EhNtgq7trWAXiNWlGKaaG/QgQzPz8ZcL8wvm RBdmsI4BlyBbCpbXL9WLxmsqFLsGCmO+3cWhb5hxlEAK2cwCNQiMA5WCn2L3oVdm9Frj bkg887FHjhQaXgfTMpn6Tviicq99h1/2inCpQNKC60syNzML5BZB8tnhjPUHjuW+JFma pfFg==
X-Gm-Message-State: AOJu0YwlCvWnT5qry5hK0SOhCcp+DfnxbvjcE4hTSRvR9A0XMiwihtXL fEde6MQ7N5bxSaLAJo5RL/4towB+QHCBXyfdpXAyajSMqxEdTpsVpHHfOyjYbs+shQUnvHKEJiS xG1LE0zKJDeVXjeNDvCef5GWpgvYUsjmqmt8hU31v5bcNYoX4VvY=
X-Google-Smtp-Source: AGHT+IEOqkK9JgJvKDNlUzI5MK+m4oXKLTzkXmapZUxLtZFe6xkvVXIFcY/WKKL25evkz5lnYBLjpVa5noXfryljUFs=
X-Received: by 2002:a17:90a:157:b0:290:6b49:e6b6 with SMTP id z23-20020a17090a015700b002906b49e6b6mr1391156pje.25.1707575959546; Sat, 10 Feb 2024 06:39:19 -0800 (PST)
MIME-Version: 1.0
From: Orie Steele <orie@transmute.industries>
Date: Sat, 10 Feb 2024 08:39:07 -0600
Message-ID: <CAN8C-_KgcsaY9A4icRhjHAPnEVb8fYu3vzf0=mk_ODkGEVDDtw@mail.gmail.com>
To: JOSE WG <jose@ietf.org>
Content-Type: multipart/mixed; boundary="0000000000007f21c50611080231"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/UfvStg1A46WF2EQbkaqCOdGio0M>
Subject: [jose] HPKE Compact JWE Demo
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Feb 2024 14:39:25 -0000

Hello Hybrid Public Key Encryption Enthusiasts,

I updated hpke.dev to support the latest compact serialization JWE format
from:

https://datatracker.ietf.org/doc/html/draft-rha-jose-hpke-encrypt#name-integrated-encryption

Here is a JWE (note the empty periods for integrated encryption mode).

https://hpke.dev/decrypt#jwe:eyJhbGciOiJIUEtFLUJhc2UtUDI1Ni1TSEEyNTYtQUVTMTI4R0NNIiwiZXBrIjp7Imt0eSI6IkVLIiwiZWsiOiJCRkRZdHIxMVdCQlg4RUlaUk5KbXhwR1Y1cFF4MGowNm5xcTJqbnJHU1JpRFBGODF5QlVZWUl5MVBjWUZmUk12ZV9qSXo3bXE4czZhMnA3ZkRGazN3cW8ifX0...5c5PYUlc8E_Gm2F7PyCrkSnj8Wb7Th5xit09iw4Nt0YskV6Z6QTcpb1cmfIufDfmhi8fzCPNMT5t6l8pHDuxR3DknJaCRSAEGx-YP5g1cFQ0i6Dq_nxt8X0_zV9e76cV5ysypgI.

I have attached a private key in JWK format (obviously don't use this for
anything other than decrypting the example message above).

If there are any other HPKE JWE implementations out there, I would very
much like to confirm interoperability against the latest draft.

I feel JOSE HPKE is getting very close to stable, we have demonstrated
compact and json serialization, including key encryption with both HPKE and
normal ECDH-ES.

Before we generate an extensive list of test vectors for all the
algorithms, it would be nice to get some confirmations on interoperability
for the two modes we have currently tested.

Regards,

OS

-- 


ORIE STEELE
Chief Technology Officer
www.transmute.industries

<https://transmute.industries>

v2.23.0 | Report a Bug | By Email