[Openid-specs-ab] ab

Nat Sakimura sakimura at gmail.com
Wed May 5 03:03:06 UTC 2010


For PHP, combining the hashlib and openssl signature function seems to be
non-trivial.
As a default, we might want to fall back to RSASSA-PKCS1-v1_5.

On Tue, Apr 27, 2010 at 11:56 AM, John Bradley <jbradley at mac.com> wrote:

> There is basic PKCS7 functionality in the openssl interface for PHP.
>
> Unfortunately the PHP interface to openSSL seems to be quite a bit behind
> openSSL.
>
> PHP has a separate Hash lib that supports SHA256.
>
> There is also phpAES that implements AES in pure PHP.
> http://phpseclib.sourceforge.net/
>
> Looking at what can reasonably be done I think the defaults should be:
> Hash  SHA256
> Signature RSA-PSS
> Symmetric encryption AES128_CBC with a IV of null bytes (the IV is only
> required if you are using the same secret across messages).
> Asymmetric encryption of the symmetric key RSA OAEP
>
> AES256_CBC should be recommended to implement.  (This is required at LoA 4
> if attributes are rated TOP SECRET)
>
> From what I can find,  PHP, Ruby, Python and Perl all support those
> features.
>
> Python M2Crypto http://chandlerproject.org/bin/view/Projects/MeTooCrypto
> This is a table of crypto libs for Python
> http://mikeivanov.com/pc/python-crypto.pdf
>
> Perl CryptRSA
> http://search.cpan.org/~vipul/Crypt-RSA-1.99/lib/Crypt/RSA.pm
> SHA256 http://search.cpan.org/~dido/SHA256-0.01b/SHA256.pod
> AES128
> http://search.cpan.org/~ttar/Crypt-OpenSSL-AES-0.02/lib/Crypt/OpenSSL/AES.pm
>
> Ruby SHA256 is in Digest::SHA2
> For AES and RSA you need the openSSL wrapper.  The native libs seem to be
> commercial.
>
> In 6 change to RSA-SHA256
> Magic signatures wraps the data as json or XML this is not covered,  are we
> trying to use that or the method from openID 2.0?
> I am not against Magic signatures but that is not transparent.
>
> In the request  we need a required encryption algorithm.
> 7.4
> openid.enctype
>
> Value: (optional)  Requested symmetric encryption algorithm.  If
> openid.enckey is specified the default for enctype is AES-128-CBC
> Other options are AES-256-CBC and  DES-EDE3-CBC
>
>
>
> 7.9.  Direct Assertion Response
>
> Upon receipt of the Direct Assertion Request, OP MUST return either
> Positive or Negative Assertion as defined in [OpenID.authentication-2.0]<http://www.sakimura.org/specs/ab/1.0/#OpenID.authentication-2.0> in
> the HTTPS response body with the exception of openid.invalidate_handle,
> openid.assoc_handle, openid.signed, which are unnecessary. At the same time,
> this specification defines the following variables.
>
>
>    - openid.proofkey
>
>    Value: (optional) X.509 public key certificate presented by the user to
>    the OP during authentication.
>
>
>
> openid.sig
>
> Value: (optional)  The assertion will be encoded into Magic Signature
> [magic_signatures]<http://www.sakimura.org/specs/ab/1.0/#magic_signatures>Format
> with the parameters described in Section 6<http://www.sakimura.org/specs/ab/1.0/#generating_signatures>
>  .
>
>
> Further, the payload may be encrypted. If it is encrypted, the data is
> formatted as follows in JSON as defined in [RFC4627]<http://www.sakimura.org/specs/ab/1.0/#RFC4627>
>  .
>
>
>    - "encdata"
>
>    Value: Encrypted data which is base64url encoded as in
>    [magic_signatures]<http://www.sakimura.org/specs/ab/1.0/#magic_signatures>
>     .
>
>    - "enckey"
>
>    Value: (Optional) The symmetric encryption key that was used for the
>    encryption of the payload RSA-OAEP encrypted with the Public specified by
>    the RP then base64 encoded.
>
>
>
>    - "enciv"
>
>    Value: (Optional) Base64 encoded initialization vector.  The default IV
>    is null.
>
>
>
>
>    - "enctype"
>
>    Value: (Optional) String expressing the encryption type. Default is
>    "AES-128-CBC"
>
>     Possible values are:
>
>    "PLAIN"  No encryption base64 encoding only
>
>    "AES-128-CBC"  128 bit AES encryption in CBC mode (default)
>
>    "AES-256-CBC"  256 bit AES encryption in CBC mode (required by NIST for
>    Top Secret)
>
>    "DES-EDE3-CBC" Three Key Triple DES EDE in CBC mode (slower and less
>    secure than AES for backwards compatibility)
>
>    - "encref"
>          - Value: (Optional) URI of the request parameter file.  If
>          openid.rpfurl was specified in the request, it is REQUIRED that this be
>          returned . (The RP may have multiple keys)
>       -
>
>
>
> In 8 we only say artifact is reserved we also have rpfurl and proofkey we
> may want to put everything under artifact.
>



-- 
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20100505/7eff24f4/attachment-0001.htm>


More information about the Openid-specs-ab mailing list