[Openid-specs-ab] JWE AES KeyWrap Example
Mike Jones
Michael.Jones at microsoft.com
Thu Sep 13 19:22:35 UTC 2012
AES key wrap adds an initialization vector value before encryption for integrity purposes. See the repeated 0xA6 values in RFC 3394.
-- Mike
________________________________
From: Axel Nennker
Sent: 9/13/2012 10:37 AM
To: openid-connect-interop at googlegroups.com
Cc: Edmund Jay; Axel Nennker; Brian Campbell; Emmanuel Raviart; openid-specs-ab at lists.openid.net; Mike Jones
Subject: Re: JWE AES KeyWrap Example
The length of Encrypted Key
[164, 255, 251, 1, 64, 200, 65, 200, 34, 197, 81, 143, 43, 211, 240, 38,
191, 161, 181, 117, 119, 68, 44, 80]
is 24 bytes or 192 bits. Why?
Axel
2012/9/13 Mike Jones <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>
Could one or more of you please check the attached AES KeyWrap example that I plan to add to the JWE spec? It uses "alg":"A128KW" and "enc":"A128GCM". Both algorithms produce repeatable results, and so the example should be fully reproducible.
Like the previous updated examples, the format of the JWE is:
header.encryptedKey.initializationVector.ciphertext.integrityValue
and the Additional Associated Data value for the GCM calculation is computed as:
securedInput = encodedHeader + "." + encodedEncryptedKey + "." + encodedInitializationVector;
Thanks,
-- Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120913/e260c33c/attachment.html>
More information about the Openid-specs-ab
mailing list