Figure 150 at the end of section 5.7 of the JOSE Cookbook (RFC 7520) <https://tools.ietf.org/html/rfc7520#section-5.7> has an example of Flattened JWE JSON Serialization using A256GCMKW, which might be helpful to illustrate. As Jim said, the content encryption IV and tag are at the top level of the structure and the IV and tag for the key wrap algorithm are parameters within the encoded "protected" member. <https://tools.ietf.org/html/rfc7520#section-5.7>
On Thu, Jun 23, 2016 at 2:10 AM, Jim Schaad <[email protected]> wrote: > I got the wrong answer last time. I should have thought a bit longer. > > No there is no conflict. The content encryption IV and tag are at the top > level of the structure The IV and tag for the key wrap algorithm are > either protected or unprotected attributes and placed in those fields as is > appropriate. > > Jim > > > > -----Original Message----- > > From: jose [mailto:[email protected]] On Behalf Of Nathaniel > McCallum > > Sent: Wednesday, June 22, 2016 3:34 PM > > To: [email protected] > > Subject: [jose] JWE Flattened Serialization with AES*GCMKW Sealing > > > > I've been working on a C implementation of JOSE: > > https://github.com/npmccallum/jose > > > > I noticed that RFC 7518 Section 4.7 defines the AES*GCMKW algorithms for > key > > encryption and defines some optional header parameters: iv and tag. Am I > > wrong that this seems to collide with the iv and tag parameters when > > AES*GCMKW is used in the JWE Flattened Serialization? > > > > Can someone help clarify this for me? > > > > _______________________________________________ > > jose mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/jose > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
