Re: [jose] JSE/JWE algorithm factoring

Sun, 22 Jul 2012 19:10:10 -0700 

Jim,

> Here is another proposal for the people who originally designed the
> system to take pot shots at, but one which I think might clean up a
> few things.
> …
> {"pkAlg":"RSAv1.5-SHA256"}
> {"cAlg":"HMAC-SHA256"}
> {"cAlg":"HMAC-SHA256", "cwAlg":"AES-WRAP-256"}
> {"pkAlg":"ECDH-256-KDF1", "cAlg":"HMAC-SHA256"}
> {"pkAlg":"ECDH-256-KDF1","cwAlg":"AES-WRAP-256","cAlg":"AES128"}
> {"pkAlg":"RSAv1.5","cAlg":"AES128"}
> {"pkAlg":"RSA-KEM-KDF1","cwAlg":"AES-WRAP-256","cAlg":"HMAC-SHA256"}


So to process such a value, the recipient:
* Looks for the presence or absence of 3 header fields ("pkAlg", "cAlg", 
"cwAlg") — giving 8 possible combinations
* Determines if the "cAlg" value is a MAC or encryption algorithm or 
unrecognized — tripling the 4 combinations when "cAlg" is present

That gives 16 possible "modes". The code can now use a switch statement for the 
mode-specific processing. Better hope that future modes fit within this model: 
eg a checksum might have to pretend to be a MAC algorithm; mode that just 
compresses data (uhmm…).

Wouldn't it be simpler to have a specific field to indicate the mode? Each mode 
defines how many dot-separated segments there are, what they hold, and which 
other header fields indicate the algs the mode uses. If you don't recognize the 
mode you cannot process the message.

Examples:
{"t":"sig", "sig":"RSAv1.5-SHA256"}
{"t":"mac", "mac":"HMAC-SHA256"}
{"t":"wrap-mac", "mac":"HMAC-SHA256", "wrap":"AES-WRAP-256"}
{"t":"agree-mac", "kag":"ECDH-256-KDF1", "mac":"HMAC-SHA256"}
{"t":"agree-wrap-enc", "kag":"ECDH-256-KDF1", "wrap":"AES-WRAP-256", 
"enc":"AES128"}
{"t":"transport-enc", "kt":"RSAv1.5", "enc":"AES128"}
{"t":"transport-wrap-mac", "kt":"RSA-KEM-KDF1", "wrap":"AES-WRAP-256", 
"mac":"HMAC-SHA256"}

Want a mode that just compresses data? Define "t":"zip".
Want a MAC mode with the same structure as "t":"mac" but where unrecognized 
fields MUST be understood? Define "t":"mac!".

--
James Manger
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to