[Openid-specs-ab] ECDH+KDF example (was Re: Spec Call note 5-Aug-2013)

Mike Jones Michael.Jones at microsoft.com
Thu Aug 8 01:23:32 UTC 2013


No, I'm not going to look at it until next week.  If you could also provide the hash input used in the kdf, that could help narrow down the potential differences.

-- Mike

________________________________
From: Brian Campbell
Sent: 8/7/2013 7:07 PM
To: Mike Jones
Cc: Edmund Jay; openid-specs-ab at lists.openid.net List
Subject: Re: [Openid-specs-ab] ECDH+KDF example (was Re: Spec Call note 5-Aug-2013)

Sure (but you are supposed to be on vacation so you shouldn't look at it until next week),

z - (the output from the ECDH key agreement): nlbZHYFxNdNyg0KDv4QmnPsxbqPagGpI9tqneYz-kMQ

and the final output is usEpwFIC_qrmBExntFwxMA

both are base64url encodings of the octets

If you need other intermediate values, just let me know. I'll need to instrument a little to get at them.


On Wed, Aug 7, 2013 at 4:51 PM, Mike Jones <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>> wrote:
Can you guys send me the intermediate results from your computations?

Thanks,
-- Mike

________________________________
From: Brian Campbell
Sent: 8/7/2013 6:47 PM
To: Edmund Jay
Cc: openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net> List

Subject: Re: [Openid-specs-ab] ECDH+KDF example (was Re: Spec Call note 5-Aug-2013)

That's exactly the same result I'm getting.

On Wed, Aug 7, 2013 at 3:26 PM, Edmund Jay <ejay at mgi1.com<mailto:ejay at mgi1.com>> wrote:
> Brian,
>
> I haven't been able to reproduce the ECDH-ES  results either.
> I'm getting the base64url value usEpwFIC_qrmBExntFwxMA or hex
> 0xBAC129C05202FEAAE6044C67B45C3130.
> Is that anywhere close to what you're getting?
>
> -- Edmund
>
>
> ________________________________
> From: Nat Sakimura (NRI) <n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>
> To: Brian Campbell <bcampbell at pingidentity.com<mailto:bcampbell at pingidentity.com>>
> Cc: "openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net> List"
> <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>>
> Sent: Monday, August 5, 2013 5:23 PM
> Subject: Re: [Openid-specs-ab] ECDH+KDF example (was Re: Spec Call note
> 5-Aug-2013)
>
> As far as I know, Edmund jsut started working on it.
> Let us see how it turns out.
>
> Nat
>
> (2013/08/06 9:16), Brian Campbell wrote:
>>> New examples in JWT and JOSE specs
>>> -----------------------------------
>>> Edmund will start working on it right after this call.
>>>
>> I've been able to verify the new nested JWT example.
>>
>> But I haven't been able to reproduce the same results as in the new
>> example with ECDH-ES Key Agreement and Concat KDF at
>>
>> http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#appendix-D
>>
>> If Edmund or anyone is working on it, I'd love to share notes or
>> intermediate results or code to try and figure it out.
>>
>> Mike is on vacation this week so isn't around to defend his examples :)
>>
>
>
> --
> Nat Sakimura (n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>)
> Nomura Research Institute, Ltd.
> Tel:+81-3-6274-1412 Fax:+81-3-6274-1547
>
> 本メールに含まれる情報は機密情報であり、宛先に記載されている方のみに送信することを意図しております。意図された受取人以外の方によるこれらの情報の開示、複製、再配布や転送など一切の利用が禁止されています。誤って本メールを受信された場合は、申し訳ございませんが、送信者までお知らせいただき、受信されたメールを削除していただきますようお願い致します。
> PLEASE READ:
> The information contained in this e-mail is confidential and intended for
> the named recipient(s) only.
> If you are not an intended recipient of this e-mail, you are hereby notified
> that any review, dissemination, distribution or duplication of this message
> is strictly prohibited. If you have received this message in error, please
> notify the sender immediately and delete your copy from your system.
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-ab


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130808/896860b9/attachment-0001.html>


More information about the Openid-specs-ab mailing list