IETF Logo Mail Archive

[openpgp] [PATCH 2/3] Define AEAD mode for SKESK Packets

"brian m. carlson" <sandals@crustytoothpaste.net> Fri, 21 July 2017 22:27 UTC

Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D42C6131559 for <openpgp@ietfa.amsl.com>; Fri, 21 Jul 2017 15:27:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qjTy7i_2eLPf for <openpgp@ietfa.amsl.com>; Fri, 21 Jul 2017 15:27:33 -0700 (PDT)
Received: from castro.crustytoothpaste.net (sandals-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3f1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C011D129B30 for <openpgp@ietf.org>; Fri, 21 Jul 2017 15:27:33 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id E24E7280AE for <openpgp@ietf.org>; Fri, 21 Jul 2017 22:27:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1500676052; bh=lUA2scP16IEzvfzxKQI7NfDk2nubg8gGGmLWj609ebg=; h=From:To:Subject:Date:In-Reply-To:References:From; b=DvGLJ4sqrbPS/HUzMwmtcBameDhW2+DpH7ZUAlM6lBpC0NUuhov6PbZn81NWOCbR/ dwDCa3XGbbi6eEk18oaf3nayQVhBzbvHkETMgmH6k9GhMvaiClkSVHQSe95bKC4aqK ttIdkleV3C+nE6qe1uLbtI48HMd2nWdwWWGVJmikdfDjmfbKOjfjToqJRChHkxHa2D h8VFRMbndW3t+LMKkOztiWIAauDCMr+2PA4I50x4cf0xgeiVK4nbKyAlwxKBMtG1/C AZ85gtMwr+ajMHnNLQm7NdI8n7Y27wrTztK+XhZmjxTUM5yeCLLJfPrbn5/xJb0q83 IGFveM/+TzT+u+2Y2Cf0SVF0j4M61uFlg3OPahtpkolu8Qf0K2YUANyTWawAeep2Bu 3T+wSvQe9pkEXI5IwFlOXMVfQx0BHPNqKVt8q10grBm4i4Lqvf7+/BewtR9f4UM4Ix NrcljLDeIXXkM0UR0cVG/xPY7zc81IAbnH2viEw1grStydKE/HS
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Date: Fri, 21 Jul 2017 22:27:17 +0000
Message-Id: <20170721222718.382455-2-sandals@crustytoothpaste.net>
X-Mailer: git-send-email 2.14.0.rc0.284.gd933b75aa4
In-Reply-To: <20170721222718.382455-1-sandals@crustytoothpaste.net>
References: <20170721222149.po4xohnzzdhlegcb@genre.crustytoothpaste.net> <20170721222718.382455-1-sandals@crustytoothpaste.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/IXq-zdBm3gEtFZpRIW5XGDL0g54>
Subject: [openpgp] [PATCH 2/3] Define AEAD mode for SKESK Packets
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jul 2017 22:27:37 -0000

---
 middle.mkd | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/middle.mkd b/middle.mkd
index 166b575..95ec44d 100644
--- a/middle.mkd
+++ b/middle.mkd
@@ -1735,10 +1735,9 @@ message to be encrypted to a number of public keys, and also to one or
 more passphrases.  This packet type is new and is not generated by
 PGP 2.x or PGP 5.0.
 
-The body of this packet consists of:
+A version 4 Symmetric-Key Encrypted Session Key packet consists of:
 
-  * A one-octet version number.  The only currently defined version
-    is 4.
+  * A one-octet version number with value 4.
 
   * A one-octet number describing the symmetric algorithm used.
 
@@ -1766,6 +1765,28 @@ specifier MUST use a salt value, either a Salted S2K or an
 Iterated-Salted S2K.  The salt value will ensure that the decryption
 key is not repeated even if the passphrase is reused.
 
+A version 5 Symmetric-Key Encrypted Session Key packet consists of:
+
+  * A one-octet version number with value 5.
+
+  * A one-octet cipher algorithm.
+
+  * A one-octet AEAD algorithm.
+
+  * A string-to-key (S2K) specifier, length as defined above.
+
+  * A starting initialization vector of size specified by the AEAD
+    algorithm.
+
+  * The encrypted session key itself, which is decrypted with the
+    string-to-key object using the given cipher and AEAD mode.
+
+  * A final, summary authentication tag for the AEAD mode.
+
+The encrypted session key is encrypted exactly as an AEAD Encrypted Data
+packet with a chunk size octet of 10 would be.  This implicit chunk size
+octet is included in the normal calculations of additional data.
+
 ## {5.4} One-Pass Signature Packets (Tag 4)
 
 The One-Pass Signature packet precedes the signed data and contains
-- 
2.14.0.rc0.284.gd933b75aa4

v2.23.0 | Report a Bug | By Email