[Openid-specs-ab] ab

Nat Sakimura sakimura at gmail.com
Sun May 9 05:51:40 UTC 2010

Actually, I retract. It is a little bit of more work, but not much.

If we wanted the coding simple, then we might want to use pkcs#7.

On Wed, May 5, 2010 at 12:03 PM, Nat Sakimura <sakimura at gmail.com> wrote:
> For PHP, combining the hashlib and openssl signature function seems to be
> non-trivial.
> As a default, we might want to fall back to RSASSA-PKCS1-v1_5.
> On Tue, Apr 27, 2010 at 11:56 AM, John Bradley <jbradley at mac.com> wrote:
>> There is basic PKCS7 functionality in the openssl interface for PHP.
>> Unfortunately the PHP interface to openSSL seems to be quite a bit behind
>> openSSL.
>> PHP has a separate Hash lib that supports SHA256.
>> There is also phpAES that implements AES in pure PHP.
>> http://phpseclib.sourceforge.net/
>> Looking at what can reasonably be done I think the defaults should be:
>> Hash  SHA256
>> Signature RSA-PSS
>> Symmetric encryption AES128_CBC with a IV of null bytes (the IV is only
>> required if you are using the same secret across messages).
>> Asymmetric encryption of the symmetric key RSA OAEP
>> AES256_CBC should be recommended to implement.  (This is required at LoA 4
>> if attributes are rated TOP SECRET)
>> From what I can find,  PHP, Ruby, Python and Perl all support those
>> features.
>> Python M2Crypto http://chandlerproject.org/bin/view/Projects/MeTooCrypto
>> This is a table of crypto libs for
>> Python http://mikeivanov.com/pc/python-crypto.pdf
>> Perl
>> CryptRSA http://search.cpan.org/~vipul/Crypt-RSA-1.99/lib/Crypt/RSA.pm
>> SHA256 http://search.cpan.org/~dido/SHA256-0.01b/SHA256.pod
>> AES128 http://search.cpan.org/~ttar/Crypt-OpenSSL-AES-0.02/lib/Crypt/OpenSSL/AES.pm
>> Ruby SHA256 is in Digest::SHA2
>> For AES and RSA you need the openSSL wrapper.  The native libs seem to be
>> commercial.
>> In 6 change to RSA-SHA256
>> Magic signatures wraps the data as json or XML this is not covered,  are
>> we trying to use that or the method from openID 2.0?
>> I am not against Magic signatures but that is not transparent.
>> In the request  we need a required encryption algorithm.
>> 7.4
>> openid.enctype
>> Value: (optional)  Requested symmetric encryption algorithm.  If
>> openid.enckey is specified the default for enctype is AES-128-CBC
>> Other options are AES-256-CBC and  DES-EDE3-CBC
>> 7.9.  Direct Assertion Response
>> Upon receipt of the Direct Assertion Request, OP MUST return either
>> Positive or Negative Assertion as defined in [OpenID.authentication-2.0] in
>> the HTTPS response body with the exception of openid.invalidate_handle,
>> openid.assoc_handle, openid.signed, which are unnecessary. At the same time,
>> this specification defines the following variables.
>> openid.proofkey
>> Value: (optional) X.509 public key certificate presented by the user to
>> the OP during authentication.
>> openid.sig
>> Value: (optional)  The assertion will be encoded into Magic
>> Signature [magic_signatures]Format with the parameters described
>> in Section 6 .
>> Further, the payload may be encrypted. If it is encrypted, the data is
>> formatted as follows in JSON as defined in [RFC4627] .
>> "encdata"
>> Value: Encrypted data which is base64url encoded as
>> in [magic_signatures] .
>> "enckey"
>> Value: (Optional) The symmetric encryption key that was used for the
>> encryption of the payload RSA-OAEP encrypted with the Public specified by
>> the RP then base64 encoded.
>> "enciv"
>> Value: (Optional) Base64 encoded initialization vector.  The default IV is
>> null.
>> "enctype"
>> Value: (Optional) String expressing the encryption type. Default is
>> "AES-128-CBC"
>>  Possible values are:
>> "PLAIN"  No encryption base64 encoding only
>> "AES-128-CBC"  128 bit AES encryption in CBC mode (default)
>> "AES-256-CBC"  256 bit AES encryption in CBC mode (required by NIST for
>> Top Secret)
>> "DES-EDE3-CBC" Three Key Triple DES EDE in CBC mode (slower and less
>> secure than AES for backwards compatibility)
>> "encref"
>> Value: (Optional) URI of the request parameter file.  If openid.rpfurl was
>> specified in the request, it is REQUIRED that this be returned . (The RP may
>> have multiple keys)
>> In 8 we only say artifact is reserved we also have rpfurl and proofkey we
>> may want to put everything under artifact.
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> http://twitter.com/_nat_en

Nat Sakimura (=nat)

More information about the Openid-specs-ab mailing list