Re: [jose] JWE Flattened Serialization with AES*GCMKW Sealing
Nathaniel McCallum <npmccallum@redhat.com> Thu, 23 June 2016 14:00 UTC
Return-Path: <npmccallum@redhat.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C059012B03F for <jose@ietfa.amsl.com>; Thu, 23 Jun 2016 07:00:40 -0700 (PDT)
X-Quarantine-ID: <7wowZ9D8_pg7>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Improper folded header field made up entirely of whitespace (char 09 hex): References: ...6637.8.camel@redhat.com>\n\t\n <058201d1cd26[...]
X-Spam-Flag: NO
X-Spam-Score: -8.346
X-Spam-Level:
X-Spam-Status: No, score=-8.346 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7wowZ9D8_pg7 for <jose@ietfa.amsl.com>; Thu, 23 Jun 2016 07:00:38 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7475512B041 for <jose@ietf.org>; Thu, 23 Jun 2016 07:00:38 -0700 (PDT)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 03813A203C; Thu, 23 Jun 2016 14:00:38 +0000 (UTC)
Received: from dhcp137-207.rdu.redhat.com (dhcp137-207.rdu.redhat.com [10.13.137.207]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u5NE0a7F009472 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 23 Jun 2016 10:00:37 -0400
Message-ID: <1466690436.20951.0.camel@redhat.com>
From: Nathaniel McCallum <npmccallum@redhat.com>
To: Brian Campbell <bcampbell@pingidentity.com>, Jim Schaad <ietf@augustcellars.com>
Date: Thu, 23 Jun 2016 10:00:36 -0400
In-Reply-To: <CA+k3eCQ9LAP3xe8JehEdxs1eemaOYyRWC01hDRdgiT4N9_tOjw@mail.gmail.com>
References: <1466634823.6637.8.camel@redhat.com> <058201d1cd26$b556a1e0$2003e5a0$@augustcellars.com> <CA+k3eCQ9LAP3xe8JehEdxs1eemaOYyRWC01hDRdgiT4N9_tOjw@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Thu, 23 Jun 2016 14:00:38 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/iHDg57lrGwJxbAgitjKbd-sd2Hk>
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] JWE Flattened Serialization with AES*GCMKW Sealing
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2016 14:00:41 -0000
Thanks. I knew the problem was mine! On Thu, 2016-06-23 at 05:18 -0600, Brian Campbell wrote: > Figure 150 at the end of section 5.7 of the JOSE Cookbook (RFC 7520) > has an example of Flattened JWE JSON Serialization using A256GCMKW, > which might be helpful to illustrate. As Jim said, the content > encryption IV and tag are at the top level of the structure and the > IV and tag for the key wrap algorithm are parameters within the > encoded "protected" member. > > > > On Thu, Jun 23, 2016 at 2:10 AM, Jim Schaad <ietf@augustcellars.com> > wrote: > > I got the wrong answer last time. I should have thought a bit > > longer. > > > > No there is no conflict. The content encryption IV and tag are at > > the top level of the structure The IV and tag for the key wrap > > algorithm are either protected or unprotected attributes and placed > > in those fields as is appropriate. > > > > Jim > > > > > > > -----Original Message----- > > > From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Nathaniel > > McCallum > > > Sent: Wednesday, June 22, 2016 3:34 PM > > > To: jose@ietf.org > > > Subject: [jose] JWE Flattened Serialization with AES*GCMKW > > Sealing > > > > > > I've been working on a C implementation of JOSE: > > > https://github.com/npmccallum/jose > > > > > > I noticed that RFC 7518 Section 4.7 defines the AES*GCMKW > > algorithms for key > > > encryption and defines some optional header parameters: iv and > > tag. Am I > > > wrong that this seems to collide with the iv and tag parameters > > when > > > AES*GCMKW is used in the JWE Flattened Serialization? > > > > > > Can someone help clarify this for me? > > > > > > _______________________________________________ > > > jose mailing list > > > jose@ietf.org > > > https://www.ietf.org/mailman/listinfo/jose > > > > _______________________________________________ > > jose mailing list > > jose@ietf.org > > https://www.ietf.org/mailman/listinfo/jose > > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose
- [jose] JWE Flattened Serialization with AES*GCMKW… Nathaniel McCallum
- Re: [jose] JWE Flattened Serialization with AES*G… Nathaniel McCallum
- Re: [jose] JWE Flattened Serialization with AES*G… Brian Campbell
- Re: [jose] JWE Flattened Serialization with AES*G… Jim Schaad
- Re: [jose] JWE Flattened Serialization with AES*G… Jim Schaad