Here is an implementation of the compact serialization: https://github.com/OR13/draft-jose-hpke-test-vectors/blob/main/src/compact.ts
I will look at the JSON serialization next. OS On Mon, Jan 22, 2024 at 11:07 AM Ilari Liusvaara <[email protected]> wrote: > On Mon, Jan 22, 2024 at 09:27:31AM -0600, Orie Steele wrote: > > Thank you for these comments! > > > > Would you mind filling in the HPKE Operations for this part of your > > proposal: > > > > HPKE ciphertext = Seal(key, nonce, aad, pt) > > HPKE plaintext = Open(key, nonce, aad, ct) > > > > But using the variables you defined below: > > The HPKE variables are obtained/transported as follows, in > compact/JSON serialization: > > > pkR: The public key, converted to kem indicated by alg used > skR: The private key, converted to kem indicated by alg used > kdf: Determined by alg used > aead: Determined by alg used > info: Empty octet string > aad: > * Compact: BASE64URL(UTF8(JWE Protected Header)) > (Note: This is the 1st part of compact serialization as-is) > * JSON: Empty octet string > pt: > * Compact: message (if "zip" is present, compressed) > * JSON: CEK > enc: > * Compact: Transported as JWE Encrypted Key > (Note: implicit base64url by JWE) > * JSON: Base64url encoding transported as per-recipient > encapsulated_key header. > ct: > * Compact: Transported as JWE Ciphertext > (Note: implicit base64url by JWE) > * JSON: Transported as per-recipient JWE Encrypted Key. > (Note: implicit base64url by JWE) > > The compact serialization does not use the 3rd and 5th parts (JWE > Initialization Vector and JWE Authentication Tag) of the serialization. > Both are set to empty octet strings. > > > One can compare to COSE-HPKE: > > (pkR, skR, kdf, aead and info are the same) > aad: CDE(Enc_structure) > pt: > * Layer0: message > * Layer1: CEK > enc: Transported as layer unprotected encapsulated_key. > ct: Transported as layer ciphertext. > > > > > -Ilari > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
